James Willison, Founder, Unified Security Ltd provides an overview of his published response to the call for evidence from the UK Government regarding how the UK can become more resilient to extreme risks and emergencies. James will be speaking on these issues at the upcoming webinar, Protecting Cities, on 22nd June at IFSEC Connect.
In December 2020, The House of Lords Committee on Risk Assessment and Risk Planning published its call for evidence, inviting the public to provide their views on how we can ensure that the UK is as resilient to extreme risks and emergencies as possible.
It identified a series of topics to consider, and Professor Alison Wakefield (one of this year’s judges for the prestigious IFSEC Global Influencers in Security awards) recommended members of the security community contribute their views. I focused on two questions. The following highlights the key points, including why a converged approach to security, encompassing both cyber and physical, is vital.
The full response can be accessed here.
- Are there types of risks to which the UK is particularly vulnerable or for which it is poorly prepared? What are the reasons for this?
- What can be learnt from local or corporate risk management processes, or those of other countries? Are there any specific examples of practices, processes or considerations which could improve the UK’s national risk resilience? How could businesses and civil society more effectively support national resilience preparation?
- The risks to which the UK is particularly vulnerable range from fraud, £191 billion lost in 2018, to pandemic disease that has led to loss of life in the hundreds of thousands to cyber war. Fraud has now become a greater risk because of the online activities of criminals, and this is well documented. COVID-19 statistics demonstrate that the UK was poorly prepared compared to countries in East Asia and Australasia. The key reasons for this include the UK’s failure to invest in real time tracking technologies that can integrate with CCTV and other data, such as point of sales transactions. This is what is defined in risk management as IT CAPABILITY.
- The UK has CCTV, although it is not always reliable, and it doesn’t integrate it with these other systems.
- CYBER WAR is the risk that nations can target the CNI and other organisations with a view to overwhelming the IT infrastructure and combining with physical force cause significant harm. The UK is not prepared for this because siloes exist across the country, with most organisations operating in physical security and cyber security centres.
- CYBER ATTACKS on critical national infrastructure. It is worth noting recent advice from the United States which faces the same threat. The US Government Cybersecurity & Infrastructure Security Agency (CISA) is recommending that physical security and cyber security teams collaborate and integrate so that they are unified.
- In its report, “The State of Security Convergence” ASIS International lists the key six benefits as:
- Better alignment of security strategy with corporate goals
- Shared practices/goals across functions
- More versatile/well rounded staff
- More efficient security operation
- Greater visibility and influence with C-suite/board
- Enhanced communication/cooperation
The practical outcome of a converged security approach will be the building of CONVERGED SECURITY CENTRES. These have been showcased at the Excel Centre in the leading security exhibition, IFSEC International, since 2018. Here, a real time response to all security risks can be achieved using cyber and physical monitoring provided by advanced physical and digital systems integrating on one platform, so that a physical security officer can suspend a remote vpn connection after checking if the authorised person is on site.
In conclusion, I am calling, as an individual security consultant, for the UK Government to follow the US Government Cybersecurity and Physical security Convergence Guide and also build Unified Security Operations Centres to improve the nation’s IT and Cyber Physical capability.
James Willison will be one of the panellists discussing how we can better protect our cities and public infrastructure at IFSEC Connect on 22nd June. Be sure to join us by following the link below to register for free.
Keep up with the wireless access control market
Download this free report to find out more about:
- The current state of wireless access control solutions in the market
- The rising popularity of mobile access control
- Awareness of cyber security regulations and how this relates to access control
- The growing use of the cloud and ACaaS to manage access systems
- How your choice of access control solution can impact sustainability
