The Evolving Role of Security Directors
For centuries, a main directive of security professionals of all kinds was to "secure the perimeter"—physically protect the enterprise from visible threats that may be coming at it. Today, physical threats are more dangerous than ever, but they have been joined by virtual and systemic threats that previous generations could not have conceived of. With the enterprise now open to attacks that may come from the other side of the world, the "perimeter," is, in a sense, boundless.
And, this is true in more ways than one. Even physical security itself is, in many ways, losing the concept of perimeter. Technology has allowed many "premises-based" security operations to evolve to a centrally based model, with, for example, a centralised office monitoring feeds from facilities at several locations around the world.
New, old world
In this new world, the role of the traditional security director and his or her team remains crucial, no matter where security headquarters are located. There is not, and likely never will be, any substitute for physically interceding between a violent perpetrator and his intended target in a timely manner. Whether the perpetrator is holding a gun, a knife, a suspicious package or a grudge; muscle on the ground is always vital. However, with new definitions of security, that role is now joined by a host of others, with, in many organisations, professionals from IT, HR, Legal, Logistics and other departments in security related roles.
So where does that leave the traditional security director? In many cases it is probably true that, considering the relative backgrounds of these new non-traditional security professionals, there is no one in a better position to lead overall security efforts than the security director. However, it is equally true that, in order to do so, he or she now needs a multi-disciplinary team around them, with a group of professionals delivering what might be to them unfamiliar types of expertise. And, that team will likely be located at several different facilities.
This era of convergence is creating an enormous, albeit temporary window of opportunity for the security director to expand his or her role, responsibility and importance in the enterprise. However, in order to lead the team, many security directors may need to first expand their knowledge base. Fortunately, this does NOT mean having to become an IT expert, or a shipping expert, or a legal expert, but it does likely mean gaining a better understanding of the language of these disciplines as well as the technologies they utilise.
This can be done readily through training, and many large security industry organisations offer courses that can help close the gaps in a security professional's knowledge. These organisations often also have books and manuals that relate to these issues, and these are often especially geared towards the needs of experienced, on-the-job professionals.
Lead the way
The security director's imperative now is to open, and, hopefully, lead, the dialogue with IT, Logistics and other security-intersecting enterprise operations about how to integrate security applications with the rest of the business, and doing so in ways that improve how risk is managed overall.
Security professionals need to take the lead and initiate the discussion. They can offer their security roadmap and business plan to peer leaders in the other departments and see where plans intersect, and how they can work together to provide the best overall security services to the enterprise.
For most of us, learning new skills can take us a little out of our comfort zones, but it is what must be done, quite often, to keep up with and succeed in a changing business environment. It should always be recalled that what security professionals don't know about IT is easily commensurate with what IT professionals don't know about physical security. And, if any reader doubts the ability of the security director to gain a working knowledge of IT, consider this: can you more readily picture the IT director handling an intrusion issue in the corporate lobby?