Honeywell Releases Security Convergence Study Results

LOUISVILLE, Ky. – Honeywell released survey results that reveal how some organizations are integrating physical security measures such as video surveillance and access control with traditional IT security systems on March 12. According to “Enterprise Threat Management and Security Convergence: A Benchmarking Study,” significant barriers still exist that prevent organizations from converging their systems and many of these organizations remain conflicted on how to best attain optimal results.

More than 50 chief information officers, chief security officers and chief information and security officers of U.S.-based global companies with revenues from $1 billion to more than $100 billion participated in the survey.

“The convergence of physical and traditional IT systems can provide compelling security benefits for an enterprise,” said Mark Diodati, Identity and Privacy Strategies senior analyst with Burton Group. “Successful compliance initiatives can be enhanced when the organization adopts a holistic approach for managing access to these systems.”

Security and IT

Most respondents indicated increased interaction between their security and IT functions:

  • 63 percent said their security and IT organizations “had a formal coordination mechanism”
  • 10 percent stated the two functions are run as one entity within their organizations
  • 52 percent noted their security functions had a formal working relationship with their audit and compliance functions, while 11 percent said those functions are combined

Convergence Investment

The majority of respondents (nearly 73 percent) believe vulnerabilities in either physical or IT security can lead to a breach in the other system:

  • 91 percent of the responding companies showed an increase in security investment
  • 75 percent of which said those investments increased by more than eight percent
  • 31 percent suggested a greater than 12 percent rise

“This study reinforces that companies are increasingly concerned with protecting their information assets as well as their physical assets, and they recognize that integrating once-disparate systems can be effective in addressing threats,” said Jim Ebzery, senior vice president of Identity and Security Management at Novell, which recently collaborated with Honeywell to develop a converged physical-IT security system. “How they choose to implement convergence varies on a number of factors including internal roles and overall attitudes about its effectiveness.”

Security Risks

When asked whether having physical security systems on IT backbones is a security risk, the answers were split: 59 percent said no while 42 percent said yes. The results also differed with regards to personal responsibility for organizing responses to a coordinated physical-IT security attack:

  • 34 percent said there isn’t a single internal contact
  • 27 percent said the Director of Security is responsible
  • 14 percent said a single CSO deals with the threats
  • 14 percent said the Crisis Management Group is ultimately responsible

Defining Convergence

When asked to define “convergence,” responses varied from using IT backbones for security systems to automating manual processes through an IT system. Additional responses included the strategic partnership of physical and IT security organizations in risk management. Although these responses varied, they reinforced existing research.

For example, in the Feb. 22, 2008 report “Let’s Get Logical: The Convergence of Physical Access Control and Identity Systems” by the Burton Group, Diodati wrote, “The convergence of physical and logical systems has many moving parts. In addition, a convergence end state may look very different depending on an organization’s goals.”

Timing for Convergence – Looking Forward

Thirty-three percent of respondents said they envision convergence happening within their organizations in the next two to five years, while another 33 percent said convergence will never happen. The barriers associated with true convergence include: Turf control, complexity and skills needed to handle multiple disciplines, budget conflicts, compatibility across groups, lack of technical platforms and expanding privacy laws

“A multitude of elements must be in place for convergence to truly improve overall security and streamline internal business processes,” said John Lorenty, Honeywell Systems Group president. “A strong IT backbone and common protocols are essential for convergence to be effective. Most importantly, a strong partnership between cross-functional teams is critical to ensure that ea converged solution meets the challenges of ever-evolving threats.”

The study’s margin of error is plus/minus 2 percent.

For more information about “Enterprise Threat Management and Security Convergence: A Benchmarking Survey,” please visit www.honeywellintegrated.com.

Honeywell International is a $36 billion diversified technology and manufacturing leader, serving customers worldwide with aerospace products and services; control technologies for buildings, homes and industry; automotive products; turbochargers; and specialty materials. Based in Morris Township, N.J., Honeywell’s shares are traded on the New York, London and Chicago Stock Exchanges. For additional information, please visit www.honeywell.com.

This release contains forward-looking statements as defined in Section 21E of the Securities Exchange Act of 1934, including statements about future business operations, financial performance and market conditions. Such forward-looking statements involve risks and uncertainties inherent in business forecasts as further described in our filings under the Securities Exchange Act.

____________________________________________________________________

Honeywell March 12, 2008 press release

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Get Our Newsletters
Campus Safety Conference promo