SECURITY EXECUTIVE ROLES: Converging Toward Security Consulting

Integration Intelligence w/ Dan Dunkel thumbnail

January 17, 2012

The race is on and innovative chief information officers (CIOs), chief security officers (CSOs), and chief information security officers (CISOs) are on the starting line watching the emerging technologies of social media, mobility, and cloud computing change their jobs, the marketplace, and the integrator channel.

The role of technology in the success of the business is obvious. The protection of intellectual property (IP) and customer records, personal identifiable information (PII), is taking a predominant role in the overall reputation and viability of the company. Global crime is soaring and the small and medium business (SMB) is virtually defenseless. Enter the cloud.

People mistake the value of cloud computing as an economic only incentive, but it also allows for improved security. The IT industry is going “cloud” out of necessity. If computer crime and espionage continue unabated, the Internet will be unusable and the global economic impact catastrophic. Cloud advances promote mobile device deployments and applications in social media. The convergence of open source commodity technology will continue impacting the security executive, the SMB owner, and the integrator.

A standard definition of the roles of a CIO, CSO or CISO, is essentially nonexistent and differs by company. As technology convergence (cloud, social media, mobility) has diluted traditional IT budgets and CIO influence, executives are redefining their roles in regard to security policy. Today, security executives are repositioning to protect “all the business, all the time.” Securing a global company in the age of transnational criminal organizations (TCO) is a daunting challenge.

Physical and cyber crime are at record levels. The smart security executive will extend their operating influence into every business unit. The winner will position himself or herself as a “business consultant.” They will leverage vendor expertise (cloud providers, manufacturers, consultants, integrators) to understand how technologies can best be applied to protecting and improving business operations. Their dialogue now involves generating revenue and establishing best practices across secure global supply chains.

Simultaneously, for the SMB without these executives, protecting information and securing physical facilities can best be accomplished with an outsourced model. This is a logical business move away from local integrator channels.

Where does this leave the security integrator? A consulting resource.

One key question to ask your customer (security executive) is, how are they ultimately measured in their role? What percentage of their actual job responsibility extends beyond physical security?

As the SMB migrates to commodity technologies in the cloud, many security integrators will be purchased by larger organizations. The “physical” security integrators will aggressively compete with the “IT” integrators to provide converged security services to global customers. The IT, physical security and cyber domains will converge. Consulting services to protect business operations against global crime syndicates will be their recurring revenue model. Organized crime and state-sponsored espionage will continue to innovate “daily” and need to be countered.

The question for the integrator is one of positioning for the future. If your current customer does not see these changes, you need to educate them or migrate gracefully to the emerging power center in your enterprise accounts. If the enterprise is not your end game, make your business an attractive merger and acquisition (M&A) candidate. Technology cycles have a long history of displacing integrator channels that do not adjust to market conditions.

The cloud accelerates this change ten fold. The good news is that these technologies are easy to integrate to establish a consulting model. Change always confuses customers.

Embrace an opportunity to educate clients, provide consulting (for a fee), and sell new services. As the security executive becomes more “consultative” to their boards, mirror that positioning in your own business. Happy New Year!

Dan Dunkel is Managing Director - Managed Security Services Practice at PSA Security Network. Contact Dan at ddunkel@psasecurity.com.

You must login or register in order to post a comment.

Join a fast-paced webinar on June 22 when 3xLOGIC’s experts discuss the many advantages of cloud video management. Cloud video management has been gaining steam in the security industry for a while for its scalability and ease of use. Learn why end-users are demanding cloud solutions, and how to best start catering to this demand.