Addressing the weakest link: implementing converged security

A. Aleem; Alison Wakefield; Mark Button

doi:10.1057/sj.2013.14

Addressing the weakest link: implementing converged security

A. Aleem, Alison Wakefield, Mark Button

School of Criminology and Criminal Justice

Research output: Contribution to journal › Article › peer-review

Abstract

Reliance on technology presents one of the weakest links in contemporary organisational security, as certain threats can fall into the functional gaps between physical and information technology (IT) security departments. These can be described as ‘converged threats’ when an IT-based attack delivers an impact, such as a virus attack that halts the operation of critical infrastructure, or a physical attack on a system that compromises the security of data, such as an intruder or dishonest employee installing devices on computers to enable the stealing of electronic data. The aim of this article is to present and reflect on a converged approach to organisational security risk management as a means of addressing blended threats. We discuss this idea of converged security in the context of wider trends towards enterprise-wide approaches to risk management, and present a model demonstrating how converged security can be undertaken without a fundamental restructuring of these two key functions.

Original language	English
Pages (from-to)	236-248
Number of pages	13
Journal	Security Journal
Volume	26
Issue number	3
DOIs	https://doi.org/10.1057/sj.2013.14
Publication status	Published - Jul 2013

Access to Document

10.1057/sj.2013.14

Cite this

@article{21e56bf440544478a08c9c5cd786ff39,

title = "Addressing the weakest link: implementing converged security",

abstract = "Reliance on technology presents one of the weakest links in contemporary organisational security, as certain threats can fall into the functional gaps between physical and information technology (IT) security departments. These can be described as {\textquoteleft}converged threats{\textquoteright} when an IT-based attack delivers an impact, such as a virus attack that halts the operation of critical infrastructure, or a physical attack on a system that compromises the security of data, such as an intruder or dishonest employee installing devices on computers to enable the stealing of electronic data. The aim of this article is to present and reflect on a converged approach to organisational security risk management as a means of addressing blended threats. We discuss this idea of converged security in the context of wider trends towards enterprise-wide approaches to risk management, and present a model demonstrating how converged security can be undertaken without a fundamental restructuring of these two key functions.",

author = "A. Aleem and Alison Wakefield and Mark Button",

year = "2013",

month = jul,

doi = "10.1057/sj.2013.14",

language = "English",

volume = "26",

pages = "236--248",

journal = "Security Journal",

issn = "0955-1662",

publisher = "Palgrave Macmillan Ltd.",

number = "3",

}

TY - JOUR

T1 - Addressing the weakest link: implementing converged security

AU - Aleem, A.

AU - Wakefield, Alison

AU - Button, Mark

PY - 2013/7

Y1 - 2013/7

N2 - Reliance on technology presents one of the weakest links in contemporary organisational security, as certain threats can fall into the functional gaps between physical and information technology (IT) security departments. These can be described as ‘converged threats’ when an IT-based attack delivers an impact, such as a virus attack that halts the operation of critical infrastructure, or a physical attack on a system that compromises the security of data, such as an intruder or dishonest employee installing devices on computers to enable the stealing of electronic data. The aim of this article is to present and reflect on a converged approach to organisational security risk management as a means of addressing blended threats. We discuss this idea of converged security in the context of wider trends towards enterprise-wide approaches to risk management, and present a model demonstrating how converged security can be undertaken without a fundamental restructuring of these two key functions.

AB - Reliance on technology presents one of the weakest links in contemporary organisational security, as certain threats can fall into the functional gaps between physical and information technology (IT) security departments. These can be described as ‘converged threats’ when an IT-based attack delivers an impact, such as a virus attack that halts the operation of critical infrastructure, or a physical attack on a system that compromises the security of data, such as an intruder or dishonest employee installing devices on computers to enable the stealing of electronic data. The aim of this article is to present and reflect on a converged approach to organisational security risk management as a means of addressing blended threats. We discuss this idea of converged security in the context of wider trends towards enterprise-wide approaches to risk management, and present a model demonstrating how converged security can be undertaken without a fundamental restructuring of these two key functions.

U2 - 10.1057/sj.2013.14

DO - 10.1057/sj.2013.14

M3 - Article

SN - 0955-1662

VL - 26

SP - 236

EP - 248

JO - Security Journal

JF - Security Journal

IS - 3

ER -

Addressing the weakest link: implementing converged security

Abstract

Access to Document

Fingerprint

Cite this