Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Multi-vector threats and the argument for greater convergence
Cyber Security: A Peer-Reviewed Journal,
1
(1),
80-91
(2017)
Abstract
Due to technological innovations and priorities to manage risk at the enterprise level, convergence is occurring between physical and information security functions, responsibilities and missions. In order to adapt to this evolving security environment and protect the organisation from multi-vector threats, information technology (IT), operational technology (OT), and physical security groups must develop trust, enhance communications and information sharing, and engage in cross-domain adaption. As the convergence occurs, organisations are experiencing more multi-vector threats from diverse actors. One area with a high potential for convergence is the security operations centre (SOC). If done properly, the combined joint security operations centre (JSOC) is the most effective way to manage security risks. This paper will address how organisations can best integrate these disparate functions, situations where this cohesion is most effective, and best practices to increase the effectiveness of this integration.
Keywords: convergence; cybersecurity; joint security operations centre (JSOC); operational technology (OT); physical security; security operations centre (SOC)
The full article is available to subscribers to the journal.
Author's Biography
Ron Chandler serves as Vice-President for the Guidepost Solutions Security and Technology Consulting group specialising in Enterprise Solutions, where he is responsible for all service segments regarding the implementation of cybersecurity, global master planning/command and control programmes (GSOC) and managed security services programmes either as standalone service offerings or as an integrated suite of solutions for Guidepost’s clients.
Brent Hambly is the Director of Security Assessments and Strategy for Revolutionary Security. Brent has over ten years’ experience leading assessments, enterprise IT and software-intensive programmes, cyber and physical biometrics credentialing programmes and security awareness programmes. Brent specialises in analysing and advancing security programmes through baselining, identifying improvement opportunities and assisting organisations in achieving defensible postures. Brent holds a Bachelor of Science in Management Information Systems from LeMoyne College and a Master of Science in Technical Management from Rensselaer Polytechnic Institute. Brent also holds GICSP, CEH, Security+, and Network+ industry certifications.
Jason Holcomb is the Director of Industrial Control Systems Security for Revolutionary Security. Jason has been actively involved in helping secure SCADA, DCS and other operations technology (OT) for over 15 years, with experience spanning the utility, oil and gas, chemical and manufacturing industries. Jason leads both technical assessments and strategic consulting engagements, helping clients understand their cybersecurity posture and prioritise investments for improvement. He has created and executed new service offerings and assessment techniques, led multi-year projects to perform ICS vulnerability assessments across the globe, and performed research for commercial enterprises and Department of Energy projects. Jason earned a BS in Computer Science from Evangel University and an MA in Computer Resources and Information Management from Webster University. He holds multiple certifications including CEH, CISSP and BOSIET.
George Ressopoulos is the Director of Enterprise Security Transformation for Revolutionary Security. George has over 15 years’ IT and cybersecurity experience. He has extensive experience leading cyber defence transformations, including: Red Team, Blue Team, Corporate Security Assessment Team, Computer Incident Response Team (CIRT), Vulnerability Remediation Team, and Enterprise User Awareness and Education Team. George specialises in designing and transforming cybersecurity defence organisations aligned with industry recognised frameworks, such as the NIST Cybersecurity Framework. George holds a Bachelor of Science in Management Information Systems from the University of Central Florida and a Master of Science in Business and Organizational Security Management from Webster University.
Matthew Wharton serves as president for the Guidepost Solutions Security and Technology Consulting group and oversees its core services, including cybersecurity, system design and project management, global command and control centres, security assessments and managed services. He is a career security professional with more than 30 years’ experience leading security consulting and integration firms.
