Audit & Challenge Initiative

How do we measure the state of the security industry? As a lifelong service provider, I tend to think in terms of relevance and perception. Are we fulfilling our mission and responsibility to our customers? How does the rest of the business world view us?  My opinion is that we are comfortable being mediocre as an industry. 

Yesterday, I was talking to an engineer about his work. When he mentioned the company he designs Artificial Intelligence for, I immediately asked if he knew some of my friends who work in security. He laughed and said, “No, I haven’t been in trouble yet, so I don’t know anyone in security.” 

Can we claim to be a professionalized industry if your customer interactions are based on negativity?

The security industry can be a frustrating experience for a young professional. If I had to define the problem into a single statement, it may sound something like this. The security industry is resistant to change because it refuses to acknowledge how fast the world around us is changing. Therefore, many problems will continue to worsen and a large segment of the industry will grow completely irrelevant without realizing it.

Think about this for a moment. As an industry, our standards and certifications are on a 3-5 year revision cycle, while the threat landscape morphs several times a year. 

How can we remain relevant with this kind of gap? Are we actually in the position to mitigate our client’s risk?

How long will physical security professionals believe that cyber security is someone else’s problem? If you have a keypad, badge reader, camera, or intercom; connected to a network, then cyber security is your problem. In fact, since everything is connected to the internet these days, logical and physical security probably shouldn’t separate their education tracts any longer. It breeds false expectations and needless rivalry.

Maybe my statement would sound like this. If the security industry truly wishes to become a professionalized industry, it should decide why it exists and what a career path looks like.

How many companies do not understand why their security departments do what they do? How many security departments don’t understand why their company conducts business the way they do? 

If we are to be truly recognized as professionals, can we afford not to be viewed as a business unit? 

Audit & Challenge

My intention is not to complain and I don’t presume to know all the answers. This year, I want to write about topics from a fresh perspective and offer my suggestions for improvement. Most importantly, I would like to start the conversation. If we don’t think outside the box and talk about these issues, we will not move forward as an industry. Many will unwittingly become irrelevant. 

Stay tuned for articles on industry values, common practices, critical thinking, and strategy. I hope that others will want to join the conversation and post their own articles. This conversation is long overdue and cannot be put off any longer.

Not everyone will enjoy these articles and that's fine. Let us ensure we maintain respectful discourse. Everyone is entitled to his or her opinion and we all have room to grow as an industry.

More to come next week!