Due to the continuing rapid advancement of digital technologies, this year my expectations following the ASIS Annual Seminars and Exhibits conference in September were very high for applications that would address risks in ways that previously were not feasible. I kept my eyes and ears open for announcements along that line, and found exactly what I was looking for in a number of products and new product capabilities.

Q: What great convergence technologies or applications did you see at the conference?

One demonstration appealed to me above the others, because the use of two technologies enabled coordinated detection and response for both cyber and physical security threats across the two domains.

Arcsight (www.arcsight.com) is a visionary company whose Enterprise Security Manager is a leading product in the IT domain. Classified as a security information and event management tool (SIEM), it contains an optional Threat Response Manager module (TRM), that can not only detect new risk conditions in real time, but also take immediate remedial action — all based on rules made specifically for your business and its facilities. For example, if an access-controlled space containing critical data or materials is propped open, TRM can lock down the next layer of doors, extending the access restrictions outwards to the next access control layer, keeping the data or materials safe, and keeping regulatory compliance intact. It can also notify Security of the change — enabling officers to correctly deal with the temporary changes in access privileges. Furthermore, it can also notify Security of individuals who were already inside the newly extended protection zone at the time of the response, providing accurate situational awareness in seconds.

It would be extremely difficult to execute such a response through security officer procedures, and impossible to execute it in the near-immediate time frame of the system’s.

To implement this kind of capability requires that ArcSight’s Enterprise Security Manager is integrated with a physical access control system such as the PL-1000 from PlaSec (www.PlaSecInc.com), which can exchange data with the system and accept response actions generated by its TRM module.

It’s a Two-Way Street

Responses to events in either domain can trigger an appropriate response from both domains, as the two worlds now have a rules-based correlation.