SecurityInfoWatch.com recently caught up with Gareth Webley, the CSO for National City, the eight largest financial services company in the U.S. As Webley puts it, "We're the biggest bank you've never heard of." National City has close to 1,600 branches in eight states, and with its brokerage and mortgage divisions, the company has a virtual national presence, despite the fact that the Ohio-based bank is still somewhat regional in focus.

Webley shared an inside look at his organization's security convergence, bringing the "geeks and guns together", so to speak. From the creation of a converged security command center that would be in operation 24/7 to the general benefits of merged risk assessments, the excerpts from our Q&A with National City's Webley help shed light on security convergence for any organization.

Webley will also be speaking on Wed., Nov. 15 at the ADT Financial Security Symposium in Florida. His presentation will be available for free live on your computer via SecurityInfoWatch.com's webcast series (register now for Wednesday's online seminar).

SecurityInfoWatch.com: Can you share with us some of your history as well as the history that led to a converged security program at National City?

Webley: I joined National City in 1999 primarily to head up the information security department and grow it. The bank had gone through a series of acquisitions. It had doubled, and then tripled it size in about 10 years. In 1995, they identified a need to focus on information security, so I joined the bank and built the information security team over about four years. They named me CISO. Then about a year-and-a-half later, about two years ago now, they decided the physical security side needed the same sort of technology investment and programs approach to delivering security services. They decided to merge and give me the opportunity to lead both the electronic and physical security departments. So I am a chief security officer in the true sense in that I have both data security and physical security reporting to me.

Prior to working with National City, I worked for British Petroleum, and I had quite of bit involvement there with the physical side because they used a lot more technology to secure their plants and their pipelines. [At BP] there were a lot of things that we leveraged our data systems to do for security.

SIW: What was the transition to converged security operations like at National City?