Bob Forsyth, the MD of MITIE TSM writes that the security industry has made real progress in integrating its physical security offerings and has embraced the technology enhancements now available from suppliers with multiple service offerings.
We are increasingly seeing the remit widen to encompass lone worker protection, employee screening, vetting and tracking services and other non-core services which have given clients confidence that their risk is being reviewed across their portfolio and their security teams are managing their account in a holistic way.
The ‘elephant in the room’ that remains outside of the stable security providers’ scope is cyber – usually under the remit of the IT department. So, is now the time to ask when will physical and cyber security strategies become one and work in conjunction to review a client’s full remit of risk?
I think it is just a matter of time before cyber is also part of the security risk perspective that companies like MITIE’s total security management provide. Over the last few years, technology has matured to make integration between physical and cyber systems possible, particularly in the IP arena, with facilities like MiTec which have been built to analyse a client’s full security data.
If you consider it logically, reviewing a client’s risks and not including how it protects its data leaves a gap which no doubt could be exploited: to be properly secure in either area, you must integrate both.
The role of security providers will be pivotal in enabling this integration as some elements of cyber protection can and should be combined with traditional physical security elements. After all, the purpose is still to protect people and assets – it is just in the form of personal or business information.
Physical security, by way of access and egress control, plays a key role in cyber protection by preventing unauthorised access and the risk of theft. For example, someone intending to steal information might need to physically gain access to plug in a memory device. And of course we must not forget the insider threat of employees removing sensitive data themselves.
A security breech around data can be as disruptive as a physical attack: a virus can affect business continuity for days, and sometimes weeks, and that’s if you know it’s there. Viruses can be deployed covertly so an organisation might not even know its presence until such point that the perpetrator decides to activate it – again highlighting the need to be aware of the possibilities as we cannot protect against the unknown.
I am not saying that cyber is a simple service line that can be provided by all security companies. It is indeed a specialist area that needs experts in the field and is also a growing issue to UK PLC. What I am saying is that integration is needed between physical and cyber for a full risk overhaul, and this area will not remain off limits to companies that only operate in the physical security world.
A solid policy is needed to bring the two streams together with each working towards the same goal – the ultimate people and asset protection. Security and IT managers must also recognise the overlap of their remits, and organisations must facilitate a converged approach.
With over 17 years’ experience in the security industry, Bob is a proven achiever at a high level. He is a strong relationship builder who is financially astute with excellent negotiation and communication skills, with the ability to work with people at every level. A team player, Bob is able to lead by example.
Bob was promoted to the position of Managing Director of MITIE’s security business in April 2010 after several notable achievements since joining the company in 2004, including his win of the prestigious MITIE new business award.
Having successfully implemented the merger with Initial Security in the Southern region and developing a profitable part of the business, Bob has continuously worked towards expansion including the implementation of the response service, and has significantly contributed towards year on year growth. In June 2009, Bob initiated the launch of the business’ total security management ethos; to take an integrated risk-based approach to security, incorporating people, technology and consultancy services.
Bob continues to move the business forward and has delivered record EBITA profit. He has increased business retention and launched new services lines including lone worker, void secure, employee screening, and security risk and business resilience. Under his leadership, MITIE’s total security management business has grown into an organisation with a turnover in excess of £280m. He takes every opportunity to promote MITIE’s presence within the industry through his involvement with industry bodies such as City Security and Resilience Networks (CSARN) and the British Security Industry Authority (BSIA).