Just a decade ago, as security professionals, we could talk reasonably about physical security and logical security requiring different approaches. Five years ago, we might have found ourselves having conversations about the blurring lines between the two types of security discipline, and could have easily pointed to aspects of both physical and logical security that crossed over each other.
Today? In organizations that have embraced even the least cutting-edge aspects of operational and information technological advances (consumer IoT, industrial IoT, cloud hosted services, etc.), we can no longer rationally discuss a strictly “physical” or “logical” approach to managing security risks to the enterprise.
by Rachelle Loyear, CISM, MBCP, AFBCI, PMP
Rachelle Loyear is author of The Manager’s Guide to Simple, Strategic, Service-Oriented Business Continuity and co-author with Brian J. Allen of Enterprise Security Risk Management: Concepts and Applications and The Manager’s Guide to Enterprise Security Risk Management: Essentials of Risk-Based Security.