Failure to converge physical and IT security could result in further data breaches.
Stuart Okin, managing director of Comsec Consulting, claimed that there is a tendency in IT security to ‘lose interest' in physical security and think that it is not part of the responsibility.
Okin said: “In our world we have to move in the direction where we are going to have to embrace our colleagues and do convergence, and if not, all information security breaches will rise. We are so focussed on making sure the applications are secure and the firewall and anti-virus are up-to-date, yet 70 per cent of crime comes from internal, the losses are much smaller and more constant.
“If you want to get information losses down you have got to converge and from an IT systems perspective we need to converge. You want to monitor the behaviour of employees and raise a flag when someone searches common names every evening, or works strange hours or if their behaviour is odd. Get a physical view of the individual and look at whether they have been looking at records of the deceased, and say ‘this guy needs to be investigated'.”
He further claimed that the Enterprise Fraud Management System will help real-time convergence, but UK companies ‘are not bothered', while other countries are stepping up.
Okin said: “Where it is deployed we have seen a reduction in insider crime by 25 per cent, but it also reduces data loss as the trend pushes compliance. So why has the UK not done it? We are not set up to do it, if we are not careful the UK will fall behind the curtain or worse, will experience more data losses.
“This is rolling out in Israel with amazing results; we have talked to CISOs in the UK and hit a brick wall. We need to work together and we now have solutions in place so it becomes a lot easier.”