To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://comment.silicon.com/0,39024711,10003272,00.htm

Chief security officer: The newest job title in the IT department?
There aren't many of them about but they could just be the next big thing...

By silicon.com

Published: Wednesday 12 March 2003

IBM today announced that it's getting into the video surveillance business. Not, you might think, the most logical move for a company with a long track record in information technology.

How is it going to sell this stuff? After all, it has relationships with IT directors, not burly security guards.

Well, it may take some time, but Big Blue's move may well pay off. Survey after survey has shown that it is not a good idea for companies to separate physical security from IT security.

What's the good of having the best password policy in the world if someone can walk into your office and nick all your servers?

IT security isn't the most glamorous thing in the world. If you're responsible for it, you're unlikely to get much praise. If nothing much happens, then you're doing your job properly. It’s only when something goes wrong that your MD might wake up and realise how important it is.

Physical security is even lower down the food chain. Blue-uniformed guards, vicious dogs, burglar alarms, entry systems, cameras... Not even the most dedicated of IT departments should take on such a thankless task. Right?

Wrong. Physical and information technology should be treated as inseparable bed-fellows. IBM's move shows that it certainly thinks in this way. It isn’t expecting to be an overnight success with the new offering but clearly believes there's a significant opportunity there. And the company's not often too wide of the mark these days when it comes to raking in profits.

If you'll excuse the marketing speak, it may take user organisations a while to wake up to the 'new paradigm' IBM is envisaging. Indeed, it may take the creation of an entirely new role before the company starts doing serious surveillance business: If the IT director doesn't want to deal with security guards and the security manager doesn’t want to integrate digital surveillance cameras into a wider IT system, then why not appoint someone who can do both? What price there being an increasing number of chief security officers in the future? We wouldn't bet against it.

The message may take a while to get through but it's about time large companies move towards this model. And IBM will be waiting for your call.