Three Professional Groups Team to Develop National Security Standard
Three prominent security organizations are teaming up to develop a national guidance standard for physical, cyber and information security. ASIS International, (ISC)2 and ISACA are working together to create a security standard geared toward helping organizations protect people, property and assets in an increasingly challenging and risky business climate.
The new Security Awareness American National Standard will address all aspects of security, incorporating the core strengths and specialties of each of the participating organizations.
The three groups decided to work together to combat what they perceive to be increasing challenges surrounding physical and electronic security. They plan to focus on protecting personal information, business transactions and critical infrastructure, all of which face growing threats as boundaries between physical, cyber and IT security become more complex and less defined.
“The human element is central to any successful security strategy,” said Dr. Marc H. Siegel, commissioner of the ASIS Global Standards Initiative. “By promoting a ‘security awareness culture,’ organizations can proactively prevent problems that detract from achieving their business objectives. The proposed standard will integrate physical, cyber, and information security into day-to-day business and risk management practices. It will emphasize that everyone in the organization is part of the risk equation, and therefore, part of the solution.”
“Businesses are struggling to cope with all of today’s security threats,” added Dr. Casey Marks, director of professional programs development at (ISC)². “The continued convergence of cyber and physical security causes our adversaries to neither think nor act in siloes when they perform malicious activities. An all-encompassing security standard like this will help to provide businesses with needed guidance.”
Specifically, the new standard will integrate cross-disciplinary management measures along with awareness and training programs. Discussion will focus on physical, information and cyber security along wireless networks and password security. Intangible asset security, including branding, reputation, file sharing, intellectual property and image, will also be an important topic of discussion and review.
Additionally, the three professional organizations will create a joint technical committee and working group devoted to standard development. The group will solicit input from global security experts and operate according to ASIS’s ANSI-accredited process. The resulting standard will ideally be applicable anywhere throughout the world.
Edited by Peter Bernstein