I’m often asked for advice on organising security functions. One increasingly common question is should information and physical security be merged. I have lots of observations on that, having served my apprenticeship switching many times between the two functions.
I’ve just posted a brief analysis of some of issues associated with merging information and physical security on my Infosecurity Europe blog. It’s essential reading for anyone contemplating (or aiming to resist) such a merger.