Latest News & Updates

July 9, 2026
 / 
Articles
 / 
Mgmt Strategy

New research shows businesses are expected to spend more on security in the coming year, partly driven by a shift toward converged technologies and investments in Access Control as a Service (ACaaS) and AI-driven video analytics (State of Physical Security 2026: Collaborative Transformation, Genetec). These investments are at the heart of leveraging physical security data for making business decisions and repositioning security from a budget line item to a driver of efficiency, insight, and resilience.

“Findings indicate that organizations are prioritizing investments that modernize their physical security systems [and] value is now being assessed by how systems help users and organizations achieve more,” the survey report concludes. “Physical security technology is no longer about individual tools.”

But to maximize value from investments, businesses need to break down silos that may exist within their organizations. Doing so opens the door for security service providers to apply solutions with cross-functional benefits.

Key points

  • Silos of security responsibility contribute to unrecognized vulnerability and unmitigated threats.
  • Without a comprehensive view of protection activities, a business may underspend on security, duplicate effort, and make it harder for a security service provider to combine solutions in a way that delivers on its full value potential.
  • Holistic security management requires, as a starting point, an understanding of “who does what” to protect an organization and how those pieces fit together.

Who could argue with the premise that an organization should finance prevention of its most critical security threats first? Yet, a mechanism for examining the full spectrum of threats to make that determination is not routine. It is not uncommon for an organization to address threats in distinct parts of the business independently of one another.

When a company manages security threats in isolation within specific enterprise functions — rather than addressing them from a comprehensive perspective — an organization can’t accurately set priorities nor focus investment on the risks most capable of doing harm. It can’t know the full extent to which it already funds protection activities nor leverage full value from the protection investments it makes.

Holistic security management requires, as a starting point, an understanding of “who does what” to protect an organization and how those pieces fit together.

Leading security service providers have no shortage of tools to help customers. But to deploy the most effective combination of security professionals; policies, processes, and procedures; and innovative technology and data tools, an organization needs a holistic view of the myriad activities that combine to protect it. Additionally, business opportunities that might be derived from security investments often fall into the gap between functional silos.

More worrisome, the silos of security responsibility that exist in corporations today are a leading cause of unrecognized vulnerability and unmitigated threats.

(Source: State of Physical Security 2026, Genetec)

What is security?

“Security” encompasses much more than protection of things and people. Indeed, today’s critical risk issues — such as “identity management” — crossover between multiple functions: between HR, business units, physical security, information security, and others.

Ensuring the safety of employees who travel for work also suggests how protection and risk reduction requires coordination between many stakeholders. The travel security services partner, department managers, security staff, human resources, risk management, and a travel department may all have a role to play in this single mission.

Silos also compromise security effectiveness. Merchants, for example, need investigators and data analysts to work in unison — to have an effective communication path, to regularly share ideas and concepts, with both sides learning from the other, if they hope to successfully identify theft patterns and disrupt theft organizations.

A comprehensive, progressive, and proactive approach is now required to optimally defend an organization.

A comprehensive, progressive, and proactive approach is now required to optimally defend an organization. It demands taking all stakeholders’ interests into account — clients, business partners, and especially line management and staff — so that everyone can work together to defend mutual interests and so responsibilities can be assigned.

Finding a framework

There are several useful strategies to overcome the silos of security responsibility that can lead to unrecognized vulnerability. Enterprise risk management (ERM) is an organization-wide process for identifying and managing all risks (and the interaction between risks) in light of business objectives. By placing an umbrella over risk, it offers, in part, a vehicle for coordinating the many facets of risk management, which includes security.

The unifying concept of “corporate defense” is similar. It describes — and can help organize — an organization’s self-protection programs. A corporate defense paradigm can help to address the gaps that often develop when an organization has no defined process for coalescing the many slices of the protection pie. This type of paradigm also pushes an organization to be proactive regarding its security defense, rather than simply fixing whatever hole was most recently exposed. Finally, it encourages accountability and minimizes turf wars.

Whatever paradigm an organization uses to underpin its defensive strategy, the process can provide significant value by placing different assessments of risk — physical site surveys, IT audits, travel risk assessments, and so on — into a common construct so management can make decisions with a complete view of operational risks. It also facilitates the ability to make strategic, enterprise use of a security partner’s protection technologies across the business.

First things first

Organizations should consider embracing a goal of holistic security management. As a precursor, it is necessary to understand all the different players in the protection ecosystem and their responsibilities. For cross-functional collaboration to drive effective changes, organizations should map ‘who does what’ to protect the organization, to then build out synergies and remove duplication. (A simplified starting point is suggested in the figure at bottom.)

Other ‘silo-breaking’ activities might include:

  • Create a common glossary of terms so that all departments that deal with aspects of security risk ‘speak the same language.’
  • Develop and disseminate standardized processes and tools to identify, collect, and report security risks.
  • Share risk assessment techniques to create consistency in the calculations of the impact of risks on enterprise value.
  • Establish clear channels for reporting and sharing information about security risks.
  • Consider working with your security vendor on a performance measurement dashboard tool that takes input from all functions that manage aspects of security risk. A collective tool helps organize security’s various parts into a greater whole that can then provide senior management with high-level visibility into the current security status of the entire organization.