As we know, ever since the first caveman had something he wanted to keep, security has been a concept and a practice. For much of history, protective security has been about physical barriers and selection of trusted employees / slaves, even going as far as using eunuchs as specialists to guard certain ‘attractive’ assets.
Security has evolved to match changes in need, capability and society. The basic concepts have worked, to various degrees, for millennia and followed us into the 21st century. Are they still valid? We had an industrial revolution and a century or so later a transport revolution and, within decades, an information/communication revolution. Now, with quantum computing, the Internet of Things (IoT) and ‘who knows what’ beginning to appear, what will be the role of security?
Building/home management systems are becoming more integrated. The IoT will blur the individuality of items to the point where the security system will become one element of the unified building/community/precinct and will not require a specialist to design or install. Monitoring of and response to alarms will be automated to the point where the owner of the site may be informed of the incident in real time (as already happens) but simultaneously the notification being sent to police and possibly automatic protective measures being implemented. With vehicle monitoring systems it is already possible to track stolen cars and (legally or not) immobilise them and even trap the thief in the vehicle.
For every advance there is a vulnerability. Digital/Wi-Fi locks, be they for doors, windows or padlocks, offer increased security over the issuing and management of keys, but also increased exposure to digital copying and picking, if not now – then soon. Villains will not need specialist knowledge to attack, enter or defeat systems as those with the skills will post, free or for a fee, the necessary tools to meet any need. We are already seeing this with shared and service-based ransomware.
Users have greater access to ‘arcane’ knowledge once held closely by the specialist guilds/providers. For example, more people are using Dr Google every year and YouTube will show you how to do just about anything. The role of security specialists (like medical practitioners) is to recognise that the user may have gained some knowledge and to recognise that but to take them further along the path of understanding and application.
The concept of in-house and external security providers may dissolve as individuals and organisations take on more responsibility for their protection and response. With Apple, Microsoft, Google and others offering more and more individually controlled systems for the home and work environment, what will the security specialist do?
It is possible that there will be an increased need for generalist/cross-discipline security consultants, that is, those with a working understanding of how it all fits together. It is also possible, if not probable, that the wheel will return to stand-alone, simplistic physical security barriers as the IoT reveals its vulnerabilities, requiring the specialists who know how to design and implement such systems.
Security as a separate knowledge area will continue to exist as there will still be a need to help others protect what they have from theft or damage, but doing it in new operating, technological and social environments. We need to look ahead rather than back to see where we will fit at the end of this year and at the end of this decade. Those of us operating in the security sphere today may be the eunuchs of tomorrow.