Once upon a time Security meant a fairly readily defined industry sector. At security exhibitions and conferences you found mostly police officers and security consultants – who were ex-police officers.
I was a market researcher in those days. If it had not been for my height, I could have easily been overawed in these surroundings. The market for products comprised mostly intrusion detectors, alarms, perimeter protection and security gates. The main service offering was of uniformed security guards.
In a quarter of century, the market has grown by leaps and bounds, seeping in to every nook and cranny in commerce and industry, government and civil life. Security today involves a staggering number of issues. Physical security has extended into an enormous range of devices for sensing, monitoring, reporting, analysing and responding in shops, offices, on the streets, in parks, in hospitals, prisons, residential accommodation, hotels, sports arenas, on trains and buses and almost anywhere. In the virtual world it is as pervasive, with software and systems designed to check, evaluate, monitor, log, isolate, record and store data of all kinds, whether on networks, devices, systems or the Internet.
Now take each of those product or service segments and consider: each has to be conceived, designed, developed, deployed, operated, maintained and be compliant with a seemingly inexhaustible train of standards, legislation and regulation. In total, security is a vast and complex area – a universe of activity.
Just as in the real Universe, many disparate elements make the recognition of a unifying concept very challenging. Yet scientists studying the Universe, applying hard thinking and developing theories to satisfy the observed facts, are moving towards evolving a Unified Theory to explain it all.
Can such a concept be applied to security? And if there could, would it be of value?
I think it may be that security’s Unified Theory lies in the individual. A Unified Theory of Security would see authenticity, transparency, uniqueness and validity applied to each person. Thus, at the very limit, every person’s actions whether in the real or virtual worlds would be captured, the individual would be accountable for those actions, which could not be ascribed to any other individual, while the individual’s identity could not be duplicated or ascribed to another.
Sadly, the corollary to this would be a society very different from today. The individual would be security-laden yet security-protected. The individual could not hide behind a pseudonym but nor could his or her identity be stolen. Would this mean individuality disappearing into some kind of social community?
Just like a bee in a hive or an ant in a nest?