For over 20 years, the convergence of fraud and security functions has been often discussed, rarely achieved. I think we are at a tipping point, with data and technology facilitating this convergence, while the accelerating pace and complexity of threats make it a business necessity.

In security, Convergence refers to uniting cyber, physical, personnel, supply chain security with fraud and integrity risk functions to enable timely threat detection and response.

In my view, the convergence challenge is three-fold: (1) Culture, (2) Operating Model, and (3) Data and tech. Each element poses distinct challenges. Culturally, convergence necessitates a shift for traditionally isolated departments that, despite facing common issues, often operate independently.

Operationally, leadership of converged functions may need a different skillset, as well as the ability to engage, motivate, inspire and unite very different team cultures and viewpoints.

Data and technology can overcome some of these barriers, but success requires integrating data from various sources in the right sequence to identify the patterns, behaviours and indicators threat actors exhibit for timely detection and response.

There are still a lot of unknowns about convergence and its value. Whilst the ability to see threats ‘end to end’ facilitates early and accurate detection, I haven’t seen reliable data on ROI, operational metrics or cost savings from repurposing existing infrastructure, likely because few organizations have achieved true convergence thus far.

To conclude, I’ve long been a proponent of convergence and its potential value for business. Getting the right data to the right person at the right time has posed an ongoing challenge – I think we’ve nearly cracked that nut, but there’s a way to go yet to demonstrate a compelling business case.