Starting a Revolution

We are no longer dealing with simple, single-track threats. Today’s risks blend the physical, digital, reputational, and human. But most organisations? Still structured like it is the early 2000s. Siloed teams. Disconnected responses. No shared picture.

What if there were a way to pull it all together and make sense of the whole thing? That is where convergent security comes in. And right at the heart of it is open source intelligence (OSINT).

Why Are We Still Doing Security the Old Way?

Think about the threats we are facing now. A cyberattack sparks a protest. A fake story spreads online and someone acts on it in the real world. Drones buzz over restricted sites with no warning.

It is messy, fast, and it cuts across every part of your organisation.
Yet inside most companies, things are still split up. The cyber team runs scans. Physical security patrols buildings. Compliance monitors policies. They often use different systems, speak in different terms, and chase different KPIs.

Sound familiar?

“The real risk lies not in what we see, but in what slips through the gaps between departments.”
— Ciaran Martin, former CEO of the UK’s National Cyber Security Centre

The result? Gaps. Missed signals. Decisions made in the dark.
When the attackers are linking everything up, should we not be doing the same?

 

So What Is Convergent Security, Really? It is not a buzzword. It is a shift in how we think.

Convergent security is about connecting the dots across departments, tools, and data streams. It does not mean one massive team or a confusing blend of job titles. It means shared intelligence, joint decision-making, and a common picture of what is going on.

It is asking: Are we actually working together, or just next to each other?

 
“You cannot defend the digital without understanding the physical. True resilience demands convergence.”
— Theresa Payton, former White House CIO

Here is what it looks like in practice:

• Sharing threat intel instead of hoarding it

• Planning responses that consider every angle

• Aligning governance so everyone is moving in the same direction

• Seeing the same risk picture at the same time

 

It is simple in principle. But it takes effort to get there.

Why OSINT Might Be the Missing Piece

You undoubtably cant have missed the buzz around OSINT, or open-source intelligence. But are you using it to its full potential?

OSINT pulls in data from all over: the open web, social platforms, leak sites, and commercial databases. Its strength lies in how flexible it is. It is not stuck in one category or format. It adapts. It sees what others miss.

Used well, OSINT helps you:

• Spot protests before they happen

• Track leaked credentials before they are used

• See reputational threats before they spiral

• Flag fraud or insider risk before it is too late

 
“OSINT is not just a tool. It is a mindset—an analytical lens that turns noise into narrative.”
— Bellingcat, investigative collective

 

So here is the question: Is OSINT part of your strategy, or just something the tech team dabbles with on the side? Are You Thinking Like an Attacker?
Because they are already thinking like us. Just better.

Look at the tactics in play today:

• Russian groups hacked IP cameras to track troop movements in Ukraine

• Deepfake incidents have risen over 250 percent since 2017

• Drone incidents near airports are increasing, and some are armed

• Viral misinformation caused unrest in Southport

• Most cyber incidents involve people, not just machines

• Only 15 percent of UK firms have a solid incident response plan

 
“Attackers have converged their methods. It is time defenders did the same.”
— Kevin Mandia, CEO of Mandiant

What would a joined-up response look like in your organisation?

How Do You Actually Build It?

Converged security does not happen by accident. But you do not need to start with a full restructure.

Try this:

• Map where you are now. Where are the overlaps and blind spots?

• Identify your highest-risk scenarios and who owns the response

• Look for a few quick wins where collaboration can add real value

• Build a plan with shared milestones and cross-functional ownership

• Keep checking whether you are working together or just in parallel

 
“True convergence is not about control. It is about clarity.”
— Angela Sasse, Professor of Human-Centred Security

 

What Will It Take to Get People on Board?

This is not just a technical shift. It is a cultural one.
Convergence changes workflows and roles. It touches trust, power, and the way teams are measured.

So ask yourself:

• Are we training people in how to work across disciplines?

• Have we explained why this matters, not just what to do?

• Are incentives set up to reward collaboration or protect silos?

• Do we have leaders who are ready to drive change, not just talk about it?

 
“Culture eats strategy for breakfast. If convergence is the plan, inclusion must be the approach.”
— Simon Sinek, leadership expert

Resilience is not something you can buy. It grows through habit, over time.

What’s in It for the Long Run?

If you get it right, the benefits last:

• Faster and better decisions

• Less duplication and wasted effort

• Early warning instead of late response

• More trust from your board, partners, and public

• A security posture that adapts as the world does

 
“Security is no longer about walls and wires. It is about foresight and fusion.”
— Robert Hannigan, former Director, GCHQ

Before You Go
Let’s finish with a few honest questions:

• Are your teams working together or just next to each other?

• When a threat hits, do you have one response plan or three?

• Is OSINT actively shaping your decisions, or just sitting in a corner?

• What would it take to start converging your security efforts?

• ​

The shift has already started. The real question is whether you are leading it or waiting to follow.

Reach out to our team at Global Protect Risk to explore our Fusion Hub, our converged security engine.