Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementPhysicalTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingPhysical SecurityCybersecurity News

5 minutes with John Scimone, CSO, Dell Technologies, on how to navigate a culture of security convergence

By Maria Henriquez
5 mins with John Scimone
September 25, 2020

According to a report from the ASIS Foundation, only 5% of organizations have converged cybersecurity and physical security in a single department, and almost half separate physical and cybersecurity into two departments.

By thinking of physical and cybersecurity as two separate entities, one aspect inevitably gets undermined and in turn, both aspects become weaker. For example, you can deploy the best data security solution on your laptop to protect your information, but if you print a document and throw it away without shredding it, the organization is at risk. 

We spoke to John Scimone, who currently serves as Dell’s Chief Security Officer, where he leads the company’s global corporate security program and the full spectrum of strategy, planning and operations to aid Dell’s businesses.

Prior to Dell, Scimone served as the Global Chief Information Security Officer for Sony Group, where he was responsible for building Sony’s first global information security and privacy organization, playing a leading role in the company’s response to the infamous North Korean cyberattack. He also served Director of Security Operations for the Secretary of Defense’s communications office where he led the facility, personnel and cybersecurity programs, and as a Senior Security Advisor with the Joint Task Force for Global Network Operations (now US Cyber Command).

Scimone, who runs a converged organization, combining physical and cybersecurity, speaks to how he has personally navigated a culture of convergence and digital transformation at Dell. 

 

Security magazine: What is your title and background?

Scimone: I serve as the Chief Security Officer and Senior Vice President at Dell Technologies where I lead our Security and Resiliency Organization. In this role, I oversee physical security, cybersecurity, product security and enterprise resiliency programs. Prior to Dell, I served as the global CISO of the Sony Group family of companies. I have also held a number of security-related roles within the U.S. Department of Defense. The first converged program I led was when I was head of physical security and cybersecurity for the Secretary of Defense Communications Office in the Pentagon.

 

Security magazine: As CSO of Dell Technologies, you run a converged organization combining physical and cybersecurity. Was this inherited from the previous CSO, or did you lead this change?

Scimone: When I joined Dell in 2017, they’d had a converged organization for a number of years that included physical security and cybersecurity under one roof. I built upon this model after coming on board. The first step I took was integrating a global product security function into the organization, which also took global responsibility for corporate application security, so all of the company’s software development was being secured by a single team of deep experts. I also created a converged governance, risk and compliance (GRC) function, to ensure our various specialized teams would take a common approach to identifying, measuring, and articulating risks for the company. Other converged elements of the organization that I either created or combined included a global project management office (PMO), a training and awareness team, and a metrics and analytics organization. Finally, I created and embedded Business Unit Security teams within our core Dell business units and functions, such as our Infrastructure Solutions Group, Services and our manufacturing and logistics organization. These teams provide embedded, dedicated, full-time security experts that bring unmatched value to proactively identify risks and opportunities that might otherwise be difficult to identify by a solely centralized security organization.

 

Security magazine: What are the benefits of converged security?

Scimone: Converged security organizations recognize benefits in both efficiency and effectiveness, regardless of size or industry.

From an efficiency perspective, combining teams with common functions (e.g. project management, employee training, risk management, etc.) provides for opportunities to streamline processes and reduce resources. Beyond efficiency gains in the security team itself though, the broader productivity of the organization can be improved as employees are only having to engage with a single security team and enroll in a single annual training course that converges the most important topics both physical and digital. 

From an effectiveness perspective, bringing multi-discipline skillsets to solve problems and manage risks positions companies better to deal with a threat and vulnerability landscape that is itself increasingly converging. We see cyber-attacks being perpetrated via physical means, and vice versa.  Vulnerabilities in cyber systems increasingly can result in physical world effects, and vice versa.  To artificially treat these realms separately when the risks being faced are themselves increasingly converged is like watching two sports teams play against one another, with one side that has a unified game plan under a single coach, and the other that is being coached and managed separately.

This is especially beneficial for senior business leaders as a converged organization provides them with a holistic risk view so that they can articulate investment priorities and complex risk scenarios in a simple and unified way.

 

Security magazine: Are there disadvantages to this converged security model?

Scimone: Issues may arise if a CSO does not have a deep understanding of the full breadth of portfolio responsibilities, or if they struggle to aggressively prioritize within their broad portfolio resulting in dilution of focus on key risk areas. Security leaders must prioritize incessantly within their own organizations, and remain attuned to which functions within the converged portfolio need to be prioritized to align with business priorities. In the simplest example, a medical device company is likely to make product security their number one priority while a luxury retailer would prioritize physical security. Converged CSOs must prioritize incessantly to avoid the additional responsibilities distracting from or diluting their focus.

 

Security magazine: How have you navigated a culture of convergence and digital transformation at Dell?

Scimone: Dell Technologies has a long-standing culture of being bold in its willingness to constantly change and reinvent itself to adapt to our customers’ needs. This kind of attitude is essential to making big organizational changes like converging physical security and cybersecurity organizations, but also to capitalizing on the digital transformation opportunities that exist (both within our organization and those that we counsel and assist our customers with implementing). Every team member in our converged organization knows that our culture values innovation, experimentation and bringing forth bold, new ideas. One of the most satisfying parts of watching our converged organization progress has been seeing my talented team members jump back and forth between different facets of security, applying their unique skillsets against the breadth of mission areas we focus on. In particular, seeing our cyber-savvy practitioners start merging and partnering in the physical security space excites me as I believe physical security is on the precipice of digital transformation.

 

Security magazine: What has been the most difficult challenge with leading a culture of convergence?

Scimone: It takes the right type of team member to succeed in a converged organization. They need to be open minded, curious and willing to learn every day. That said, one of the most significant challenges, if not the most significant challenge, in leading a modern-day security program is competing for talent. We’ve created an inclusive and collaborative organization where team members can expand their skillsets and cross train, which serves as a differentiator in our overall talent strategy and helps us attract those types of team members.

 

Security magazine: What advice do you have for other CISOs/CSOs that wish to lead a similar model at their organizations?

Scimone: To transition into leading a converged multi-discipline organization you have to be willing to be uncomfortable. Many CISOs are intimidated by the notion of holding the responsibility to protect the lives of their employees against violent acts, and many CSOs worry about ever having to explain complex cyber topics in the board room. Recognize that leading a converged organization is less about subject matter expertise, and more about an ability to create a collaborative and innovative culture and team, that you can energize and align against key business priorities, and hiring strong team players to offset your own subject matter gaps. Also, I often see organizations struggling to achieve convergence as they don’t know where to start. The secret is to just start somewhere; it really doesn’t matter what the first step is – whether it be physical and cyber, cyber and product, or any other convergence opportunity – just take that first step and the rest will get easier from there!

 

KEYWORDS: convergence cyber security information security physical security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • 5 mins with julian waits

    5 minutes with Julian Waits - How Security Operations Center leaders can create a culture of growth

    See More
  • cyber security freepik

    When security and resiliency converge: A CSO’s perspective on how security organizations can thrive

    See More
  • convergence freepik

    When product security and cybersecurity converge: A CSO’s perspective on how security organizations can thrive

    See More

Events

View AllSubmit An Event
  • September 25, 2024

    How to Incorporate Security Into Your Company Culture

    ON DEMAND: From this webinar, you will learn how to promote collaboration between IT and physical security teams to streamline corporate security initiatives.
  • April 16, 2025

    Modernizing GSOC Operations: Ensuring Full Control and Complete Situational Awareness

    ON DEMAND: For many organizations, physical security management can be a daunting task. Threats are on the rise and risks are becoming increasingly diverse. 
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing