Despite the difficulties, security convergence has progressed among leading-edge companies where physical and logical security groups have collaborated frequently, says Vish Ganpati, senior associate of enterprise resilience at Booz Allen & Hamilton Inc. in New York. "Some companies don't realize that convergence is needed. Others see the need to do something about it," he says.

Ganpati points to a pharmaceutical company where the IT department had started installing a virtual private network security system and the physical security division was implementing a card identification system. After recognizing that there was a lot of overlap, the two groups collaborated and knocked 15 percent off their combined costs. They also impressed the CEO, he says.

The two teams also work closely together at Bank of America Corp., where collaboration is so ingrained in the corporate culture that cooperation between departments doesn't need to be structurally imposed, says Doug Smith, corporate information security and business continuity executive at the Charlotte, N.C.-based bank.

"When I came to the bank [in 2002], I asked for an organizational chart and people laughed at me. There isn't one," says Neil Gallagher, Bank of America's homeland security executive.

Smith says the bank's reliance upon Six Sigma processes helps its managers and staffers to recognize "opportunities when we can do something better" -- even when there aren't formal convergence points between its physical and information security groups.