Cybersecurity and Physical Security: The Critical Need for Collaboration Within Enterprise Security
The landscape seems simple – Physical security is responsible for safeguarding people, property, and physical assets from the risk of physical danger, such as assault, theft, vandalism, fire, or terrorism. Conversely, cybersecurity protects organizations, systems, and data from digital attacks. One deals with the physical world, the other with the digital world.
Yet, physical and cyber assets represent a significant risk to an organization’s cybersecurity and physical security. Each type of asset can be targeted to result in compromised networks or security infrastructure. A physical breach can facilitate a network breach; for example, a malfunctioning access control panel can allow an unauthorized individual to enter the premises and insert a virus-ridden USB into the network. A network breach can lead to physical danger; for example, hackers can gain control of the company alarm system or surveillance cameras and take them offline. In addition, any connected physical security device can be hacked and used as an entry point to the company network. The once clear functions of cybersecurity and physical security have become blurred. Yet, despite their co-dependence, physical security and cybersecurity divisions are often treated as separate entities.
Operating these divisions in siloes does security leaders a disservice: they lack clear visibility into threats targeting their enterprise. This gap opens the door to attacks, which can severely impact the organization, such as the theft or exposure of sensitive data, reputational damage, disruption of business, or even loss of life.
Digital Systems Provide Benefits and Risks
Physical security measures such as surveillance and access control were traditionally handled by security personnel as standalone functions without any connection to IT. The shift from analog to digital in physical security mostly remained in the same hands, meaning legacy physical security systems remained outside of IT and lacked the tools necessary to protect against new digital threats.
Today, as more physical security devices are connected to the Internet, they become attractive targets for criminals looking to inflict damage for economic, criminal, or political purposes. The attack surface has increased exponentially. That’s because for several organizations, once deployed, physical security devices are often left improperly managed, they typically are not supported by IT, and the specific departments using them lack the necessary tools or resources to stay on top of this colossal function.
For example, in March 2021, Verkada experienced a breach in which over 150,000 cloud-based physical security cameras were hacked. The hackers gained access to thousands of cameras in hospitals, schools, jails, corporate offices, and police stations, to name a few. The hackers could monitor the goings-on in these facilities and access private data, such as personal video footage from the home of a Verkada employee, video of patients in their hospital rooms, and footage of inmates in detention facilities.
Physical security devices have also been used as vehicles for cyber-attacks. Mirai was the first major malware-loaded botnet to breach IoT devices. It targets consumer devices like smart cameras and home routers to carry out massive distributed denial of service (DDoS) attacks.
Many installed physical security systems consist of devices deployed across vast locations and sourced from multiple suppliers. Most organizations did not install all their systems in one go; devices were deployed over time, as needed. As a result, many deployed physical security systems are complex as they contain multi-vendor and multi-generational devices. This means securing these varying devices requires collaboration between the two previously fragmented security functions: Physical Security and IT.
The Path Forward: Bringing IT Standards to the Realm of Physical Security
Organizations that disable the silos and facilitate collaboration between cybersecurity and physical security functions are more resilient and better placed to withstand the growing risks. Collaboration encourages information sharing and unified security policies across functions. For example, IT management standards and capabilities, such as automated firmware upgrades and password rotations, can and should be applied to physical security. Not only do IT best practices improve the availability and security of physical security devices, but collaboration with IT allows physical security professionals to be better prepared to identify, prevent, mitigate, and respond to threats.
Benefits of Collaboration Between Cybersecurity and Physical Security
As the lines separating physical and cyber assets become increasingly blurred—the benefits of collaboration between security functions have become clear. Adopting a robust, end-to-end solution that leverages an IT system designed explicitly for physical security offers the following benefits:
- Improved system availability – Get real-time data on device status and manage operational issues whenever they arise to minimize device downtime.
- Ensure compliance – Identify non-compliance with company policy and take steps to rectify these issues at scale by leveraging automation.
- Protection from cyber threats – Use the power of automation to prevent security vulnerabilities from compromising your physical security devices. Automate crucial maintenance steps such as password rotations, firmware upgrades, security certificate updates, end-of-life device management, device configuration settings, monitoring of unused connections, and Network Time Protocol (NTP) management.
- End-to-end visibility—Detect anomalies in device behavior in real-time to quickly shut down attacks. Evaluate the health status of each device to find any that are out of compliance with firmware, have old passwords, or use outdated security certificates. Predict edge device issues that have yet to arise, plan for device end-of-life, and prioritize your maintenance activities accordingly.
- Significant cost savings—Reduce manual labor, on-site visits, and other expenses related to manual management of physical security devices.
Conclusion
Cybersecurity and physical security are both critical to the enterprise but currently remain in silos, which presents a significant threat. Bridging the gap through collaboration ensures enterprises keep devices operationally compliant, secure, and protected against these attacks. To learn more about how collaboration between security functions can help your organization safeguard its physical security assets, download our free Guide to Bridging the Gap Between IT and Physical Security.
FAQs
Why is the collaboration between cybersecurity and physical security essential?
Collaboration between cybersecurity and physical security ensures comprehensive protection against threats that could exploit gaps in isolated systems, providing a unified approach to enterprise security.
How does integrating cybersecurity and physical security improve organizational resilience?
Integrating cybersecurity and physical security streamlines response strategies enhances threat detection capabilities, and improves overall security posture, making organizations more resilient to attacks.
What are the risks of not aligning cybersecurity and physical security strategies?
Without aligned cybersecurity and physical security strategies, organizations face increased risks of security breaches, data loss, and potential compliance issues, as isolated systems can leave critical vulnerabilities exposed.
Can cybersecurity measures enhance physical security systems?
Yes, cybersecurity measures can significantly enhance cybersecurity and physical security systems by securing network connections, safeguarding against digital intrusions, and ensuring the integrity of security devices.
What steps can organizations take to merge cybersecurity and physical security practices?
Organizations can merge cybersecurity and physical security by adopting shared security policies, conducting joint training sessions, and utilizing technology integrating physical and cyber threat monitoring and management.