Physical Security vs. Cybersecurity: The Critical Need for Collaboration Within Enterprise Security
The landscape seems simple – Physical security is responsible for safeguarding people, property, and physical assets from the risk of physical danger, such as assault, theft, vandalism, fire, or terrorism. Cybersecurity, on the other hand, deals with protecting organizations, systems, and data from digital attacks. One deals with the physical world, the other with the digital world.
Yet, both physical and cyber assets represent a significant risk to physical security and cybersecurity of an organization. Each type of asset can be targeted to result in compromised networks or security infrastructure. A physical breach can facilitate a network breach; for example, a malfunctioning access control panel can allow an unauthorized individual to enter the premises and insert a virus-ridden USB into the network. A network breach can lead to a physical danger; for example, hackers can gain control of the company alarm system or surveillance cameras and take them offline. In addition, any connected physical security device can be hacked and used as an entry point to the company network. The once clear functions of physical security and cybersecurity have become blurred. Yet, despite their co-dependence, physical security and cybersecurity divisions are often treated as separate entities.
Operating these divisions in siloes does security leaders a disservice: they lack clear visibility into threats targeting their enterprise. This gap opens the door to attacks, which can severely impact the organization, such as the theft or exposure of sensitive data, reputational damage, disruption of business, or even loss of life.
Digital Systems Provide Benefits and Risks
Physical security measures such as surveillance and access control were traditionally handled by security personnel as a standalone function, with no connection to IT. The shift from analog to digital in physical security mostly remained in the same hands, meaning legacy physical security systems remained outside of IT and lacked the tools necessary to protect against new digital threats.
Today, as more physical security devices are connected to the Internet, they become attractive targets for criminals looking to inflict damage for economic, criminal, or political purposes. The attack surface has increased exponentially. That’s because for a number of organizations, once deployed, physical security devices are often left improperly managed, they typically are not supported by IT, and the specific departments using them lack the necessary tools or resources to stay on top of this colossal function.
For example, in March 2021, Verkada experienced a breach in which more than 150,000 cloud-based physical security cameras were hacked. The hackers gained access to thousands of cameras in hospitals, schools, jails, corporate offices, and police stations, to name a few. The hackers could monitor the goings-on in these facilities and access private data, such as personal video footage from the home of a Verkada employee, video of patients in their hospital rooms, and footage of inmates in detention facilities.
Physical security devices have also been used as a vehicle for cyber-attacks: Mirai was the first major malware-loaded botnet to breach IoT devices. It targets consumer devices like smart cameras and home routers to carry out massive distributed denial of service (DDoS) attacks.
Many installed physical security systems are made up of devices deployed across vast locations and sourced from multiple suppliers. Most organizations did not install all their systems in one go; instead, devices were deployed over time, as needed. As a result, many deployed physical security systems are complex as they contain multi-vendor and multi-generational devices. This means securing these varying devices requires collaboration between the two previously fragmented security functions: Physical Security and IT.
The Path Forward: Bringing IT Standards to the Realm of Physical Security
Organizations that disable the silos and facilitate collaboration between cyber and physical security functions are more resilient better placed to withstand the growing risks. Collaboration encourages information sharing and unified security policies across functions. For example, IT management standards and capabilities, such as automated firmware upgrades and password rotations, can and should be applied to the world of physical security. Not only do IT best practices improve the availability and security of physical security devices, but collaboration with IT allows physical security professionals to be better prepared to identify, prevent, mitigate, and respond to threats.
Benefits of Collaboration between Physical Security & Cybersecurity
As the lines separating physical and cyber assets become increasingly blurred—the benefits of collaboration between security functions have become clear. Adopting a robust, end-to-end solution that leverages an IT system specifically designed for physical security offers the following benefits:
- Improved system availability — Get real-time data on device status and manage operational issues whenever they arise to minimize device downtime.
- Ensure compliance – Identify incidences of non-compliance with company policy and take the necessary steps to rectify these issues at scale by leveraging automation.
- Protection from cyber threats – Use the power of automation to prevent security vulnerabilities from compromising your physical security devices. Automate crucial maintenance steps such as password rotations, firmware upgrades, security certificate updates, end-of-life device management, device configuration settings, monitoring of unused connections, and Network Time Protocol (NTP) management.
- End-to-end visibility — Detect anomalies in device behavior in real-time to quickly shut down attacks. Evaluate the health status of each device to find any that are out of compliance with firmware, have old passwords, or use outdated security certificates. Predict edge device issues that have yet to arise, plan for device end of life, and prioritize your maintenance activities accordingly.
- Significant cost savings — Reduction of manual labor and on-site visits as well as other expenses related to manual management of physical security devices.
Physical and cyber security are both critical to the enterprise but currently remain in silos, which presents a significant threat. Bridging the gap through collaboration ensures enterprises keep devices operationally compliant, secure, and protected against these attacks. To learn more about how collaboration between security functions can help your organization safeguard its physical security assets, set up a consultation call here.