How Cybersecurity and Physical Security Can Converge
The White House recently declared October 2021 as Cybersecurity Awareness Month. This has come after multiple high-profile attacks on fuel pipelines, police departments, food suppliers, hospitals, and other vital infrastructure and essential services. In his statement, the president points out how cyberattacks can have real-world consequences, potentially endangering not only the livelihoods of Americans but their lives.
In the past, physical security and cybersecurity were operated by separate systems. At one point, organizations had no choice but to treat these functions separately because the technology to integrate them did not yet exist. Today, the technology to converge physical security and cybersecurity exists, but few organizations have taken the steps to do so. However, according to one expert, there is little hope for securing either the online or the physical domain if each remains separate from one another.
Why Is Convergence Important?
The possible attack surface, i.e., vulnerable points in infrastructure, is much larger today than it was even ten years ago because of the rise over the last decade of the Internet of Things. This is a collective term that refers to electronic devices other than computers with the capability to connect to the internet. When most people think of IoT, they think of mobile communication devices, such as tablets and smart phones. However, it covers a much wider range of devices, including security cameras, motion sensors, and even security barriers that can be operated remotely, such as Delta Scientific’s DSC720-1M Tall High-Security Bollards.
Potentially, without adequate cybersecurity countermeasures, any IP-enabled security device could be compromised. This could allow unauthorized control of security barriers, which could be opened to facilitate an attack by armed pedestrians or with vehicles, allowing easy access to the now-vulnerable facility.
What Steps Are Involved in Convergence?
There are several steps involved in the convergence of physical security and cybersecurity. The following is not a comprehensive guide but rather an overview of some of the most important steps.
- Manage Risks: You should have your system set up so that software and firmware can update automatically. Applications should be set up to support two-factor authorization for an extra layer of security. You should have a response plan to deal with security breaches and protect your building by making sure the application is deployed in redundant data centers. Network monitoring should take place at all times.
- Make Your Network Secure: This is especially important if your system was designed to be installed on your facility’s campus. Unlike cloud-based solutions designed to operate on public networks, your system may allow unauthorized inbound communication because of a lack of data-secure transmission, strong hardware security, and similar precautions.
- Manage Internal Operations: For example, restrict access to sensitive areas, such as backup storage, server rooms, and your data center. Only employees who have a reason to go to these areas as part of their job duties should have access.
To complete some of these steps, you may require the assistance of a cybersecurity company.
How Can Delta Scientific Help?
Delta Scientific may be able to offer products that help you manage internal operations, such as our security doors. We are also happy to answer any questions you may have about our products that can use the internet to operate. Typically, if you are not comfortable with this, there are other control options available, such as a closed network.
Share This Story, Choose Your Platform!