Why you need an integrated approach cyber and physical security | Computing
To better understand the current cybersecurity landscape, we sat down with Reed Exhibitions’ Group Vice President of the Security Events Portfolio, Will Wise who offered his insight on today’s growing threats.
How do cyber attackers target physical security assets?
Due to the explosion of the Internet of Things (IoT) connectivity in enterprise, government and public sector environments, organizations face an increasing risk not just for cyberattacks, but also physical security. Cyber and physical security can no longer be treated in siloes.
In 2018 alone, we have seen more physical assets that are vulnerable via connection to the internet, including devices like security cameras, alarm and access control panels, and manufacturing infrastructure like industrial automation systems. Any piece of Internet-enabled technology that is connected to a building and its infrastructure presents significant risk.
Even formerly low-risk HVAC systems can be a gateway for hackers to gain access to a network and cause an attack. Remember Target? Attackers were able to steal personal data from nearly 40 million customer records due to a network access vulnerability exploited in Target’s HVAC system. And this problem stems far beyond cyberattacks.
If an attacker gains access to technical systems that control building operations, for example a smart lock on a door, video surveillance camera or an energy grid, they can cause catastrophic physical and public safety risk. Beyond building entry and robbery, just think about the destruction possible if an adversary shut down the critical infrastructure energy grid and all of its facilities. That is a classic scenario in which both cyber and physical attacks could occur.
What are the risks associated with IoT? How can businesses protect against them?
One of the biggest challenges organizations face to protect connected devices is visibility. Oftentimes, IoT devices are not under control in a centralized location, but reside remotely on “the edge” of their networks. They are connected across vast and remote locations – such as on a wind turbine, on a supplier’s truck or in a remote office facility – pulling data from its host and sending back to home base, with the goal to increase efficiency of operations. However, this efficiency presents a challenge as many of these devices are not designed and built with security in mind.
Device manufactures must build in security as a core part of product development so there is confidence in secure usage to improve business operations and processes. Organizations that are looking to reap the benefits of IoT must take into consideration the embedded security of the device, as well as how to monitor and manage devices across many different locations.
What value can AI bring to cyber and physical security?
AI is crucial in aiding both cyber and physical security efforts and help organizations take a more proactive vs. reactive stance. For cyber, AI technology works by identifying regular network activity patterns and will pinpoint any suspicious behavior. It will analyze this behavior and then determine any need to intervene.
For example, if an employee is requesting access to files it does not regularly ask for, the action can be blocked by AI and elevated to the security or IT department to investigate further. For physical operations, AI technology is imperative in improving real-time intelligence and response time. Imagine if a disruption were to happen at an event, AI technology can analyze the actions in real-time, deliver a report immediately to law enforcement and first responders, and appropriate measures can be taken to prevent and reduce the threat from escalating. There is no need to have a big delay to wait and watch video footage – AI enables instant intelligence and action.
What is the biggest challenge organizations face to protect both their physical and digital assets? How can they combine efforts to secure both physical and cyber?
Business leaders need to first understand how they can integrate IT and OT (operational tech), and this starts with coordination between each of the teams responsible for these departments. These technologies no longer operate in siloes, as they are all on the same network – from manufacturing plants and industrial systems to smart cameras and mobile devices – so neither should the corresponding teams.
An easy first step to achieve this is by integrating your security command centers to include both cyber and physical teams. Not everyone needs to be an expert, but it’s about having an open line of communication and a plan in place if disaster strikes. For the benefits of IoT to be realized, there must be a converged approach with IT, OT and physical security elements being well coordinated – from a technology, process and people perspective.
What advice would you offer to security professionals?
First, don’t get comfortable. Just because your organization hasn’t been breached yet (that you know of), it doesn’t mean it won’t. It’s important to stay in tune with the latest technology and products offered on the market – from long-standing software to newer offerings from startups. Adversaries are honing their attack strategies and tactics and you cannot sit idly by with the notion that your business is “just fine.”
Second, know how to elevate your priorities and objectives to your organization’s executives and the C-suite. Security is not just a technical issue, as your brand and reputation are at stake along with major financial and legal liability implications. IT, OT and physical security teams need to be proactive, speak up and express leadership themselves, putting an appropriate amount of urgent focus on risk management, compliance and liability.
Finally, and most importantly, is education and training. And this goes beyond internal employee training programs. Innovation happens at a rapid pace and every single security professional should be staying up-to -date on the latest technologies and techniques to not only protect their organizations’ critical assets and embrace innovation, but to also improve their knowledge and advance their personal careers. Seeking hands-on workshops, trainings and certifications at industry events are a good place to start.
Will Wise, Group Vice President of the Security Events Portfolio at Reed Exhibitions