Cyber & Physical Security Complements Each Other

Blogs & Articles

16 Dec 2022

Physical Security

Cyber & Physical Security Complements Each Other

Keeping pace with the growing standards of security is no less than a colossal task for CXOs globally. Managing both physical and digital security threats is of paramount importance to make certain business continuity, returns, and reputation.

Why are we talking about cyber-physical?

The rapid growth in the adoption and integration of technologies like IoT and IIoT has resulted in an increasingly connected network of Cyber-Physical Systems (CPS). These connected systems have expanded the attack surface multifold and now become a common target for global adversaries. According to an estimate, there will be nearly 50 billion connected IoT devices by the year 2030. The concerning factor is that the response to potential threats is comparatively slow. Reportedly, only one-fifth of organizations in the USA, Europe, and India have fully converged physical security, cyber security, and business continuity.  

In March 2021, cybercriminals managed to compromise over 1,50,000 cloud-based Verkada physical security cameras. Since the cameras were installed across a range of industries, including schools, hospitals, offices, police stations, and jails, threat actors were able to see video footage right from the facilities. They got access via publicly exposed credentials of an administrator account.  Owing to the sensitivity of CPS, any successful intrusion may lead to data loss, environmental disaster, destruction of property, and even damage to human lives. And thereby, the best tactic for safeguarding connected systems is using the blend of “cyber and physical security”. Irrespective of the business vertical organizations operate within, the decision-making bodies must understand that cybersecurity is vital for supporting physical security.

How physical security risks may lead to a cybersecurity incident

Conventionally, physical security measures, like RFID cards, access control systems, and surveillance systems, were considered standalone functions, and both cyber and physical security teams used to work in silos. Subsequently, organizations often lack a comprehensive view of security threats approaching their ecosystem.

Let’s have a look at some situations when a single breach in physical security may lead to a potential cybersecurity incident.

  • Accidental exposure/theft of sensitive documents may lead to a data breach. The same incident happened in April 2021 when a Lifespan Corporation employee’s laptop was stolen after thieves broke into the car. The laptop was not secured at all and it was unencrypted and encompassed health information, including patients’ names, medical record numbers, and demographic data.
  • In case of unauthorized access, the intruder can enter the facility and gain access to critical systems and move data out of the organization’s perimeter. It is also possible that the intruder might install a virus or malware into a network via USB or any other removable media.
  • If a threat actor is able to manipulate HVAC systems and increases the temperature of the server room, network servers might become inoperable which can further create mayhem.

How Cybersecurity Supports Physical Security Systems

We all must have heard about the colonial pipeline attack that shook the entire world. Threat actors entered into the Colonial Pipeline network by leveraging an exposed password for a VPN account. In another similar incident, adversaries compromised the security of the water treatment plant in Florida and altered levels of sodium hydroxide from 100 ppm to 11100 ppm.

Taking into account such situations, cyber security helps enterprises to build a robust framework for physical security measures. For instance, cybersecurity controls can help provoke the right physical security response to any potential threat that might be detected. But it is only possible when both functions are completely in sync. Furthermore, if physical security controls are included along with digital assets while performing penetration testing, organizations can measure the effectiveness of their entire security infrastructure and update their strategy accordingly. 

Best Practices for “Converged Physical & Cyber Security”

There are a few methods through which we can achieve a successful security convergence. Some of them are listed below:

  • Enterprises can opt to implement integrated surveillance and access control solutions to greatly enhance monitoring capabilities, optimize security and evade possible breaches.
  • Organizations must ensure that both software and hardware are regularly updated to patch security vulnerabilities.
  • Communication between physical and cyber security teams must be aligned properly to trigger an appropriate response in case of a security incident.
  • Employees must be educated about the growing threat of phishing scams, malware, ransomware attacks, social engineering, etc.

Conclusion

Adversaries are functioning in a converged manner nowadays and hence there is a need to shift from a “good to have” to a “risk imperative” approach. Organizations must have the capability to manage threats and business continuity simultaneously. Stakeholders need to understand that cyber and physical security are no longer separate topics. They should be addressed together to counter modern-day threats.

© 2024 Bytetra, All rights reserved.