Cyber and Physical Security Convergence
Cyber security and physical security are continually moving closer together and recent attacks are bringing the discussion to the forefront once again.
A recent attack on a water treatment facility in Pinellas County, Florida has illustrated physical security risks from cyber a very public manner wherein threat actors attempted to use the SCADA software to change the amount of sodium hydroxide in the water supply, which would cause harm or death to the consumers. (https://us-cert.cisa.gov/ncas/alerts/aa21-042a)
In other recent example, 150,000 video camera feeds from some prisons and other sensitive organizations was breached. (https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams)
There is every indication that attacks such as these will continue and increase with serious risk to facilities and human lives. Your cybersecurity program should reflect this growing risk.
Here are a few initial steps your organization should be taking right now in light of the convergence of cyber and physical security:
Open a dialogue between your physical and cyber security teams.
Security needs to be collaborative. Physical security specialists may recognize that some recent spear phishing attempt on an executive is actually part of a threat to their life (rather than a financial scam). A cybersecurity expert likely has valuable information to offer concerning the best ways to secure the technologies being used to secure the facility. Collaboration between physical and cyber security should be a priority in this evolving environment.
Identify the overlaps between physical and cyber security within your organization.
Every organization is different so the overlaps between physical and cyber security will vary from one to another. The open dialogue formerly discussed should lead to an assessment to determine where the overlaps exist and how these risks are being mitigated. Revisiting this discussion should happen at regular intervals as well as any time substantial personnel or facility changes are taking place.
CISA has recently published a document that may help you to begin the journey here.
Provide the same devotion to a maturing cyber program that you have been giving to physical security.
An organization that sees its physical risks likely
1. hires professionals to handle security,
2. invests money into the program,
3. consults security specialists when structural or personnel changes are being made, and
4. sees security as a moving target rather than a 'once and done' issue.
All of these same principles are true for cybersecurity.
1. Entrusting cybersecurity to general IT professionals is comparable to asking a general physician to be responsible for the same specific knowledge as an optometrist.
2. Any decent security program requires financial investment, not the leftover crumbs from other budgeted items.
3. Cybersecurity concerns change as other changes take place. Cyber experts recognize the emerging threats that non-specialists can miss in the same way physical security experts can do so in their own field.
4. Cybersecurity is never 'done.' The attackers are constantly evolving their techniques, new technologies are emerging, and better approaches are being learned.
Tuearis Cyber specializes in cybersecurity and nothing else. We are happy to collaborate with your physical security team, IT support, and any other necessary members of your organization in order to act as your cybersecurity team and advisors in security convergence and any other cyber needs. It's what we do and what we love. If you're ready to address the growing convergence of cyber and physical security contact us today.