As our world becomes “smarter” and more connected, it becomes more important for physical security devices, systems and companies to have strong cybersecurity in order to mitigate risk. Luckily, there are ways security companies can strengthen their cyber defenses and incident response, build trust and foster a culture of responsible connectivity.
In this article from the Security Industry Association’s (SIA’s) Cybersecurity Advisory Board (CAB), learn key concepts in cyber-physical security convergence and get expert insights on how to support convergence between cybersecurity and connected systems. These tips were developed by the SIA CAB during Cybersecurity Awareness Month 2021 as part of SIA’s efforts to promote responsible connectivity and encourage SIA members to strengthen their cybersecurity postures.
What Is Convergence?
Merriam-Webster defines convergence as “the merging of distinct technologies, industries, or devices into a unified whole.” The security industry experienced a first phase of convergence back in the early 2000s, when analog devices such as access control panels and cameras started being encoded and placed on IP networks, which eventually lead to devices becoming inherently IP-based. Today, as devices become “smart” with artificial intelligence and machine learning technology, the industry is experiencing a second phase of convergence often referred to the Internet of Things (IoT), or the Industrial Internet of Things (IIoT), and Industry 4.0. Automation has given birth to autonomous systems that provide increased efficiencies and business intelligence. Smart sensors provide a tremendous amount of data about organizations, and that data is often used to make important decisions about the future of the organization. This abundance of data collection has made cybercrime into a trillion-dollar business.
Risks of Convergence
This increase in connectedness of cyber-physical systems has also created a much greater attack surface for bad actors and increased risk to the organization. These cyber-physical assets are often targeted and exploited, resulting not only in compromised systems, but compromised security systems. The lack of attention that is given to endpoint security when dealing with operational technology as with physical security, HVAC and lighting systems has created a greenfield of vulnerabilities for many organizations.
Roles and Responsibilities
The roles and responsibilities for the security professional used to be clear and defined: physical security, access control and workplace violence. Today, the roles and responsibilities of the security professional are blurred with additional tasks that span both information security and cybersecurity. The security industry has been plagued by siloed communication for decades, often relinquishing cyber responsibilities to the IT department, or worse, circumventing IT and information security completely by building out separate networks and infrastructure to not have to deal with the roadblocks that they caused. This mindset in today’s environment is dangerous.
Two Sides to the Same Coin
Consider cybersecurity to be the super-nerdy cousin of physical security. When comparing the principles of both disciplines side by side, they are essentially two sides to the same coin:
- Defense in depth
- Risk assessment
- Vulnerability assessment
- Business continuity
- Access control
Both disciplines identify the asset, protect it, detect intrusions, respond to intrusions and recover from the event. In physical security, the crown jewels are tangible assets. In cybersecurity, the crown jewels are data. Yet we still have challenges such as siloed communications, siloed systems, siloed policies and the “us versus them” mentality.
On the Horizon
The good news is that as the physical security industry grows in cyber maturity and a new generation of enterprise security professionals emerges, chief information security officers and chief security officers are beginning to work together to form an alliance in the name of comprehensive and holistic security. Aligning cyber-physical security requirements to the business objectives of the organization creates results-oriented cooperation. Teaming together generates a more efficient incident response, greater trust and streamlined messaging around security building a culture of security.
Cyber-Physical Security Convergence Tips
What can your organization do to support convergence between its IIOT systems and cybersecurity? Here are three tips:
- Start the dialogue between physical security, infosec, IT, and cybersecurity
- Establish roles and responsibilities
- Create a joint convergence team
- Establish information sharing mechanisms
- Identify linked access and systems
- Conduct joint assessments
- Get a baseline of where the overlaps are
- Run the numbers. Share assets and systems whenever feasible. There’s no sense in doing duplicate work!
- Prioritize improvements. This includes patch schedules, software updates and opportunities for automation.
- Create risk-driven policies reflecting converged security functions.
- Build strategic alliances. #TogetherWeAreStronger