4.8.22 – SSI
Most physical security companies have a great opportunity to grow their business by either adding or partnering to add cybersecurity offerings.
Amid other strong candidates, a compelling case could be made that in the entire history of the electronic security industry the most transformative — and disruptive — technology has been IP-enabled devices.
Even interrelated subsets of that innovation, including networked physical security systems, the Cloud and as a service model, mobile on-the-go controls, residential networks and the Internet of Things (IoT), make some of the previous tech “advances” seem about as revolutionary today as comparing a kinetoscope to streamed 4K video.
There is a huge caveat of this paradigm shift, however, manifested by the now omnipresent threat of hacking and emergence of the enormously large and complex cybersecurity discipline.
I take pride in the fact that for some 10 years now, Security Sales & Integration has been at the forefront of industry media recognizing the relevance of cybersecurity to the electronic/physical security channel and importance to educate the market why practitioners should care — and for myriad reasons take action.
That effort has not only included widespread and deep coverage, but also participating in dedicated subject matter groups/committees and events, the industry’s only annual Cybersecurity Issue, and launching a groundbreaking study in 2014 called the Physical-Logical Security Assessment (PLSA).
Those new traditions continue with the April issue and revival of the PLSA, renamed the Cybersecurity Deep Dive (check it out here). As part of that undertaking, integrator respondents were asked a few open-ended questions. Here are some of their opinions and insights:
What is the biggest cybersecurity challenge facing physical security companies?
- The constant change in technology.
- Too many variables to keep all in check.
- IOT vulnerabilities, especially when they operate on the customer’s network.
- The hackers seem to always be one or more steps ahead of our security platforms.
- Organized professionally done breaches.
- Installation technicians not performing installation hardening on devices (weak passwords, open firewall ports).
- Standards and product vetting. Lead with protection, not sales.
- Complacency that it will happen to someone else’s customers.
- Systems being hacked by end-user error, but the blame falls on the last person to add to or make changes to the client’s network.
- Finding out there has been a breach.
- Viruses in email. 2. Phishing 3. Uploading from enterprise network to Cloud 4. Remote access 5. Employees use VPN tools and proxies.
- Cloud adoption trumps security.
- Ransomware attacks.
What product features or support mechanisms should manufacturers provide to help your company better maintain cybersecurity?
- Security built-in from the design stage. Automatic firmware and security updates without full system restarts. Required password and 2FA.
- Automatic password changes on any device on the network.
- Forced default password changes — QR codes that have MAC address in them.
- Stay on top of current applications and patching holes and testing of MS patches for servers and workstation OS.
- 24/7 monitoring either as-s-service from the vendor or hooks into MSSP platforms.
- Device hardening guides.
- Cloud options only — no hardware.
- Complex password requirements 2. Shared password 3. Login overload 4. Data hijacking. These mitigation measures also build on the capabilities of the NIST Cybersecurity framework and promote defense-in-depth security posture.
- Perform routine penetration tests.
- Encrypted authentication mechanisms. Encrypted data at rest and in transit. No default configuration settings.
Other comments on the relationship between physical and logical security?
- Physical security should run on its own network — not negotiable.
- Most physical security companies have a great opportunity to grow their business by either adding or partnering to add cybersecurity offerings.
- The world of information and physical security are merging, and I welcome it. Information security staff is often better equipped to detect anomalies in a stream of events.
- Physical security contributes more devices, many of which are in exposed places. Moreover, they are harder to manage at scale. The combination creates a vulnerable cyberattack surface. Cloud recording/management compounds the issues because now you have to trust vendors when it is difficult to verify they are doing things properly.
- The electronic security partner ecosystem should be ashamed of its history to date. We used to be the “security guys,” now we’re mostly just part of the problem.