As the market of the convergence of physical and logical security becomes popular, monitoring for physical and logical anomalies is also increasingly important because indicators of compromise might occur simultaneously in each domain.
As the market of the convergence of physical and logical security becomes popular, monitoring for physical and logical anomalies is also increasingly important because indicators of compromise might occur simultaneously in each domain. If an organization doesn’t combine its security resources and share information between the two, vital information could be lost. The resulting lack of holistic visibility and insight could lead to increased occurrences of exploitation or diminished response capability.
Mohamed Benabdallah, Director of Professional Services at Convergint Technologies, explained this in simpler terms. Stressing the importance of convergence, he said that the crucial factors for assessing security on both sides of the fence include the “What, Where, and How.” What are we trying to secure? Where is it located? And how do we secure it?
“Allowing someone access to an IT asset in a facility without knowing about their physical presence in the facility can result in a breach of both physical and logical access,” Benabdallah said. “Because once the physical security system has allowed someone into the facility without using a credential, the person in question can then access the network as well. Another layer of complication is added by wireless networks, which extend the physical facility beyond the actual walls and create yet another way for logical intrusion.”
What are the key points to consider in convergence?
According to Rakesh Viswanathan, Regional Director for India at
Cyberbit, planning from the design stage is crucial. “Whether you are planning a smart building project or a new manufacturing facility, include cybersecurity in your planning process, just like you plan for any other infrastructure like electric wiring, or water pipes,” Viswanathan said. “Adding cybersecurity systems as an afterthought is a very difficult and ineffective process. Imagine adding the water pipeline after a building was built.”
Mohamed Benabdallah, Director of Professional Services at
Convergint Technologies, suggests that the key priority for converging physical and logical security is the creation of uniform policies on both sides. A weak link in one will make the other weaker as well. A breach in logical security can destroy data on the physical access system, and a breach in physical security can allow for unauthorized access to a logical device.
“Both systems need to share information with the other so that certain automatic business operations can occur effectively, such as a change in access due to an event like employee termination,” Benabdallah said. “The physical security system, including all IP devices, must utilize the latest security patches and upgrades to ensure that any security holes are fully plugged. Without uniform security policies, systems allow for vulnerabilities that could compromise a company’s intellectual property, employee data, customer data, access to physical devices and more. The CIO and CSO should develop comprehensive policies for both systems. The system should be audited and optimized on a regular basis.”
Thus, an organization’s ability to effectively mitigate security risks depends largely on addressing physical and logical security together, for several reasons. These reasons, according to Jon Stanford, Global Director of Industrial IoT Solutions & Services at
Cisco Systems, include the fact that important systems and data require physical protection and that a combined cyber-physical attack can multiply the effects of exploits by bad actors.
That physical security increasingly relies on various forms of automation and communication solutions provided by IT, which is becoming a critical stakeholder, and that an effective incident response requires both logical and physical procedures to work together are some of the other reasons. Evidently, physical and logical security can both benefit from complementary skill sets and organizations can increase their efficiency with their convergence.
Beyond “guns, guards and gates”
As we conclude, we can see that in many cases, organizations still manage physical and logical security separately. As Stanford puts it, physical security predates cyber and is often thought of in terms of “guns, guards, and gates.”
However, today’s advanced threat landscape and the increasing automation in physical security systems necessitates a converged approach. Organizations should look to consolidate management of their cyber and physical security programs and their budgets, people and training. Doing so can go a long way to prevent, respond and recover from security events of all types.