Crossing the bridge between physical security and cyber security
Updated: Jan 26, 2021
It has long been discussed regarding the need to partner physical security and cyber security. I was at a recent security meeting and that question arose once again. In fact earlier this year I went to a technology conference to contact some cyber security employees. Many of which considered them an arm of information technology. But I raise the question, if people like me who's whole goal is to protect a principal or client from intentional or unintentional harm, to protect from harassment and embarrassment, to preserve the brand or reputation wouldn't it make sense that all of those things are also covered with cyber security.
In 2015 a russian cyber attack occurred on a Ukrainian power grid that ceased electricity to a quarter of a million citizens. A year later an entire transmission station was taken down. The attacks were becoming seemingly more sophisticated. The decentralized and digital nature of critical infrastructure worldwide creates vulnerabilities that can be exploited. If this can be done it makes sense that cyber security personnel, with their know how, should be a part of the physical security equation.
Take supply chains for example. A supply chain cyber attack seeks to damage an organization or company by targeting less-secure elements in the supply network. This attack has no discretion and can attack in any industry. By exploiting these vulnerabilities, adversaries could compromise the integrity, credibility, and authenticity of a company's products and services.
Adversaries use a variety of means to embed themselves into those organizations,which can include creating joint ventures, creating investments, manipulating data, gathering secret and confidential information all which can put a company's intellectual property at risk. In physical security we discuss layers to strengthen our security. Cyber security should be included as a layer of defense that can handle both cyber weaknesses and insider threats.
Adversaries are continuing to develop more effective means to conduct cyber espionage and technical operations against companies and their interests. To counter this process every security team should pursue a more cyber counterintelligence posture and integrate cyber security with physical security. Learn to leverage technological advancements, recruit cyber security experts, and develop those strategic partnerships.
As always stay safe and stay vigilant.