Future Of Security: Connect Cyber With Physical Defence

Uploaded on 2016-10-31 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

With more items gaining web connectivity as part of the Internet of Things movement, the need to protect physical devices from hackers will only increase.

Our increasingly connected world gives hackers even more ways to exploit technology for malicious purposes. We’re now entering a period when Cyber-attacks could cause major physical damage. To protect people from these combined Cyber and physical threats, information security experts and law enforcement, which traditionally handles physical security, will have to share strategies.

After all, the boundaries between cyber and physical attacks are already blurring. In March, the US Department of Justice claimed seven Iranians hacked the control systems of a small dam in New York state in 2013. The dam was offline for repair, preventing the hackers from controlling the flow of water. However, the incident demonstrated that hackers could take over infrastructure that was controlled by computers.

And, of course, there was the Stuxnet computer virus that stymied Iran’s nuclear program by targeting the centrifuges that enriched uranium. Stuxnet is considered the first program that showed how malware could cause physical damage.

With IoT, Hacks get Physical

Now with more items gaining web connectivity as part of the Internet of Things (IoT) movement, the need to protect physical devices from hackers will only increase. Information security professionals will be called upon to make sure attackers can’t tamper with the brakes on our autonomous cars or hack our smart thermostats and turn off the heat in our home during the winter.

Fortunately, the key steps companies can follow to defend physical assets, proper planning, thorough testing and extensive collaboration, can also help defend against Cyber-attacks.

Plan for what could happen

The best plans are built around scenarios that could potentially happen. Police officers use this tactic to prepare for potential security incidents. While on patrol, officers will think about how they would deal with an incident at one of the buildings on their beat. They’ll consider what could occur, such as a perpetrator escaping through the roof.

Companies need to follow this process when responding to an information security incident. Quickly remediating a threat isn’t enough. Security teams need to consider what else could have happened. Attacks often contain components that are intentionally easy to detect, leading security teams to falsely believe they have fully stopped an attack. 

In reality, elements remain that allow the attack to persist. Just detecting the smallest sign of atypical behavior can allow security analysts to discover the entire attack. For example, a computer that’s running slow could be infected with malware, which could mean a company was the target of a phishing attack and an employee clicked on a malicious link.

Proper planning also means developing an incident response plan that includes the input of key people in every department. Often times only a company’s IT and security personnel are involved with planning because they’re the ones who handle a breach. But dealing with the fallout from a security incident requires the efforts of the whole company. Hospitals, for example, may want to include their public relations staff in the plan, since the company may-be legally required to publicly disclose a data breach.

Improve your Plan with Testing

Conducting a full-scale simulation is the best way to test how your security plan would hold up in a real-world incident. Holding drills will expose any of the plan’s weaknesses, providing companies with an opportunity to improve it before a real incident occurs.

Red team-blue team exercises offer an opportunity to merge physical testing and cybersecurity testing and determine how physical systems can protect online systems and vice versa. 

In many organisations, protecting gigabit Ethernet is a priority for people handling physical security, since being online is essential for all businesses. Knock out a business’ web connection and that takes down its email, IP phones and employee access to servers. From an IoT perspective, conducting penetration testing on a product will expose vulnerabilities, allowing a company to fix them before the item goes on sale.

And don’t forget to allow employees to weigh in on the security plan. Often workers have the best advice on what additional details would improve it.

Stronger Together

When either a physical or cyber-security incident occurs, a company will undoubtedly need help from people outside the organisation to resolve the situation.

For example, the chief security officer of a large company may want to reach out to the local fire and police departments and discuss how first responders would handle a situation at the organisation. On the cybersecurity side, companies may need to have an incident response firm on standby to remediate a threat if they suffer a data breach. Or law and public relations firms may be needed to handle the fallout from an attack.

Too often, though, businesses are reluctant to collaborate with third parties, fearing that corporate secrets will accidentally get exposed. In reality, these people are essential to helping your business return to normal as quickly as possible after an incident. 

Companies need to develop relationships with these entities long before an emergency. Waiting until a situation arises to collaborate with outside organizations is too late. Companies will be far too busy handling the incident to explain how your business works and form a substantial relationship.

Organisations can no longer afford to handle physical security and cybersecurity separately. Attackers aren’t distinguishing between the two, and companies can’t either if they hope to stay protected.

NetworkWorld
 

 

« 2016 Trends in Cyber Crime
Decrypting the Dark Web »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Caliber Security Partners

Caliber Security Partners

Caliber Security Partners is a full-service information security company, with a wide range of security services for clients with varying levels of security maturity.

Virtual Security

Virtual Security

Virtual Security provides solutions in the field of managed security services, network security, secure remote work, responsible internet, application security, encryption, BYOD and compliance.

Protiviti

Protiviti

Protiviti consulting solutions span critical business problems in technology, business process, analytics, risk, compliance, transactions and internal audit.

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) is the Directorate of MCIT responsible for the security of critical information infrastructures in Afghanistan.

Pentest People

Pentest People

Pentest People are a UK-based security consultancy focussing on bringing the benefits of Pentesting as a Service (PTaaS) to all its clients.

Fly Ventures

Fly Ventures

Fly Ventures is a seed-stage venture capital fund for outstanding teams building Enterprise and Deep Tech startups in Europe.

CYSEC SA

CYSEC SA

Cysec is equipped to deliver agile security solutions for the most challenging IT infrastructures around the world.

Privakey

Privakey

Transaction Intent Verification. Privakey delivers a secure channel to streamline high risk transactions, enabling digital trust between services and their users.

HMS Networks

HMS Networks

HMS stands for Hardware meets Software. Our technology enables industrial hardware to communicate and share information with software and systems.

Cyber Lockout

Cyber Lockout

Comprehensive ransomware insurance and preventative cybersecurity technology solution, working together to help protect businesses 24/7/365.

Binare

Binare

Binare empowers companies all over the world to improve their IIot/IoT /Embedded cybersecurity posture and digital privacy.

Chugach Government Solutions (CGS)

Chugach Government Solutions (CGS)

CGS performs work for the Federal Government across 4 unique core lines of business, including: Facilities Management and Maintenance, Construction, Technical IT and Cyber Services, and Educational Se

The Cyber Scheme

The Cyber Scheme

The Cyber Scheme provides NCSC certified and assured assessments, training and career support for security testers & technical cyber professionals.

Blue Cloud Softech Solutions

Blue Cloud Softech Solutions

Blue Cloud Softech propels inspiring digital transformations. We provide AI products, cybersecurity, healthcare technology, and cloud solutions.

Aurascape AI

Aurascape AI

Aurascape is working on advanced cybersecurity solutions powered by grounds-up generative AI architecture.

8kSec

8kSec

8kSec is a cybersecurity company specializing in training, consulting, and research.