Future Of Security: Connect Cyber With Physical Defence

With more items gaining web connectivity as part of the Internet of Things movement, the need to protect physical devices from hackers will only increase.

Our increasingly connected world gives hackers even more ways to exploit technology for malicious purposes. We’re now entering a period when Cyber-attacks could cause major physical damage. To protect people from these combined Cyber and physical threats, information security experts and law enforcement, which traditionally handles physical security, will have to share strategies.

After all, the boundaries between cyber and physical attacks are already blurring. In March, the US Department of Justice claimed seven Iranians hacked the control systems of a small dam in New York state in 2013. The dam was offline for repair, preventing the hackers from controlling the flow of water. However, the incident demonstrated that hackers could take over infrastructure that was controlled by computers.

And, of course, there was the Stuxnet computer virus that stymied Iran’s nuclear program by targeting the centrifuges that enriched uranium. Stuxnet is considered the first program that showed how malware could cause physical damage.

With IoT, Hacks get Physical

Now with more items gaining web connectivity as part of the Internet of Things (IoT) movement, the need to protect physical devices from hackers will only increase. Information security professionals will be called upon to make sure attackers can’t tamper with the brakes on our autonomous cars or hack our smart thermostats and turn off the heat in our home during the winter.

Fortunately, the key steps companies can follow to defend physical assets, proper planning, thorough testing and extensive collaboration, can also help defend against Cyber-attacks.

Plan for what could happen

The best plans are built around scenarios that could potentially happen. Police officers use this tactic to prepare for potential security incidents. While on patrol, officers will think about how they would deal with an incident at one of the buildings on their beat. They’ll consider what could occur, such as a perpetrator escaping through the roof.

Companies need to follow this process when responding to an information security incident. Quickly remediating a threat isn’t enough. Security teams need to consider what else could have happened. Attacks often contain components that are intentionally easy to detect, leading security teams to falsely believe they have fully stopped an attack. 

In reality, elements remain that allow the attack to persist. Just detecting the smallest sign of atypical behavior can allow security analysts to discover the entire attack. For example, a computer that’s running slow could be infected with malware, which could mean a company was the target of a phishing attack and an employee clicked on a malicious link.

Proper planning also means developing an incident response plan that includes the input of key people in every department. Often times only a company’s IT and security personnel are involved with planning because they’re the ones who handle a breach. But dealing with the fallout from a security incident requires the efforts of the whole company. Hospitals, for example, may want to include their public relations staff in the plan, since the company may-be legally required to publicly disclose a data breach.

Improve your Plan with Testing

Conducting a full-scale simulation is the best way to test how your security plan would hold up in a real-world incident. Holding drills will expose any of the plan’s weaknesses, providing companies with an opportunity to improve it before a real incident occurs.

Red team-blue team exercises offer an opportunity to merge physical testing and cybersecurity testing and determine how physical systems can protect online systems and vice versa. 

In many organisations, protecting gigabit Ethernet is a priority for people handling physical security, since being online is essential for all businesses. Knock out a business’ web connection and that takes down its email, IP phones and employee access to servers. From an IoT perspective, conducting penetration testing on a product will expose vulnerabilities, allowing a company to fix them before the item goes on sale.

And don’t forget to allow employees to weigh in on the security plan. Often workers have the best advice on what additional details would improve it.

Stronger Together

When either a physical or cyber-security incident occurs, a company will undoubtedly need help from people outside the organisation to resolve the situation.

For example, the chief security officer of a large company may want to reach out to the local fire and police departments and discuss how first responders would handle a situation at the organisation. On the cybersecurity side, companies may need to have an incident response firm on standby to remediate a threat if they suffer a data breach. Or law and public relations firms may be needed to handle the fallout from an attack.

Too often, though, businesses are reluctant to collaborate with third parties, fearing that corporate secrets will accidentally get exposed. In reality, these people are essential to helping your business return to normal as quickly as possible after an incident. 

Companies need to develop relationships with these entities long before an emergency. Waiting until a situation arises to collaborate with outside organizations is too late. Companies will be far too busy handling the incident to explain how your business works and form a substantial relationship.

Organisations can no longer afford to handle physical security and cybersecurity separately. Attackers aren’t distinguishing between the two, and companies can’t either if they hope to stay protected.

NetworkWorld
 

 

« 2016 Trends in Cyber Crime
Decrypting the Dark Web »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Montash

Montash

Montash is an award winning, global technology recruitment business, specialising in the acquisitions of high-performing talent across a number of core disciplines including Information Security.

Tripwire

Tripwire

Tripwire are a leading provider of risk-based security, compliance and vulnerability management solutions.

Red Hat

Red Hat

Red Hat is a leader in open source software development. Our software security team proactively identifies weaknesses before they become problems.

CERT-AM

CERT-AM

CERT-AM is the national Computer Emergency Response Team for Armenia.

London Office for Rapid Cybersecurity Advancement (LORCA)

London Office for Rapid Cybersecurity Advancement (LORCA)

LORCA's mission is to support the most promising cyber security innovators in growing solutions to meet the most pressing industry challenges and build the UK’s international cyber security profile.

Calero Software

Calero Software

Calero is a leading global provider of Communications and Cloud Lifecycle Management (CLM) solutions designed to simplify the management of voice, mobile and other unified communications services.

GuardRails

GuardRails

GuardRails provides continuous security feedback that empowers developers to find, fix, and prevent vulnerabilities.

Northcross Group (NCG)

Northcross Group (NCG)

NCG provides services to help organizations meet the challenges of regulatory compliance. Our services include support, consultation, tools and accelerators for all parts of an organization.

Spin Technology

Spin Technology

SpinOne is a SaaS data protection platform designed to monitor, secure, and back up your G Suite and O365 data, improve compliance, and reduce IT costs.

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

MTS-ISAC promotes and facilitates maritime cybersecurity information sharing, awareness, training, and collaboration efforts between private and public sector stakeholders.

Dasera

Dasera

Dasera’s Radar and Interceptor products deliver visibility, governance, and protection solutions for data-agile companies.

Digital Element

Digital Element

Digital Element is a global IP geolocation and intelligence leader with unrivaled expertise in leveraging IP address insights to deliver new value to companies.

WiebeTech

WiebeTech

WiebeTech’s line of digital forensics tools provide innovative and rugged devices for efficient disk imaging and evidence capture.

Cloudflare

Cloudflare

Cloudflare is a global network designed to make everything you connect to the Internet secure, private, fast, and reliable.

Core4ce

Core4ce

Core4ce is a mission-oriented company that serves as a trusted partner to the national security community.

Modern Networks

Modern Networks

Modern Networks is a leading provider of IT managed services to the UK’s commercial property sector and medium sized enterprises.