Future Of Security: Connect Cyber With Physical Defence

With more items gaining web connectivity as part of the Internet of Things movement, the need to protect physical devices from hackers will only increase.

Our increasingly connected world gives hackers even more ways to exploit technology for malicious purposes. We’re now entering a period when Cyber-attacks could cause major physical damage. To protect people from these combined Cyber and physical threats, information security experts and law enforcement, which traditionally handles physical security, will have to share strategies.

After all, the boundaries between cyber and physical attacks are already blurring. In March, the US Department of Justice claimed seven Iranians hacked the control systems of a small dam in New York state in 2013. The dam was offline for repair, preventing the hackers from controlling the flow of water. However, the incident demonstrated that hackers could take over infrastructure that was controlled by computers.

And, of course, there was the Stuxnet computer virus that stymied Iran’s nuclear program by targeting the centrifuges that enriched uranium. Stuxnet is considered the first program that showed how malware could cause physical damage.

With IoT, Hacks get Physical

Now with more items gaining web connectivity as part of the Internet of Things (IoT) movement, the need to protect physical devices from hackers will only increase. Information security professionals will be called upon to make sure attackers can’t tamper with the brakes on our autonomous cars or hack our smart thermostats and turn off the heat in our home during the winter.

Fortunately, the key steps companies can follow to defend physical assets, proper planning, thorough testing and extensive collaboration, can also help defend against Cyber-attacks.

Plan for what could happen

The best plans are built around scenarios that could potentially happen. Police officers use this tactic to prepare for potential security incidents. While on patrol, officers will think about how they would deal with an incident at one of the buildings on their beat. They’ll consider what could occur, such as a perpetrator escaping through the roof.

Companies need to follow this process when responding to an information security incident. Quickly remediating a threat isn’t enough. Security teams need to consider what else could have happened. Attacks often contain components that are intentionally easy to detect, leading security teams to falsely believe they have fully stopped an attack. 

In reality, elements remain that allow the attack to persist. Just detecting the smallest sign of atypical behavior can allow security analysts to discover the entire attack. For example, a computer that’s running slow could be infected with malware, which could mean a company was the target of a phishing attack and an employee clicked on a malicious link.

Proper planning also means developing an incident response plan that includes the input of key people in every department. Often times only a company’s IT and security personnel are involved with planning because they’re the ones who handle a breach. But dealing with the fallout from a security incident requires the efforts of the whole company. Hospitals, for example, may want to include their public relations staff in the plan, since the company may-be legally required to publicly disclose a data breach.

Improve your Plan with Testing

Conducting a full-scale simulation is the best way to test how your security plan would hold up in a real-world incident. Holding drills will expose any of the plan’s weaknesses, providing companies with an opportunity to improve it before a real incident occurs.

Red team-blue team exercises offer an opportunity to merge physical testing and cybersecurity testing and determine how physical systems can protect online systems and vice versa. 

In many organisations, protecting gigabit Ethernet is a priority for people handling physical security, since being online is essential for all businesses. Knock out a business’ web connection and that takes down its email, IP phones and employee access to servers. From an IoT perspective, conducting penetration testing on a product will expose vulnerabilities, allowing a company to fix them before the item goes on sale.

And don’t forget to allow employees to weigh in on the security plan. Often workers have the best advice on what additional details would improve it.

Stronger Together

When either a physical or cyber-security incident occurs, a company will undoubtedly need help from people outside the organisation to resolve the situation.

For example, the chief security officer of a large company may want to reach out to the local fire and police departments and discuss how first responders would handle a situation at the organisation. On the cybersecurity side, companies may need to have an incident response firm on standby to remediate a threat if they suffer a data breach. Or law and public relations firms may be needed to handle the fallout from an attack.

Too often, though, businesses are reluctant to collaborate with third parties, fearing that corporate secrets will accidentally get exposed. In reality, these people are essential to helping your business return to normal as quickly as possible after an incident. 

Companies need to develop relationships with these entities long before an emergency. Waiting until a situation arises to collaborate with outside organizations is too late. Companies will be far too busy handling the incident to explain how your business works and form a substantial relationship.

Organisations can no longer afford to handle physical security and cybersecurity separately. Attackers aren’t distinguishing between the two, and companies can’t either if they hope to stay protected.

NetworkWorld
 

 

« 2016 Trends in Cyber Crime
Decrypting the Dark Web »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ProPay

ProPay

ProPay provides secure payment solutions for organizations ranging from small businesses to large enterprises requiring complex payment solutions.

Nexthink

Nexthink

Using our solution, hundreds of IT departments effectively balance offering a productive and enjoyable end-user experience with making the right decisions to secure and transform the digital workplace

Identifi Global Recruitment

Identifi Global Recruitment

Identifi Global is one of the UK's leading Cyber Security & IT Recruitment specialists.

C11 Cyber Security & Digital Innovation Centre

C11 Cyber Security & Digital Innovation Centre

C11 is working with local and national partners to develop talent and bring brilliant minds and brilliant businesses together.

Cyber Command - Estonian Defence Forces

Cyber Command - Estonian Defence Forces

The main mission of the Cyber Command is to carry out operations in cyberspace in order to provide command support for Ministry of Defence’s area of responsibility.

GCHQ Apprenticeships

GCHQ Apprenticeships

GCHQ, the UK intelligence and security organisation, offers a unique three-year Cyber Security Degree Apprenticeship with employment on successful completion.

Sevatec

Sevatec

Sevatec’s Active Cyber Defense (ACD) methodology proactively defends against adversarial kills chain, addressing active and emerging threats while reducing program vulnerabilities and risks.

Kocho

Kocho

Kocho (formerly TiG) is a provider of identity and access, cyber security, cloud transformation, and managed IT services.

Wickr

Wickr

Wickr's mission is to secure the world's most critical communications. Wickr provides the highest standard of encryption trusted by millions worldwide.

Talion

Talion

Talion aim to reduce the complexity involved in securing your organisation and to give security teams unrivalled visibility into their security operations, so they can make optimal decisions, fast.

Analygence

Analygence

ANALYGENCE is your trusted partner for mission support, cyber solutions, and management services.

Certo Software

Certo Software

Certo are trusted experts in mobile security. At Certo, mobile security is not an afterthought, it’s what we do.

Aembit

Aembit

Aembit is the Identity Platform that lets DevOps and Security manage, enforce, and audit access between federated workloads

Entro Security

Entro Security

Entro is the first holistic secrets security platform that detects, safeguards, and enriches with context your secrets across code, vaults, chats, and platforms.

OryxLabs

OryxLabs

OryxLabs provide advanced enterprise digital risk protection solutions. Learn more about how 24x7 continuous assessment, monitoring, and improvement can secure your network.

JustunSecure

JustunSecure

JustunSecure is dedicated to promoting information technology and cybersecurity in Africa.