Future Of Security: Connect Cyber With Physical Defence

Uploaded on 2016-10-31 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

With more items gaining web connectivity as part of the Internet of Things movement, the need to protect physical devices from hackers will only increase.

Our increasingly connected world gives hackers even more ways to exploit technology for malicious purposes. We’re now entering a period when Cyber-attacks could cause major physical damage. To protect people from these combined Cyber and physical threats, information security experts and law enforcement, which traditionally handles physical security, will have to share strategies.

After all, the boundaries between cyber and physical attacks are already blurring. In March, the US Department of Justice claimed seven Iranians hacked the control systems of a small dam in New York state in 2013. The dam was offline for repair, preventing the hackers from controlling the flow of water. However, the incident demonstrated that hackers could take over infrastructure that was controlled by computers.

And, of course, there was the Stuxnet computer virus that stymied Iran’s nuclear program by targeting the centrifuges that enriched uranium. Stuxnet is considered the first program that showed how malware could cause physical damage.

With IoT, Hacks get Physical

Now with more items gaining web connectivity as part of the Internet of Things (IoT) movement, the need to protect physical devices from hackers will only increase. Information security professionals will be called upon to make sure attackers can’t tamper with the brakes on our autonomous cars or hack our smart thermostats and turn off the heat in our home during the winter.

Fortunately, the key steps companies can follow to defend physical assets, proper planning, thorough testing and extensive collaboration, can also help defend against Cyber-attacks.

Plan for what could happen

The best plans are built around scenarios that could potentially happen. Police officers use this tactic to prepare for potential security incidents. While on patrol, officers will think about how they would deal with an incident at one of the buildings on their beat. They’ll consider what could occur, such as a perpetrator escaping through the roof.

Companies need to follow this process when responding to an information security incident. Quickly remediating a threat isn’t enough. Security teams need to consider what else could have happened. Attacks often contain components that are intentionally easy to detect, leading security teams to falsely believe they have fully stopped an attack. 

In reality, elements remain that allow the attack to persist. Just detecting the smallest sign of atypical behavior can allow security analysts to discover the entire attack. For example, a computer that’s running slow could be infected with malware, which could mean a company was the target of a phishing attack and an employee clicked on a malicious link.

Proper planning also means developing an incident response plan that includes the input of key people in every department. Often times only a company’s IT and security personnel are involved with planning because they’re the ones who handle a breach. But dealing with the fallout from a security incident requires the efforts of the whole company. Hospitals, for example, may want to include their public relations staff in the plan, since the company may-be legally required to publicly disclose a data breach.

Improve your Plan with Testing

Conducting a full-scale simulation is the best way to test how your security plan would hold up in a real-world incident. Holding drills will expose any of the plan’s weaknesses, providing companies with an opportunity to improve it before a real incident occurs.

Red team-blue team exercises offer an opportunity to merge physical testing and cybersecurity testing and determine how physical systems can protect online systems and vice versa. 

In many organisations, protecting gigabit Ethernet is a priority for people handling physical security, since being online is essential for all businesses. Knock out a business’ web connection and that takes down its email, IP phones and employee access to servers. From an IoT perspective, conducting penetration testing on a product will expose vulnerabilities, allowing a company to fix them before the item goes on sale.

And don’t forget to allow employees to weigh in on the security plan. Often workers have the best advice on what additional details would improve it.

Stronger Together

When either a physical or cyber-security incident occurs, a company will undoubtedly need help from people outside the organisation to resolve the situation.

For example, the chief security officer of a large company may want to reach out to the local fire and police departments and discuss how first responders would handle a situation at the organisation. On the cybersecurity side, companies may need to have an incident response firm on standby to remediate a threat if they suffer a data breach. Or law and public relations firms may be needed to handle the fallout from an attack.

Too often, though, businesses are reluctant to collaborate with third parties, fearing that corporate secrets will accidentally get exposed. In reality, these people are essential to helping your business return to normal as quickly as possible after an incident. 

Companies need to develop relationships with these entities long before an emergency. Waiting until a situation arises to collaborate with outside organizations is too late. Companies will be far too busy handling the incident to explain how your business works and form a substantial relationship.

Organisations can no longer afford to handle physical security and cybersecurity separately. Attackers aren’t distinguishing between the two, and companies can’t either if they hope to stay protected.

NetworkWorld
 

 

« 2016 Trends in Cyber Crime
Decrypting the Dark Web »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

TrustedIA

TrustedIA

TrustedIA is a cyber and protective security company. Our mission is to help businesses protect themselves from disruptive events that can impact their successful operation.

Secure Thingz

Secure Thingz

Secure Thingz focus on developing and delivering advanced security solutions into the emerging Industrial Internet of Things (IIoT) and Critical Infrastructure markets.

Parsons

Parsons

Parsons has developed a converged security offering that combines cybersecurity, integrated network solutions, and critical infrastructure protection.

Custodio Technologies

Custodio Technologies

Custodio Technologies was established as a Singaporean R&D Centre of Israel Aerospace Industries (IAI) in order to spearhead R&D activities in the field of cyber early warning.

National Center for Manufacturing Sciences (NCMS) - USA

National Center for Manufacturing Sciences (NCMS) - USA

NCMS is a cross-industry technology development consortium, dedicated to improving the competitiveness of the US industrial base. Strategic initiatives include industrial cyber security.

Dubai Electronic Security Center (DESC)

Dubai Electronic Security Center (DESC)

Dubai Electronic Security Center (DESC) was founded to develop and implement information security practices in Dubai.

ST Engineering

ST Engineering

ST Engineering is a leading provider of trusted and innovative cybersecurity solutions.

Space ISAC

Space ISAC

Space ISAC is the only all-threats security information source for the public and private space sector.

CyberNet Albania

CyberNet Albania

Cybernet Albania has been providing IT support and services to small businesses since 2016. We strive to eliminate your IT issues before they cause downtime and impact your operations.

Cyrebro

Cyrebro

CYREBRO is your online cybersecurity central command managed SOC that integrates all your security events with strategic monitoring, proactive threat intelligence, and rapid incident response.

Truesec

Truesec

TRUESEC has an exceptional mix of IT specialists. We are true experts in cyber security, advanced IT infrastructure and secure development.

NANDoff Data Recovery

NANDoff Data Recovery

NANDoff is a flat rate data recovery service. We serve the electronics industry around the globe 24/7.

Luta Security

Luta Security

Luta Security implements a holistic approach to advance the security maturity of governments and organizations around the world.

Security Compliance Associates (SCA)

Security Compliance Associates (SCA)

The sole focus of SCA is safeguarding critical information and complying with information security regulations.

Dryad Global

Dryad Global

Dryad Global offers a comprehensive suite of maritime intelligence solutions, including a best-in-class situational awareness, planning and security system and industry-leading cyber protection tools.

BestDefense

BestDefense

BestDefense offers proactive cybersecurity solutions that adapt in real-time to outpace evolving threats and ensure resilient protection for your critical assets.