Security Convergence — How and Why it Works

The interconnected threat

Physical security prevents unauthorised access to a commercial property. However, physical security systems rely on digital networks to keep them operational. A hacker can disable these networks without anyone being aware that security has been breached.

If physical access control is inadequate, criminals will have free access to install hidden devices such as hardware or network interceptors. These devices can intercept sensitive data, eavesdrop on communications or record keystrokes.

Once inside, a cybercriminal needs nothing more than a USB stick to infect an entire network with a virus. Or, by accessing an automated air conditioning system and increasing the heat, they can render servers inoperable.

Cybercriminals often target devices, security systems and networked technology in preparation for a physical attack. If they’re on an unsecured network, CCTV cameras are vulnerable to hackers, allowing criminals access to live surveillance feeds. Moreover, by infiltrating telecommunications systems, they can interrupt communication with the emergency services during the break in.

The interconnected solution

As the lines between physical and digital threats become increasingly blurred, it’s essential to bring physical and cybersecurity into the same space. They need to work together.

Through security convergence, cybersecurity is used to strengthen physical security measures, while physical security protects digital assets. Each complements the other as an interconnected solution.

So, where do you start?

Merge IT and security personnel

Nowadays, the IT team is part of your security personnel. As a first step, consider aligning the leadership within your IT and physical security teams, allowing close collaboration in order to create a combined security strategy.

They can exchange ideas and knowledge, identify gaps and close any open doors to cybercriminals and hackers.

Carry out a combined audit

The aim of a combined audit is to prevent physical security vulnerabilities from endangering digital assets, and vice versa. Every business will have its own requirements, but here are some examples of what to include in the audit:

• Access control. Where is valuable or sensitive data stored, and how is access to this data controlled? If any areas are an easy target for criminals, strengthen access control measures. In addition, consider installing surveillance cameras or employing security officers to watch over these areas.
• Smart security devices such as CCTV, intruder alarms and door locks are interconnected via the internet. Are they operating on a secure network protected by a firewall or encryption? Are passwords strong enough, and are they updated regularly?
• Hardware security. When computers, laptops and servers are inadequately protected, it’s easy for criminals to steal data or introduce malware. Are all network-connected devices locked down with strong passwords? Are they monitored with network sensors? For individual computers and laptops, consider computer locking cables.
• Outdated software presents a prime target for hackers. Software vendors regularly release updates to patch security flaws. Are all updates being installed?
• Sensitive information. How do you dispose of confidential physical documents? And, is electronically stored sensitive information sanitised before disposal?
• Hybrid working. When staff are spread over multiple locations, who has access to what? Do your employees bring their own devices to work? When information is stored on personal devices, it’s easier for criminals to infiltrate your organisation’s infrastructure.

Train staff

Research has consistently shown that despite advances in cybersecurity, one weakness persists — human error. Therefore, regular cybersecurity awareness training for staff is essential.

People are a company’s biggest asset, but most of them aren’t cybersecurity experts. According to a recent report, 68% of successful cyberattacks involve some kind of human element — from clicking a phishing link to reusing the same, easily guessable password across multiple accounts.

When they’re armed with up-to-date knowledge of how cybercriminals operate, staff are less likely to make innocent mistakes. It also helps employees become more proactive in reducing their exposure to hackers and data thieves.

Response

Despite your best efforts, it’s virtually impossible to avoid all cybersecurity incidents or physical breaches. A detailed response plan helps you address them quickly and effectively, with minimum disruption. The plan should include:

• Detailed response protocols for containing the breach, removing the threat and preventing further spread
• Communication guidelines and reporting procedures
• A map of stakeholders and their individual responsibilities

Recovery

You will also need a disaster recovery plan. It’s a roadmap for minimising damage, restoring systems and resuming day-to-day operations as quickly as possible. Your DRP should include:

• Critical application identification. Prioritise assets which are crucial for business continuity.
• Data backup and recovery. All data should be backed up regularly, with an isolated clean backup copy as the last known good source.
• Scan restored applications for viruses or malware before putting them back into use.
• Communication plan for internal and external stakeholders.
• Incident report with the attack details, its response and the lessons learned.
• Regulatory compliance. It’s important to adhere to the relevant data breach reporting regulations.

Conclusion

As technology evolves, so does crime. Once one threat is eliminated, criminals come up with another to take its place.

It’s crucial to address these threats with a combination of robust physical security and cybersecurity best practices. It’s the seamless integration of both which keeps the business operational.