By David Weingot, Founder and CEO of DMAC Security
Our modern world is full of various types of physical and cyber-related threats. The war in Ukraine is ramping up Russian attacks on American targets, and the talk of a cyberattack is not out of the realm of possibility. It is essential for businesses to be prepared for any kind of attack, and that includes a combination of both physical and cybersecurity. As the Cybersecurity and Infrastructure Security Agency states “A successful cyber or physical attack on industrial control systems and networks can disrupt operations or even deny critical services to society.”
Together, cyber and physical assets represent a significant amount of risk to physical security and cybersecurity – each can be targeted, separately or simultaneously, to result in compromised systems and/or infrastructure.”
What is Physical Security?
Physical security refers to personnel who are assigned to keep people, property, and other physical resources safe from danger. Often these professionals are called security guards, officers, or security specialists.
Many organizations use physical security to keep customers, employees, vendors, and guests safe. Examples include schools, hospitals, banks, retail stores, corporations, government facilities, etc. Physical security covers a lot of different responsibilities, such as patrolling grounds, monitoring inbound and outgoing traffic, surveillance, locking and unlocking buildings, securing off-limits areas, responding to alarms, dealing with emergencies, first aid, and much more.
Why is Physical Security Essential in a Cyber Attack?
These days physical and cybersecurity go hand-in-hand. Devices, systems, and networked equipment are often targeted to prepare for a more significant cyber-attack. For example, in 2021, 150,000 security cameras were hijacked, allowing criminals to access surveillance feeds from hospitals, jails, police stations, and even schools.
Companies are using more technology than ever before, and a lot of it is vulnerable to hacking. Cybercriminals often use botnets to take over thousands of IoT devices and then use them for attacks. Companies may not even be aware that their devices have been compromised.
It’s essential for physical security personnel to work closely with IT departments to ensure the safety of physical devices and maintain strict access to them to prevent cyber-attacks. Another big area for concern is BYOD (bring your own device). Physical security can use sensors to monitor for and prevent malicious devices from entering the building (e.g., removable devices like USB drives, cell phones with malware, etc.).
Hundreds of data breaches have put companies, vendors, employees, and customers at risk. Security personnel should be stationed wherever data is stored and protect servers, computers, mobile devices, and other networked technology to prevent any unauthorized access. A data breach can devastate a company bankrupting its resources.
Many newer corporate structures use automation to control heat and ventilation. Abusers may gain access and alter the environment to overheat or destroy specific technology. Other targeted areas may include communications, hardware or software vulnerabilities, and weak password management.
Along with the physical aspect of security, IT departments should also enhance cybersecurity measures and network monitoring to cover all angles that a cyber-terrorist might use to gain access.
The Bottom Line
Technology continues to evolve at a rapid pace. Cybercriminals are innovating new attack methods all the time. It’s critical for any business, especially supply chain companies, to keep up with the threats by using both cybersecurity best practices with ample physical security to prevent access that could cause further damage and keep everyone calm and organized in the event of an attack.
David Weingot is the founder and CEO of DMAC Security, an established full-service armed and unarmed security firm built upon over 30 years of law enforcement experience and management.
Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.