Sponsored

August 14, 2017

Sign up to free email newsletters

Download

Cybersecurity and physical security systems: how to implement best practices

DOwnload

Converged security management: The key to mitigating cybersecurity risks

Exploiting internet of things (IoT) technology without creating cybersecurity vulnerabilities is one of the defining challenges in today’s security landscape.

Axis communications has commissioned a white paper on the subject. Written by James Willison, Founder of Unified Security Ltd and Vice Chair of the ASIS European Convergence/ESRM Committee, and Sarb Sembhi, CTO and CISO at Virtually Informed, Converged Security Management: A single view on security risks examines the rise of the IoT, why third parties should adhere to ‘secure by design’ principles and why the necessary convergence of IT and security departments demands a holistic approach. 

The IoT revolution has come about thanks to falling component prices, global mobile device adoption, improvements in telecoms infrastructure and the rise of application programming interfaces (APIs).

Unsecured and therefore vulnerable devices are now easily searchable through online vulnerability search engine Shodan, among many other means. A series of cyber-attacks targeting such devices as conduits to wider corporate networks has exposed the complacency of some manufacturers over cybersecurity.

The consequences of successful breaches – the loss of sensitive data and potentially multi-million pound fines levied for breaches of the forthcoming Global Data Protection Regulation (GDPR) – mean the issue is finally getting the attention it warrants.

The arguably lower standards of security for consumer devices is a problem, as is the use of third-party suppliers who may not take security as seriously as they should.

According to the Department of Homeland Security, “this inter-connectedness of devices introduces cyber-physical technologies that connect cyber systems to physical systems, thereby removing the barrier between the cyber and physical worlds […] but the greater connectivity also expands the potential attack surface for malicious actors.”

Author bios

James Willison BA MA MSyI

James is founder of Unified Security Ltd and vice chair of the ASIS European Convergence/ESRM committee. James was awarded the Imbert Prize for an ‘outstanding contribution to the Security Industry in 2011’ for his work on convergence with ASIS Europe and the Information Security Awareness Forum. He has worked with BP, Loughborough University, Mitie TSM, the EU and AXIS Communications on convergence. He is an ISACA Academic Advocate and a member of the draft ASIS/ISACA/ISC(2) Security Awareness Standard’ Working Group.  Unified Security Ltd provide consultancy to organisations on how to align their physical and information security functions. This encompasses security policy, common reporting processes, converged security risk assessment, training courses and white papers.

Sarb Sembhi CISM

Sarb is CTO and CISO at Virtually Informed, and has previously been a CTO and CISO for the Noord Group. A former consultant in risk and security, Sarb has also worked with the London Chamber of Commerce and Industry Defence and Security Committee and its cybersecurity working group. Other roles have included president of the ISACA London Chapter, chair of ISACA International GRA Region 3 Sub-Committee, chair of ISACA International GRA Committee, ISSA UK Advisory Group member and InfoSecurity Magazine Editorial Group member. Sarb has also served on several security standards groups and speaks at risk and security events around the world. Sarb was shortlisted in IFSEC Global’s Top 50 influencers in security & fire 2017: Cybersecurity.

l

Join IFSEC 2018 for the cyber security "must know information"

As physical security systems and building management tools become increasingly connected and IoT enabled, the risk of cyber-attacks only increases, and traditional security professionals need to turn to cyber solutions in order to effectively secure their physical assets.

Hear from cyber experts, as well as the traditional security professionals who have innovated with IT protection.

19-21 June 2018, ExCeL, London. Register for free.

Related Topics

Leave a Reply

Be the First to Comment!

avatar
  Subscribe  
Notify of