James Willison

Vice Chair, ASIS European Security Convergence/ESRM subcommittee, Unified Security Ltd

Author Bio ▼

James Willison BA MA MSyI is Founder of Unified Security Ltd and Vice-chair of the ASIS European Convergence/ESRM committee. James was awarded the Imbert Prize for an ‘outstanding contribution to the Security Industry in 2011’ for his work on convergence with ASIS Europe and the Information Security Awareness Forum. He has more than 20 years of management experience in the physical and information security industry, including posts as Advisor on Convergence to: AXIS Communications, the Mitie TSM Board and Perpetuity Research; Senior lecturer in Security Management at Loughborough University, Advisor to IFSEC 2018 Converged Security Centre and Digital Security Expert with the European Union. He is an ISACA Academic Advocate and member of the Security Institute. James is a member of the working stream in the ASIS International Board ESRM initiative, on the working group for the draft ASIS/ISC(2)/ISACA Security Awareness Standard and Vice-chair Smart Buildings working group, Internet of Things Security Foundation.
June 8, 2018

Sign up to free email newsletters

Download

IFSEC International 2019: Download the show preview

Our CCTV, access control and physical security systems are under attack – what can we do?

At IFSEC 2018, the first converged security operations centre for a security event is being built to bring together security professionals from the cyber and physical arenas to witness, ‘in real time’, what the latest technology can do and discuss how to manage cyber and physical attacks.

Why now and what is the point? As those who have followed the course of security management since the early years of this decade will know well, cyber security has gradually become of key importance to ensuring an organisation is resilient.

Many security professionals have urged greater collaboration between physical and digital security teams and a few organisations have successfully formed cross functional teams. Some of these have built converged security centres to manage their security incidents more effectively.

But for most this is not the case even if it is thought that multi-disciplinary teaming is the best way to ensure a holistic risk approach such as Enterprise Security Risk Management and maintain the cybersecurity of physical security systems.

It works equally well on the other side as there are many ways physical security is vital for a robust cybersecurity programme. Although this all makes sense it is still probably just 27% of large companies that have a single function.

But why should the security industry change the status quo? Some will argue it is better to carry on building separate Security Operations Centres as they have been. There are others who have already started on the journey and Barclays is a notable example.

A key driver for this has been the digitalisation of organisations brought about by the 4th Industrial revolution with the increase in volumes of data that need to be protected. This, combined with the exponential growth in internet of things devices has significantly impacted the physical security industry.

Hence we see a great interest in cybersecurity, the GDPR and privacy from colleagues who until recently preferred to focus on physical security. It is important to work closely with all those involved in securing people and their data and it is virtually impossible to separate them now, as our smart phones prove!

The converged security centre can also be likened to a concert hall with a symphony orchestra composed of many different instruments and voices

So, one approach is to discuss together how to secure our technologies with experts. This makes sense! It works in other areas of life very well.

In an operating theatre there are teams of surgeons who specialise in different areas of medicine and who work closely with other doctors, anaesthetists, nurses and support staff to perform a successful operation.

But they can’t do this without each other or be expected to. The converged security centre can also be likened to a concert hall with a symphony orchestra composed of many different instruments and voices, but all brought together in harmony to produce inspirational music.

There is normally a conductor often with soloists who specialise in an instrument or voice but on their own they cannot produce anything like the beauty achieved by the whole. Similarly, teams of diverse security professionals with different specialisms now need to help one another to understand the range of risks to cyber and physical devices and systems.

Cost savings

In one centre it is obvious that this can happen faster. The cost savings of one instead of two locations are many and clear, including the benefits of sharing systems, technologies and equipment, less space, lower rates and so on.

At IFSEC 2018, Vidsys, Unified Security and our partners are building such a centre which will look at how technologies can be used now to prevent, identify and respond to cyber attacks on CCTV and other physical security systems.

It has become widely known that CCTV cameras and systems often have many vulnerabilities and are not easily patched. In this way they can be the weakest link in a network and so it is important to protect them from external attacks in cyber space.

Cybersecurity technologies can be used to connect cameras to intrusion prevention, identification, SIEM and other real time response systems and in this way the whole corporate network is given a higher level of resilience than the normal level which does not have this functionality.

Typically, a separate security centre manages incidents for physical security which will not prevent, identify or respond to such attacks. And since the cameras are not normally connected to cybersecurity protection systems the attack is not mitigated by the Digital Security Centre either. It is these kinds of issues which must be resolved.

Converged Security Information Management (CSIM) Operationalises Security:  CIO’s face complex “operational trade-off’s” – and the solution is to converge disparate technologies. It offers these benefits:

  • Operationalise security
  • Enhance security – aligning risk / cost, single dashboard, quicker response
  • Increase agility – convergence that facilitates organisational collaboration

Malicious cyber attacks on physical security systems – how to respond in real-time?

  • Converged situational awareness & management platform
  • Rules & use cases that look across both physical and cyber sub-systems
  • Use micro-segmentation solution in enterpris
  • The compromised endpoint can be forced off the network and the network re-keyed (new crypto keys for each endpoint) basically making a new network
  • Faster assessment and response to situations

How to respond to insider threats through a converged security platform

  • Blended threats – monitor across connected disparate systems
  • Secure access to certain systems should only happen form certain locations
  • Have they entered the building?
  • Have they entered the room?
  • Network log details, SIEM log details

Speakers 

Prof. Paul Dorey (Chair of IoTSF), Martin Gill (Director, Perpetuity Research), Mike Hurst (CPP, HJA Fire and Security Recruitment ASIS International UK Chapter), Brian Sims (Risk UK, Editor), Barrie Millett (Head of Group Security, Wesleyan), Letitia Emeana CPP PSP (Board Member Women’s Security Society – Physical Security), Danny Dresner (Co Founder IASME), Alan Jenkins (former ASIS UK Cyber Convergence Lead) and Steven Kenny (Industry Liaison – Architecture & Engineering, AXIS Communications).

Authors : James Willison MA MSyI, Founder, Unified Security Ltd and Sarb Sembhi CISM, CISO Virtually Informed Ltd.

IFSEC International takes place between 19-21 June 2018, ExCeL London. Get your free pass for IFSEC 2018.

Related Topics

Leave a Reply

avatar
  Subscribe  
Notify of

Sign up to free email newsletters