IFSEC Insider is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Recent cyber-security threats underscore the need for physical and information security teams to work more closely together.
“The threat is blended so the teams need to work together,” said Ellie Hurst, Marcomm and Media Manager for Advent IM at IFSEC International.
Hurst cited numerous attacks where hackers exploited vulnerabilities found in physical systems.
For example, in December, two individuals hacked into the Washington DC CCTV camera network days before Donald Trump’s inauguration. Meanwhile in October, Hangzhou Xionmai Technology, a vendor behind DVRs and internet-connected cameras, inadvertently played a role in a wide-scale DDOS attacks against PayPal, twitter, Spotify and other platforms.
While physical and information security professionals typically work in different departments, they need to find a common language, said Hurst. “Do you know what you have? Do you know what they are built on? What is the life-cycle management of these products and are they patched?” said Hurst. “From there you can decide whether to accept the risk.”
Though rare, some organisations have merged the physical and information security teams, said James Willison, Founder of Unified Security Ltd. “Symantec has merged their team and Barclays is building one SOC for both cyber and physical security,” he said.
All is not lost if your organisation is behind. There are measures every company can take to mitigate the risk, said the presenters at IFSEC.
“Ninety percent of breaches are due to people’s mistakes, poor configuration and maintenance,” said Steven Kenny, Business Development Manager – Architecture & Engineering (A&E) Program, Axis Communications.
“Creating a documented internal policy and increasing employee awareness is important,” said Kenny.
“Training and education is also important. You need to find a training course suitable for those in physical security,” added Hurst.
“At the end of the day, the threat isn’t going to go away. You’ve got to do the training.”
Free Download: The Video Surveillance Report 2023
Discover the latest developments in the rapidly-evolving video surveillance sector by downloading the 2023 Video Surveillance Report. Over 500 responses to our survey, which come from integrators to consultants and heads of security, inform our analysis of the latest trends including AI, the state of the video surveillance market, uptake of the cloud, and the wider economic and geopolitical events impacting the sector!
Download for FREE to discover top industry insight around the latest innovations in video surveillance systems.
Calls for greater collaboration as security industry faces ‘blended threat’Recent cyber-security threats underscore the need for physical and information security teams to work more closely together. “The threat is […]
Kelley Damore
IFSEC Insider | Security and Fire News and Resources
Related Topics
Cloud and professional signalling services as ‘gamechangers’ for the intruder alarm market – In conversation with Texecom’s Jim Ludwig
“Networked, integrated IP audio can bring just as much value as cameras” – In conversation with Zenitel’s Koen Claerbout at IFSEC 2022
Revealed: The IFSEC Global influencers in Security 2022