June 22, 2016

Sign up to free email newsletters


Exclusive download: The video surveillance report 2018

Why NIST is the Best Approach for Joined-up Physical and Cyber Security

UK security vendors should look to the US for help in standardising converged security systems, according to experts, or risk their cyber defences being undermined by a lack of co-ordination and harmonisation between physical and data security platforms.

“The most interesting thing for me is the National Institute of Standards Technology (NIST) proposal,” he said during a panel discussing the evolution of physical and data security systems at today’s IFSEC International conference in London.

James Willison is vice chair of the ASIS European convergence/ESRM committee, a security strategy and risk management advisor, and associate senior lecturer in security management at Loughborough University.


The Cyber Security Assessment is based on NIST framework

IFSEC Global’s Cyber Security Assessment is based on NIST framework. Take the test here


“In the past we have looked at security systems separately – IT, access control, fire, health and safety – and this is a problem. Things are improving slightly in the US but I don’t know about here [in the UK].”


The second draft of NIST’s special publication (SP) 800-160 systems security engineering proposal was published in May this year. It recommends ways in which security design principles are baked into newly converged physical and data security systems such as those being built to support the Internet of Things (IoT) at every step, from concept to implementation, rather than relying on additional data security layers being retro-fitted onto devices and networks at a later stage.


“Those things [operating systems and applications ….firewalls encryption and monitoring systems] do not go far enough in reducing and managing complexity, developing sound security architectures, and applying fundamental security design principles,” said NIST Fellow Ron Ross. “Many of the engineering-related activities must be done by industry, as consumers can’t design or modify source code, or do the other tasks necessary for full-spectrum security.”


NIST’s influence in global IT and data security standards has been significant to date. It released the cybersecurity framework v1.0 for US financial, energy, health care and other critical national infrastructure (CNI) systems in 2014 and since widely copied elsewhere.

The organisation was also instrumental in establishing a universal definition for cloud computing platforms, another key element in emerging IoT platforms which presents its own data physical and data security challenges.

Free Download: The State of Surveillance Storage

From the growing quantity of data to new innovations like Artificial Intelligence (AI) and machine learning, the surveillance and security landscape is changing. The Seagate Surveillance Storage Survey 2018 is a look at what the industry challenges really are—and what businesses, security industry professionals, installers and integrators need from their storage moving forwards. Discover the challenges now by clicking here.

Related Topics

Leave a Reply

Be the First to Comment!

Notify of