Calls for greater collaboration as security industry faces blended threat
Recent cyber-security threats underscore the need for physical and information security teams to work more closely together. The threat is blended so the teams need to work together, said Ellie Hurst, Marcomm and Media Manager for Advent IM at IFSEC International. Hurst cited numerous attacks where hackers exploited vulnerabilities found in physical systems.
For example, in December, two individuals hacked into the Washington DC CCTV camera network days before Donald Trump s inauguration. Meanwhile in October, Hangzhou Xionmai Technology, a vendor behind DVRs and internet-connected cameras, inadvertently played a role in a wide-scale DDOS attacks against PayPal, twitter, Spotify and other platforms. While physical and information security professionals typically work in different departments, they need to find a common language, said Hurst. Do you know what you have? Do you know what they are built on? What is the life-cycle management of these products and are they patched? said Hurst. From there you can decide whether to accept the risk. Though rare, some organisations have merged the physical and information security teams, said James Willison, Founder of Unified Security Ltd.
Symantec has merged their team and Barclays is building one SOC for both cyber and physical security, he said. All is not lost if your organisation is behind. There are measures every company can take to mitigate the risk, said the presenters at IFSEC. Ninety percent of breaches are due to people s mistakes, poor configuration and maintenance, said Steven Kenny, Business Development Manager Architecture & Engineering (A&E) Program, Axis Communications. Creating a documented internal policy and increasing employee awareness is important, said Kenny. Training and education is also important. You need to find a training course suitable for those in physical security, added Hurst. At the end of the day, the threat isn t going to go away. You ve got to do the training.
Visit Europe s only large-scale security event in 2017 IFSEC International is taking place at Excel London, 20 22 June 2017, here are 5 reasons you should attend: Exclusive hands-on access to over 10,000 brand new security solutions Network with over 27,000 security professionals Discounts of up to 30% exclusively for IFSEC 150 hours of seminars, workshops and keynote speeches A 1-2-1 meetings service to pre-book face to face meetings.
Time is running out, register now to avoid missing out