The IP-enablement of “physical” devices such as heating/ventilation/air conditioning (HVAC), lights (in the office and parking lots and garages), video surveillance, identification cards providing access to a building and even soda and snack machines has resulted in increased business efficiency and saved operating costs. At the same time, however, it has opened up an entirely new set of vulnerabilities targeted for exploitation by hackers trying to access a company’s network to steal vital business or customer information, or impact corporate operations.
To date, talk has focused on improving cyber security technology and processes as a response to hacking and security breaches. There has been scant attention paid, however, to the bigger picture: Companies must take a unified approach to both physical and cyber security. Companies have devoted a lot of resources to unify cyber and physical operations via their network, but have fallen short in the critical next step of unifying their response to deal with the physical and cyber implications in the event that the network experiences some type of disruption.
Many companies have one staff that oversees the physical operations of a facility, such as premises security, credentials for personnel, maintenance of HVAC and fire networks, but a separate staff for the IT operations and security of a company’s computer network – despite the many instances where the network causes the functions of both operations to overlap. In worst case scenarios, these departments and their personnel don’t communicate on a regular basis.
While personnel should remain dedicated to their specific functions, a single point of contact to facilitate communications between the staffs is needed during today’s era of convergence, especially given the fact that the stages for addressing physical and cyber security issues follow very similar processes: Detection and alert; containment; remediation; conclusion; and assessment. Physical threats now have an impact on IT (cyber) operations, and cyber threats have an impact on physical operations. Therefore, to treat cyber and physical threats separately – particularly in terms of response – creates unnecessary confusion, delays and inefficiencies when a crisis hits.
To create the unified approach needed to accommodate the trend of convergence, large enterprises should look to the example of a handful of visionary organizations who have established global security operations centers (GSOC), where there is one central point of coordination to respond to interruptions in business operations due to physical or cyber issues.
A key enabling element for a unified response is the deployment of a next generation crisis communication network to alert the appropriate personnel and facilitate information sharing on a mass scale or on a targeted basis. The technology of today’s IP-enabled communications network allows for two-way communications with impacted personnel and emergency response teams. If a smoke alarm has gone off in a server room, responders can transmit pictures or videos back to the GSOC indicating whether it is simply an overheated device or an actual fire, which will determine whether the room needs to be shut down, possibly impacting cyber operations.