The Convergence of Physical and Cyber Security

By Bernhard Mehl
May 21, 2018

Cyber security is increasingly becoming an important aspect of physical security, as both of these security solutions begin to converge. Here's what you need to know about the benefits (and drawbacks) of this integration.

What Led to the Convergence

Late May 16, 2018, homeowners found their Nest security systems no longer accessible, as their cloud service was down. The cause of this remains unknown, but the result was clear: many security system features were either reduced or entirely removed.

Physical and cyber security have been entwined since the very first security system was disabled remotely. The convergence of physical and cyber security is not a new one, but rather a growing threat. As the Internet of Things grows and more security solutions operate through virtualized systems, it becomes necessary to take a look at how physical and cyber security are interacting with each other. Consider a modern building, in which the HVAC system, video surveillance feeds, and access control systems are all network-enabled and network-accessible. A single security breach could compromise the entirety of the building's physical infrastructure, from the motion-activated cameras to the sprinklers that take care of the lawn.

Businesses (and even homes) are now laced with Internet of Things devices; network-capable devices that provide better comfort, convenience, and security through technology. Unfortunately, many of these devices are poorly secured, both on a hardware and software level. There are few security standards that these devices need to meet -- and a single device being compromised could compromise the entire network.

What Does Convergence Mean for Businesses

For the modern business, what does it mean when physical systems and cyber security converge? Businesses today are more vulnerable than they may believe. Small to mid-sized businesses are increasingly being targeted by criminal attackers. Businesses need to be aware that a security flaw in their network could lead to a physical security breach. Access systems, security cameras, and even telephone systems are now often controlled through the organization's network. If the appropriate steps haven't been taken to secure that network, the business could very well be vulnerable.

Benefits to the Convergence

It's important to note that the physical and cyber security convergence is not incidental; rather, it has developed over time as the most convenient and effective means of managing security. Flaws exist in this system only insofar as the systems are not appropriately protected and maintained.

When physical security and cyber security are connected, both can operate more effectively. Physical security systems are now augmented with advanced smart features, such as the ability to use two-factor authentication through the network, or biometric scanning for physical access. Something as simple as connecting motion-activated cameras to a network can add value to the security system, by automatically recording videos to the cloud and sending out alerts when motion is detected.

Cyber solutions give physical security access to a tremendous feature set -- but also increase the risk of the system being compromised. If the system is properly protected, these risks disappear, leaving behind only the benefits.

Physical and cyber security convergence is only going to become a more serious issue, as the boundaries between physical security and virtual systems continue to blur. Organizations need to take proactive steps to protect themselves, by locking down their cyber security and ensuring that each of their physical systems is appropriately installed, updated, and maintained. Business owners need to be vigilant: many physical systems are now internet connected and internet capable, subjecting them to the same amount of risk as any other device on their network.

Bernhard Mehl

Bernhard is the co-founder and CEO of Kisi. His philosophy, "security is awesome," is contagious among tech-enabled companies.

IT Advice
Useful Resources