How does a company’s physical security play a role in cybersecurity?

People often think cybersecurity and physical security are two different things, but the two should be closely-linked in your overall IT defense structure. That’s because without locked doors, high fences, and wary guards, unauthorized persons can easily get into your facility and wreak havoc with your network. We talked with cybersecurity gurus around the globe and here’s what they had to say about the importance of having strong physical security components in your IT protection plan:

Protecting the Organization’s Information Systems

Physical security plays a foundational role in protecting an organization’s information systems. When we think of cyber threats, we usually think of complex viruses and hackers tapping away at their keyboards. The truth is, an attacker doesn’t need sophisticated hacking skills if they have physical access to a system or network.

Think about it – what would happen if you simply pulled the plug on an organization’s servers? You have successfully executed a denial-of-service attack, meaning users cannot access their data until power has been restored. An attacker that has physical access to a system can do things like plug in a USB to install malware, or physically connect unauthorized devices to the organization’s networks.

All organizations must take measures to protect the physical security of their information resources. Ensure networking closets and server rooms are restricted to authorized personnel only, and always keep them away from the public. If possible, install cameras in the vicinity and employ the use of badge access to monitor the identity of those who enter and exit restricted areas.

Prevent Access to Computing and Networking Equipment

At the top-level cybersecurity risks can be categorized into three areas:

● Confidentiality – Access to sensitive data
● Integrity – Accuracy, completeness, and consistency of data
● Availability – The ability to access and use the data

First and foremost, physical security must prevent access to computing and networking equipment. This inhibits the ability to access the hardware, which may be vulnerable. For example, access to the physical server hard drives could enable digital access to the files if the data is not encrypted at rest, thus posing a confidentiality risk. If the physical equipment is stolen or destroyed, this also poses an availability threat.

Physical access to the computers could allow the insertion of a nefarious USB drive, opening the door to all three of the threats: breach of confidentiality, corruption of data integrity, and loss of functionality (availability).

Another aspect of physical security goes beyond the threat of a (human) bad actor. Since availability is a critical aspect of cyber security, physical security must also consider availability threats to the on-premise computing and networking resources. Thus, physical security includes ensuring that we have power, as well as minimizing the risks of water damage. We also have to protect against natural disasters including floods, fire, and earthquakes.

The final thought is to put physical security into the context of the NIST (National Institute of Standards and Technology) Cyber Security Framework. NIST CSF categories 5 aspects of security: Identity, Protect, Detect, Respond, and Recover.

In physical security, “Identify” is to understand the physical assets that need protecting. This includes things like an asset inventory and physical risk assessment.

● “Protect” is deploying the physical controls, which are doors, locks, etc.
● “Detect” controls include items such as alarms, cameras, motion detectors, etc.
● “Respond” might be a direct response to a physical intrusion, such as armed security guards or police, but also crosses over into disaster recovery. This includes identifying what resources are required for response and recovery.
● “Recover” might include getting facilities operational again (power, AC, and even the buildings themselves).

Reduce Workplace Violence, Protect Intellectual Property

Physical security is an essential business strategy to address various issues, including reducing workplace violence, protecting your intellectual property from corporate espionage, and preventing unauthorized individuals from entering your firm and inflicting harm.

Physical security is meant to reduce the danger to information systems and data in terms of cybersecurity. Therefore, only people with proper authorization should access systems, tools, and operating environments. Additionally, as the digital transition progresses and workers have grown accustomed to remote work or hybrid workplaces, technology has become more affordable, manageable from a distance, and capable of performing a more comprehensive range of tasks than ever before.

Unfortunately, risk comes along with all this effectiveness. A device becomes a possible attack surface for hackers to access the network instantly linked to the network. They can steal data, sabotage company processes, or insert malware. Each IoT-connected device in your company must be appropriately protected to prevent this.