How does a company’s physical security play a role in cybersecurity?
People often think cybersecurity and physical security are two different things, but the two should be closely-linked in your overall IT defense structure. That’s because without locked doors, high fences, and wary guards, unauthorized persons can easily get into your facility and wreak havoc with your network. We talked with cybersecurity gurus around the globe and here’s what they had to say about the importance of having strong physical security components in your IT protection plan:
Barbara M. Gray
Barbara M. Gray is a former CIA officer and currently serves as VP of Operations for NeoMax.
Protecting the Organization’s Information Systems
Physical security plays a foundational role in protecting an organization’s information systems. When we think of cyber threats, we usually think of complex viruses and hackers tapping away at their keyboards. The truth is, an attacker doesn’t need sophisticated hacking skills if they have physical access to a system or network.
Think about it – what would happen if you simply pulled the plug on an organization’s servers? You have successfully executed a denial-of-service attack, meaning users cannot access their data until power has been restored. An attacker that has physical access to a system can do things like plug in a USB to install malware, or physically connect unauthorized devices to the organization’s networks.
All organizations must take measures to protect the physical security of their information resources. Ensure networking closets and server rooms are restricted to authorized personnel only, and always keep them away from the public. If possible, install cameras in the vicinity and employ the use of badge access to monitor the identity of those who enter and exit restricted areas.
Back-Up Power, Locked Doors, and Firewalls Keep Data Safe
Building fences and placing security guards on patrol can help prevent physical intrusions that could lead to cyberattacks.
Physical security should always be considered when designing a company’s IT infrastructure. Servers and other devices that store company data should be protected by physical security measures such as firewalls and locked doors.
In addition, backup power generators can help ensure that your data will remain secure if your physical location loses power.
Prevent Access to Computing and Networking Equipment
At the top-level cybersecurity risks can be categorized into three areas:
● Confidentiality – Access to sensitive data
● Integrity – Accuracy, completeness, and consistency of data
● Availability – The ability to access and use the data
First and foremost, physical security must prevent access to computing and networking equipment. This inhibits the ability to access the hardware, which may be vulnerable. For example, access to the physical server hard drives could enable digital access to the files if the data is not encrypted at rest, thus posing a confidentiality risk. If the physical equipment is stolen or destroyed, this also poses an availability threat.
Physical access to the computers could allow the insertion of a nefarious USB drive, opening the door to all three of the threats: breach of confidentiality, corruption of data integrity, and loss of functionality (availability).
Another aspect of physical security goes beyond the threat of a (human) bad actor. Since availability is a critical aspect of cyber security, physical security must also consider availability threats to the on-premise computing and networking resources. Thus, physical security includes ensuring that we have power, as well as minimizing the risks of water damage. We also have to protect against natural disasters including floods, fire, and earthquakes.
The final thought is to put physical security into the context of the NIST (National Institute of Standards and Technology) Cyber Security Framework. NIST CSF categories 5 aspects of security: Identity, Protect, Detect, Respond, and Recover.
In physical security, “Identify” is to understand the physical assets that need protecting. This includes things like an asset inventory and physical risk assessment.
● “Protect” is deploying the physical controls, which are doors, locks, etc.
● “Detect” controls include items such as alarms, cameras, motion detectors, etc.
● “Respond” might be a direct response to a physical intrusion, such as armed security guards or police, but also crosses over into disaster recovery. This includes identifying what resources are required for response and recovery.
● “Recover” might include getting facilities operational again (power, AC, and even the buildings themselves).
Stronger Cyber Defense and Enhanced Employee Safety
Organizations are under constant threat of cyberattacks, which is why it is important for them to have strong physical security measures in place. Physical security is one of the most important elements of an organization’s cybersecurity program. It helps to deter and detect unauthorized access to facilities, equipment, and information.
Here are some specific examples of how physical security can help enhance cyber security:
● Preventing unauthorized access to computer systems and data: By physically securing computers and other devices, companies can help prevent unauthorized users from gaining access to sensitive information.
● Protecting against theft or damage: By ensuring that only authorized personnel have access to computer systems and data, physical security can help protect against theft or damage that could lead to a data breach.
● Creating a stronger defense against cyberattacks: By taking steps to secure their premises and equipment, companies can help create a stronger defense against cyberattacks.
● Deterring criminals: Physical security measures can deter criminals from targeting a company’s premises or assets.
● Enhancing employee safety: In some cases, physical security measures can also help protect employees from dangerous situations, such as active shooters.
Reduce Workplace Violence, Protect Intellectual Property
Physical security is an essential business strategy to address various issues, including reducing workplace violence, protecting your intellectual property from corporate espionage, and preventing unauthorized individuals from entering your firm and inflicting harm.
Physical security is meant to reduce the danger to information systems and data in terms of cybersecurity. Therefore, only people with proper authorization should access systems, tools, and operating environments. Additionally, as the digital transition progresses and workers have grown accustomed to remote work or hybrid workplaces, technology has become more affordable, manageable from a distance, and capable of performing a more comprehensive range of tasks than ever before.
Unfortunately, risk comes along with all this effectiveness. A device becomes a possible attack surface for hackers to access the network instantly linked to the network. They can steal data, sabotage company processes, or insert malware. Each IoT-connected device in your company must be appropriately protected to prevent this.
Foundation for Effective Cyber Response Plan
A company’s physical security can significantly contribute to its cybersecurity. Physical security is about securing a building, data, and personnel from vulnerabilities, unauthorized access and misuse, theft, and damage. Physical security can play a critical role in cybersecurity by providing a foundation for secure cloud connectivity, data classification and protection, and physical access controls.
Adequate physical security can help reduce the risk of a cyberattack as well as provide a safe working and living environment for employees. It can also allow for better cybersecurity awareness and incident response in the workplace.
A secure physical environment can help a company achieve the following goals:
● Minimize the risk of a cyberattack
● Provide a safe working & living environment for employees
● Reduce the amount of time it takes to respond to a cyberattack
In addition, physical security provides a foundation for creating an effective incident response plan. This plan should include processes for data backup, computer repair services, and loss mitigation services. These services can help mitigate the damage from a cyberattack and prevent any further damage.
This is a crowdsourced article. Contributors' statements do not necessarily reflect the opinion of this website, other people, businesses, or other contributors.