Genetec recently announced results from a global survey that indicates cybersecurity remains a top concern for physical security professionals going into 2023.
The report revealed that almost half (49%) of the organizations surveyed have implemented an improved cybersecurity strategy during 2022, and more than a third of all respondents (36%) expect to invest in cybersecurity-related tools to improve their physical security environment in the next 12 months.
When asked about the challenges faced when managing employee and visitor safety, more than 1 in 2 of the organizations selected cybersecurity as their main challenge. This was particularly evident for organizations with more than 100,000 employees, with 62.3% of them indicating that cybersecurity was their top challenge, compared to 52.1% for companies with under 100,000 employees.
Of the many capabilities related to cybersecurity and data protection deployed by physical security teams in the past year, cyber-hardening of physical security hardware and access control management were the most popular, with 40% of respondents implementing new measures targeting those capabilities.
Integrators Role in Ecosystem of Partners
With so many network-based devices now central to physical security solutions, physical security itself is a part of cybersecurity, Genetec’s Matthew Fabian, national director of sales engineering, explained to SDM. This means security integrators are now an integral part of an organization’s cyber well-being.
“If you look at things like PCI compliance and ISO certification, they all have a physical security component, whether it’s having video verification on doors, logs for access control, and things like that,” Fabian said. “There are a lot more IoT sensors and devices that are becoming part of the physical security network, such as video cameras, doors, gunshot detectors, temperature sensors. All those devices are collecting data in a physical security environment.”
And while all that data is being correlated and analyzed to improve operational efficiencies and business intelligence, with the increase of all those network-attached devices comes a much larger attack vector for systems integrators. For integrators, earning the trust of vendor partners and end customers is vital to promoting trust throughout the supply chain.
“We are very selective about our technology partners and who we work with,” Fabian said. “Internally, we have many certifications that we spend a lot of time cultivating — the ISO 27001 framework, for example, UL and others. We want our channel partners to understand that we’re going through this process. We want to make sure internally that we’re protecting our customers’ information and our customers’ data. And that the people that we work with, our ecosystem of partners, also go through this process where we’re vetting them and making sure that we’re working with trusted partners.”
A big part of building and maintaining that trust is transparency, Fabian said. Genetec operates a Trust Center, for example, where the company posts cyber threat advisories. “We're very forthcoming with our customers. We try and get that threat information out as soon as possible,” Fabian said. “Those are the components of building trust with your channel partners, as well as your manufacturers.”
Genetec has embedded a variety tools in its Security Center platform that allow integrators and end users to keep abreast of cybersecurity risks, as well help maintain cyber resiliency. Among them, the Genetec Update Service (GUS) alerts users to new product updates, allowing them to automatically download or install on their own schedule. Another, the Security Score widget is billed as a dynamic hardening tool that checks the security of a system in real-time. It lays out guidelines and then monitors whether the different elements of the system comply.
“Look at some of the high profile breaches that have occurred, whether it’s Equifax or Experian, it is mostly social engineering, poor password hygiene or unpatched software,” Fabian said. “We want to provide those tools to our partners, and ultimately to our end users, that identify and recommend firmware upgrades and software updates. And how to harden and instructions on how to do it.”
Genetec surveyed physical security professionals from Aug. 25 to Sept. 21. Following a review of submissions, 3,711 respondents were included in the sample for analysis. The company’s full “State of Physical Security” report will be issued in December.