Insider Cyberthreats: Are You a Cyber Deer in the Headlights?
The news media has been very visible about the next phase of security — cyber. Assuming that this domain belongs solely to the Information Technology (IT) department is a major mistake. The best security policy involves the integration of physical and virtual solutions to address gaps in your overall defenses. Today’s system integrator is ignoring the emerging cyber market. The physical security integrator needs a phased approach to adopt the skills needed to embrace the cybersecurity opportunity, starting with countering the insider threat to the business.
Case in point: WikiLeaks. An Army Private, Bradley Manning, downloaded 400,000 classified documents from a secure facility and forwarded them to WikiLeaks, an international non-profit organization that publishes submissions of private, secret, and classified media from anonymous news sources. Evidently, Private Manning, (like many insiders who are a potential threat to their organizations and co-workers), was very verbal in his displeasure with the Army leading up to his breach. The physical security guards actually took his weapon away from him upon entering the facility a week prior to the breach. One might ask, why was he given access to top secret facility (information) at all? The answer is simple: silos and a poor security policy. Security can prevent this situation and be proactive.
Another emerging opportunity is in the intelligent / smart buildings sector. However, physical security integrators — from the Fortune 500 to SMB — are inadequately addressing cyber protections. Why? The critical infrastructure market is a target and a prospect for convergence, especially when considering the integration of the capabilities of Physical Security Information Management (PSIM) and Security Information and Event Management (SIEM). The base technologies of video surveillance, access control, identity management, and command and control are well understood by the physical integrator community. Due to slow response to this opportunity, the nation’s defense contractors (Raytheon, Lockheed, Boeing, etc.) are actually stepping into this revenue opportunity at the high end of the market. The good news is they can be potential partners with physical security integrators; the bad news is that physical security integrators are not skilled in partnering at this level.
Sectors like electricity, oil and gas, transportation and financial services are major targets of bad guys based on what they have (information) or what they do (critical services), and are actively pursuing more “proactive” security benefits. This includes technologies that automate correlation and work flows, training across physical and cybersecurity groups, consolidating command and control centers, and leveraging fusion centers for collaboration with government agencies. A security threat assessment to integrate PSIM / SIEM is one example of an emerging consulting opportunity; there are many. The digital domain creates additional risk (and opportunity) for integrators to counter.
Having a competitive sales differentiator in the critical infrastructure space is huge. At this year’s ISC West, I made a point to visit the booths of numerous (Fortune 500) security integrators promoting intelligent / smart buildings. When I asked about capabilities to defend against cyber attacks over the network, or as a result of insider threats, I got the “deer in the headlights” look — no plan, no people and no clue. Is it really that difficult to communicate with human resources and physical security to intercept a human threat before a breach? To integrate database technologies? The integrator that takes the time and devotes the money to counter the insider threat to clients (especially in critical infrastructure) will knock 95 percent of their competition on its tail by positioning the sales cycle to their advantage. Nothing kills a sales opportunity faster than the “deer in the headlights” look.