Security integrators are on the frontlines of helping customers address cybersecurity challenges that are growing more severe each day. Being breached means significant risk to the organization’s operations, livelihood of its employees, their reputation and even the organization’s continued existence. And if your customer is a supplier to other organizations, the growth of supply chain risk is putting more scrutiny around how suppliers manage their cybersecurity.
Consider that these organizational risks are becoming legal and personal: In the next few years, 75% of CEOs are subject to being personally liable for a cyber-breach, according to Gartner.
As a physical security integrator you also need to take action on the growing connection between physical security and cybersecurity breaches. Physical security failures enable cyber criminals to gain physical access to facilities in order to launch exploits. With cyber defenses around traditional IT systems being as robust as they are, breaching physical security controls to gain access to a datacenter is potentially an easier path.
According to multiple researchers, including Palo Alto Network’s Unit 42, physical security systems are the most often breached form of IoT in an organization (followed by printers and VoIP phones). Without question, physical security integrators have a key role in the convergence of cyber and physical security.
One of the more significant opportunities for integrators is to engage at the C-suite and board level on these issues. Over the last year, physical security as a risk factor has made that visibility happen. That’s why when you see the head of risk management and compliance meeting regularly with the head of physical security you should assume there is a C-suite or board level directive behind those efforts.
To meet these cyber needs there are four key cybersecurity services that integrators will need to offer:
- Firmware updates: to remediate a known vulnerability, new firmware must be installed on camera or access control devices at scale. Typically this will need to be done multiple times per year as new vulnerabilities are detected. Offering an ongoing service which assures rapid deployment of more secure firmware is the fastest way to shrink your customers attack surface.
- Password policy enforcement: as Microsoft’s CISO once put it, “Hackers don’t break in, they log in.” Preventing threat actors from exploiting default or easily guessed passwords means having a policy and method for checking and rotating passwords on a regular basis.
- Certificate management: many organizations are moving to a Zero Trust approach, where independent authentication of the device is done in order to know whether to trust it. 802.1x and similar forms of certificates are used alongside a Certificate Authority to extend Zero Trust to physical security devices.
- Service assurance: as highlighted earlier, a functioning physical security system is critically important in stopping cyber breaches; physically breaching an organization to plant malware or gain access to critical systems is widely used. Ensuring your customers security systems are always working as they should will stop this.
In establishing a cybersecurity managed services offering there are a number of deployment considerations. Most organizations will be able to have a cloud-based service, and that should be the primary focus for speed and efficiency. However, running a service offering that is hosted on-premises at the customer can also be supported, depending on the customers requirements. Because physical security systems exist at scale across multiple sites and regions, having an IoT security platform that can be run globally while triggering local action is needed, and can give integrators the opportunity to highlight specific sites or regions where there are issues.
Getting started begins with having discussions with your customer, and ideally with stakeholders outside of physical security (such as the CISO, CIO or risk management officer) to understand where they are on their cybersecurity evolution, and which services fit with their needs.By seizing this opportunity now, using existing proven cyber hygiene solutions for physical security, integrators benefit from establishing a new (and sticky) recurring revenue stream, and ultimately being in a position to expand their customer relationship more broadly to IoT — and most importantly providing a solution to the dangers of a fast growing physical security attack surface.