Putting the P in Cyber Security - Physical Security
The threats to digital data are both physical and logically based. An attacker can phish their way into a network, moving laterally with privilege escalation and wielding zero days. However, an attacker can also simply walk into a facility and plug their payload directly into the network to achieve the same results. As such, physical security and cyber security have a convergence and both must be planned for and adopted to maintain a multi-layered security system (Cybersecurity & Infrastructure Security Agency, 2021). If you lack either side of this equation, you have effectively opened your doors and windows to an attacker so they can just walk around your barrier.
Some of the ways you can provide physical security against cyber threats include: utilizing locks, utilizing badge scanners, and proper disposal of outdated equipment and documentation. Locks are a great deterrent to a would-be criminal and help you protect your assets simply but accordingly (Cybersecurity & Infrastructure Security Agency, 2024). Equipment should be stored in secure locations behind said locks. Locks should be placed upon the entrances of the building, the doors to rooms with secure equipment, and the server racks themselves should be locked. Requiring employees to wear scannable badges, and installing badge readers at the entrances of the building and secure rooms, also helps account for who is accessing what while providing a locking mechanism to unauthorized individuals. Lastly, documentation or equipment that is set to be removed should be eliminated in a way to render any information unusable. Paper documents should be shredded and harddrives degaussed.
Security, which includes cyber security, should be modeled in layers. There should be more than one obstacle, and detection method, to dissuade and prevent unauthorized access to your organization’s data. Physical security should be in addition to logical methods of security, such as firewalls, access policies, IDPS, DMZ’s, network segmentation, and other network hardening methods (Cybersecurity & Infrastructure Security Agency, 2024). Even with the best digital security methods employed, an attacker can circumvent all of that if they can walk in and plug in to the network. Denying that ease of access is essential to ensure a multi-layered approach to cyber security.
Common physical security vulnerabilities include: unlocked doors, lax security postures such as inconsistently checking IDs, a lack of initiative from staff to report odd behavior, and lack of comprehensive surveillance coverage.
Both inspections and exercises can identify any glaring holes in an organization’s physical security plan. Once identified, businesses can rely on industry best practices to provide a framework with which to patch these holes and improve their security posture. Appropriate risk management will identify the risk appetite the organization has, and appropriately align the security measures to cover that range.
A physical security breach can result in loss of confidence in both shareholders, if it’s a publicly traded company, and customers. Key stakeholders, such as the CEO, may be forced to publicly resign. The company may face legal consequences and costly payouts to victims of the data breach. An entire company can go out of business, costing the jobs of hundreds of employees, if they are sufficiently damaged both reputationally and financially by the attack. One real world example of this is the security company Simon Marketing, who was in charge of the McDonalds Monopoly, who went out of business due to the legal and reputational backlash of this event (Ramesh, 2021). The consequences of a lack of physical security can lead to severe consequences to all stakeholders in the involved organization, from the CEO to the employee and finally the customers.
References
Cybersecurity & Infrastructure Security Agency. (2021, December 22). Cybersecurity and Physical Security Convergence Action Guide. Retrieved from CISA: chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://www.cisa.gov/sites/default/files/publications/Cybersecurity%2520and%2520Physical%2520Security%2520Convergence_508_01.05.2021.pdf
Cybersecurity & Infrastructure Security Agency. (2024, May 23). Protect the Physical Security of Your Digital Devices. Retrieved from CISA: https://www.cisa.gov/resources-tools/training/protect-physical-security-your-digital-devices
Cybersecurity & Infrastructure Security Agency. (2024, May 23). Securing Network Infrastructure Devices. Retrieved from CISA: https://www.cisa.gov/news-events/news/securing-network-infrastructure-devices
Ramesh, A. (2021, July 28). How One Man With Mafia Ties Swindled $24M From McDonald’s Monopoly Game. Retrieved from Biometrica: https://www.biometrica.com/how-one-man-with-mafia-ties-swindled-24m-from-mcdonalds-monopoly-game/
Some of the ways you can provide physical security against cyber threats include: utilizing locks, utilizing badge scanners, and proper disposal of outdated equipment and documentation. Locks are a great deterrent to a would-be criminal and help you protect your assets simply but accordingly (Cybersecurity & Infrastructure Security Agency, 2024). Equipment should be stored in secure locations behind said locks. Locks should be placed upon the entrances of the building, the doors to rooms with secure equipment, and the server racks themselves should be locked. Requiring employees to wear scannable badges, and installing badge readers at the entrances of the building and secure rooms, also helps account for who is accessing what while providing a locking mechanism to unauthorized individuals. Lastly, documentation or equipment that is set to be removed should be eliminated in a way to render any information unusable. Paper documents should be shredded and harddrives degaussed.
Security, which includes cyber security, should be modeled in layers. There should be more than one obstacle, and detection method, to dissuade and prevent unauthorized access to your organization’s data. Physical security should be in addition to logical methods of security, such as firewalls, access policies, IDPS, DMZ’s, network segmentation, and other network hardening methods (Cybersecurity & Infrastructure Security Agency, 2024). Even with the best digital security methods employed, an attacker can circumvent all of that if they can walk in and plug in to the network. Denying that ease of access is essential to ensure a multi-layered approach to cyber security.
Common physical security vulnerabilities include: unlocked doors, lax security postures such as inconsistently checking IDs, a lack of initiative from staff to report odd behavior, and lack of comprehensive surveillance coverage.
Both inspections and exercises can identify any glaring holes in an organization’s physical security plan. Once identified, businesses can rely on industry best practices to provide a framework with which to patch these holes and improve their security posture. Appropriate risk management will identify the risk appetite the organization has, and appropriately align the security measures to cover that range.
A physical security breach can result in loss of confidence in both shareholders, if it’s a publicly traded company, and customers. Key stakeholders, such as the CEO, may be forced to publicly resign. The company may face legal consequences and costly payouts to victims of the data breach. An entire company can go out of business, costing the jobs of hundreds of employees, if they are sufficiently damaged both reputationally and financially by the attack. One real world example of this is the security company Simon Marketing, who was in charge of the McDonalds Monopoly, who went out of business due to the legal and reputational backlash of this event (Ramesh, 2021). The consequences of a lack of physical security can lead to severe consequences to all stakeholders in the involved organization, from the CEO to the employee and finally the customers.
References
Cybersecurity & Infrastructure Security Agency. (2021, December 22). Cybersecurity and Physical Security Convergence Action Guide. Retrieved from CISA: chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://www.cisa.gov/sites/default/files/publications/Cybersecurity%2520and%2520Physical%2520Security%2520Convergence_508_01.05.2021.pdf
Cybersecurity & Infrastructure Security Agency. (2024, May 23). Protect the Physical Security of Your Digital Devices. Retrieved from CISA: https://www.cisa.gov/resources-tools/training/protect-physical-security-your-digital-devices
Cybersecurity & Infrastructure Security Agency. (2024, May 23). Securing Network Infrastructure Devices. Retrieved from CISA: https://www.cisa.gov/news-events/news/securing-network-infrastructure-devices
Ramesh, A. (2021, July 28). How One Man With Mafia Ties Swindled $24M From McDonald’s Monopoly Game. Retrieved from Biometrica: https://www.biometrica.com/how-one-man-with-mafia-ties-swindled-24m-from-mcdonalds-monopoly-game/
Comments
Post a Comment