Convergence of cyber and physical security

Issue 4 2023 Integrated Solutions, Security Services & Risk Management


Richard Frost.

With South Africa being the sixth most targeted country worldwide regarding cyberattacks, it’s no surprise that organisations have to put numerous steps in place to protect their networks and data. This is all the more crucial in a world where we have legislation such as GDPR and PoPI that dictate how people’s data can be stored, used and transmitted, with harsh financial penalties for those found in contravention.

More companies are investing in network and data security solutions and are being proactive in preventing breaches by carrying out active threat hunting, while there’s also a growing effort to separate information technology from operational technology as an additional security measure.

With more investment into network and endpoint security, these threat actors are now turning to tactics such as phishing and spear-phishing in order to get malware onto an organisation’s network. With employees more likely to be the weakest link in an organisation, the human firewall element has to be a key consideration, and cybersecurity awareness and training have to be carried out regularly.

Remote and hybrid working bring with them additional security challenges for organisations; while employees might receive cybersecurity training and practise safer online behaviour, the same might not be said for children or elderly members of the family who are sharing a Wi-Fi connection and could potentially compromise all devices on the network. The security situation is worse if an employee connects from a public Wi-Fi connection. Here, endpoint detection and response become key.

Cyber and physical focus

Employees will also have to be mindful of more than just digital security breaches, but also physical security issues. As an example, improperly discarded documents that contain personal, financial and other sensitive information can be used to build a profile against someone as part of a spear-phishing attack. Or think of having confidential documents that stay displayed on a screen or are printed out and laid on a table for anyone to see. Employees will have to be cognisant of how they are storing and discarding information at home too.

New challenges also loom on the horizon for businesses. With larger organisations being able to protect themselves better, hackers are targeting third parties who might be smaller suppliers, business partners or even clients. The majority of large security breaches that occurred last year were due to a smaller company first being breached in order to ultimately gain access to a larger organisation. We are also seeing how artificial intelligence (AI) can be a double-edged sword with tools such as ChatGPT being used by hackers to create malware.

Integrated security management

With threat actors always looking at new ways to breach corporate defences, organisations will have to respond with an ongoing investment in their security, both through the deployment of relevant products or solutions, and the continuous training of employees. However, while organisations might be doing more to be better protected against cyberattacks, what happens if someone breaks into their offices and then walks out with their PCs and servers?

We have already seen the overlap between cybersecurity and physical security when it comes to ensuring employees take better care of confidential corporate information. Going forward, the overlap will necessitate the integration of cybersecurity and physical security in order to enable the sharing of events to the same security operations centre (SOC).

For more information, contact Richard Frost, Armata, richard.frost@armata.co.za, www.armata.co.za




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Advanced Perimeter Intrusion Detection Systems
XtraVision OPTEX Technews Publishing Modular Communications Perimeter Security, Alarms & Intruder Detection Integrated Solutions Products & Solutions
Making full use of fibre installations around the perimeter by adding Perimeter Intrusion Detection Systems means you can easily add another layer of security to existing surveillance and fencing systems.

Read more...
A critical component of perimeter security
Nemtek Electric Fencing Products Gallagher Technews Publishing Stafix Editor's Choice Perimeter Security, Alarms & Intruder Detection Integrated Solutions
Electric fences are standard in South Africa, but today, they also need to be able to integrate with other technologies and become part of a broader perimeter security solution.

Read more...
SMARTpod talks to The Risk Management Forum
SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Videos Training & Education
SMART Security Solutions recently released its first SMARTpod podcast, discussing the upcoming Risk Management Forum Conference 2024, which will be held on 26 September 2024 at the Indaba Conference Centre in Fourways, Johannesburg.

Read more...
There is a SaaS for everything, but at what cost, especially to SMEs?
Editor's Choice Information Security Security Services & Risk Management
Relying on SaaS platforms presents significant cybersecurity risks as the number of providers in your landscape increases, expanding your attack surface. It is important to assess the strength of the SaaS providers in your chain.

Read more...
Innovation and security go hand in hand
Technews Publishing Facilities & Building Management Security Services & Risk Management
In a world where the demand for tech innovation is matched only by the acceleration of cybersecurity threats, businesses face the challenge of balancing new product development and robust security measures.

Read more...
Bomb threat landscape in South Africa
Editor's Choice Security Services & Risk Management
Over the past 25 years, South Africa has faced thousands of bomb threats and explosive incidents annually, imposing a significant economic burden on the nation, costing billions of rand.

Read more...
SMART Estate Security returns to KZN
Nemtek Electric Fencing Products Technews Publishing Axis Communications SA OneSpace Editor's Choice News & Events Integrated Solutions IoT & Automation
The second SMART Estate Security Conference of 2024 was held in May in KwaZulu-Natal at the Mount Edgecombe Estate Conference Centre, which is located on the Estate’s pristine golf course.

Read more...
SA firms take nine months to detect data breaches
Information Security Security Services & Risk Management
A human being can be conceived and brought into the world at roughly the same time a South African small and medium-sized enterprise (SME) becomes aware of and reports a data breach.

Read more...
Be wary of these scams this tax season
News & Events Security Services & Risk Management
As we approach the end of August, millions of South Africans will log onto the SARS eFiling website or visit their closest branch to complete their tax returns, but scammers are also waiting to defraud with tax-related scams.

Read more...
The critical role of data quality KPIs in driving business success
Editor's Choice Security Services & Risk Management AI & Data Analytics
Data is gold in our increasingly digitised world and needs to be refined to unlock its real value. Unrefined data can damage businesses, their competitiveness, and their ability to capitalise on opportunities.

Read more...