Prepare for cyber-physical attacks

SMART Access & Identity 2024 Information Security, Access Control & Identity Management

As the security landscape continues to evolve, organisations must fortify their security solutions to embrace the changing needs of the security and technology industries. Nowhere is this more present than with regard to cybersecurity. As the threat of cyber-physical attacks grows in number and complexity, organisations worldwide will be forced to reconsider the preparedness of their cybersecurity and physical security systems.

In Gallagher’s Security Industry Trends Report1 released in December 2023, Gallagher Security Cyber Architect, Rob Cowsley says, “Cybersecurity and physical security are often inherently linked to one another; it is difficult to have a secure physical solution without considering elements of cybersecurity, and impossible to avoid physical components within a cyber-secure environment. It is becoming increasingly important for businesses to consider both to achieve a holistic security solution.”

To address the shifting needs of organisations and use feedback from its end users and channel partners, Gallagher continues its commitment to customer-centric manufacturing and innovation to address its customers’ current and emerging security needs.

In November 2023, Gallagher released the Controller 7000 (C7000). Designed to deliver stronger cyber protection, new capabilities, scalability, and functionality, the C7000 will help organisations fortify their protections in preparation for future unknown threats.

The C7000 has been developed with powerful cybersecurity functionality; only Gallagher-approved firmware can run on the device, software with known vulnerabilities is prevented from being installed, it is impossible to clone or counterfeit the device, critical cryptographic keys are stored securely; and security infrastructure generates, processes, and stores cryptographic keys and certificates, preventing supply chain attacks. Altogether, the C7000’s layers of baked-in cyber protections equip users with responsive and adaptable technology to safeguard against sophisticated cyber threats for many years to come.

“We hold our products to a higher standard by subjecting them to some of the most rigorous testing in the industry; employing a combination of in-house and third-party penetration testing and collaborating with everyone, from standards accrediting bodies, to hobbyist hackers to fortify our solutions against the threats of the future. As a result, our solutions meet the cybersecurity needs of both commercial entities and those operating in high security, like government bodies, militaries, and critical infrastructure sites,” says Cowsley.

Cybersecurity is not exclusively up to the manufacturer. End users also bear responsibility for maintaining their systems to protect against threats.

One major source of vulnerability is outdated hardware. As cyber risks evolve, out-of-support hardware that no longer receives security updates, or is unable to use the latest protections, leaves end users open to attacks that could have been prevented by an upgrade. Many hackers who find vulnerabilities are finding them in legacy hardware, further exposing the danger these parts pose to end users and the people, data, and assets they aim to protect.

Even running routine regular audits on systems can be an effective tool to safeguard against threats. Audits can reveal problems like blank passwords on highly privileged accounts, or tampering with door sensors, enabling end users to maintain their defences and safeguard against their own worst-case scenarios.

Maintaining cybersecurity can be a challenge, especially as the threat landscape evolves at such a rapid pace. Technologies with built-in cybersecurity reduce the burden of maintenance on users and help ensure systems remain up-to-date and fortified against threats. As Gallagher’s future growth and product roadmap develops, C7000 users will have the foundation in place to immediately benefit from new developments and features as they are released through streamlined updates. Users will have continuous value delivered over the lifespan of the controller, making the return on investment in cybersecurity and functionality worth it for many years to come.

“Cybersecurity is not a destination; it is a continuous journey, and only those prepared to evolve alongside the threat landscape will be able to take their customers on that journey with them,” concludes Cowsley.



Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

What are MFA fatigue attacks, and how can they be prevented?
Information Security
Multifactor authentication is a security measure that requires users to provide a second form of verification before they can log into a corporate network. It has long been considered essential for keeping fraudsters out. However, cybercriminals have been discovering clever ways to bypass it.

Gallagher Security’s Integrate Roadshow
Gallagher News & Events
Gallagher Security recently teamed up with nine technology partners to showcase the latest integrated security capabilities at the Integrate Roadshow in Durban, bringing together about 60 attendees, including end users, channel partners, consultants, and other industry professionals.

SA's cybersecurity risks to watch
Information Security
The persistent myth is that cybercrime only targets the biggest companies and economies, but cybercriminals are not bound by geography, and rapidly digitising economies lure them in large numbers.

Cyber insurance a key component in cyber defence strategies
Information Security
[Sponsored] Cyber insurance has become a key part of South African organisations’ risk reduction strategies, driven by the need for additional financial protection and contingency plans in the event of a cyber incident.

Deception technology crucial to unmasking data theft
Information Security Security Services & Risk Management
The ‘silent theft’ of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation.

Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.

Optimising safety and security in mining
Gallagher Mining (Industry)
Mining operations are some of the most critical and hazardous industrial activities, with a range of risks. To address these, access control, and integrated security solutions are critically important in protecting people and assets.

The CIPC hack has potentially serious consequences
Editor's Choice Information Security
A cyber breach at the South African Companies and Intellectual Property Commission (CIPC) has put millions of companies at risk. The organisation holds a vast database of registration details, including sensitive data like ID numbers, addresses, and contact information.

Navigating South Africa's cybersecurity regulations
Sophos Information Security Infrastructure
[Sponsored] Data privacy and compliance are not just buzzwords; they are essential components of a robust cybersecurity strategy that cannot be ignored. Understanding and adhering to local data protection laws and regulations becomes paramount.