classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2018


Physical/logical convergence
November 2018, This Week's Editor's Pick, Cyber Security, Integrated Solutions, IT infrastructure

The question of convergence is nothing new to the physical security industry. It wasn’t too long ago that surveillance technologies converging onto the IP platform was the thing everyone was talking about and we have since seen a massive shift from analogue surveillance to IP-based surveillance – although analogue is far from dead. Similarly, we have seen almost all the areas of the physical security industry moving to IP as a way to better control connected systems and integrate with other products.

Today, however, we are seeing a new convergence game in town, one that will have a far greater impact than IP convergence ever had. One of the reasons for this is that nothing in this industry will remain unaffected. The convergence between physical and logical (or cyber) security will be a game changer, not simply as a result of new technologies available and new skills those in the industry will have to learn, but because it will change the way we do everything, from planning to design and all the way to installation and maintenance.

Another enormous challenge will be getting physical and logical security people and departments to work together and speak the same language. At the NEC XON summit at Sun City this year, Bertus Marais, divisional GM of XON Safety & Security, noted that the convergence of physical and cybersecurity is already a reality in many organisations. He noted that companies today are demanding a holistic view of their security operations and if the two worlds are separate, that simply leaves a gap in your security posture.

Everyone is involved

Roger Truebody.
Roger Truebody.

Roger Truebody also notes that physical/logical convergence is a discussion more people are having, but he says, it is a very difficult topic to deal with as a generality. The discussion is definitely growing, but the level of the discussions vary from industry to industry, and in some cases, company to company.

Those who see security as important to their future business success are further ahead of the curve due to various pressures they find themselves under, as well as past experiences of losing access to their systems (and hence losing money) due to a cyber-attack. Truebody adds that the point of contention in almost all discussions is not technical or skills related, but cultural.

The ‘IT guys’ and the ‘security guys’ have different priorities, personalities and challenges, and very different working cultures – even those working in the same company. Overcoming these differences is where the hard work starts.

Mark Walker.
Mark Walker.

Mark Walker, associate vice president: sub-Saharan Africa at IDC Middle East, Africa & Turkey, agrees, noting that the current allocation of duties among the physical and logical teams are still very much in their silos and the teams have a singular view of their tasks and roles in the organisation. He says it is also a question of turf, especially among senior people who are worried what may happen to their position if the silos converge.

What’s needed from both sides is a broader view of the business, adds Walker. Security personnel should start looking at security from a business and user point of view, expanding their concept of security to incorporate the whole business. To use a familiar term, he says they need to look at integrating all their security systems and platforms into a holistic enterprise solution. This will include everything, from data and network perimeter protection, through to facilities management and surveillance, and all the way to integrating the latest artificial intelligence (AI) solutions – such as predictive and/or behavioural analytics.

Starting the process

No matter the challenges, the convergence process is not one that will go away and companies that delay starting will only see their people, assets and systems more vulnerable and more targeted by more sophisticated attacks – because they are easier targets. Truebody says the starting point is to first sit down, talk to each other, and develop the will to make convergence happen.

Once you know that it is going to happen and have buy-in from everyone concerned, you can then start with a risk analysis that does a full audit of your physical, logical and business security risks. In a nutshell, Truebody says that once identified, you can then go further with impact analysis and so forth, developing integrated prevention, protection and recovery strategies.

However, he warns that while it may look good on paper, if the will and buy-in is ­missing, it will not happen as convergence is a significant clash of culture and ego – who is going to be the boss of the converged security department.

Walker echoes these sentiments, noting that getting the two cultures working from the same scorecard is the first challenge that has to be overcome. The parties need to get talking and raise general awareness at the top about the enterprise’s holistic security challenges.

The next step is to continue the communications while also acknowledging the scope of the task ahead. Then comes the strategy to converge the security function into one and the challenge of putting it all under one executive – a chief security officer (CSO) or someone with authority to speak to the board.

Walker also recommends that automating as much of the converged security function as possible is critical in terms of getting the best results, as well as streamlining integration challenges.

Small wins

While the convergence of physical and logical security is a complex operation and the chore of getting people from different cultures to work together is enormous, companies can also go for smaller wins to prove its effectiveness.

As an example, Marais said this convergence can simply be an application that logs your computer off, or activates a screen lock when it sees you are no longer sitting in front of it. This combination of physical and cyber is simple, but it can prevent unknown people using your computer, prevent ‘over-the-shoulder’ password stealing and even be integrated with physical access control in order to prevent you from logging onto your computer if you haven’t entered the building (or a trusted location). Similarly, if it notices you have left the building or your area of work without logging off, it can do so for you.

Vernon Fryer, CISO and GM Cyber Security at NEC XON, provides an example of convergence happening in some Cyber Defence Operation Centres (CDOC) NEC XON runs in South Africa and further up on the continent.

These CDOCs are examples of convergence in that one of their functions is to monitor IoT devices, which includes security systems, such as surveillance cameras and other electronic readers or sensors. The central server automatically monitors any number of devices over time and creates a base line of various data points. Should any of these standard readings change, the control centre is immediately alerted that something has changed and operators can investigate.

The readings under scrutiny include almost anything, and range from a simple change in state (from on to off, for example), through to changes in the firmware (in case malware is installed as happened in the Mirai botnet attack), to changes in a device’s configuration or if a device is accessed from a strange IP address.

Any changes are noted and investigated by the CDOC personnel, thereby ensuring the cybersecurity of physical security devices and other IoT systems. This relieves pressure on the operators and makes sure these devices remain in working order over the long term. Another integration Fryer says the CDOCs can perform is to integrate social media feeds to pick up trends, as well as to identify people caught on camera from pictures on their social media feeds.

One article can’t cover the full scope of the convergence between physical and logical security, but it is clear that this is a task we need to get to grips with. Physical security experts have to adapt to the IT world and all that entails, including learning the language and customs of what can be a completely foreign culture in the office next door. The result of this convergence will be a complete security strategy that protects organisations on all fronts from threats that are only increasing in size, scope and sophistication.


Credit(s)
  Share via Twitter   Share via LinkedIn      

Further reading:

  • From the editor’s desk: Dark times
    April 2019, Technews Publishing, News
    Although the timing is more coincidence than anything else, this issue includes a feature on power management. Given the latest news we’re hearing and experiencing from Eskom and the length and breadth ...
  • ASIS Security Technology Concepts day
    April 2019, Technews Publishing, This Week's Editor's Pick, Security Services & Risk Management
    ASIS SA kicked the tyres of a few technologies at its first Security Technology Concepts day in February.
  • Is everything-as-a-service worth it?
    April 2019, iPulse Systems, Verifier, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
    Security-as-a-service seems like a good idea to reduce technology and labour expenses. Hi-Tech Security Solutions find out more.
  • Watching the game
    April 2019, Technews Publishing, Pelco by Schneider Electric, Dallmeier Electronic Southern Africa , Entertainment and Hospitality (Industry), CCTV, Surveillance & Remote Monitoring
    Video surveillance plays a larger role in the casino market than simply watching people gambling and trying to catch pickpockets.
  • More than locking the door
    April 2019, Technews Publishing, Salto Systems Africa, ZKTeco, Entertainment and Hospitality (Industry), Access Control & Identity Management, Asset Management, EAS, RFID
    Electronic locks offer hotels far more than simply a more convenient way to manage doors, they can be integrated into a host of other systems and services.
  • Securing farms takes a multi-­layered approach
    April 2019, Technews Publishing, Nemtek Electric Fencing Products, Perimeter Security, Alarms & Intruder Detection
    While perimeter fencing is a must-have, the agriculture sector is increasingly turning to modern high-tech electronic technologies, particularly in light of the violent farm attacks seen in South Africa over the last few years.
  • Wide-area surveillance on estates, farms and other large properties
    April 2019, Protoclea Advanced Image Engineering, Access Control & Identity Management, Integrated Solutions
    Using the right solution to protect large, open areas can be accomplished with the right technology and planning.
  • Visible light facial recognition
    April 2019, ZKTeco, Technews Publishing, This Week's Editor's Pick, Access Control & Identity Management, Integrated Solutions
    ZKTeco recently expanded its reach in the facial recognition market with the launch of its new series of visible light facial recognition (VLFR) products.
  • 2019 Internet of Things (IoT) Barometer
    March 2019, This Week's Editor's Pick, Integrated Solutions, IT infrastructure
    A majority of businesses that use IoT technology agree that it has either disrupted their industry or will do so in the next five years.
  • When cybercrime affects health and safety
    April 2019, This Week's Editor's Pick, Cyber Security
    The threat of a category-one cyber-attack is that everything could seem right – the readings on the meter could be fine, checklists would be followed, and equipment would work – yet danger could still unfold.
  • Cathexis wraps up successful national roadshow
    April 2019, Cathexis Technologies, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, News, Conferences & Events, Training & Education
    Cathexis Technologies successfully concluded its national CathexisVision Roadshow. With events held in Durban, Port Elizabeth, Johannesburg and Cape Town.
  • Milestone Systems launches Milestone Marketplace
    April 2019, Milestone Systems, This Week's Editor's Pick
    Milestone Systems introduces Milestone Marketplace, a digital platform for the video technology industry that connects buyers and sellers to co-create solutions.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.