Page 185 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 185
What is Physical Security?
Physical security refers to personnel who are assigned to keep people, property, and other physical
resources safe from danger. Often these professionals are called security guards, officers, or security
specialists.
Many organizations use physical security to keep customers, employees, vendors, and guests safe.
Examples include schools, hospitals, banks, retail stores, corporations, government facilities, etc.
Physical security covers a lot of different responsibilities such as patrolling grounds, monitoring inbound
and outgoing traffic, surveillance, locking and unlocking buildings, securing off-limits areas, responding
to alarms, dealing with emergencies, first aid, and much more.
Why is Physical Security Needed in a Cyber Attack?
These days physical and cybersecurity go hand-in-hand. Devices, systems, and networked equipment
are often targeted to prepare for a more significant cyber-attack. For example, in 2021, 150,000 security
cameras were hijacked, allowing criminals to access surveillance feeds from hospitals, jails, police
stations, and even schools.
Companies are using more technology than ever before, and a lot of it is vulnerable to hacking.
Cybercriminals often use botnets to take over thousands of IoT devices and then use them for attacks.
Companies may not even be aware that their devices have been compromised.
It’s essential for physical security personnel to work closely with IT departments to ensure the safety of
physical devices and maintain strict access to them to prevent cyber-attacks. Another big area for concern
is BYOD (bring your own device). Physical security can use sensors to monitor for and prevent malicious
devices from entering the building (e.g., removable devices like USB drives, cell phones with malware,
etc.).
Hundreds of data breaches have put companies, vendors, employees, and customers at risk. Security
personnel should be stationed wherever data is stored and protect servers, computers, mobile devices,
and other networked technology to prevent any unauthorized access. A data breach can devastate a
company bankrupting its resources.
Many newer corporate structures use automation to control heat and ventilation. Abusers may gain
access and alter the environment to overheat or destroy specific technology. Other targeted areas may
include communications, hardware or software vulnerabilities, and weak password management.
Along with the physical aspect of security, IT departments should also enhance cybersecurity measures
and network monitoring to cover all angles that a cyber-terrorist might use to gain access.
185