Merging Cybersecurity and Physical Security: ASIS International Survey Findings

By | Blog

With the rise of more sophisticated networks and devices accompanying the digital age, cybersecurity’s impact on the physical security industry has become an increasing hot topic as we enter 2020. More large-scale and highly integrated technologies come coupled with increasingly blended threats (also known as “multi-vector threats”) that expose security vulnerabilities within these sophisticated networks and devices.

ASIS International has recently released findings from its survey entitled “The State of Security Convergence” conducted with 1,000 professionals spanning across senior roles in physical security, cybersecurity, disaster management, business continuity, and similar fields. Participants answered from across the United States, Europe, and India, discussing the convergence of 3 areas:

  1. Physical Security
  2. Cybersecurity
  3. Business Continuity Management (BCM)

First off, what exactly does the word “convergence” entail in the security space?

ASIS survey participants define it as: “..getting security/risk management functions to work together seamlessly, closing the gaps and vulnerabilities that exist in the space between functions”.

Findings show that despite hype around the trend of physical security and cybersecurity convergence, only 24% of respondents have actually converged the two functions. However, when including business continuity, 52% have converged two or three of the functions.

Of course, with differing business needs come different ways of organizing security and BCM functions for every enterprise. However, results show that even with multiple models, so long as complete convergence exists among them they can effectively prevent threats coming from all angles – particularly when in a common operating picture.

The report also points out how successful security operations notably align physical security, cybersecurity, and BCM around a single security strategy. Underlying the focused strategy, a strong security leader, open communication and a healthy line of shared information are vital.

In terms of convergence of all 3 areas, for companies that have converged 2 of the 3 areas, 47% have integrated BCM with either their cyber or physical security functions, but only 24% of participants have merged all 3 areas.

All in all, while the topic of cybersecurity and physical security functions remains a hot trend into 2020, enterprises still have progress to make on taking preventative measures to merge the two functions so that more transparency exists across the organization with less security vulnerabilities when faced with a risk.

Organizations can seamlessly converge cybersecurity and physical security with a true unification platform for diverse security data like ReconaSense. By normalizing this disparate data into a common language, enterprises can begin to discover vulnerabilities and inefficiencies that – prior to convergence – were hiding in between the data silos.

The full ASIS Executive Summary of the study “The State of Security Convergence” is available for free on their website. The full report is complimentary for ASIS members and available to purchase for non-members.

How to Reduce Risk and Enhance Life Safety with Next-Generation Physical Access Control

By | Blog

The Current Security Risk Landscape

Security professionals know that there are more threats today than ever, and they’re increasingly difficult to manage with existing resources. The ever-evolving risk landscape is also growing in complexity, with threats approaching from multiple angles in multivector attacks – and some threats even coming from inside the organization. 

Security professionals need an ally to do more heavy lifting to support physical security efforts. Thankfully, a new generation of physical access control is stepping up to fill this role by providing integrated, proactive, and risk-adaptive access control that takes a modern approach to all these modern risks.    

Unlike legacy physical access control systems (PACS) that are static and role-based – unable to dynamically change permissions with shifts in the environment – next-generation PACS can actively reduce risk and enhance life safety. Let’s look at a physical security case study to understand how a next-generation solution can help save lives (and prevent a public relations fiasco). 

Case in Point: A Preventable Incident in Birmingham, Alabama

Earlier this year, a chemical spill occurred at the Birmingham Water Works treatment plant, sending over 50 employees and contractors to the hospital. It turns out there were several points of failure where next-generation access control could have intervened to mediate the situation. 

The company reported that the spill happened when sodium hypochlorite was accidentally mixed with ferric sulfate, causing chlorine gas to be released at the plant. A proactive, risk-adaptive PACS would have detected sodium hypochlorite in the area and automatically locked down access to personnel carrying other chemicals that would react with the chemical, creating toxic exposure. This is point of failure one. 

The second point of failure occurred after the chemicals were mixed and chlorine gas spilled into the affected area. In this case, up to 50 people were exposed to the toxic gas! A next-generation PACS would have detected the spill, alerted security operators, and automatically locked down the area to non-essential personnel. This would have limited access only to those with HAZMAT certification and first responders. These measures would have protected the dozens of lives that came into contact with the harmful chemical, and potentially spared Birmingham Water Works the embarrassment and expense associated with medical treatment, legal fees, public communications, and reputation damage control.

Next-generation access control goes beyond the doors to recognize risks early, mitigate threats before they become incidents, and enhance life safety.

To review other risk scenarios and see how legacy PACS compare to the next-generation PACS response to threats in our free eBook, visit rethinkaccesscontrol.com. 

 

physical security access control door

The Top 6 Reasons It’s Time to Consider Next-Generation Access Control

By | Blog

For many, physical access control systems (PACS) are a box to be checked. While organizations must have a system in place, PACS are rarely on the top of the wishlist. This unfortunately means that funding for physical security projects is marked low priority, leaving these departments understaffed, under-budgeted, and overwhelmed – and this can lead to tragic consequences. Only when a security incident takes place does physical security get a much-needed injection of funding and attention.

There’s a new leader of the PACS
It’s time to rethink access control. This single system can be a key contributor to the overall security of any organization, enhancing life safety, supporting cyber security, and protecting the business’s bottom line. Advances in technology like artificial intelligence, neural networks, and IoT connectivity have helped create the next generation of physical access control, enabling these systems to provide outsized value to organizations – value that legacy access control systems simply cannot match.

The top 6 reasons you should be considering a next-generation PACS
Let’s explore the top six reasons next-generation access control solutions are a critical investment for any organization seeking to modernize their physical security system, build a “smart” facility, or align physical and cyber security. We’ll also briefly look at how a legacy PACS stacks up against these capabilities.

1) Next-gen PACS are integrated
While legacy systems require security professionals to painstakingly review data across multiple disparate inputs, next-generation access control is fully integrated to enhance efficiency and ease of analysis. This means that all inputs are unified into one common language and view, allowing operators to see a comprehensive picture of factors affecting physical security. A single dashboard displays information and alerts for entry control, video, weather, GPS, social media, HR data, building automation, IoT sensors, and more. Finally, a chance to see it all in one place and how each input relates to another.

2) Next-gen PACS are proactive
Legacy PACS can only alert you after a security incident has already occurred. A next-generation system can alert you to potential threats before they become incidents, helping you proactively manage risks and avoid steep costs associated with security breaches. Additionally, a next-generation solution doesn’t require human intervention – it supports you by automatically responding to threats.

3) Next-gen PACS are risk-adaptive
Legacy systems are static and role-based. In this binary system, personnel either do or don’t have permission for entry at any time, under any circumstance. On the other hand, next-generation systems automatically adjust permissions based on changes in roles, user attributes, behavioral trends, and environmental changes. For example, if a gas leak happens in a building sector, the system can dynamically limit access to emergency personnel only, keeping non-critical staff away from harm.

4) Next-gen PACS are intelligent
Legacy systems come as they are – there’s no improvement over time. But next-generation systems use neural networks to learn from data and improve security over time. As the system learns what’s normal and abnormal, it can better support your security protocols and act proactively on your behalf to provide early threat alerts and automatically respond to risks.

5) Next-gen PACS are actionable
Legacy systems leave it up to you when it comes to handling security incidents, but next-generation PACS can provide actionable recommendations for managing security incidents – which may feel like a life-saver in a moment of panic, if not actually helping you to save lives.

6) Next-gen PACS are customizable
Legacy PACS are easiest to use right “out of the box.” Customizations that shape the system to fit your specific needs can be technically difficult to achieve and prohibitively expensive. With a next-generation PACS, programming custom risk-profiles and policies is easy enough for security operators to accomplish by themselves.

Far from flashy new features, these benefits make meaningful enhancements to life safety and streamline your physical security practice, allowing security personnel to focus on other activities of high strategic value.

This infographic summarizes the top six reasons it’s time to consider next-generation access control. Use this as a reminder of the importance of upgrading your PACS from a legacy system and share with stakeholders within your business to make the case for investing in next-generation access control.

To learn more about the need for modern access control, visit rethinkaccesscontrol.com or reach out to us directly to request a demo. 

Reconasense. Making Security Intelligent.

Contact us now for a comprehensive demo and see first-hand how we can help make your security smarter and your world safer.

Request a Demo