Reducing the Risk

Strengthening physical security systems again cyberattacks in the public sector

Recent statistics highlight the rise of cyberattacks in the public sector. In its latest Internet Crime Report, the FBI stated that they received nearly 2,500 ransomware complaints in 2020. And, the Identity Theft Resource Center reports that, as of September 2021, the year-to-date total number of data compromises related to cyberattacks was already 27% higher than for all of 2020. For the public sector, cybersecurity has become a top priority.

IT teams at all levels of government are understandably concerned about how vulnerable their networks are to these disruptive and costly cyberattacks. But government organizations aren’t the only targets. The K-12 Cybersecurity Resource Center 2020 Year in Review Report found that K-12 schools experienced more than 400 cyber incidents in 2020, up 18% from the previous year.

For organizations in the public sector—including governments and schools—the question is how to reduce the risk of cyberattacks. The first step in addressing the situation is determining how cybercriminals are gaining access.

Understanding Network Vulnerabilities
There are several ways that cybercriminals can gain access to an organization’s network. An employee can click on a link in a phishing email. A default application password can remain unchanged. Or a network-connected device can be inadequately protected.

It is important to remember that these devices include elements in a physical security system. Cameras as well as door controllers and their monitoring systems can all pose cybersecurity risks.

Unfortunately, the risks associated with under-protected network devices has increased during the COVID-19 pandemic. As millions of people began working from home, organizations faced new challenges around protecting their spaces.

According to Morgan Wright, a Center for Digital Government (CDG) Senior Fellow, “When fewer people are working in buildings, organizations need more technology to maintain physical protection.”

Many organizations deployed additional cameras and other technology to keep an eye on their environments and assets and also implemented measures to protect the devices themselves. But, while their goal was greater security, their focus was frequently limited.

“When it comes to protecting physical security devices, too often the worry is about damage or theft, not that they can be used as an entry point from ransomware,” Wright said.

Organizations in the public sector need to think about how they deploy physical protection technologies so they can better control access to sensitive and restricted areas and, at the same time, increase the cybersecurity of their networks. They need to look at deploying new technologies, establishing new staff roles, and implementing new practices that will strengthen both physical and cybersecurity.

The Risks Associated with Security Devices
Physical security devices are purpose-built to help keep people, assets and environments safe. In the face of rising cybercrime, organizations have to expand their view of security. Most cyberattacks are not intended to compromise physical safety. Instead, they target applications, files and data managed by IT departments. An attack that originates in a camera can find its way through an organization’s network to block access to critical applications, lock and hold files for ransom, or steal personal data from employees, students, program clients, and residents.

One major challenge is that many public sector organizations continue to use older model cameras and door controllers. With their limited security capabilities, these devices, especially cameras, can present significant risk. Organizations in the public sector tend to replace these devices only when absolutely necessary or when their capital costs can be fully amortized. These are not effective strategies.

“Today’s hackers know that certain security devices are easy to take over and use as an entry point to a connected network,” Wright said. “This means that security cameras and access control systems need to be considered critical network devices. They need to receive a high level of protection and monitoring for both operations and cybersecurity.”

The good news is that the public sector is beginning to realize how internet-connected security cameras and door controllers can give hackers easy access to their networks. At the same time, IT departments are becoming increasingly aware of the risks that inadequately protected devices can pose when connected to their networks. The problem is that historically, IT has had limited visibility and control over an organization’s security devices.

Unifying Physical and Cybersecurity
Currently, many organizations in the public sector approach physical security and IT as separate. But the growing cyber risks that physical security technologies can present mean that this needs to change.

In the United States, the Cybersecurity and Infrastructure Security Agency (CISA) recommends joining IT and physical security into a single, integrated team. As a single team, they can better focus on developing a comprehensive security program that is based on a common understanding of risk, responsibilities, strategies, and practices. Wright agrees with this recommendation, saying “Physical security needs to be integrated into the network security team and not viewed as an ancillary function.”

According to CISA, there are several benefits to this approach. First, it would provide a more holistic view of security threats across the organization, which can lead to improved information sharing and threat response preparation. In addition, by implementing unified policies and shared practices, organizations would be able to achieve greater flexibility and resilience.

Starting with what is Already in Place
The first step towards better protecting a physical security system against cyberattacks is conducting a current posture assessment, which will help identify specific devices of concern. The assessment process allows an integrated IT and physical security team to focus on:

  • Creating an up-to-date inventory of all network-connected cameras, door controllers, and associated management systems performing a thorough vulnerability assessment of all connected physical security devices to identify models and manufacturers of concern
  • Consolidating and maintaining detailed information about each physical security device, including connectivity, firmware version, and configuration
  • Improving network design as needed to segment older devices and reduce potential for crossover attack
  • Identifying all users who have knowledge of physical security devices and systems and then documenting that knowledge for broader use and retention.

Once the assessment is complete, the team can then move to reviewing the necessary changes that need to be made.

The Next Phase in Protecting Network Security
After assessing an organization’s current physical security, the team should produce a review of required improvements for individual devices as well as the entire system. These improvements can include ensuring that all network-connected devices are managed by IT network and security monitoring tools as well as implementing end-to-end encryption that protects video streams and data in transit and in storage.

Organizations can also think about strengthening protection measures by improving existing configurations and management practices for physical security devices. This could require using secure protocols for connecting devices to the network, disabling access methods that don’t support a high level of security protection, verifying configurations of security features and alerts, and replacing defaults with new passwords that must be changed on a regular and verified schedule.

Another option for protecting network security is to enhance access defenses with a layered strategy that includes multifactor access authentication and defined user authorizations. Organizations can also improve update management by defining who is responsible for tracking updates availability, and for vetting, deploying and documenting updates on all eligible systems and devices.

Developing a Replacement Strategy
Ultimately, this review can help determine which devices and systems should be replaced because they present a high cyber risk. When it comes to developing replacement programs, organizations in the public sector need to prioritize strategies that support modernization for both physical and cybersecurity. One effective approach is to unify physical and cybersecurity devices and software on a single, open architecture platform with centralized management tools and views.

Replacement programs can also focus on cybersecurity features, including data encryption and anonymization that are built into a device’s firmware and management software. Another important consideration is looking at a vendor’s capabilities to support a solution lifecycle of up to 10 years, including ongoing availability of updates for firmware and management system software.

In the United States, federal funding may be available to help cover some of the costs associated with replacement programs. The 2021 Investment and Jobs Act includes $1billion in funds, managed by the Department of Homeland Security, designed to help state and local governments modernize their cybersecurity.

With the number of cyberattacks increasing around the world, it is becoming clear that the public sector needs to implement effective cybersecurity improvements to their IT networks. An important step towards reducing the cybersecurity risks associated with physical security devices is to integrate physical security and IT and develop a coordinated strategy for hardening systems.


  • Survey: Less Than Half of IT Leaders are Confident in their IoT Security Plans

    Viakoo recently released findings from its 2024 IoT Security Crisis: By the Numbers. The survey uncovers insights from IT and security executives, exposes a dramatic surge in enterprise IoT security risks, and highlights a critical missing piece in the IoT security technology stack. The clarion call is clear: IT leaders urgently need to secure their IoT infrastructure one application at a time in an automated and expeditious fashion. Read Now

  • ASIS International and SIA Release “Complexities in the Global Security Market: 2024 Through 2026”

    ASIS International and the Security Industry Association (SIA) – the leading security associations for the security industry – have released ”Complexities in the Global Security Market: 2024 Through 2026”, a new research report that provides insights into the equipment, technologies, and employment of the global security industry, including regional market breakouts. SIA and ASIS partnered with global analytics and advisory firm Omdia to complete the research. Read Now

  • President Biden Issues Executive Order to Bolster U.S Port Cybersecurity

    On Wednesday, President Biden issued an Executive Order to bolster the security of the nation’s ports, alongside a series of additional actions that will strengthen maritime cybersecurity and more Read Now

  • Report: 15 Percent of All Emails Sent in 2023 Were Malicious

    VIPRE Security Group recently released its report titled “Email Security in 2024: An Expert Look at Email-Based Threats”. The 2024 predictions for email security in this report are based on an analysis of over 7 billion emails processed by VIPRE worldwide during 2023. This equates to almost one email for everyone on the planet. Of those, roughly 1 billion (or 15%) were malicious. Read Now

Featured Cybersecurity


New Products

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • Hanwha QNO-7012R

    Hanwha QNO-7012R

    The Q Series cameras are equipped with an Open Platform chipset for easy and seamless integration with third-party systems and solutions, and analog video output (CVBS) support for easy camera positioning during installation. A suite of on-board intelligent video analytics covers tampering, directional/virtual line detection, defocus detection, enter/exit, and motion detection. 3