Protecting the Infrastructure -- Security Today

Protecting the Infrastructure

A unified approach requires technology and organizational culture

By Greg Kemper
Jul 29, 2022

Critical infrastructure facilities can be quite large, so protecting them is a complex challenge that demands multifaceted solutions. Robust, cybersecure technology solutions exist to protect facilities of all sizes and types but getting the most out of these solutions requires attention to the human element as well. Communication between departments, training and development of standard operating procedures and interdisciplinary data collection and analysis are all key components. The right technology, procedures, and processes can help you catch mistakes more quickly and limit or prevent vulnerabilities introduced by employees, visitors or contractors.

It may sometimes feel like IT teams are from Mars and facilities teams is from Venus, but getting all stakeholders in the same room can reveal common ground. By harmonizing security system controls, data, and analytics within one unified platform, everyone can have access to the same information via the same intuitive visual interface. This makes it much easier to get everyone on the same page.

Interdepartmental coordination is key. Security teams, facilities managers, and IT departments often operate independently and may have their own unique workplace culture that defines how they make decisions, communicate, and solve problems. Yet when these groups operate in silos, things slip through the cracks.

Unify Security Systems to Bring Siloed Teams Together
Yesterday’s security solutions can’t keep up with the challenges we face today. By leveraging new, unified security software platforms, your critical infrastructure will be better protected, and you will gain new operational insights that can help you improve workplace safety and stay ahead of regulatory changes.

Modern security systems collect lots of data from cameras, sensors, card readers, and other hardware, and these insights are good for more than just security. Cross-referencing this data can uncover meaningful insights that can improve profitability, such as identifying underutilized spaces that could be repurposed for better use. It can also help reduce nuisance alarms, by creating standard operating procedures (SOPs) that direct the system to alert security only if three or more conditions are met.

Within the unified software platform, each team or individual can set up custom filters and dashboards to spotlight the data that matters most to their work, and easily share insights with other departments or external partners. Your SOPs can be automated to streamline operations and reflect the real dynamics of your business. The system can also be set up to recognize anomalies and set alarms or triggers based on these differences so that potential threats are identified earlier.

Streamline and Modernize Compliance Practices
As the industry becomes increasingly regulated to help protect our critical infrastructure, security teams need to modernize their compliance practices with a security solution that helps them meet regulations and avoid strict penalties and fines if found out of compliance.

It is not enough to have established requirements and responses if these just gather dust on the shelf. Utilities must be able to demonstrate that events have been managed according to their security plan, and that they are in compliance with NERC, TSA or other regulations. At this point, the ability to generate comprehensive reports as well as incident management audits is key.

Whatever regulations or guidelines your organization follows, proving compliance and responding to audit requests is time-consuming. Choosing a modern, unified security software platform makes it much easier, as it is designed to record and retrieve the data you need, as well as to securely share files and reports online. The centralized database makes reporting much less time-consuming and eases the burden of compliance.

Organizations can also anticipate potential threats or challenges and use digitized SOPs to guide personnel in response to these events. In the event of an emergency or urgent situation, having a clear and consistent playbook to follow can help maintain consistency and order. It also ensures all teams, regardless of shift or location, fully understand the actions they must take to maintain compliance with all regulatory authorities.

Now is the Time to Plan for a Future Transition to Hybrid Systems
Selecting a hybrid solution may not be a current top priority or option for your organization. However, as your needs and objectives change over time, you may want to investigate a hybrid system. When moving from a legacy system, it is a good idea to invest in technology that not only meets your current needs but can be flexible and grow with you.

Cloud computing allows organizations to scale data management and storage, improve operational efficiency, enable remote monitoring of facilities and systems, and can result in lower infrastructure costs. According to a 2020 analysis by Accenture, adopting cloud technologies typically reduces IT spending by 25 to 30% and the more cloud technologies are embraced, the greater the benefits.

Yet there remains some hesitancy to make the switch. It isn’t just anxiety around change or worries about the possibility of downtime during the transition; it also includes fears about the security of cloud-based software and data storage.

A multi-layered approach to harden your security system against threats is best, including strong encryption, authentication and authorization protocols. One of the advantages of a hybrid system is that the burden of keeping up with software patches and updates rests with your software and server partners, so your IT resources can focus their time on other priorities.

Tier-one cloud service providers invest significant amounts of time and resources in ensuring the highest levels of cybersecurity. These major platform owners have teams and consultants dedicated to monitoring the latest cyber threats and initiating regular third-party penetration testing and auditing. They also actively uphold various cybersecurity compliance standards and certifications and push the boundaries of cyber resilience to help establish globally adopted best practices.

With hybrid or cloud software solutions, you always have access to the latest built-in cybersecurity features, including granular privacy controls, strong user authentication, and various system health monitoring tools. And as soon as the latest versions and fixes are available, they can be pushed immediately to your system. This helps your physical security systems remain protected against vulnerabilities.

The Importance of Good Cyber Hygiene Routines
The Achilles heel of any system is human error. Humans can be forgetful and unreliable — and hackers are happy to take advantage. According to a 2021 Verizon report on data breaches, 85% of breaches were due to human vulnerability - through phishing, social engineering, misrepresentation, or error. More than 60% of breaches involved credential data.

Protecting your critical infrastructure from these types of threats is crucial. You need a system that can converge your physical and cybersecurity plans to protect sensitive information and reduce your exposure.

Whether you use a cloud-based system, an on-premises system, or a hybrid of both, maintaining good cyber hygiene needs to be part of your organizational culture. From training and onboarding employees to the development of your SOPs, cybersecurity isn’t something you can set and forget; it requires constant vigilance and regular updates, patches, and password changes.

Thankfully, modern security software can be configured to include automated notifications and settings that remind or require staff to follow best practices or alert the appropriate team if suspicious activity is detected.

Industry Transformation Continues
Shifting consumer preferences, emerging cybersecurity threats, and evolving regulations have transformed our industry.

The continued rise in demand for renewable energy is also driving mergers and acquisitions between oil, gas, and power utilities. And as these companies converge, so do their security departments. A unified security system can help ensure a centralized, compliant, scalable security strategy. Likewise, shifting to hybrid solutions can strengthen both physical security and cyber resilience.

It doesn’t have to be an all-or-nothing choice. Choosing an open-architecture software solution allows you to position your organization to be hybrid-ready when you are ready. You can take your time to strengthen internal awareness and adoption of cybersecurity best practices and make the transition one step at a time.

This article originally appeared in the July / August 2022 issue of Security Today.

Amerant Bank Selects Omnilert AI Technology for Enhanced Video Surveillance Security
05/02/2025
Minnesota County Is Still Reaping Huge Benefits from ASAP Service
05/01/2025
Winsted Unveils Pinnacle Collection with Sliding Worksurface
04/30/2025
Everon Awarded Sourcewell Cooperative Purchasing Contract
04/30/2025
Honeywell Signs Global Distribution Agreement With Milestone Systems
04/28/2025
DSI Security Services Announces Leadership Reorganization and Strategic Growth Initiatives
04/21/2025
Everon Appoints Enterprise Security Veterans to Top Sales Leadership Roles
04/17/2025
Reconeyez Appoints Peter Young as New CEO to Lead Next Phase of Growth
04/16/2025

Featured

Verizon’s 2025 Data Breach Investigations Report Notes Alarming Cyberattack Surge Through Third Parties

Verizon Business recently released its 2025 Data Breach Investigations Report (DBIR), which reveals a significant increase in cyberattacks. The report found that third-party involvement in breaches has doubled to 30%, and exploitation of vulnerabilities has surged by 34%, creating a concerning threat landscape for businesses globally. Read Now
- Cybersecurity
Net2 Access Control Increases Reliability at Residential Complex

Encore Atlantic Shores is a residential complex of 240 luxurious townhomes for ages 55 and over in Eastport, New York. Completed in 2011, the site boasts an 11,800 square foot clubhouse, with amenities such as a fitness center, heated indoor pool, whirlpool spa, multi-purpose ballroom, cardroom and clubroom with billiards, tennis courts and an outdoor putting green. Read Now
- Access Control
Security Today Announces The Govies Government Security Award Winners for 2025

Security Today is pleased to announce the 2025 winners in The Govies Government Security Awards. The awards honor outstanding government security products in a variety of categories. Read Now
- Government
Survey: 60 Percent of Organizations Using AI in IT Infrastructure

Netwrix, a cybersecurity provider focused on data and identity threats, today announced the release of its annual global 2025 Cybersecurity Trends Report based on a global survey of 2,150 IT and security professionals from 121 countries. It reveals that 60% of organizations are already using artificial intelligence (AI) in their IT infrastructure and 30% are considering implementing AI. Read Now
- Cybersecurity
New Research Reveals Global Video Surveillance Industry Perspectives on AI

Axis Communications, the global industry leader in video surveillance, has released its latest research report, ‘The State of AI in Video Surveillance,’ which explores global industry perspectives on the use of AI in the security industry and beyond. The report reveals current attitudes on AI technologies thanks to in-depth interviews with AI experts from Axis’ global network and a comprehensive survey of more than 5,800 respondents, including distributors, channel partners, and end customers across 68 countries. The resulting insights cover AI integration and the opportunities and challenges that exist with regard to security, safety, business intelligence, and operational efficiency. Read Now
- Artificial Intelligence

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Luma x20

Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”
EasyGate SPT SPD

Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.
Automatic Systems V07

Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.