How to Prevent Your Physical Security System from Becoming Your Biggest Cybersecurity Threat

One of the fastest growing threats to organizations is being breached through cyber vulnerabilities in their IoT devices, specifically physical security systems. The number of attacks reach a record of over 3 billion in 2022, and 2023 is likely to be bigger still. Threat actors see physical security devices (like an IP camera) not based on what they do, but what they can do if exploited, since many IoT devices are complex, with the compute, storage and networking capabilities for malicious hackers to leverage.

Physical security systems don’t live in isolation. If you have heard about DDoS attacks (distributed denial of service attacks) you may be aware that they are increasing in both volume and velocity. Many DDoS attacks come from bots (or malware) placed on network-connected physical security devices, quietly lying in wait to be activated to launch attacks.

Their continued (and expanded) presence is a sign that the basic security needed to prevent the malware from being placed on the device is simply not there.

Ready to improve your organization’s cybersecurity around physical security? Here a few concepts that are useful in developing strategy and tactics:

  • Think of it as a “Security Journey” rather than arriving at a destination. Like most journeys there are stages you go through; reading an article like this shows you at least are aware of the problem and want to do something about it. Deploying an agentless asset discovery solution, followed by an automated agentless remediation solution suggests you are further along. Needing automated documentation to for audit and compliance purposes shows even further progress.
  • Also keep in mind that threat vectors and types of attacks may vary; what matters most is resilience and ability to stem damages and recover operations. Preventing all threats from ever occurring should not be the focus; having an active program that can adjust to changes is.
  • Going it alone is not effective; cybersecurity is a team sport, and there are partners both inside and outside your organization that need to be actively involved.

With these factors in mind, here are 10 steps you should be taking on your security journey specific to physical security:

  1. Avoid agent-based solutions; they are a dead end. Many cybersecurity solutions were designed for IT environments that use Windows or Linux by putting agents (software code) directly onto the IT device. In the physical security world, there are many different forms of operating systems, making the use of agents highly limited. In addition, the scale of physical security devices is often 10x that of IT, so you should never sign up for the overhead of putting and managing agents onto devices. Only use solutions that are agentless and don’t require putting software onto cameras or access control systems.
  2. Know what you have gotten by using an agentless asset discovery solution: the starting point for securing your systems is having a complete inventory. There are several agentless asset discovery solutions that can provide you with both asset inventory and which devices are vulnerable and in need of remediation.
  3. Think of your networks as layers of defense. Having a network dedicated to your physical security devices has always been a best practice, but there is more you can do. Using network access control allows you to block devices from network communication, a good initial strategy to limit a threat from progressing through your network.
  4. Mitigation is good in short term but needs to be followed by remediation in the form of firmware updating (or patching). When you mitigate threats by stopping network traffic you are also stopping the function of the devices (capturing video evidence or granting access).
  5. Focus on both remediation and repatriation. With IoT systems like physical security you remediate a vulnerability in a device but that needs to be followed by repatriation, where for audit and compliance purposes you need to show that the devices are functioning back in its overall workflow.
  6. Lifecycle management includes cyber hygiene. Just like regular maintenance and decommissioning devices that have reached their end of life, maintaining device firmware, passwords, and certificates should be thought of as part of overall lifecycle management.
  7. Key functions (firmware, passwords, certificates) must be automated because of both the scale and physical placement of video and access control devices. Studies performed on large fleets of devices (8,000+) has shown that there is an 80% or more reduction in both people and budget needed to perform required cyber hygiene functions.
  8. Use automation to enforce and audit corporate policies. Like the point above, the sheer scale of devices and applications requires automated methods of alerting and reporting to be able to manage the overall process. Especially if your organization holds a cyber insurance policy having a push-button mechanism to deliver detailed information about your cyber hygiene can make the difference in the insurer being willing to underwrite the risk or process claims.
  9. Work across organizational boundaries, especially procurement. The data held by physical security teams is an asset in working with other parts of the organization to appropriately set budgets, allocate headcount, and be able to plan and negotiate upcoming purchases. For example, providing your procurement team with a schedule of what devices are going end of life can help them negotiate and purchase systems more efficiently and with the proper cyber security as it is deployed.
  10. Managed services more than ever offer organizations flexibility to address cybersecurity issues without having to add permanent headcount and to be faster in reducing the attack surface from physical security. Not only are there highly skilled service providers who can extend your workforce, but they are likely to help expose your team to what the latest and most efficient and cost-effective methods for maintaining your cyber hygiene.

In summary, there is an imperative for physical security teams to improve their cyber hygiene. By focusing on the best practices listed here organizations will not only shrink their attack surface from physical security but also gain valuable operation data, reporting capabilities, and closer ties to other parts of the organization. The result is a physical security organization that is increasing its organizational value in numerous ways while making the organization safer and more resilient.

About the Author

Bud Broomhead is the CEO of Viakoo.


  • Secure Your Home During the Holidays

    The most wonderful time of the year can easily transform into a nightmare. Being vigilant, while still enjoying the holiday season, is possible. The holiday season is the perfect time to start implementing security measures to protect one’s home and ensure security while out and about. Read Now

  • Five Cybersecurity Trends Predictions for 2024

    According to Cybersixgill, threat research experts, AI’s evolution will continually improve both organizations’ cyber defense efforts and cybercriminal activities. At the same time, increasingly complex regulatory requirements, continued consolidation of cybersecurity tools, a widening attack surface, and heightened global geopolitical issues will all play a significant role in driving the direction of cybersecurity. Read Now

  • AI on the Edge

    Discussions about the merits (or misgivings) around AI (artificial intelligence) are everywhere. In fact, you’d be hard-pressed to find an article or product literature without mention of it in our industry. If you’re not using AI by now in some capacity, congratulations may be in order since most people are using it in some form daily even without realizing it. Read Now

  • NSA Report Focuses on How to Protect Against Evolving Phishing Attacks

    The National Security Agency (NSA) and U.S. partners have released a new report describing the latest techniques in phishing attacks and the defenses organizations can deploy against them. Read Now

Featured Cybersecurity

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3

  • ComNet CNGE6FX2TX4PoE

    The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance. 3