Patrolling The Cyber-Physical Security Border

Patrolling The Cyber-Physical Security Border

Are there any overlaps between the physical and cyber security fields? Are there certain corners of cyber security that can best be reached by physical security experts, and vice versa? Can the two fields benefit from more cross-pollination and professional cooperation?

The answer to all three questions turns out to be a resounding Yes, and I’m happy to report that there are some great people (some of whom I know personally) who are working on it.

Of special note here are major corporations like Microsoft and Symantec which have established unique Global Security Operations Centers (GSOCs) that bring cyber security, physical security and protective intelligence all under one roof. A recent article by Security Magazine details how these corporations pulled it off and rightly describes it the wave of the future.

I was recently lucky enough to get invited to the Physical and Cyber Threat Convergence Forum in Phoenix, Arizona. The conference was organized by CTG Intelligence and sponsored by AS Solution, Bedrock Protection Agency, Lazarus Alliance and others. Special thanks to my friend Phelim Rowe for putting it together and for inviting me.

The central idea behind the conference was to bring physical and cyber security professionals together and to kick-start a conversation. It’s apparent that many security professionals on both sides of the physical-cyber divide realize the value in this, and yet, there are still very few situations that put everyone in the same room.

Coming from the physical security realm, my main takeaway from this conference wasn’t so much that cyber security is important. Who doesn’t know that? I’ve even had the pleasure of working with and for cyber-security experts over the years. No, the main takeaway was just how much we have in common, and how much we can benefit from working together more closely.

Our goals, after all, are quite similar. We even define things in much the same ways, with risk and threat mitigation, hostile attacks, security awareness, preventive and reactive measures, Red-Teaming, penetration testing and more.

From my vantage point, it always seemed like cyber security was far better established, and much more of an exact science compared to physical security. The physical security professionals at the conference even jokingly referred to themselves as “knuckle-draggers” in comparison.

It was therefore quite surprising for us to discover just how inexact (even messy) the cyber field is. Many cyber experts describe it as a “Wild West” where they’re barely able to keep up with the threats; being outnumbered, outgunned and outmaneuvered by the bad-guys. But the most unexpected thing I heard at the conference was that cyber security experts are often jealous of their physical security counterparts. From their perspective, the physical realm is the one that seems much better established and effective.

Another interesting aspect about what previously seemed to me like an exact computer science, is how big a part the human factor plays in the cyber realm. It’s not that I didn’t know about such things as phishing and social engineering, I just didn’t know that the human factor accounts for the majority of cyber-attacks.

Things became even more interesting (at least for me) when many cyber experts sadly admitted that they feel neither proficient at, nor experienced in dealing with messy human factors. And since this is exactly where physical security and protective intelligence experts live, the potential for more cooperation is right in front of us.

Much of my surveillance detection work over the years had essentially patrolled the border between physical security and protective intelligence. Bridging the gap between these two important fields very often comes down to providing some new data inputs and connecting dots that no one else is.

I would now like to explore ways of doing the same for the cyber-physical gap. I’m looking forward to educating myself on cyber security, talking to and learning from the experts, and joining those who have begun patrolling the cyber-physical security border.

I invite you to join me.

 


John Carman

Security and Investigations Professional

7 年

There is no security. ...and I actually worked the Border. Are we talking about the same borders?? Either way, there is no "Security". www.customscorruption.com

回复
James Brandon

Geopolitical & security risk at Meta (embedded consultant via Mitie)

7 年

Thanks Ami - fascinating piece. Greater cyber-physical integration is the clear direction of travel.

Emrah Esen

?dari ??ler ve Güvenlik Müdürü

7 年

Great point about whole security sight, thanks for sharing Ami Toben.

要查看或添加评论,请登录

Ami Toben的更多文章

  • My October 7th

    My October 7th

    Today marks one year since the October 7th massacre. For me, here in San Francisco, it was still Friday night, October…

    3 条评论
  • Worse Than ISIS

    Worse Than ISIS

    I want to tell you about my friend, Dana. Dana and I were born on the same year on a small kibbutz in northern Israel.

    11 条评论
  • Protecting The CEO

    Protecting The CEO

    In recent years, quite a few articles have been published about CEO protection and how much money different…

    22 条评论
  • Executive Protection

    Executive Protection

    Let me give you a candid glimpse, taken from direct experience, into EP aspects you don’t usually hear much about. I'll…

    11 条评论
  • How To Get Started With Physical Security: A Guide For Startups & Small Companies

    How To Get Started With Physical Security: A Guide For Startups & Small Companies

    This article is intended for non-security professionals who are looking for advice on how to get a physical security…

    10 条评论
  • So You Want To Be a Covert Operator

    So You Want To Be a Covert Operator

    What follows is Chapter 12 of my new book Surveillance Zone. The book gives you an exclusive, behind-the-scenes look…

    4 条评论
  • Lessons From The Field: Covert Operations

    Lessons From The Field: Covert Operations

    What follows is Chapter 9 of my new book Surveillance Zone. The book gives you an exclusive, behind-the-scenes look…

    8 条评论
  • Marcus Charles

    Marcus Charles

    I want to tell you about a very special person by the name of Marcus Charles. Marcus joined HighCom Security Services…

    3 条评论
  • The Surveillance Zone Book

    The Surveillance Zone Book

    The Surveillance Zone book is out! Go behind the scenes of corporate surveillance detection & covert special…

    6 条评论
  • Terrorism - Tools & Goals

    Terrorism - Tools & Goals

    The original article can be found in Protection Circle. Of the various misconceptions surrounding terrorism, a…

    5 条评论

社区洞察