We hear about security all the time: breaches are becoming the new Hollywood scandals. New articles are coming out every day about newer threats, how those threats can affect businesses, as well as people’s individual lives. Companies are spending big money on information security, and rightfully so. But is losing your financial information actually the most detrimental thing that can happen to you?
What about losing your life?
Gone are the days of a few interspersed cameras and security guards. With everything being interconnected we now have new advantages…but also new vulnerabilities. Physical security is becoming integrated with the network: intercoms, IP cameras, keypad entry, etc. The Internet of Things has made just about everything controllable by the network, all the way down to the air conditioning system. The list of possibilities is virtually endless – and frankly, really fascinating.
But let me paint a quick picture for you: You have a full IP surveillance and physical security system. Your gates are only unlocked by certain codes, your locks are electronic and on a timer, (with an override feature of course for specific titles in the organization), you’ve got everything! You can even keep your extra sensitive information locked down to a point that you can’t enter without facial recognition. Easy management of it all, single pane of glass, and you were able to save money by not hiring that extra person.
Sounds great right? Sure… but we’re not done.
What you don’t see is what has been happening since you implemented this all-star system. A cyber terrorist has gotten in through one of those nifty little air conditioning endpoints and now has gained full access – and control – of your physical security devices. They’ve been monitoring your HQ location/campus/hospital (whichever is applicable to you and your business) and now knows who comes in and out, when they do it, everything.
They shut it down with one click of a button. They have that same ease of use that you do – and now people are in danger. A shooter is on campus and you can’t see it because they’ve shut down your surveillance. Your patient’s machine is shut down from a mobile device. The list of possibilities are just as endless on the negative side as they are the positive.
Terrifying isn’t it?
Let me be clear – I’m not saying that we shouldn’t go the IoT route. The pros are definitely there, but what this does mean is that being proactive can be, quite literally, a matter of life and death. This is an extreme example of course, but the root idea is universal. It’s another angle of information security that is equally as important as all the new threats that affect your data. This isn’t a new, original thought, it’s just a different spin on why security investments need to be of the highest priority.
How are you protecting yourself today?