What Is Cyber-Physical Security Convergence? - Dataminr (2024)

Cybersecurity

Cyber-physical security convergence is not a new concept but it is increasingly gaining attention from security leaders—in both the private and public sectors. Here, we explore what converged security entails and how to achieve and strengthen cyber-physical resilience.

Cyber-physical security convergence explained

In February, acyber attackforced a network of Florida healthcare organizations to divert several of its emergency patients to other facilities and cancel many of its non-emergency surgeries. This attack, the latest in a number of cyber crimes aimed at U.S. healthcare providers in the past few years, is an example of the rapidly increasing cyber-physical risks that organizations—both in the public and private sector—are facing today.

According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), these risks are defined as those that have ramifications in both the digital and physical domains. While the threat can emanate from either domain, cyber-physical risks often begin with a cyber threat vector, such as a ransomware attack, and then spill over into the physical world.

When threats in the digital and physical domains converge, the consequences are often real and significant as evidenced by the attack on the Florida healthcare system.

Other times, cyber-physical risks lead to major business disruption. For example, whenglobal software company Kaseya was hitwith a ransomware attack in 2021, more than a thousand of its clients and its clients’ customers were affected, including Sweden’s largest grocery chain. It had to shut down 800 of its stores as a result.

Cyber-physical Security Convergence vs. Security Convergence

Although related, there is a distinct difference between cyber-physical security convergence and security convergence.

  • Cyber-physical security convergence:The increasingly blurred line between risks in the cyber and physical domains, whereby a risk that originates in one domain has a significant impact on the other.
  • Security convergence:When an organization’s cyber and physical security operations are combined into a single, unified function.

The cyber-physical risk spectrum

As cyber-physical risks have rapidly evolved in type, impact and scope, Dataminr recommends organizations view them on a threat spectrum.

On one end of the spectrum are kinetic events that have an impact on the cyber infrastructure of organizations and industries. This includes physical threats to information technology (IT) and operational technology (OT) infrastructure, network and power outages, natural disasters and more. These events are not inherently cyber-related but can have significant impact on cyber infrastructure.

On the opposite end are cyber events that impact the physical world, such as cyber attacks against critical infrastructure that have varied ramifications—ranging from inconveniences for consumers to supply chain disruptions and third-party and vendor risk. Consider the serious ripple effects of a ransomware attack against a manufacturing plant. For example, as semiconductors (or chips) are vital to the operation of cars and consumer electronics, a cyber attack against a semiconductor manufacturer is likely to significantly disrupt the automotive and consumer electronics industries.

In the middle of the cyber-physical risk spectrum lies geopolitical risk, with the most notable and recent example beingRussia’s invasion of Ukraine, which has sparked ongoing cyberwarfare.

As the conflict persists, the world has witnessed a spike in attention paid by Russian threat actors—not only to Ukrainian assets but also industries and countries believed to be sympathetic to Ukraine. For example,pro-Russia hacking group Killnet has been a persistent threat in this area, especially against the U.S. aviation industry in retaliation against the U.S.’s involvement in the war. This includes an attack onU.S. aviation defense contractorsand a DDoSattack against more than two dozen U.S. airports.

The evolution of converged security

The increase in cyber-physical risks is due to both the prevalence ofIoTandOTdevices, as well as the advancement of the tactics and procedures employed by threat actors. Our society, governments and businesses across all industries rely on these devices and the cloud much more than they did five or 10 years ago. This has created a significantly larger attack surface with new and expanding vulnerabilities and risks that have real world consequences.

“The attack surface has rapidly expanded because our world is now flush with cyber-physical systems that connect the digital and physical domains,” said Nate Green, Product Marketing Director at Dataminr.

And the stakes are high.According to the U.S. White House, cyber-physical systems (CPS) are complex and fragile and “can easily break down or suffer from cyber-attacks…events or attacks in one part of one system can have ripple effects leading to banking outages, oil pipeline failures, ground-stops of whole fleets of aircraft, and disruption of medical facilities with devastating outcomes.”

The pace and level of this dependence are only accelerating, making the attack surface that threat actors can manipulate and exploit ever-growing. Take for instance ransomware attacks. Theysurged by 87%in 2022 from the year before, with energy, manufacturing and financial services as the most commonly targeted industries by politically and/or geopolitically motivated threat actors.

As such, organizations in these industries tend to be much more forward-thinking and innovative in how they manage cyber-physical risks to ensure business resilience and prevent financial, operational and reputational damages.

However, it’s important to remember that cyber-physical risks are not limited to CPS. As mentioned earlier, physical events can greatly impact digital infrastructure. For example, record temperatures in the U.K. and U.S. in 2022 caused a number ofGoogle and Oracle data centers to suffer from outages. As severe weather occurs more frequently, data centers and other critical infrastructure become more vulnerable. Add to that the rise in cyber crimes and ongoing geopolitical tensions, and cyber-physical risks become much more prevalent.

Global response to converged risks

Recognizing the surge in cyber-physical risks and the urgent need to have a more holistic, innovative approach to respond to those threats, a number of regulators and governments have developed new regulations and initiatives. The U.S. has responded by creating aworking group dedicated to strengthening cyber-physical resiliencewith the goal of finding new approaches to the problem; experts from academia, and the public private sectors will be consulted.

The European Union is following suit. In December 2022, the European Commission issued the newNIS2 Directive, which seeks to boost cyber and physical resilience of EU critical entities and networks by expanding the sectors and types of entities falling under its scope. These include digital infrastructure such as public electronic communications networks and services, as well as physical infrastructure like manufacturing of critical products, and postal and courier services.

More businesses are also realizing the impacts of cyber-physical threats and how they can ultimately affect operational and business resilience. In response, they have taken steps to ensure tighter alignment between their cyber and physical security teams, which allows for a more holistic view of CPS and risks.

Some companies have done this by creating a formal security operations center (SOC) that merges cyber and physical security teams into a single, unified function. Others forgo combining the teams and instead focus on ensuring effective collaboration and communication between the two, including following best practices like sharing incident response playbooks and conducting tabletop exercises together.

According to the U.S. Cybersecurity and Infrastructure Agency (CISA), those that do establish a formal means for the twosecurity functions to work togetherwill be more resilient against and better prepared to identify, prevent, mitigate and respond to cyber-physical threats.

Learn More:Why Businesses Need Converged Security Now More Than Ever

Prepare for and protect against cyber-physical risks

Staying up to date on new and emerging risks is a constant challenge for any organization, especially if the business relies on third-party vendors—such as suppliers, manufacturers, distributors and more. Each third-party partner is a potential attack vector.

If a vendor has a vulnerable attack surface, it could be used to gain access to the various organizations for which it provides services. Those organizations are then more at risk to cyber threats such as a data breach. The more vendors a company uses, the larger its attack surface and the more potential vulnerabilities it can have.

To gain the earliest and clearest line of sight into such cyber-physical threats, security operations on both the cyber and physical sides of the house should ensure they have access to real-time alerting tools and technology. Organizations, particularly those that have established modes of collaboration among all security teams, are then able to quickly respond to and effectively mitigate threats no matter the origin or type of impact.

“It is unreliable to rely on your vendors and suppliers to inform you of a disruptive event in a timely manner, especially if they’re the ones under attack. Having real-time, actionable data on emerging threats to your business and partners allows for contingency planning and faster, more proactive responses to incidents—by hours or sometimes days,” says Green.

There are two key ways organizations better protect themselves against cyber-physical risks:

Invest in the right tools and technology

Real-time alerting solutions are key to detecting and responding to threats as soon as possible.Dataminr Pulse, for example, provides intelligence on cyber-physical risks as they happen.

For example, in the case of the aforementionedcyber attack on the U.S. aviation industry, Pulse alerted its customers of hackers’ intent to target the airports’ network infrastructure eight hours ahead of media coverage. This allowed customers to accelerate their response timelines.

Businesses also need tools that enable them to assess their attack surface (e.g., network infrastructure), practicecyber hygieneand develop robust response playbooks.

Acquire industry insights

This is vital. Security teams should communicate with their industry peers to learn how they are managing cyber-physical risks. This includes asking: How are phishing campaigns and/or ransomware groups targeting your organization? What vulnerabilities are consistent across your industry, whether that be an industrial control system (ICS), a customer relationship management (CRM) platform or a specific piece of software that’s ubiquitous in your sector?

The convergence of cyber and physical risks is not a new concept and it will only become more prevalent due to the proliferation of OT and IoT devices. Organizations should also keep in mind that cyber-physical risks exist in a threat spectrum and the attack surface is ever-growing. Businesses that understand this and take swift action to strengthen their resilience against converged risks will be in a much better position to respond to and recover from a threat when—not if—it occurs.

Learn how organizations like yours useDataminr Pulse for Cyber Riskto strengthen resilience against cyber-physical risks.

What Is Cyber-Physical Security Convergence? - Dataminr (2024)

FAQs

What Is Cyber-Physical Security Convergence? - Dataminr? ›

When an organization's cyber and physical security operations are combined into a single, unified security function. The result of risks that have converged, creating hybrid threats that exist in both the cyber and physical domains. They include cyber-physical systems risks, but are broader in nature.

What is convergence of physical security and cybersecurity? ›

Convergence is formal collaboration between previously disjointed security functions. Organizations with converged cybersecurity and physical security functions are more resilient and better prepared to identify, prevent, mitigate, and respond to threats.

What is cyber security answers? ›

Cybersecurity is the practice of protecting internet-connected systems such as hardware, software and data from cyberthreats. It's used by individuals and enterprises to protect against unauthorized access to data centers and other computerized systems.

What is cyber physical security? ›

The Cyber Physical Systems Security (CPSSEC) project addresses security concerns for cyber physical systems (CPS) and internet of things (IoT) devices. CPS and IoT play an increasingly important role in critical infrastructure, government and everyday life.

What does physical security mean in cyber security? ›

Physical security is the protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. This includes protection from fire, flood, natural disasters, burglary, theft, vandalism and terrorism.

What is cyber-physical convergence? ›

When an organization's cyber and physical security operations are combined into a single, unified security function. Cyber-physical risks. The result of risks that have converged, creating hybrid threats that exist in both the cyber and physical domains.

How do cybersecurity and physical security intersect? ›

While cybersecurity and physical security are traditionally viewed as separate domains, they are interconnected and mutually dependent. In today's threat landscape, cyberattacks often have physical implications, and physical breaches can lead to digital vulnerabilities.

What are the three types of physical security? ›

Physical security has three important components: surveillance, access control, and testing. Each component of physical security needs the other to protect a building successfully. With the right combination of hardware and staff effort, you'll ensure that your property delivers on all three components.

What is a cyber-physical system in simple words? ›

Cyber-physical systems (CPS) are embedded systems of integrating digitized process systems with digital communication primarily developed to monitor and control the physical devices in the systems. IoT and IIoT are the key technologies to network the physical process system.

What is the difference between cyber security and cyber-physical systems? ›

In the case of cybersecurity, the prime focus is to protect the data itself. Data privacy and identity protection are the top priorities. In the case of cyber-physical security, visibility into the controls is important.

What is the difference between physical security and data security? ›

The key difference between physical security and cybersecurity strategies is the nature of the assets being protected. Physical security is focused on protecting tangible assets, such as buildings and equipment, while cybersecurity is focused on protecting intangible assets, such as data and networks.

Why is physical security of data important? ›

Data centres and server rooms are secured with biometric access control, fire suppression systems, and climate control mechanisms. Physical security ensures the confidentiality, integrity, and availability of critical data, safeguarding businesses and organisations from data breaches and cyber threats.

What best describes physical security? ›

Physical security is defined as that part of security concerned with active, as well as passive measures, designed to deter intruders, prevent unauthorized access, including theft and damage, to assets such as personnel, equipment, installations, materials, and information, and to safeguard these assets against threats ...

What is the connection between physical security and cybersecurity and why is IT important? ›

Improved Threat Detection and Response Capabilities

By combining physical and cybersecurity, organizations gain a more comprehensive understanding of potential threats, allowing quicker response times and more effective threat mitigation.

What is physical security mechanism in cyber security? ›

The physical security structure consists of three main components: access control, permanent active surveillance and testing. The success of an organisation's physical security program can often be attributed to how each of these components are implemented, improved, and maintained.

What is physical and logical security in cyber security? ›

Nature of Assets: Physical security primarily deals with protecting tangible assets such as buildings, equipment, and people, whereas logical security focuses on safeguarding intangible assets such as data, information systems, and networks.

What is security of physical infrastructure in cyber security? ›

Physical access to network devices can be restricted through the implementation of physical security, such as using enclosures that prevent access to their console ports and factory reset buttons, mounting them on ceilings or behind walls, or securing them in security containers.

Top Articles
Who is Kellyanne Conway? Everything You Need to Know
Apply for Work Authorization as an L-2 Spouse
855-392-7812
Research Tome Neltharus
13 Easy Ways to Get Level 99 in Every Skill on RuneScape (F2P)
Beacon Schnider
Google Jobs Denver
Miles City Montana Craigslist
Https://Gw.mybeacon.its.state.nc.us/App
Diablo 3 Metascore
TS-Optics ToupTek Color Astro Camera 2600CP Sony IMX571 Sensor D=28.3 mm-TS2600CP
Elizabethtown Mesothelioma Legal Question
Mile Split Fl
Driving Directions To Bed Bath & Beyond
Prestige Home Designs By American Furniture Galleries
67-72 Chevy Truck Parts Craigslist
Pirates Of The Caribbean 1 123Movies
Gas Buddy Prices Near Me Zip Code
How to Make Ghee - How We Flourish
Crossword Help - Find Missing Letters & Solve Clues
Finding Safety Data Sheets
Pixel Combat Unblocked
Lindy Kendra Scott Obituary
Miller Plonka Obituaries
Ff14 Sage Stat Priority
Citibank Branch Locations In Orlando Florida
Word Trip Level 359
Song That Goes Yeah Yeah Yeah Yeah Sounds Like Mgmt
Desirulez.tv
About Us | SEIL
Evil Dead Rise (2023) | Film, Trailer, Kritik
Sunrise Garden Beach Resort - Select Hurghada günstig buchen | billareisen.at
Nba Props Covers
The best bagels in NYC, according to a New Yorker
Andrew Lee Torres
Frigidaire Fdsh450Laf Installation Manual
Fedex Passport Locations Near Me
Craigslist Woodward
Eat Like A King Who's On A Budget Copypasta
Senior Houses For Sale Near Me
Mother Cabrini, the First American Saint of the Catholic Church
What is a lifetime maximum benefit? | healthinsurance.org
La Qua Brothers Funeral Home
Zom 100 Mbti
Aznchikz
Bama Rush Is Back! Here Are the 15 Most Outrageous Sorority Houses on the Row
Quest Diagnostics Mt Morris Appointment
The Goshen News Obituary
Autozone Battery Hold Down
Tyrone Dave Chappelle Show Gif
Leslie's Pool Supply Redding California
Latest Posts
Article information

Author: Errol Quitzon

Last Updated:

Views: 6340

Rating: 4.9 / 5 (59 voted)

Reviews: 82% of readers found this page helpful

Author information

Name: Errol Quitzon

Birthday: 1993-04-02

Address: 70604 Haley Lane, Port Weldonside, TN 99233-0942

Phone: +9665282866296

Job: Product Retail Agent

Hobby: Computer programming, Horseback riding, Hooping, Dance, Ice skating, Backpacking, Rafting

Introduction: My name is Errol Quitzon, I am a fair, cute, fancy, clean, attractive, sparkling, kind person who loves writing and wants to share my knowledge and understanding with you.