The now infamous Target data breach was transacted by malware being placed on the HVAC system servers. A casino had its “high roller” database stolen by leveraging the network connection of an aquarium thermostat to export the file from the internal network. Leveraging the physical security system’s camera devices a bank was hacked, revealing confidential information. These are just some of the examples of how IoT devices, especially at the edge of a network, can be exploited by cyber-criminals.
Every security integrator faces this issue. Your customers purchase new physical security systems and devices in order to benefit from the security and risk-reduction features they offer. Once deployed, however, these devices can actually increase risk and liability if they stop operating properly without the user becoming aware of the disruption. The risk compounds when you consider that new IoT (Internet of Things) enabled devices are being introduced to the market and added to users’ networks at an accelerating rate.
To sense the scale and magnitude of changes happening in physical security it helps to put numbers to what is happening across the industry. There is no doubt that the last 5 years have brought a lot of changes to the industry – but can you put data to those changes and trends? To be able to do so is useful for multiple reasons.
Everybody is talking about it, and more and more people are using it. From self-driving cars to predictive analysis and everything in between, artificial intelligence, or AI, is the next big thing in technology (including physical security). 85% of Americans already use AI in some way, from smart devices to complex intelligence for business operations. AI can detect and react much faster than human eyes and hands, and manage complex technology easily, relying on highly sophisticated software to ensure constant and repeatable success. Most importantly, problems or issues that may get missed or overlooked by humans can be reacted to and prevented from becoming serious. In physical security, what might be easily overlooked can quickly become life safety critical.
There are ideas and concepts that you come across that you realize immediately were not developed for your particular endeavor, but nonetheless are very appropriate. As physical security is becoming more oriented around industrial IoT, Big Data, machine learning, and other areas of data science there are some useful ideas for physical security professionals to consider. One of these is “data gravity”; the nature of large amounts of data to draw in applications and processes that take advantage of the presence of that data. If you’re running an IP-based physical security system, you may have already noticed that whether it’s a PSIM (physical security information management), Viakoo for automated system verification, or numerous advanced video analytics applications, there are now a lot more applications being drawn towards the data present in IP-based physical security systems.
As with most things in life that develop at a rapid pace, the Internet of Things (IoT) may have early adoption issues but ultimately will function smoothly over time. Both the personal and enterprise benefits of living in a fully connected world where everything has some connection to a network will ensure that IoT adoption continues to expand. The current issues around cyber secure and functionality of systems are being addressed, paving the way for future IoT growth. But with today’s reality no CSO or CISO wants to be responsible for IT and/or physical security operations when they don’t have control of what’s connected to the network; they don’t know which security systems were offline or not working; and can’t easily determine which devices were impacted by downtime, data breaches, or compliance issues. No one wants to be that person.