Request a demo
Request a demo
false
November 15, 2021

Why Businesses Need Converged Security Now More Than Ever

The spotlight placed on cybersecurity is growing wider, shining brighter and continuing to permeate global conversations. Most recently it earned a top spot on the agenda of the 2021 Geneva Summit at the behest of U.S. President Biden and Russian President Putin. Given that the number of ransomware attacks increased by almost 150 percent in March of last year and the first half of 2021 saw a 102 percent increase in ransomware attacks, the widespread concerns are legitimate.

Cybersecurity failures are increasingly leading to serious high-stakes ramifications in the physical world, where both critical infrastructure and people’s lives are at risk. Take for instance the 2021 water plant hack in Florida. A network breach quickly turned into a physical attack that threatened to poison a city’s water supply with dangerous levels of lye.

Despite that, many organizations continue to operate their cyber and physical security teams as distinct, standalone disciplines with little to no collaboration on managing risks.

What’s the solution? As cyber-physical threats become more pervasive, ensuring the two teams can establish formal means and standards of collaboration is now a strategic business imperative. The result, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), is cyber and physical security functions that are more resilient and better prepared to identify, prevent, mitigate and respond to threats. 

How did we get here?

Traditionally, organizations have kept their physical and cyber security operations independent of one another. That’s partly due to the relative age of each practice. Physical security has a long history, while cybersecurity is comparatively new. 

But thanks to the increased use of IoT and IIoT devices, the number of systems moving to the cloud, and the proliferation of social media and smart devices, the need for security convergence across industries is greater than ever.

Some examples of cyber-physical risks are more evident, such as the May 2021 ransomware attack on the Irish healthcare system. It led to a systemwide IT shut down that created a real and imminent threat to patients. Or the aforementioned attack on Florida’s water treatment plant. 

Other examples are not as readily apparent, yet still pose significant risks. For instance, the recent rise in the number of attacks on Internet-connected industrial control systems (ICS), especially those that run critical infrastructure—from water treatment and gas plants to trains and traffic light systems. In some cases, hackers exploit security gaps in access controls to facilities, allowing them to install malware that compromises an organization’s entire network. Remote access software used to control ICS and heating, ventilation and air conditioning systems are also common entry points for attacks that affect both the cyber and physical domains.

The call for better control over converging threats 

Forward-thinking organizations are increasingly blending their cyber and physical security teams to improve their overall security posture. However, the merging of the two is not yet the prevalent model for security operations. 

Some experts warn that having siloed teams opens businesses up to operational blind spots and a weaker security posture. For instance, when a new threat emerges, oftentimes security practitioners focus only on their area of responsibility with little knowledge of what is happening on the other side of the house—preventing both cyber and physical security teams from having a holistic view of the potential threats. 

Marrying the expertise of cyber and physical security leaders and teams can be challenging. Often, there is a cultural and skills divide between the two, which leads them to look at the world very differently. Those differences can result in poor communication and sometimes outright miscommunication, two of the biggest problems facing organizations that have yet to develop strong processes to drive collaboration across these two critical teams. 

There are also logistical barriers to consider, as well as a lack of understanding at the senior leadership level as to why security convergence is no longer a nice-to-have—but a business imperative. 

When security teams join forces

There are many benefits to having cyber and physical security teams work in close partnership: 

  • A stronger, more holistic security posture 
  • Faster identification of, and assessment and response to, threats that fall within both the cyber and physical domains
  • Better communication and sharing of information and technology
  • Improved efficiencies and better outcomes

While each organization will manage and respond to the increasing convergence of physical and cyber risks differently, real-time information is at the heart of their ability to do so. Organizations need to ensure all security teams have equal access to real-time data on emerging and potential risks, regardless of where or how the threat begins, and create a clear process for when and how to communicate that information and which stakeholders should receive it.

Being able to identify these cyber-physical events and risks as early as possible and as they occur and unfold is critically important, which is why Dataminr’s corporate customers rely on Dataminr Pulse to detect the earliest signals of high-impact events and emerging risks. 

When Colonial Pipeline was hit by a ransomware attack in May 2021, Dataminr Pulse alerted our customers to related network issues one day prior to major media coverage. And Pulse continued to alert on the incident as it unfolded with the context needed for customers to make informed decisions.

As technology advances and becomes more integral to the ways in which we work and live, we can expect to see an increase in cyber-physical threats such as the Colonial Pipeline attack. To stay ahead of and effectively mitigate such risks, security leaders—no matter their area of expertise or focus—must be sure their teams work in tandem to counter threats and share information, tools, skills and resources. 

Learn more about the power of Dataminr Pulse real-time alerts and watch this on-demand webinar to dig deeper into the need for security convergence. 

Topic(s): featured , Corporate Risk

U3GM Blog Post Comments

What Could You Do with Dataminr?
Request a demo

Related Posts

Real-Time Alerts and COVID-19: Planning for the
4 minute read
| April 21, 2020

Real-Time Alerts and COVID-19: Planning for the "Next Normal"

At Dataminr, we use our own real-time alerts day in and day out. Thanks to our early alerts on the spread of COVID-19, we had an early warning to make the decision to... Read More
Dataminr Celebrates Black History Month
| February 2, 2021

Dataminr Celebrates Black History Month

At Dataminr, Black History Month has served as a time of education, reflection, and celebration of the rich contributions and history of Black Americans and people of... Read More
Dataminr Named One of New York City's Best Places to Work
2 minute read
| February 9, 2021

Dataminr Named One of New York City's Best Places to Work

We’re very pleased to announce that Dataminr has been named one of the best places to work among mid-sized companies in New York City by Built In NYC, which specializes in... Read More