Why Businesses Need Clarity Now More Than Ever

Numerous canceled and delayed flights at major airports. Hospitals experience delays in authorizing medically necessary care. Both are the result of a cyber attack with serious implications in the physical world. The latter is merely one example of more than 1,200 cyber attacks that have affected the healthcare industry in the past two years.

Given such ramifications, the spotlight placed on the expanding risk landscape—increasing risk across all domains of an organization, presented by high velocity, AI-powered threats, information overload, and organizational silos—is growing wider, shining brighter and spurring government and regulatory action.

Learn More: What is the Expanding Risk Landscape?

The Call to Address Cross-Domain Threats Now

The rise of cross-domain risks will only continue as our world becomes more connected than we could ever imagine. Governments and regulators recognize the potential harm and have taken action. Examples include:

European Union

NIS2 Directive: A legal framework to enhance cybersecurity capabilities, and expand risk management measures and reporting requirements to additional sectors including: public electronic communications, waste and wastewater management, critical product manufacturing, etc.

North America

U.S. Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA): A federal law that aims to improve the cybersecurity in 16 public and private critical sectors by establishing requirements for reporting incidents and ransomware payments.

Australia

Security of Critical Infrastructure Act (SOCI): A legal framework designed to ensure protection and resilience among critical infrastructure assets and services (both physical and cyber). SOCI requires mandated reporting, outlines rules for third party data storage, and establishes a required risk management program for critical infrastructure.

Asia

Singapore Cybersecurity Act: A legal framework designed to strengthen cybersecurity within essential services, investigate cybersecurity incidents, share information, and establish a licensing framework for cybersecurity service providers.

That’s not to say we’re headed for a global catastrophe. But, it is a reminder of how far-reaching cross-domain risks are and the ripple effects they have on critical infrastructure and systems—and our everyday lives. 

Nonetheless, many organizations still operate their cyber and physical security teams as distinct, standalone disciplines with little to no collaboration on managing risks. This is no longer tenable and calls for all organizations to ensure both their cyber and physical security teams have a formal means and standard of collaboration. 

The result, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), is cyber and physical security functions that are more resilient and better prepared to identify, prevent, mitigate and respond to cross-domain threats.

A Siloed View of Cross-Domain Threats: How Did We Get Here?

Traditionally, organizations have kept their physical and cyber security operations independent of one another. That’s partly due to the relative age of each practice. Physical security has a long history, while cybersecurity is comparatively new. 

But thanks to the increased use of IoT and IIoT devices, the number of systems moving to the cloud, and the proliferation of social media and smart devices, the need for security convergence across industries is greater than ever.

Some examples of cross-domain threats are more evident, such as the June 2025 cyber attack on UNFI, one of the largest grocery distributors in North America. It led to a complete shutdown of UNFI’s network and resulted in empty grocery shelves. The organization estimated sales losses of more than $300 million. Or the well-known and oft-referenced ransomware attack on Change Healthcare, a major processor of healthcare transactions in the U.S., which impacted patient care at 74% of hospitals and impeded pharmacies’ ability to fill prescriptions. 

Other examples are not as readily apparent, yet still pose significant risks. For instance, the growing number of attacks on Internet-connected industry control systems (ICS) and operational technology (OT), especially those that run critical infrastructure—from oil companies and gas plants to airlines and traffic light systems. In some cases, hackers exploit security gaps in access controls to facilities, allowing them to install malware that compromises an organization’s entire network. Remote access software used to control ICS and heating, ventilation and air conditioning systems are also common entry points for attacks that affect both the cyber and physical domains.

Breaking Down Silos for a Holistic View of Security Risks

Leading organizations and security professionals know that having siloed teams opens businesses up to operational blind spots and a weaker security posture. For instance, when a new threat emerges, oftentimes security practitioners focus only on their area of responsibility with little knowledge of what is happening on the other side of the house—preventing both cyber and physical security teams from having a holistic view of the potential threats. 

The solution for many organizations is to merge their cyber and physical security teams into a single function that detects and responds to all risks, no matter the domain in which they originate. However, that’s not the only viable fix. 

A significant amount of cyber and physical security leaders have found ways to collaborate without merging their teams. When done right, the teams find measurable success. Take for instance Bank of America. 

During one of our webinars on cross-domain trends and threats, Craig Froelich, Chief Information Security Officer (CISO) at Bank of America, explained how it works at his company. 

“We’re separate organizations, but we’re fully integrated. The team that is responsible for cyber sits shoulder to shoulder with the team that’s responsible for physical,” said Froelich. “We use similar processes, we use similar call trees. We are as integrated as an organization as you can imagine.”

Watch On-Demand Industry Webinars: Cross-Domain Trends & Threats in Energy, Financial Services and Transportation

Keep in mind that marrying the expertise of cyber and physical security leaders and teams can be challenging. Often, there is a cultural and skills divide between the two, which leads them to look at the world very differently. Those differences can result in poor communication and sometimes outright miscommunication, two of the biggest problems facing organizations that have yet to develop strong processes to drive collaboration across these two critical teams. 

There are also logistical barriers to consider, as well as a lack of understanding at the senior leadership level as to why security convergence is no longer a nice-to-have—but a business imperative. 

Learn More: 4 Common Sense Ways Physical Security and Cybersecurity Can Strengthen Their Partnership

When Cyber and Physical Security Teams Join Forces

There are many benefits to having cyber and physical security teams work in close partnership: 

• A stronger, more holistic security posture 
• Faster identification of, and assessment and response to, threats that fall within both the cyber and physical domains
• Better communication and sharing of information and technology
• Improved efficiencies and better outcomes

While each organization will manage and respond to the increasing convergence of cyber and physical and risks differently, AI-powered real-time event, threat and risk intelligence is at the heart of their ability to do so. Organizations need to ensure all security teams have equal access to real-time data on emerging and potential risks—regardless of where or how the threat begins—and create a clear process for when and how to communicate that information and which stakeholders should receive it. As such, being able to detect these cross-domain events and risks as early as possible and as they unfold is critically important.

The cyber and physical worlds have been converging for years, but it’s only now that the ways in which the lines between the two blur have become much more visible and understood.

This blog has been updated from the original, published on November 15, 2021, to reflect new events, conditions or research.