Skip to Content

Genetec warns public sector to reduce cyber vulnerability of physical security systems

Genetec warns public sector to reduce cyber vulnerability of physical security systems Protecting cameras and access control systems, integrating IT and security teams can reduce risk, Genetec says

Genetec warns public sector to reduce cyber vulnerability of physical security systems

MONTRÉAL—Following a pandemic-exacerbated rise in data breaches and ransomware attacks, Genetec Inc., a leading technology provider of unified security, public safety, operations, and business intelligence solutions, guided public sector organizations on how to reduce cyber vulnerabilities of physical security systems that are often overlooked.

IP security cameras and other security devices were put in place to protect people, assets, and environments. But the same network connectivity that enables organizations to monitor operations and update software remotely presents a path into the network for cyber criminals. If they are not sufficiently modern or properly shielded, they can pose significant risk to cybersecurity. An attack that originates in a camera or door controller can find its way through the network to block access to critical applications, lock files for ransom, and steal personal data.

“Because these systems – video surveillance, access control, alarms, communications, and more – are increasingly connected to networks and IT infrastructure, they can be quite vulnerable,” said Justin Himelberger, Enterprise Systems Business Development Manager for U.S. Federal and DoD at Genetec Inc. “With the number of cyberattacks increasing around the world, it is becoming clear that government organizations must be more stringent than ever about cybersecurity in their own organizations and throughout their supply chains.”

A step that organizations can take immediately is making sure each device, as well as the servers used for storing data and hosting monitoring consoles, has the latest version of firmware and software recommended by the manufacturer. Changing default passwords and establishing a process to change them frequently is a critical practice. Improving network design to segment older devices can also help reduce the potential for crossover attack.

Assessing and Preventing Vulnerabilities

To determine the risk of physical security systems, Genetec recommends organizations conduct a posture assessment, creating and maintaining an inventory of all network-connected devices and their connectivity, firmware version, and configuration.

As part of the assessment, they must identify models and manufacturers of concern, such as those listed by the U.S. Government under the National Defense Authorization Act (NDAA) as presenting a high level of cyber risk. They should also document all users with knowledge of security devices and systems.

The review can pinpoint devices and systems that should be replaced. When developing a replacement program, prioritize strategies that support modernization. One effective approach is to unify physical and cybersecurity devices and software on a single, open-architecture platform with centralized management tools and views.

Additionally, while physical security and IT have been approached as separate efforts historically, the risk of cyberattacks through physical security technology is driving change. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recommends joining IT and physical security into a single team, so they can develop a comprehensive security program based on a common understanding of risk, responsibilities, strategies, and practices.

In the U.S., Federal funding may be available to help cover costs associated with replacement programs. The 2021 Investment and Jobs Act includes $1 billion earmarked to help state and local governments modernize their cybersecurity.

Comments

To comment on this post, please log in to your account or set up an account now.