The Security of the Security
Cybersecurity is a hot topic in virtually every organization. As surveillance continues to grow exponentially, millions of cameras are deployed to help keep people, property and organizations secure. More and more of today’s surveillance networks traverse company and organizational IP networks – as it should. IP networks allow for more intelligence for surveillance than legacy analogue networks.
But, like any single component that touches the IP network, cyberattacks are a paramount consideration for surveillance. It would be sadly ironic if precisely the technology used for security surveillance provides an opportunity for intrusion into the IP network. But, frankly, it has happened although certainly not an intended consequence.
In the surveillance area, most security equipment installers are not IT professionals but rather physical or electronic security specialists. This means they are steeped in security best practices but may require more education in the areas of IP security and considerations around surveillance. The same is true for IT and the possibility of not fully understanding the scope and challenges around electronic security systems. These are some important questions and matters for IT and electronic security specialists alike.
- Is it a camera malfunction or an intrusion attempt?That is a question to ask when maintaining security cameras. Put the sceptical hat on. A camera that has gone offline may be ignored by security administrators at least until a service ticket is issued and a technician dispatched. Depending on a service contract, the camera (and its port) can be offline for hours or days. Opportunity for a hacker.
- Cyber intrusion attempts are not in external or exposed areas, although those are certainly areas of concern.As has been reported regularly, many high profile cyberattacks are from within so there needs to be attention across all assets and surveillance points.
- Less reliance on live attendants or dependence on regional loss prevention individuals can create windows of opportunities. In larger franchise and multi-site locations there is a need to ensure the technology is available for remote health monitoring and cybersecurity protections to lock down vulnerable ports.
- More IP and PoE based network devices (Cameras, Encoders, Card Readers, Biometric Readers, Specialty Devices) exponentially increases the number of entry points. It is simply a matter of complexity. It is not scalable or sustainable to apply human manpower and watch every port and requires more automation and tools for the job.
- Disjointed or inner departmental squabbles can create un-synchronized policies and procedures to combat threats. This is an opportunity for organizations to work together and avoid silos. That is precisely what hackers are looking for and it must be a joint effort.
- Differing levels of understanding or interest from end users. It is incumbent upon the system integrator or the security director at the end user to ensure that credentials are provided only to those that need them with proper administrative roles. It is possible that manufacturer administrative credentials for logging onto camera or software have never changed out of the box. Take this important step!
- One best practice is not enough. Providing cyberattack protection is an ongoing, multi-prong effort. It requires processes, culture of commitment and the right technology to manage it in a scalable, automated way with good governance.
The below image is a typical network layout for a IP based CCTV system, with no protection against cyber intrusion.
What is Cyber Security?
The activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and/or defended against damage, unauthorized use or modification or exploitation.
Strategy, policy, and standards regarding the security of and operations in cyberspace, and encompassing the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities, including computer network operations, information assurance, law enforcement, diplomacy, military, and intelligence missions as they relate to the security and stability of the global information and communications infrastructure.
Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. Organization and users assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and
users assets against relevant security risks in the cyber environment.