Physical security and cybersecurity have long been separate functions run by separate departments. But in the face of hybrid threats, leading enterprises are rethinking this traditional, siloed model. Find out four simple methods they use to improve the two teams’ collaboration within their organisation.
For decades, there wasn’t much need to bring physical and cybersecurity together. But silos and a lack of regular and effective communication, make it difficult for these two teams to have a holistic view of the many threats targeting their enterprise. This puts organizations especially at risk in today’s ever-evolving threat landscape. Cyber-physical risks have significantly increased in frequency, sophistication, speed and scope. As such, businesses are now faced with a larger attack surface.
To ensure the highest level of protection possible, it’s in every organization’s best interest for their physical security leaders and teams to engage and collaborate closely with their cybersecurity counterparts.
Barriers to Effective Communication Between Security Teams
One of the most obvious barriers to effective communication is the fact that physical and cyber teams speak different languages. Cybersecurity team members often come from very technical backgrounds with industry-specific terminology and protocols. Meanwhile, physical security leaders and their staff typically have expertise in law enforcement and/or corporate security.
Their definitions of risk are also different. For someone in the physical security space, it’s easy to visualize and grasp the ramifications of an accident or extreme weather event. But it can be challenging for someone who hasn’t worked in cybersecurity to understand the impact of a cyber attack and how it might be relevant to their area of responsibility.
Four Steps Towards More Effective Communication and Collaboration
While most organizations acknowledge the need for better cooperation and communication between their physical and cyber teams, it’s a challenge many are still wrestling with. Here are some common-sense recommendations you can take into consideration:
1. Get to know each other
A starting point for both functions is to get to know each other’s team members. It’s possible that when cyber and physical security departments are working in complete silos — especially in a larger enterprise — they may not have found a chance to meet the key players. It’s hard to collaborate and form a genuine partnership if you don’t know one another.
2. Understand each team’s responsibilities and challenges
Create a baseline of cybersecurity awareness, intelligence and understanding throughout your organization. This doesn’t stop at the leader or manager level, but it is where it must begin.
That’s not to say physical security leaders should become cyber experts. But it’s crucial to develop general knowledge about the challenges your cybersecurity colleagues are facing and the CISO’s top-of-mind priorities and concerns.
3. Maintain regular, productive communication
More importantly, security leaders on both teams need to communicate frequently to maintain real-time situational awareness. There should be a standard, disciplined routine of communication and coordination, through meetings and check-ins. Ask yourself, do you have enough information on a day-to-day basis to stay ahead of emerging risks? What are some of the most critical vulnerabilities being exploited by cyber criminals that can affect your physical security, and vice versa?
3. Collaborate to prepare for future threats and strengthen security posture
When there is not an active risk, it’s imperative that the physical and cyber teams work together to prepare for future threats.
Role-playing via tabletop exercises will most often prove useful. You should also conduct assessments of past risk incidents of cyber-physical convergence. Then ask yourself the following questions:
- How were we exploited?
- Who or what threatened us?
- What elements of this event impacted the security of our people or physical and digital assets?
How should we work together to prevent, mitigate and respond to similar situations in future?
When exercising these four steps, it’s important to remember that these types of conversations must happen on a consistent basis. The onus to learn and drive the changes can’t be one-sided.
To improve collaboration further, here are some further pointers.
KEEN TO FIND OUT MORE ABOUT AI AND REAL-TIME ALERTING?
To learn more about how AI and real-time alerting can help you move towards convergence, please visit the Dataminr page, where you’ll find thought leadership content straight from the C-suite.
Form a Trusting, Supportive Relationship
Beyond implementing and following procedures to remove silos, it’s even more important for physical security leaders to form a sense of trust with their cyber partners, knowing that they can rely on each other in times of crisis.
Senior management must be the ones to spearhead a cultural shift, pushing inclusivity forward to bring these two teams together. That includes senior leadership, such as the CIO, CSO or CEO, communicating to the rest of the organization that this is a priority.
In addition, senior leadership needs to provide adequate resources, bandwidth and opportunities for both security teams to collaborate. On most days, these teams are inundated with information and tasks, making it difficult for them to set aside time and allocate their own resources to learn from the analysis and insights generated by the other team.
Improve Overall Cooperation With Real-Time Information
As cyber-physical risks and events rapidly increase, it’s even more challenging for the two security functions to keep track of every incident or emerging risk. This is where real-time information becomes a beneficial tool.
Real-time information allows physical and cyber security leaders to gain situational awareness about high-impact incidents as they unfold. Leaders can also use the data to detect signs of any converging impact in real time, communicate with each other and deploy their resources to respond accordingly.
Dataminr is recognized as one of the world’s leading AI businesses. The company’s clients are the first to know about high-impact events and emerging risks so they can mitigate and manage crises more effectively. Dataminr solutions are relied on 24/7 by hundreds of clients in over 100 countries across six continents to help them solve real-world problems. Dataminr is one of New York’s top private technology companies, with over 800 employees across eight global offices.