Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • The Security Leadership Issue
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Video SurveillanceCybersecurity News

Cyber Basics: Up-Front Planning Reduces Headaches in the End

By John Bartolac
cybercamera
June 7, 2018

If you pass a fire station on any given day, you’re likely to see volunteers and other first responders preparing vehicles, checking hoses and other gear and generally performing any number of tasks designed to ensure everything is ready to go and that they are prepared to respond to an emergency at a moment’s notice as needed.

This same preparedness philosophy can easily be applied to the approach organizations should take toward their cyber awareness principles with regard to any project involving the installation of security solutions.

Every organization’s network infrastructure has allowed us to take advantage of smart solutions and other IoT devices to maximize the value of security solutions – not only from a physical security aspect but also from the perspective of operational optimization, which provides an organization with even more value and greater return on its investment. However, simply adding more devices to a network to generate more data and greater awareness isn’t helpful. Because the majority of these devices are network-based at their core, any organization must take caution to protect its network and the sensitive data it contains.

It is well known in the hacker community that certain devices and systems are more difficult to breach. As such, hackers have turned their attention away from these well-protected “big fish” toward the secondary systems and their devices, which are often less secure and provide a means and entry point into an organization’s corporate network. So for all the promise of the convenience and other benefits of the IoT has to offer, the downside is that the increased number of connected devices translates into increased risk of network breach.

Unfortunately, too many organizations today still fail to take the necessary steps to plan and protect themselves and their devices from potential attacks – in essence making hackers’ lives much easier. The solution is to work best practices for cyber-related attacks into up-front planning and long-term maintenance plans. But how can an organization do this?

While this discussion has many avenues and can be complex, there are some very basic steps that everyone – from the manufacturer to the integrator and the end user – can take to provide a level of protection. Remember, cyberattacks will never be fully mitigated. Therefore, the appropriate stance is to prepare as if it will happen not if it might happen.

 

Device Philosophy

The first step involves the simple fact that every device should be treated as a networked device. Many of today’s security solutions include devices, such as cameras, access control readers and others, that are not only connected to a network but in many cases could be classified as a server. Remember, these solutions have their own processor and process data from imagers or another source as it passes through, or even stores the data itself. Therefore, it is imperative that everything be treated as a truly networked device – rather than simply a physical security device – and for all networked devices to be subjected to the same cybersecurity policies. As such, it is critical that organizations involve their IT department to determine what their cyber policies are toward devices that are allowed to connect to the overall network. Even smaller organizations that outsource their IT operations can leverage their provider for guidance on what policies should be followed.

Sometimes these policies will include actual device and network settings that follow established IT protocols like those set forth by the SANS (Sysadmin, Audit, Network and Security) Institute. Other policies may require simple documentation of MAC addresses, password management tools and long-term plans and procedures for updating device software and/or firmware. For these reasons, it’s imperative that IT be involved in the process. At the very least, they should be consulted about how they enforce policies for cyber risks on both the network and individual networked devices.

 

Evaluating Manufacturers

We’re all aware of the botnet attacks, various malware and other means hackers employ to gain access to a network and data, and to set DDoS attacks in motion. This is largely made possible when hackers identify a vulnerability in software or a device that can be exploited to deploy any or all of the aforementioned attacks to a system.

To address this, an organization must first accept that any and all devices on the network offer the potential to serve as a conduit for these types of attacks. Upfront planning should include a selection of devices or solutions from those manufacturers who actively list and make available regular firmware updates as well as common vulnerabilities and exposures (CVE). The most vigilant manufacturers will proactively work to issue firmware updates to ensure that users have the latest and most secure device software version, which eliminates outdated code that may be susceptible to vulnerabilities and, by extension, attacks.

Additionally, the most proactive manufacturers also work hard to watch for and identify new forms of malware, learn how those new forms of malware can be and are used to exploit devices’ vulnerability and take steps to test and verify that their devices are not affected. They may also issue additional firmware updates and patches to address specific vulnerabilities. These CVEs are typically found on manufacturers’ websites and should be incorporated into any company’s long-term plans for monitoring risks and proactively checking with device manufacturers for updates and notifications.

 

Installation Tools

The reality is that installing and configuring a system to protect against cyber risks isn’t always easy. Tools and capabilities that enable ease of installation are often at odds with cyber protections for devices and systems. As a result, installers often forego ease of installation in favor of providing protections that ensure stronger cybersecurity for their customers. While this is certainly less convenient, making this small sacrifice up front can yield great dividends in the long run should an organization find itself the target of a cyberattack.

However, in recent years manufacturers have developed and designed tools that can make setup and configuration easier by enabling population of credentials to multiple devices simultaneously. Perhaps more importantly, these tools also allow an organization to update its devices to the most current firmware to ensure they are running the latest firmware or software to protect against the inevitable vulnerabilities that surface all the time. So when building your team to install and deploy a solution, look for partners who have a program in place and who are using the latest tools to simplify setup while also providing long-term protection.

These are just three of the many considerations integrators and end users can and should take when planning against cyber threats. In approaching the process, you would do well to take a page from our first responders’ book and make certain to include cyber preparedness as part of any installation strategy and continue to be vigilant in preparing every day after a device, solution or system goes live. Only then will you be prepared to put out the inevitable fires a cyberattack can cause.

KEYWORDS: cyber vulnerability network security security device management video surveillance cybersecurity

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

John Bartolac has more than 20 years of experience in the security industry, both in the private and public sectors. Bartolac is currently the Senior Manager, Industry Segments Team and Cyber Strategy for Axis Communications, Inc.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Person holding large ball of twine

Preventing Burnout in The Security Industry

Harrods

Harrods’ Cyberattack: Cybersecurity Leaders Weigh In

Coding

AI Emerges as the Top Concern for Security Leaders

2025 Security Benchmark banner

Events

September 29, 2025

Global Security Exchange (GSX)

 

November 17, 2025

SECURITY 500 Conference

This event is designed to provide security executives, government officials and leaders of industry with vital information on how to elevate their programs while allowing attendees to share their strategies and solutions with other security industry executives.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • camera-cyber

    Preparing for Inevitable Cyberattacks on Physical Security Systems

    See More
  • SEC0219-data-Feat-slide1_900px

    Replacing the Front Lines of Cyber Defense with Concentric Circles

    See More
  • body camera security

    Body-worn video camera use extends beyond policing

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!