Security Evolution

What are the top five drivers of current approaches and strategies for security?

In my research, they are:

1. The increased value and amount of an organization’s intellectual property (IP) (digital & physical) as well as the increased number of attempts to steal the IP.
2. Increased open source cyber intelligence about potential physical and cyber threats posed by individuals with ties to that specific organization.
3. Obsolete/inadequate physical and digital perimeter protection capabilities.
4. The failure to provide up-to-date continuous physical and cybersecurity education for employees, contractors (temp staff), vendors, suppliers, and third-party data (physical file and digital backups) handlers.
5. Not aligning your physical and digital security measures with current threats, acceptable levels of risk and the business goals and objectives.

In a follow-up conversation, the question “What is driving CSOs and CISOs to fall victim to these five shortcomings?” Many enterprise security professionals use compliance with current regulation as the primary measure for evaluating their strategies and plans. Many of those regulations are the product of passed legislation by multiple levels of government in countries around the world. The process used to develop, introduce, pass and implement regulations varies greatly by country and regulatory authority around the world. Yet there is one thing that seems to be consistent – the time it takes for all of this to take place.

Consider the physical and digital threats that were at the top of our minds 18 to 24 months ago. Only a small percentage can get all this done in that condensed period of time. While no actual data exists, based on what I have experienced I believe the average would have to be between three to four years.

Now consider the hot topics of today.

1. Integration of physical and digital security into the development process for new products and programs – from the very beginning.
2. The dramatic growth in the magnitude of physical and digital data of organizations of virtually every size and in every industry.
3. The change from a general security threat model to one that is specific to the industry and role of the organization.

Industrial espionage has been around for many years, and the introduction of technology has moved much of the sensitive information about new products and services under development to an estimated 70% digital and 30% physical configuration  Now enter 3D printers, with the product prototypes that are being produced on them. Some of the new systems take digital drawings (blueprints) and specifications and convert it to a 3D printer file and that produces the prototype. The holy grail in industrial espionage was to get a real-world (physical) prototype and the specifications in paper files or digital format. Now all you really need is the 3D printer file. If you have that you can produce the product or reverse/decompose the printer file and create the drawings and specifications.

It shouldn’t be very long until some type of inline connector for the 3D printer will be produced that once installed collects that information. Good old insider threat... The time has come for a new approach to fully integrated physical and digital security, and perhaps that means  one executive/head for security that fully integrates physical and digital security.