How does your company handle cybersecurity?

Many respondents consider hiring a cybersecurity expert
 - 
Wednesday, June 22, 2016

YARMOUTH, Maine—Cybersecurity is a topic that has dominated industry events, like PSA-TEC. While 71 percent of respondents to Security Systems News’ latest poll have never experienced a cybersecurity breach, 29 percent say they have experienced a breach at their home or business.

“I would recommend that more companies make cybersecurity a management priority, and focus on two-factor authentication (text message, phone PIN, etc.) as an alternative to just passwords,” said Johnathan Huettner, CIO for GHS Interactive Security.

The largest portion of respondents—40 percent—said their companies have instituted cyberhygiene best practices or have a cybersecurity expert on staff. An additional 29 percent said that their company is beginning to address cybersecurity, either through education or designating someone on staff. Thirty-one percent said their company does not offer cybereducation or training.

“Physical security surveys are now incomplete if cybersecurity isn't included. Physical security systems are very vulnerable to attacks,” John Strauchs, senior principal for Strauchs LLC, said.

One reader outlined the policies their company has instituted to reduce cyber-risks. “We minimize our company's computer's access to the Internet. We don't use Windows on the Internet, and only for manufacturer-required software (programming controls, etc.),” this respondent said. “Our custom software (written internally) will not run on non-company computers. We use open-source encryption. Our laptops do not have payroll information on them. We use full disk encryption on laptops that have customer information.”

Should traditional security integrators partner with cybersecurity companies to offer customers both cyber- and physical security? It’s a great idea, according to 38 percent. Forty percent said they’d like to hear more about working with a cybersecurity expert.

Twenty-two percent said it’s too complicated a topic for the standard integrator.

Physical security companies aren’t suited to handle cybersecurity concerns, according to one respondent. “Most security integrators are ill-equipped to even begin to understand the needs and requirements for cybersecurity. I think cybersecurity is going to become a highly specialized, very focused industry, one that alarm dealers have no business in,” the reader said.