News Poll: Cybersecurity is becoming a physical security matter

Though, some readers say more ‘definition’ is needed
Wednesday, March 25, 2015

YARMOUTH, Maine—As cybersecurity becomes a common topic of conversation among physical security systems installers, Security Systems News asked its readers whether they’re concerned about cybersecurity threats and what their companies are doing to safeguard themselves and their customers.

Jeff Frye, Interface Security Systems VP, says that there are multiple reasons to be concerned with cybersecurity. “Internet of Things devices raise new threats. Many manufacturers lack a security practice. The industry lacks security standards. Security is either absent in devices or provided in a one-time solution with no method to test efficacy or deliver updates,” he wrote in.

Another respondent agreed that the matter lacks definition, “While [cybersecurity] is starting to merge with physical security there is still a lot of definition that needs to take place.”

Most respondents—63 percent—agree with Frye, that the threat of cybersecurity is a real concern, even a top priority. An additional 35 percent call it a concern, but not a top priority. Only one respondent said cybersecurity belongs on the “back burner.”

What are some of these companies doing to address cybersecurity threats?

“We specifically hired an internal IT person to handle cybersecurity situations and for further advancement into the IT managed services opportunities,” wrote Brad Zellers, president of BSN Security.

Other companies are educating their staff and customers means is a continual process.

“Cybersecurity best practices and awareness training, once begun, can never end,” CONTAVA president, Curtis Nikel, wrote. “Our staff and clients—once we start—need to constantly be updated in best practices and ensure proper disciplines are being put forward to ensure the risk is managed.”

Not paying attention to cybersecurity will cause problems, according to some. “If you are not taking steps to protect your business from these risks, you could have it taken from you and won't know it until it is too late,” Nikel said.

Fifty-eight percent of respondents said they train their staff in cybersecurity best practices, while 19 percent of respondents said they make cybersecurity information available to their staff. Twenty-three percent don’t have anything formal set up.

“We have a robust training strategy but need to improve in some areas,” one reader said.

Just over half of respondents educate their customers on cybersecurity best practices. Sixteen percent believe that cybersecurity concerns are the customer’s responsibility. Finally, 28 percent are considering teaching their customers more about this topic.

“Working mostly in Silicon Valley, cybersecurity is the domain of the IT department,” one reader said.

“We have an IT security specialist that we are developing in house and one of this position's responsibilities is periodic employee education on the companies Internet/Cyber Security policies and personal best practices,” Mark McCall, IT Director for Security Central, wrote in.