Security and Resilience (Cyber and Physical)

CISA releases cybersecurity and physical security convergence guide

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has released a new guide designed to provide guidance on converging cybersecurity and physical security functions.

The guide notes that today’s threats are a result of hybrid attacks targeting both physical and cyber assets.

The adoption and integration of Internet of Things and Industrial Internet of Things devices have led to an increasingly interconnected mesh of cyber-physical systems, “which expands the attack surface and blurs the once clear functions of cybersecurity and physical security,” the guide notes.

Meanwhile, efforts to build cyber resilience and accelerate the adoption of advanced technologies can also introduce or exacerbate security risks in this evolving threat landscape, the guide said.

“Together, cyber and physical assets represent a significant amount of risk to physical security and cybersecurity -- each can be targeted, separately or simultaneously, to result in compromised systems and/or infrastructure,” CISA said.

“Yet physical security and cybersecurity divisions are often still treated as separate entities. When security leaders operate in these siloes, they lack a holistic view of security threats targeting their enterprise,” the guide noted. As a result, attacks “are more likely to occur and can lead to impacts such as exposure of sensitive or proprietary information, economic damage, loss of life, and disruption of national critical functions.”

Convergence is formal collaboration between previously disjointed security functions, the guide said. “Organizations with converged cybersecurity and physical security functions are more resilient and better prepared to identify, prevent, mitigate, and respond to threats. Convergence also encourages information sharing and developing unified security policies across security divisions.”

Benefits of convergence

CISA said that an integrated threat management strategy reflects in-depth understanding of the cascading impacts to interconnected cyber-physical infrastructure.

As rapidly evolving technology increasingly links physical and cyber assets, the benefits of converged security functions outweigh the challenges of organizational change efforts and enable a flexible, sustainable strategy anchored by shared security practices and goals, the guide said.

“While many utilities have not integrated physical and cybersecurity operations, it is especially important in the energy sector, to take a holistic risk-based approach when thinking about security," said APPA’s Senior Director of Security & Resilience, Sam Rozenberg, CPP.

The guide includes a framework for aligning security functions, as well as a set of convergence case studies.

The guide is available here.