Top 10 tips for raising the cybersecurity bar in your organization today!

By David Strickland, Vice President of Kenton Brothers

October is Cybersecurity awareness month!

CISA, or the Cybersecurity and Infrastructure Security Agency, celebrates October as the month to get in the know.

Kenton Brothers Systems for Security would like to remind you that many of your physical security systems run on an IP (Internet Protocol) network. These include IP video surveillance and IP based access control systems. In an effort to help support our customers and bring about greater awareness of the risks surrounding Cybersecurity, we thought it would be good to create a guide for some of the best practices around cybersecurity for your organization.

Here are 10 ways to raise the cybersecurity bar in your organization today!

1) PASSWORD PROTECT EVERY DEVICE

Every device that connects to the internet in any way should have a password. It should not be the default password from the manufacturer.  A strong password is at least 12 characters that are a mix of numbers, symbols, and capital lowercase letters. Never reuse passwords and don’t share them on the phone, in texts, or by email. Limit the number of unsuccessful log-in attempts to limit brute force password-guessing attacks. Configure your systems to require passwords be changed at least quarterly.

2) UPDATE YOUR OPERATING SYSTEM AND DEVICE FIRMWARE

This includes your apps, web browsers, and operating systems. It may also include your software upgrades for security devices such as cameras and access control controllers. If possible, set updates to happen automatically. Many of these updates include patches and fixes for vulnerabilities that have been discovered.

October is Cybersecurity Awareness Month3) USE MULTI-FACTOR AUTHENTICATION

Require multi-factor authentication to access areas of your network containing sensitive information. This requires additional steps beyond logging in with a password — like a temporary code on a smartphone or a key that’s inserted into a computer.

4) ENCRYPT YOUR DEVICES

Encrypt devices and other media that contain sensitive personal information. These include laptops, tablets, smartphones, removable drives, backup tapes, and cloud storage solutions.

5) DISABLE ALL PORTS NOT IN USE

Confirm that the organization’s IT personnel have disabled all ports and protocols that are not essential for business purposes. Switches that have open ports that have not been turned off are literally open doors to your data.

6) USE EMAIL AUTHENTICATION

When you set up your business email, make sure the email provider offers email authentication technology. That way, when you send an email from your company’s server, the receiving servers can confirm that the email is really from you. If it’s not, the receiving servers may block the email and foil an email imposter.

7) TRAIN YOUR STAFF

Teach your staff how to avoid phishing scams and show them some of the common ways computers and devices become infected. Include tips for spotting and protecting against Ransomware in your regular orientation and training. Also, train them to never share passwords or leave devices such as cell phones unattended or computers unlocked when they step away.

October is Cybersecurity Awareness Month

8) THINK BEFORE YOU CLICK

More than 90% of successful cyber-attacks start with a phishing email.

A phishing scheme is when a link or webpage looks legitimate, but it’s a trick designed by bad actors to have you reveal your passwords, social security number, credit card numbers, or other sensitive information. Once they have that information, they can use it on legitimate sites. And they may try to get you to run malicious software, also known as malware.  If it’s a link you don’t recognize, trust your instincts, and think before you click.

9) LOWER REPORTING THRESHOLDS:

Every organization should have documented thresholds for reporting potential cyber incidents to senior management and to the U.S. government. Senior management should establish an expectation that any indications of malicious cyber activity, even if blocked by security controls, should be reported to report@cisa.gov. Lowering thresholds will ensure we are able to immediately identify an issue and help protect against further attack or victims.

10) INSPECT, INSPECT, INSPECT! 

You can have the greatest policies and procedures in the world. However, to get the best results you must test and inspect your system regularly. A member of senior leadership should randomly test and inspect your systems for compliance.

Need Some help implementing these standards? Give us a call!

Viakoo can proactively update IoT devices, strengthening your protection against hacking attempts.

By Neal Bellamy, IT Director at Kenton Brothers

ViakooHacking, at its root level, is a person using a computer program for a purpose that is not intended. It’s like discovering a person walking a dog and then using the dog to attack someone. That wasn’t the intent of the person walking the dog, but the hacker was able to take control. In order to “hack”, the attacker must find a weakness in the software and then exploit the weakness. In the ever-evolving game of cat and mouse, weaknesses get found and software gets modified to patch those weaknesses.

Most successful hacks are possible because the software on a device is outdated.

Even though previous weaknesses have been fixed with software updates, the newest software has not yet been installed, and new weaknesses are found that can be exploited.

In other areas of information technology (IT), we have tools to detect and notify us when software needs to be updated. Most people are probably familiar with Windows Update, the little icon on the lower right that tells us new software is ready to be installed. There are many other systems that can also notify and even update the software automatically. But there is an area of IT that generally gets missed…

The Internet of Things

Viakoo IoTThe Internet of Things (IoT) is defined as “a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.”

IoT has been around for decades. We’ve used and interacted with IoT devices in our offices for as long as I can remember. Things like copiers, scanners, and credit card machines are all examples of devices that usually are on the network and can send and receive data.

In the commercial security world, cameras and access control panels are also IoT devices. Anything that you can interact with and not have to touch is an IoT device. Can you adjust your thermostat from anywhere in the world? If so, It’s an IoT device. IoT is transforming our world and has been for many years now. It is making our lives more convenient and more connected. The security risk with IoT is that most devices are installed and never updated. If there is a security weakness detected, the software may never get installed… leaving that device wide open for being compromised.

Most companies spend a lot of IT time and money protecting servers, firewalls, and desktops to make sure that they have the latest software updates and are secure. But the IoT devices are usually left out of the discussion. IoT devices are now one of the largest attack vectors for malicious hackers. These “Set and Forget” devices are often left unprotected and sometimes directly connected to the internet. (Please don’t connect anything, except a firewall, directly to the internet; There are better ways.) As a whole, we have to do a better job of protecting these devices.

Part of the answer for the physical security world could be Viakoo’s new offering.

Viakoo dashboardViakoo has been offering camera, access control, and IoT monitoring for quite a while.

At their core, Viakoo will catalog all of your devices and monitor them at varying levels to make sure they are operational. And now Viakoo is taking it to the next level. Viakoo is offering IoT risk evaluation and IoT risk remediation. In evaluating the risk of each IoT device, Viakoo looks at the password, security certificates, and installed firmware version for each of the IoT devices. In supported devices, passwords can be changed and because Viakoo is already connected to some video management software (VMS), it can even change the password in the VMS so the video is not lost. Viakoo can also install new certificates in supported IoT devices so that they can be trusted at a higher level.

Viakoo can push new firmware to all the devices across the network. Since Viakoo architecture is already designed to be installed at multiple sites and buildings, the firmware can be pushed across the entire corporate footprint at the same time. Viakoo works across many hardware and software manufacturers, which most competing systems are not yet capable of doing, making Viakoo a good choice for almost any business with IoT devices.

Viakoo is a simple subscription-based software that can catalog, evaluate and secure all of your IoT devices. If you want help in securing your IoT Devices, please give us a call!

Three Security Trends for 2022 – Blurring of Cyber and Physical Security

By Gina Stuelke, CEO of Kenton Brothers

The lines are blurring between cyber and physical security. Here are three important trends we are seeing in the commercial security space for 2022.

1) Organizations will invest in new commercial access control systems and video analytics solutions that are more integrated.

CyPhy Part 1During the pandemic, many businesses had to get creative in managing new health and safety mandates. Controlling social distancing was critical. To adhere to health mandates, retailers, corporate offices, and others needed to know how many people were in their facilities at any given point. This has generated huge demand for occupancy management solutions.

While most are using this technology to count people entering and exiting a building, organizations will continue expanding this technology across all areas of their facilities.

These spatial analytics are helping businesses unlock insights about how people use their facilities. Long after the pandemic is over, they can extract data to learn:

  • How many people are waiting in the lobby
  • How many people are in the cafeteria
  • How specific spaces are being used over time

This data then becomes the catalyst for building improvements that enhance the visitor, employee, or tenant experience.

Implementing video analytics within camera systems can further strengthen site security and delivers more insights. From people counting and directional flow to object left behind and crossline detection, analytics are giving security teams a clearer picture of what’s happening in their environments. Analytics also allowed remote teams to stay on top of threats while securing near-empty facilities during the pandemic. Beyond safety objectives, organizations are using analytics data to reduce wait times, optimize staff scheduling and enhance business operations.

Corporate offices are also finding ways to best optimize their workplaces as they give employees the flexibility to split up their work time between the office and home. This space utilization intelligence helps them better track employee office attendance, monitor meeting room demands and make more informed floor plan changes such as adding more desk-sharing options.

All of this leads to higher operational efficiencies, effective resource management and cost savings.

2) Cybercrime will continue to grow and inspire new strategies.

CyPhy Part 2In today’s world, while we can harden and tighten the physical security of a facility, a truly secure IT perimeter no longer exists. Physical security professionals are collaborating with cyber security teams to put measures in place to deter hackers and protect their businesses.  Choosing trusted vendors and deploying physical security solutions that come with layers of cyber defenses are critical. It’s a layered and collaborative approach.

A report by Cybersecurity Ventures predicts that global crime costs will reach $10.5 trillion annually by 2025. With a growth rate of 15% per year, this is said to represent the greatest transfer of economic wealth in history.

As we continue to see more devices come online (at the rate of 17 per hour) and data processing becomes central to operations, businesses will need to remain agile and responsive to the evolving threat landscape. Businesses will also need to offer greater transparency to meet customer expectations of keeping their data private and secure. All of this will bring in a new model for physical and cybersecurity that relies on continuous verification rather than just hardening networks and systems.

3) More organizations will make the move to the Cloud and embrace a hybrid model.

CyPhy Part 3The pandemic is largely responsible for the surging demand for the Cloud. As online usage and remote work spiked, there’s been a global shift to accelerate digital transformation.

According to a report titled Predictions 2021 by Forrester, global public cloud infrastructure was predicted to grow 35% to a market value of $120 billion in 2021. To thrive in the long run, physical security professionals will need to determine how to best leverage cloud technology and offerings in the years ahead. More chief security officers will let go of the division between cloud and on-premises physical security systems and embrace a hybrid deployment model. This allows them to implement specific systems or applications in the cloud while keeping existing on-premises systems.

This hybrid approach can also be the simplest answer when deciding how to enhance scalability, redundancy, and availability to meet changing needs. Beyond that, cloud offerings provide tons of added value. Physical security teams can quickly migrate to newer technologies, minimize hardware footprint, boost cybersecurity and reduce costs.

It’s an exciting time in the security industry!

Innovation and continuous improvement are happening every day in the commercial security industry, both core values of KB! Let us be your commercial security partner and we will help you navigate these changes!

CyPhy Part 4 – Testing Your Knowledge about the Convergence of Cyber and Physical Security

By David Strickland, Vice President of Kenton Brothers

Welcome to a bonus 4th part in our series of CyPhy – The convergence of Cyber and Physical Security.
(Part 1 | Part 2 | Part 3 | Part 4)

Is your organization up to speed with the new directives and recommendations from CISA around the convergence of Cyber and Physical Convergence?

Here’s a quiz to find out.

1) Someone removes a camera from the side of your building and connects their laptop to your network by using the Cat 6 cable connection at the camera. Is this a physical security issue or a cyber security issue?

2) Through social engineering, someone gains access to your network using a valid username and password. Is this a physical or cyber security issue?

3) Someone exploits the outdated access control reader software on the network to gain access your network. Is this a physical or cyber security issue?

4) Unknowingly, 50 of the IP video Surveillance cameras on your network are three versions behind in firmware and licensing updates. Is this a physical or cyber security issue?

5) The credentials you use are vulnerable to quick copying and duplication – even at Home Depot. Is this a physical or cyber security issue?

6) Does every IOT and IIOT device on your physical security network have updated OS software with the most current patches installed?

7) Does your physical security network have any end of life devices connected to it, such as outdated badge printers, end of life cameras?

8) Are any of the devices on your Physical security network using default, fixed or known passwords?

9) Does your physical security network and every device on it require 2 factor authentication for access?

10) Are all the components on your physical security network mac addressed to the server?

11) Are all the ports on your server or switch not being used turned off?

12) Does your Chief information Security Officer and Chief Security Officer meet regularly to discuss the security provisions in place and strategize next steps and mitigation?

CyPhy Part 4

Answers:

1) Cyber security of the physical network is the responsibility of both parties. Every port on the network should be Mac addressed to the device.

2) Physical – The Physical Security team controls policy and procedures and the education of mitigating social engineering threats.

3) Both parties have responsibility to understand every device connected to the physical and cyber security of the network should understand the status of that device’s firmware, OS and certificates.

4) Both parties have responsibility to understand every device connected to the physical and cyber security of the network should understand the status of that device’s firmware, OS and certificates.

5) Physical – The physical security team is responsible to select the physical components of the system and keep up to speed on the vulnerabilities inherent in them.

6) You should have a device map with every device on it and its current status of software, firmware, OS and certificates issued.

7) You should have a device map with every device on it and its current status of software, firmware, OS and certificates issued.

8) You should have policies and procedures in place to require regular password changes for each device on your network.

9) You should have dual authentication as a standard practice.

10) All components on your physical security network should be mac addressed to the server.

11) All the ports on your server or switch not being used should be disabled/turned off.

12) Your CISO and CSO should meet regularly to discuss the security provisions in place and strategize next steps and mitigation.

How did you score?

Unfortunately, even one wrong answer leaves you vulnerable.

Items 7,8 and 9 are considered CISA’s ugly three. If your answers are not in alignment with the answers above, then you have an opportunity to improve your physical and cyber security.

Give Kenton Brothers Systems for Security a call today and we can help you start the conversation and make impactful changes to your network security.

CyPhy Part 3 – Breaking down CISO and CSO silos to reach Security Convergence.

By David Strickland, Vice President of Kenton Brothers

CyPhy Part 3The third of a three part series covering the Cybersecurity and Infrastructure Security Administrations (CISA) newest announcements around Security Convergence. Kenton Brothers Systems For Security hopes to help organizations understand this concept and adopt best practices for securing the Cyber-Physical Systems (CPS) currently deployed.
(Part 1 | Part 2 | Part 3 | Part 4)

In part two, we discussed the size of the problem we have worldwide with the advent of 46 Billion IOT and IIOT devices. In this blog, we will concentrate on breaking down the CISO and CSO silos and the specific steps an organization can take to reach Security Convergence.

Breaking down the Walls 

In a Siloed Organization…

Convergence of Cyber and Physical SecuritySecurity functions operate independently with limited collaboration on enterprise-wide risks. Senior leaders and teams lack the visibility of interconnected physical and cyber assets. Lines of communication are unclear and impede coordination and collaboration. Organizations are unable to quickly identify, prevent and respond to complex threats.

The Solution:  

Organizations with converged cybersecurity and physical security functions are more resilient and better prepared to identify, prevent, mitigate, and respond to threats. Convergence also encourages information sharing and the development of unified security policies across security divisions. To accomplish a converged effort, you must first break down the walls that hold each siloed department back.

Cybersecurity and Physical Security Convergence

How does an organization do that? Through Communication, Coordination and Collaboration.

Cybersecurity and Physical Security Convergence

Communication, Coordination and Collaboration

COMMUNICATION

  1. Initiate a Dialogue
    1. Enable Communication with security leaders. Engage with upper management to discuss what convergence might look like. Successful convergence relies on support from leadership
  2. Review Leadership Roles
    1. Identify the leaders of this movement
  3. Establish a Convergence Team
    1. Convergence Team – Identify key players such as CSO or  CISO, Physical Security personnel, IT personnel and facility managers
  4. Enable Information Sharing
    1. Engage with team members across all security functions to identify points of convergence

COORDINATON

  1. Formalize Convergence team roles and responsibilities
    1. Establish a cadence and structure for team coordination
  2. Identify Linked Assets
    1. Coordinate with team members across security functions to assess cyber and physical assets and which ones are linked. Assess the risk of each
  3. Conduct a Vulnerability Assessment
    1. Identify gaps in security and risk mitigation and determine where gaps may be closed through convergence
  4. Determine the Baseline
    1. Leverage the information gained in your assessments and gap analysis to determine your baseline for security operations and incident mitigation

COLLABORATION

  1. Run the Numbers
    1. Determine if convergence on any scale is financially feasible from short-term and long-term perspective
  2. Prioritize Improvements
    1. Identify and prioritize improvements, including patches, software updates, virus protections, certificate management, and opportunities for automation – There are some powerful options here
  3. Craft Risk Driven policies
    1. Develop and implement risk driven policies with broad reach that reflect converged security functions. Identify best practices. There are some powerful options here as well
  4. Strategic Alignment
    1. Align strategy to shared practices and goals. Focus on improving efficiency and increased information sharing

An integrated threat management strategy reflects in-depth understanding of the cascading impacts to interconnected cyber-physical infrastructure. As rapidly evolving technology increasingly links physical and cyber assets—spanning sectors from energy and transportation to agriculture and healthcare—the benefits of converged security functions outweigh the challenges of organizational change efforts and enable a flexible, sustainable strategy anchored by shared security practices and goals.

Kenton Brothers Systems for Security is ready to help your organization take on this task. We can help facilitate conversations or simply conduct assessments that can help springboard the effort. Give us a call today.

Resources

There are many resources available to get this conversation started. One of our favorites is the table top exercise templates provided by CISA. You can find them at www.CISA.gov. The table top exercise gives you real world scenarios and asks you to use it in your planning. These are a really comprehensive tool that will have immediate impact on your discussions.

Cybersecurity and Physical Security Convergence Cybersecurity and Physical Security Convergence

This is one of the best articles I’ve read on the subject (outside our blogs)
Convergence questions answered – Control Engineering Europe

Again, thank you for joining us on this three-part series. We are standing by to help in any way.