Introducing KB CYPHY: Cyber Security for Your Physical Security Network

By David Strickland, Vice President of Kenton Brothers

As you may have read – The time is now to secure your networks. CYPHY is a combination of Cyber and Physical security. CISA (Cybersecurity and Infrastructure Security Agency) and DHS (Department of Homeland Security) have published, distributed, and are now looking to regulate critical infrastructure, critical services, state and local municipalities, manufacturers and healthcare companies to follow the guidelines set out in the recent campaign “Resolve to be Resilient”.

As a part of this campaign, they are asking everyone to follow a very simple three step plan:

• Assess Your Risk. Organizations should identify their most critical functions and assets, define dependencies that enable the continuity of these functions, and consider the full range of threats that could undermine functional continuity.
• Make a Plan and Exercise It. Organizations should perform dedicated resilience planning, determine the maximum downtime acceptable for customers, develop recovery plans to regain functional capabilities within the maximum downtime, and test those plans under real-life conditions to ensure the ability to operate through disruption.
• Continuously Improve and Adapt. Organizations should be prepared to regularly adapt to changing conditions and threats. This starts with fostering a culture of continuous improvement, based on lessons learned from exercises and real-world incidents, and evolving cross-sector risks.

To counter the ever-evolving threat landscape, security is not merely about physical fortification; it extends into the digital realm, demanding a comprehensive solution. At Kenton Brothers Systems for Security, we understand the significance of safeguarding both your tangible assets and your digital infrastructure. With our proven reputation in the security industry, we bring you a holistic approach that combines cutting-edge physical security systems that are protected properly from cyber-attacks.

KB CYPHY

We are excited to introduce the new KB CYPHY service to lower risk and increase the hardening of your physical security networks.

As with all our projects we begin with assessing the current state of your physical security network. Once we determine where we will need to concentrate our efforts, our certified engineers put together a plan to bring your level of cyber security up to a satisfactory level. Once the plan is agreed on in collaboration with your IT department, we begin the process.

Here are a few of the steps we take to raise your CYPHY security level.

Network Security:

Collaboration is key. During the installation process, we work closely with your IT team to implement measures such as locking switch ports, MAC address reservation, and the enforcement of unprivileged accounts for routine system use.

Password Protection:

In the digital age, password security is paramount. KB CYPHY employs a stringent password policy, ensuring that each password is a unique combination of at least 13 characters, including lower and upper-case letters, numerals, and special characters as a minimum.

Manufacturers Hardening Guides:

Following manufacturers’ hardening guides is a fundamental aspect of our security strategy. KB CYPHY is meticulously configured to minimize vulnerabilities, providing you with a robust defense against potential threats.

Firewall Configuration:

Our pre-configured firewalls adhere to the guidelines specified in the hardening guide. By carefully managing open ports, we reduce the surface area for potential cyber threats, enhancing the overall security of your digital infrastructure.

DMZ Implementation:

Strategic placement of internet-facing servers in a Demilitarized Zone (DMZ), combined with IP filtering for local IPs only, segregates them from your internal network. This additional layer of defense, facilitated by the CYPHY system, protects against external threats.

Quarterly Security Measures:

Security is an ongoing process and must continuously improve and adapt.  Our proactive approach, facilitated by KB CYPHY, includes monitoring Common Vulnerabilities and Exposures (CVEs) and implementing necessary updates quarterly. This ensures that your security infrastructure remains resilient and up-to-date.  These services include:

– Device firmware upgrade
– Hotfix/patch for security VMS/AC software
– Verify Encryption
– Apply OS Patches

Device and Software Maintenance:

Regular maintenance is crucial. Our quarterly routine, facilitated by the CYPHY system, includes firmware upgrades and security patches, with a focus on hotfixes for potential vulnerabilities in our Video Management Systems (VMS) and Access Control (AC) software. Where possible, encryption is enabled to protect data in transit.

Camera Security:

Our camera systems go beyond basic surveillance. Regular port scans, facilitated by the KB CYPHY team, disable unnecessary services and ports (Telnet, FTP, HTTP, SMTP, SSH, Bonjour), minimizing potential attack vectors. Edge storage is encrypted, and unused SD cards are disabled for a comprehensive approach to camera security.

By choosing Kenton Brothers Inc Systems for Security and our advanced CYPHY system, you’re not just investing in physical security; you’re securing the future of your business. Our holistic solution ensures that both your tangible assets and digital infrastructure are fortified against the evolving threats of the modern world.  We invite you to explore how KB CYPHY coupled with robust cybersecurity measures, can be tailored to meet your unique needs.

Subscription Based

KB CYPHY is available now and is an annual subscription based on the size of your system. Kenton Brothers Systems for Security will offer this on every installation and will be a standard minimum moving forward.

It’s time to throw the gauntlet down on open, unsecure networks. Please give us a call if you would like to talk about this offering and how it could help your organization.