MONTREAL, April 14, 2022 — Following an exacerbated pandemic ascend in data breaches and ransomware attacks, Genetec Inc. (“Genetec”), a leading technology provider of unified security, public safety, operations and business intelligence solutions, has guided public sector organizations on how to reduce cyber vulnerabilities in security systems physics that are often overlooked.
IP security cameras and other security devices have been implemented to protect people, property and environments. But the same network connectivity that allows organizations to monitor operations and update software remotely presents a network path for cybercriminals. If they are not modern enough or properly protected, they can pose a significant cybersecurity risk. An attack from a camera or door controller can work its way through the network to block access to critical applications, lock files for ransom, and steal personal data.
Justin Himelberger, Business Development Manager for Enterprise Systems for US Federal and DOD at Genetec Inc., said, “As these systems (video surveillance, access control, alarms, communications, etc.) are increasingly in addition connected to networks and IT infrastructure, they can be quite vulnerable. With the increase in the number of cyberattacks around the world, it is becoming clear that government organizations need to be stricter than ever when it comes to cybersecurity in their own organizations and throughout their supply chains.
One step that organizations can take immediately is to ensure that each device, as well as the servers used to store data and host surveillance consoles, have the latest firmware and software recommended by the manufacturer. Changing default passwords and establishing a process for changing them frequently is an essential practice. Improving network design to segment older devices can also help reduce the potential for cross-attacks.
Vulnerability assessment and prevention
To determine the risk to physical security systems, Genetec recommends organizations perform a posture assessment, create and maintain an inventory of all network-connected devices and their connectivity, firmware version, and configuration. As part of the assessment, they should identify models and manufacturers of concern, such as those listing by the US government under the National Defense Authorization Act (NDAA) as presenting a high level of cyber risk. They must also document all users with knowledge of security devices and systems.
The review can identify devices and systems that need to be replaced. When developing a replacement program, prioritize strategies that support modernization. An effective approach is to unify physical security and cybersecurity appliances and software on a single, open-architecture platform with centralized management tools and views.
Additionally, while physical security and IT have always been approached as separate efforts, the risk of cyberattacks via physical security technology is driving the change. The US Agency for Cybersecurity and Infrastructure Security recommend join IT and physical security into one team, so they can develop a comprehensive security program based on a common understanding of risks, responsibilities, strategies and practices.
In the United States, federal funding may be available to help cover costs associated with replacement programs. The Investment and Jobs Act of 2021 includes $1 billion to help state and local governments modernize their cybersecurity.
Genetec can provide public sector subject matter experts and security veterans to speak on this topic upon request.
Genetec Inc. is a global technology company that has been transforming the physical security industry for over 25 years. Today, the company develops solutions designed to improve security, intelligence and operations for businesses, governments and the communities in which we live. Its flagship product, Security Center, is an open architecture platform that unifies IP video surveillance, access control, automatic license plate recognition (ALPR), communications and analytics. Founded in 1997 and headquartered in Montreal, Canada, Genetec serves customers through an extensive network of partners and certified consultants in more than 159 countries.
For more information about Genetec, visit: www.genetec.com