Skip to main content

Why Physical Security Integrators Need Cyber Resiliency

physical security, safety and security

Security companies have been protecting physical assets for decades with cameras that monitor entrances and locks that keep people out. But some of today’s greatest risks can’t be seen. The IoT creates hundreds of digital doorways into companies, and thieves can gain access and steal assets without ever setting foot inside.

In addition, the information the systems collect is more sophisticated, with features like facial recognition becoming commonplace. As a result, access control and compliance are important security concerns.

Security systems can have hundreds or even thousands of network nodes or end devices, creating a large attack surface for potential threats. The result? Digital systems need just as much protection as physical assets. Forward-thinking SIs who add cybersecurity services to their offerings can become superheroes to their end users.

“As customers and prospects become familiar with AI, they also understand the cyber obligation. It drives them to ask more questions, and they’re asking for cybersecurity services, too,” says Gary Hoffner, Vice President of PSLA Security, a California-based security systems integrator. “Currently, not many security integration companies offer cybersecurity along with physical security. I think the days of a security company simply providing video and access control services on top of intrusion detection will dramatically change.”

Cyber Resilience Strategies and the Power of Partnerships

One reason for slow adoption by SIs is that the technology and the potential risk it can create are complex. Those who want to provide customers with a full range of protection can find help by working with system integrators consortiums like PSA Security Network. This group provides SIs with access to the tools that won’t compromise cyber hygiene. And they can help SIs protect their customers’ digital assets by providing them with cybersecurity services, too.

Recognizing the growing demand, PSLA is adding the offering for customers who want to proactively monitor their security systems to prevent hacks that could be detrimental to business.

“We’ve spent an inordinate amount of time training our technicians on how to properly protect the systems that we deploy from cyber criminals,” says Hoffner. “We are adopting a user model like the Cybersecurity Maturity Model Certification by The Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD [A&S]). We fully anticipate having our cybersecurity offering right next to our physical security offering by the end of the year. We’ll be one of the few companies in our geographic area to offer a one-stop shop for cyber and physical security. It's the most excited I've been in 30 years about anything that we've done.”

Physical Security Meets Cybersecurity

PSLA’s involvement with The PSA Network was the impetus for its new cybersecurity offering. “PSA was my primary introduction to cybersecurity,” says Hoffner. “Today, I’m the chair of the cybersecurity committee and we advise the membership at large. I’ve gained access to information I wouldn’t have before.”

Cybersecurity starts when a system is properly installed. “How different are we from a company’s IT provider?” asks Hoffner. “Most security integrators understand how to properly protect the devices they install so that they don't put companies at risk. If we're not protecting the system on the network properly, then we're creating more risk for ourselves. We need to be saying, ‘Hey, we're prepared to protect you from any kind of cyberattack.’”

And offering cybersecurity services helps SIs stay relevant and grow their businesses no matter what the economy does, says Hoffner.

“I think more companies are realizing that cyber exposure is much greater than physical security aspects,” he says. “There could be much greater loss to cyber than could ever happen through a physical theft. SIs have a distinct advantage in offering cybersecurity because they already know a company’s concerns and potential loss. They’re in a unique position as a trusted advisor. Why not offer cybersecurity services to add on to that trust?”
 

This article was originally published on September 8, 2020.

This article was edited by Christina Cardoza, Editorial Director for insight.tech.

About the Author

Stephanie Vozza is a business writer who specializes in retail, technology, and finance. In 2006, she launched her own eCommerce brand and sold it five years later to FranklinCovey Products. Stephanie has written for companies that include Intel, Epson, Oracle, Smartsheet, Wells Fargo, First Citizens Bank, and Mastercard. She's a regular contributor to Fast Company where she covers leadership, careers, and technology. Stephanie's byline has also appeared in Forbes, Inc., Parade, Entrepreneur, and SUCCESS magazines.

Profile Photo of Stephanie Vozza