The concept of security convergence, where physical and cyber security issues overlap, has been around for more than a decade. But it has only been in the last few years that the IP-enablement of everyday business functions has forced companies to come to terms with the fact that physical and cyber security must be treated in a unified manner.
The IP-enablement of “physical” devices such as heating/ventilation/air conditioning (HVAC), lights (in the office and parking lots and garages), video surveillance, identification cards providing access to a building and even soda and snack machines has resulted in increased business efficiency and saved operating costs. At the same time, however, it has opened up an entirely new set of vulnerabilities targeted for exploitation by hackers trying to access a company’s network to steal vital business or customer information, or impact corporate operations.
To date, talk has focused on improving cyber security technology and processes as a response to hacking and security breaches. There has been scant attention paid, however, to the bigger picture: Companies must take a unified approach to both physical and cyber security. Companies have devoted a lot of resources to unify cyber and physical operations via their network, but have fallen short in the critical next step of unifying their response to deal with the physical and cyber implications in the event that the network experiences some type of disruption.
Some valid point. Howerver, the author forgot to mention good solid Red Teaming.