SSI logo

It’s Time to Take Cybersecurity Seriously

SSI Editor-in-Chief Scott Goldfine discusses why it’s critical to start addressing cybersecurity now.

By ·

Under my watch the past 16 years it has been my mission that Security Sales & Integration be the industry’s go-to vehicle for sharing thought leadership that strikes the perfect balance of expert security business and technology information. Integral to that is keeping a watchful eye on what lies ahead while keeping a foot firmly planted in current reality. That is why I was so keen and intrigued a couple of months ago when my longtime friend Bill Bozeman, president & CEO of PSA Security and a member of SSI’s Editorial Advisory Board, told me about the organization’s plan to launch a cybersecurity program aimed at physical security integrators. This is a critical area for the industry to address and shore up ASAP, and so SSI and its sister publication, ChannelPro, have signed on as exclusive media partners for the first PSA Cybersecurity Congress Jan. 20-21 outside Denver.

Any doubt about how imperative it is for the physical security industry to get a handle on cybersecurity would have likely been squelched during the recent PSA Convention in Bermuda. I was among the attendees who were more blown away by the evidence presented showing the cyber-attack storm brewing on the horizon than by the actual hurricane that ravaged the island during the event.

Eagle Eye Networks CEO Dean Drako’s eye-opening key-note detailed the staggering universal challenge governments, businesses and individuals are facing trying to fend off hackers and cyber threats. He then drilled down to describe the specific vulnerabilities with which physical security solutions providers must contend. He discussed five “attack vectors” that security companies need to concern themselves with: Windows OS; Linux OS; DVRs/NVRs/VMS; endpoints (i.e. cameras, controllers); and firewalls. In particular, Drako talked about the high vulnerability in the industry due to the use of Web browsers, shared enterprise networks and the recently discovered Unix Bash shell vulnerability that puts anything embedded with Linux (including a high percentage of security devices) at risk.

“More sophistication in programming means higher vulnerabilities too,” said Drako, who is also the founder of Barracuda Networks. “With all the embedded programs in recorders, who is updating and tracking all the vulnerabilities? All of them are too high. DVRs and NVRs for the most part are disasters waiting to happen. And cameras are also at high risk.” According to Drako, whose Eagle Eye firm offers a cloud-based VMS solution, the typical machine with an open port on the Internet is scanned more than 10,000 times daily by nefarious bots and cyber threats, and so staying off the network is the only truly safe measure one can take.

It is to the benefit of the physical security industry to have forward-thinkers like Drako bringing in fresh perspectives and innovative ideas. Even if you disagree, the discussion and debate process is vital. I had the pleasure of dining with Drako, who subsequently participated in the cybersecurity roundtable I conducted (see page 44) for this issue. Drako and I both serve on the new PSA Cybersecurity Executive Advisory Council, which held its first face-to-face meeting at October’s ASIS expo in Atlanta.

Up until very recently dismissed by most physical security industry manufacturers and integrators, cyber has seemingly taken center stage overnight. The topic has gained so much traction that it dominated conversation throughout the PSA Convention. When technology panel moderator Eric Yunag (Dakota Security) asked security manufacturer reps Carole Dugan (Arecont), Dan Murray (Bosch), Rob Munro (Exacq), Rick Mohr (HID) and Dave Uberig (March Networks) what the most disruptive force being exerted on the electronic security industry is today, the answer was unanimous: cybersecurity.

It is crucial to note that cybersecurity should not be approached with dread or even as a necessary evil but rather as an exciting new frontier. It’s a scenario that presents security integrators with new opportunities to partner with managed service providers and other cyber experts to cover themselves against liability, tap into the billions of dollars being allocated in this area, and deliver total security solutions to end users.

Bozeman calls cybersecurity the industry’s most transformative development since the advent of networked devices and systems. I concur. PSA Director of Education Barbara Shaw says the new cybersecurity program will provide companies the knowledge, skills and tools to help identify, assess and monitor cyber-security threats. I urge you to take this issue very seriously, and I hope to see you at the Cybersecurity Congress next month.

Article Topics
Business Management · Systems Integration · Columns · All Topics

About the Author
Scott Goldfine
Scott joined SECURITY SALES & INTEGRATION in October 1998 and has distinguished himself by producing award-winning, exemplary work. His editorial achievements have included blockbuster articles featuring major industry executives, such as Tyco Electronic Products Group Managing Director Gerry Head; Protection One President/CEO Richard Ginsburg; former Brink’s Home Security President/CEO Peter Michel; GE Interlogix President/CEO Ken Boyda; Bosch Security Systems President/CEO Peter Ribinski; and former SecurityLink President/CEO Jim Covert. Scott, who is an NTS Certified alarm technician, has become a respected and in-demand speaker at security industry events, including presentations at the Central Station Alarm Association (CSAA) Annual Meeting; California Alarm Association (CAA) Summer and Winter Conferences; PSA Security Network Conference; International Security Conference and Exhibition (ISC); and Security Industry Association (SIA) Forum. Scott often acts as an ambassador to mainstream media and is a participant in several industry associations. His previous experience as a cable-TV technician/installer and running his own audio company -- along with a lifelong fascination with electronics and computers -- prepared Scott well for his current position. Since graduating in 1986 with honors from California State University, Northridge with a degree in Radio-Television- Film, his professional endeavors have encompassed magazines, radio, TV, film, records, teletext, books, the Internet and more. In 2005, Scott captured the prestigious Western Publisher Maggie Award for Best Interview/Profile Trade for "9/11 Hero Tells Tale of Loses, Lessons," his October 2004 interview with former FDNY Commander Richard Picciotto, the last man to escape the Ground Zero destruction alive.
Contact Scott Goldfine:
View More by Scott Goldfine


Don't miss out! Subscribe to Security Sales & Integration magazine today. - Security Sales & Integration