Skip navigation

Effectively integrating physical and cyber security: WINS International best practice guide 4.11.

Effectively integrating physical and cyber security: WINS International best practice guide 4.11.

Loukas, George (2015) Effectively integrating physical and cyber security: WINS International best practice guide 4.11. Technical Report. World Institute for Nuclear Security.

Full text not available from this repository.

Abstract

In the past, physical security and cyber security were seen as two distinctly different disciplines. Physical protection systems were not vulnerable to cyber-attacks because they were analogue, and physical damage to an organisation could be caused realistically only via physical means. Today, however, cameras, sensor alarms, physical access and industrial process controls all rely on software and electronics and are often connected on an IP network. This renders them vulnerable to cyber-attacks in the same way as corporate networks. As a result, IT/cyber security staff have a responsibility towards their facility’s physical security and safety. Similarly, breaching the physical security of a facility invariably puts its cyber security at risk, as data can be stolen, equipment can be damaged to disrupt network connections and malicious USB sticks can be inserted into the facility’s computers. As a result, physical security staff have a responsibility towards their facility’s cyber security, too. Ensuring that this takes place requires the integration of both systems. The on-going integration of the cyber and physical domain should not be seen only as a risk and a source of new threats, but also as an opportunity. It reduces costs, increases operational efficiencies, streamlines the management of security breaches in both domains, allows for more effective forensic investigations, and, crucially, puts the organisation in a stronger position for protecting against current and future blended threats. This WINS Best Practice Guide presents a practical overview of how to effectively integrate physical and cyber security in a nuclear installation. It discusses a variety of cyber-physical threats and suggests a variety of ways to protect against them by integrating physical and cyber security. Special attention is also placed on insider threat, including its relevance to cyber-physical security, its behavioural indicators, and measures that can be taken to protect against unwitting insiders.

Item Type: Monograph (Technical Report)
Uncontrolled Keywords: nuclear, cyber security, cyber-physical security, physical security
Faculty / Department / Research Group: Faculty of Architecture, Computing & Humanities
Faculty of Architecture, Computing & Humanities > Department of Computing & Information Systems
Related URLs:
Last Modified: 18 Nov 2016 12:40
Selected for GREAT 2016: None
Selected for GREAT 2017: None
Selected for GREAT 2018: None
Selected for GREAT 2019: None
URI: http://gala.gre.ac.uk/id/eprint/15012

Actions (login required)

View Item View Item