Dr. Stephanie CarterCISM, CISSP, CISA

• LO1– Will learn the theological and practitioner definition of

cybersecurity

• LO2– Will learn the dependency between physical and cyber

security domains

• LO3– Will learn the constraints to physical and cyber security

convergence

• LO4– Will learn pros and cons of physical and cyber security

convergence

Learning Objectives (LO)

What is Cybersecurity?

Cybersecurity

• Cybersecurity – The ability to protect or defend the use of cyberspace from cyber attacks (CNSSI 4009)– Cyberspace

• A global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. (CNSSI 4009)

– Cyber Attack• An attack, via cyberspace, targeting an enterprise’s use of

cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information. (CNSSI 4009)

AuditorAnalyst (Security, Forensic)Engineers (Network, Security)Architects (Enterprise, Network, Security)Forensics (Analysts)Intelligence (Analyst, Officers)Information Security OfficerSecurity Officer/Security Guard

LegalHuman ResourceIT AccountingAcquisitionFinancialMarketingSales & ServicesResearch & DevelopmentOperations

CYBERSECURITY

DEFENDERS

ENFORCERS

When you think of cybersecurity, is physical security a part of that

thought?

Security Objectives

Confidentiality

– Ensuring no unauthorized access to data

Integrity

– Ensuring no unauthorized modification of data

Availability

– Ensuring data is always available to authorized subjects

Security Safeguards

Operating Procedures

Physical Security

Management Procedures

Hardware and Software

Security measures used to meet security objectives (i.e., confidentiality, integrity, andavailability) to protect the organization’s most valuable asset – data/information. Thesemeasures are translated in the form of security controls and countermeasures created foreach area.

Administrative

-Preventive

-Detective

-Corrective

Logical (Technical)

-Preventive

-Detective

-Corrective

Physical

-Preventive

-Detective

-Corrective

Controls

Cybersecurity• Deter Potential

Threat• Detect Threats• Monitor/Record

Threats

• Trigger Incident Response

• Assess Threat• Contain Threat• Report Threat• Remediate Threat• Assess Controls• Update polices,

procedures, security documentation

Physical Security• Deter Potential

Threat• Detect Threats• Monitor/Record

Threats

• Trigger Incident Response

• Assess Threat• Contain Threat• Report Threat• Remediate Threat• Assess Controls• Update policies,

procedures, security documentation

Security Interdependencies

• Physical threats have an impact on cyber operations

– Stealing, leaking, compromising information

• Cyber threats have an impact on physical operations

– Automated systems controlling physical access

• Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. (NIST SP 800-53; SP 800-53A; SP 800-27; SP 800-60; SP 800-37; CNSSI-4009)

• The potential source of an adverse event. (NIST SP 800-61)

• Threat – Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. Also, the potential for a threat-source to successfully exploit a particular information system vulnerability. (FIPS 200)

Threats

CONS• Inhibits identity of

vulnerabilities• Hinders proper risk

management• Increases useless investments

in IT, security controls & countermeasures

• Difficult to identify physical intruders

• Poor detecting of cyber infiltration efforts

• Impedes information sharing• Prevents transparency across

the organization

Bridging the Gap

PROS• Effective risk management• Increased security• Alignment of security

processes/goals with business processes/goals

• Increased organization-wide information sharing

• Tips the scale of importance• More thorough investigations• Creates an organizational

culture of diversity and appreciation

Where do we go from here?

Security Safeguards

Operating Procedures

Physical Security

Management Procedures

Hardware and Software

Security measures used to meet security objectives (i.e., confidentiality, integrity, andavailability) to protect the organization’s most valuable asset – data/information. Thesemeasures are translated in the form of security controls and countermeasures created foreach area.

AuditorAnalyst (Security, Forensic)Engineers (Network, Security)Architects (Enterprise, Network, Security)Forensics (Analysts)Intelligence (Analyst, Officers)Information Security OfficerSecurity Officer/Security Guard

LegalHuman ResourceIT AccountingAcquisitionFinancialMarketingSales & ServicesResearch & DevelopmentOperations

CYBERSECURITY

DEFENDERS

ENFORCERS

How is cybersecurity the real threat?

Cybersecurity

• Cybersecurity – The ability to protect or defend the use of cyberspace from cyber attacks (CNSSI 4009)– Cyberspace

• A global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. (CNSSI 4009)

– Cyber Attack• An attack, via cyberspace, targeting an enterprise’s use of

cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information. (CNSSI 4009)

Security Safeguards

Operating Procedures

Physical Security

Management Procedures

Hardware and Software

Security measures used to meet security objectives (i.e., confidentiality, integrity, andavailability) to protect the organization’s most valuable asset – data/information. Thesemeasures are translated in the form of security controls and countermeasures created foreach area.

Questions?