Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.
Issue link: http://sdi.epubxp.com/i/835749
22 Security Dealer & Integrator / www.SecurityInfoWatch.com June 2017 integrators need to be educated and ready to answer questions with tangi- ble solutions. When you can have a knowledge- able conversation you will also pro- vide better value to the organization and the ability to present a turnkey, full-service solution that not only addresses physical security but cyber threats and network protection. What if your customer's access control, video surveillance or mass notification system falls victim to ransomware? Do you have a plan in place with your customer, and are you taking pro- active measures to alleviate the possi- bility? Are you making sure the equip- ment you provide is cyber-hardened and that you are deploying the neces- sary processes during system installa- tion to further safeguard information residing on the network? As system integrators, we must understand that the majority of our customers are looking for our exper- tise, and that we need to help guide them appropriately. Discussing the vulnerabilities that security system devices have on their network, along with cyber-attack risk such as ransom- ware should be part of the initial dis- cussion in the pre-installation consul- tation phase. at is also a differentiator for your business – and a necessary service for the physical security industry moving forward as billions of devices continue to be integrated and connected with the internet of ings (loT). End-users are not going to stop asking about cyber threats; instead, their inquiries and concerns will only escalate. The Business Proposition Systems integrators need to evolve their businesses from simply installing physical security detection. ey need to understand and have a knowledge- able conversation with clients on addi- tional safeguards, processes and best practices to help mitigate cyber threats and ransomware. ere are tangible steps that sys- tems integrators can take to address ransomware and cybersecurity as they relate to physical security system deployment. ey serve the multi-pur- pose of protecting the client, devel- oping and furthering the integrator's trusted provided status, and potentially providing new service and mainte- nance options that lead to RMR. Here are eight insights to get started: 1 Get educated. PSA Security Network gets high marks for bringing the cybersecurity con- versation to the table at its annual PSA TEC conference several years ago. e education raised awareness to the integrator community and has been followed by new committees for edu- cation and best practices (see more on page 30). SIA education at ISC West 2017 had more than 10 sessions on cyber- security. Professionals from the cyber world educated the systems integra- tion industry by discussing cyber risks, illustrating how physical security systems can be breached, and provid- ing guidance to improve the overall cyber posture of a networked system installation. 2 Consider third-party experts. With a massive shortage of cyber-trained experts in North America, the chances of your organization having one on staff is unlikely. Consider partnering with third-party cyber consultants and service providers. Bringing on this type of discipline within your com- pany not only assists your customers, but also helps you develop policies and conduct internal assessments of your organization and its practices. 3 Secure yourself. Have you taken the appropriate steps to protect your organization by improving your own company's cyber posture? Just like other companies, a ransomware attack on your organi- zation can have a devastating impact, and a simple breach could put your customer and employee data at risk. 4 Install necessary back- ups. Having secure backup of on-premise physical security databases is paramount to protect- ing against ransomware. ere is an opportunity to assist your customers with deploying backup solutions as a managed service offering – which may also present a new source of recur- ring monthly revenue (RMR). Once the service is in place, conduct regular testing of these backups to ensure that it can be restored fully. 5 Move to the cloud. Many of the cloud-based solutions today redundantly store system data and video automatically or on schedule. In addition, most cloud pro- viders are held to an extremely high level of cybersecurity – with various levels of encryption and automatic disaster recovery. Acceptance of cloud solutions by organizations is at an all-time high and manufacturers are releasing cloud solutions for numerous technologies. Take advantage of the opportunity to offer cloud solutions to your customers for inherent security and reliable net- work authentication. 6 Keep current with updates and patch- ing. According to e United States Computer Readiness Team (US-CERT), systems that installed the MS17-010 patch for Microso Windows were not vulnerable to Cover Story