The adoption and integration of Internet of Things (IoT) and Industrial Internet of Things (IIoT) devices has led to an increasingly interconnected mesh of cyber-physical systems (CPS), which expands the attack surface and blurs the once clear functions of cybersecurity and physical security.
A successful cyber or physical attack on industrial control systems and networks can disrupt operations or even deny critical services to society.
Together, cyber and physical assets represent a significant amount of risk to physical security and cybersecurity – each can be targeted, separately or simultaneously, to result in compromised systems and/or infrastructure. When physical security and cybersecurity divisions operate in siloes, they lack a holistic view of security threats targeting their enterprise. As a result, successful attacks are more likely to occur and can lead to impacts such as compromise of sensitive or proprietary information, economic damage, disruption of National Critical Functions (NCFs), or loss of life.
Cybersecurity and Physical Security Convergence Guide
The Cybersecurity and Infrastructure Security Agency developed the Cybersecurity and Physical Security Convergence Guide (.pdf, 1,299 KB) as an informational guide about convergence and the benefits of a holistic security strategy that aligns cybersecurity and physical security functions with organizational priorities and business objectives.
The guide describes the risks associated with siloed security functions, a description of convergence in the context of organizational security functions, benefits of convergence, a flexible framework for aligning security functions, and several case studies.