Protecting the Data Center from Blended Threats with Converged Security

June 20, 2022
Organizations across the globe are contemplating how to protect their environments from physical and cyber threats as traditional security programs are not sufficient. Andrew Wild of QTS Data Centers explores how converged security programs can provide a comprehensive and unified view of the security landscape. 
The IT threat landscape has evolved again, leaving enterprises more vulnerable than ever before.

These new attacks combine physical and cyber threats to create a more complex and dangerous risk environment.

Organizations across the globe are contemplating how to protect their environments from these threats as traditional security programs are not sufficient. Third-party data centers must be prepared to address these hybrid security attacks to safeguard their IT infrastructure and put their customers’ minds at ease.

Understanding Blended Security Threats

Historically, bad actors targeted organizations through either physical or cyber means. By using both cyber and physical elements, blended security attacks create multifaceted scenarios that can often go undetected until the full-scale attack is carried out.

Today’s headlines are littered with examples of these attacks, and even corporate giants are not immune. A popular automotive company was the target of an attack in which an employee was offered $500,000 to download a file. While the employee did not accept the bribe, this information could have been used in a larger attack.

Hybrid Threats are Everywhere

  • Internet of Things (IoT): Unsecured cell phones, smart home tools, virtual assistants and other connected devices offer opportunities for bad actors to collect private information that can be used in a physical attack.
  • Operational Technology (OT): Interfering with OT systems can impact operations. A recent cyber attack on a Florida water treatment plant allowed hackers to tamper with the water supply.
  • Unmanned Aircraft Systems (UAS): Drones are an escalating threat for organizations. These autonomous aircrafts can be weaponized to fly explosives into targets or control infrastructure from afar. A drone was recently used to unlock the doors of a motor vehicle.
  • Civil Unrest: Protests and uprising can create distractions that allow bad actors to access previously protected environments. In Greece, protesters learned the location of government data centers and set explosives around the perimeters of the facilities to create chaos that allowed them to enter the secured buildings.
  • Nation State Sponsored Actors: Funded by countries, nation-state- sponsored actors gather and use information to force people to do their bidding. For example, a U.S. national, whose parents live overseas, was targeted by holding his mother’s kidney dialysis treatment hostage until the individual complied with the actor’s demands.

Traditional Security Programs are Simply Not Enough

Addressing these new-breed attacks is difficult for most organizations because they operate outdated, siloed physical and cyber security programs. Data center physical security relies heavily on armed security guards, badge readers, biometric access controls, perimeter fencing and surveillance cameras.

A typical response to a heightened risk is to deploy additional guards—a strategy that can introduce coordination challenges rather than improve security.

On the cyber security side, many data centers utilize a centralized network operations center (NOC) to address network issues across their data center portfolios. This model limits local decision making and reaction, which can delay response time in a crisis.

Without formal alignment, communication and collaboration between physical and cyber security programs, organizations will struggle to address these dynamic risks.

Converged Security Programs Deliver an Integrated Approach to Hybrid Threats

A converged security program unifies physical and cyber security programs under a single banner to promote a more comprehensive and unified view of the security landscape. This integrated approach allows the organization to better plan for and execute standardized security practices and coordinated responses across cyber and physical platforms to avoid attacks.

Specialized Security Hubs Feed the Unified Converged Security Program

To achieve this holistic view and better control risk, a converged security model utilizes specialized, security-focused hubs—each of which shares its data into the converged security program.

These hubs also provide visibility across the organization’s entire portfolio of physical and cyber assets to directly identify and respond to any anomalies. Armed with dedicated, around-the-clock resources— including a physical security intelligence desk that is unique to the data center industry—the OSC has national oversight, something most data centers are unable to deliver.

Enterprises are increasingly focused on insulating themselves from these massive-scale attacks, and they want to know that their data center providers are prepared to support them. A converged security program can provide that peace of mind.

Andrew Wild is EVP Security and Compliance at QTS Data Centers. Contact them to learn more about their converged security solutions. 

About the Author

Voices of the Industry

Our Voice of the Industry feature showcases guest articles on thought leadership from sponsors of Data Center Frontier. For more information, see our Voices of the Industry description and guidelines.

Sponsored Recommendations

How Deep Does Electrical Conduit Need to Be Buried?

In industrial and commercial settings conduit burial depth can impact system performance, maintenance requirements, and overall project costs.

Understanding Fiberglass Conduit: A Comprehensive Guide

RTRC (Reinforced Thermosetting Resin Conduit) is an electrical conduit material commonly used by industrial engineers and contractors.

NECA Manual of Labor Rates Chart

See how Champion Fiberglass compares to PVC, GRC and PVC-coated steel in installation.

Electrical Conduit Cost Savings: A Must-Have Guide for Engineers & Contractors

To help identify cost savings that don’t cut corners on quality, Champion Fiberglass developed a free resource for engineers and contractors.

kubais/Shutterstock.com
Source: kubais/Shutterstock.com

Exploring the Benefits of Liquid-to-Air Coolant Distribution Units (CDUs)

Kevin Roof, Senior Product Manager at nVent, outlines how liquid-to-air cooling works, its benefits and what data center operators should look for when designing and selecting...

White Papers

Get the full report.

Why You Need to Accelerate Your Business with Cloud

Oct. 18, 2022
In this white paper, Cologix explores how data centers can help businesses use the cloud to stay ahead of their digital transformation needs.