• Subscribe
  • Trends Summit
  • Podcast
  • Videos
  • Jobs
  • White Papers
  • Webinars
  • Continuing Education
    1. Sponsored

    Protecting the Data Center from Blended Threats with Converged Security

    June 20, 2022
    Organizations across the globe are contemplating how to protect their environments from physical and cyber threats as traditional security programs are not sufficient. Andrew Wild of QTS Data Centers explores how converged security programs can provide a comprehensive and unified view of the security landscape. 
    Related To: QTS
    QTS Data Centers
    Enterprises are increasingly focused on insulating themselves from massive-scale attacks, and they want to know that their data center providers are prepared to support them. (Source: QTS Data Centers)
    Enterprises are increasingly focused on insulating themselves from massive-scale attacks, and they want to know that their data center providers are prepared to support them. (Source: QTS Data Centers)
    The IT threat landscape has evolved again, leaving enterprises more vulnerable than ever before.

    These new attacks combine physical and cyber threats to create a more complex and dangerous risk environment.

    Organizations across the globe are contemplating how to protect their environments from these threats as traditional security programs are not sufficient. Third-party data centers must be prepared to address these hybrid security attacks to safeguard their IT infrastructure and put their customers’ minds at ease.

    Understanding Blended Security Threats

    Historically, bad actors targeted organizations through either physical or cyber means. By using both cyber and physical elements, blended security attacks create multifaceted scenarios that can often go undetected until the full-scale attack is carried out.

    Today’s headlines are littered with examples of these attacks, and even corporate giants are not immune. A popular automotive company was the target of an attack in which an employee was offered $500,000 to download a file. While the employee did not accept the bribe, this information could have been used in a larger attack.

    Hybrid Threats are Everywhere

    • Internet of Things (IoT): Unsecured cell phones, smart home tools, virtual assistants and other connected devices offer opportunities for bad actors to collect private information that can be used in a physical attack.
    • Operational Technology (OT): Interfering with OT systems can impact operations. A recent cyber attack on a Florida water treatment plant allowed hackers to tamper with the water supply.
    • Unmanned Aircraft Systems (UAS): Drones are an escalating threat for organizations. These autonomous aircrafts can be weaponized to fly explosives into targets or control infrastructure from afar. A drone was recently used to unlock the doors of a motor vehicle.
    • Civil Unrest: Protests and uprising can create distractions that allow bad actors to access previously protected environments. In Greece, protesters learned the location of government data centers and set explosives around the perimeters of the facilities to create chaos that allowed them to enter the secured buildings.
    • Nation State Sponsored Actors: Funded by countries, nation-state- sponsored actors gather and use information to force people to do their bidding. For example, a U.S. national, whose parents live overseas, was targeted by holding his mother’s kidney dialysis treatment hostage until the individual complied with the actor’s demands.

    Traditional Security Programs are Simply Not Enough

    Addressing these new-breed attacks is difficult for most organizations because they operate outdated, siloed physical and cyber security programs. Data center physical security relies heavily on armed security guards, badge readers, biometric access controls, perimeter fencing and surveillance cameras.

    A typical response to a heightened risk is to deploy additional guards—a strategy that can introduce coordination challenges rather than improve security.

    On the cyber security side, many data centers utilize a centralized network operations center (NOC) to address network issues across their data center portfolios. This model limits local decision making and reaction, which can delay response time in a crisis.

    Without formal alignment, communication and collaboration between physical and cyber security programs, organizations will struggle to address these dynamic risks.

    Converged Security Programs Deliver an Integrated Approach to Hybrid Threats

    A converged security program unifies physical and cyber security programs under a single banner to promote a more comprehensive and unified view of the security landscape. This integrated approach allows the organization to better plan for and execute standardized security practices and coordinated responses across cyber and physical platforms to avoid attacks.

    Specialized Security Hubs Feed the Unified Converged Security Program

    To achieve this holistic view and better control risk, a converged security model utilizes specialized, security-focused hubs—each of which shares its data into the converged security program.

    These hubs also provide visibility across the organization’s entire portfolio of physical and cyber assets to directly identify and respond to any anomalies. Armed with dedicated, around-the-clock resources— including a physical security intelligence desk that is unique to the data center industry—the OSC has national oversight, something most data centers are unable to deliver.

    Enterprises are increasingly focused on insulating themselves from these massive-scale attacks, and they want to know that their data center providers are prepared to support them. A converged security program can provide that peace of mind.

    Andrew Wild is EVP Security and Compliance at QTS Data Centers. Contact them to learn more about their converged security solutions. 

    About the Author

    Voices of the Industry

    Our Voice of the Industry feature showcases guest articles on thought leadership from sponsors of Data Center Frontier. For more information, see our Voices of the Industry description and guidelines.

    Continue Reading

    Sponsored Recommendations

    How Deep Does Electrical Conduit Need to Be Buried?

    In industrial and commercial settings conduit burial depth can impact system performance, maintenance requirements, and overall project costs.

    Understanding Fiberglass Conduit: A Comprehensive Guide

    RTRC (Reinforced Thermosetting Resin Conduit) is an electrical conduit material commonly used by industrial engineers and contractors.

    NECA Manual of Labor Rates Chart

    See how Champion Fiberglass compares to PVC, GRC and PVC-coated steel in installation.

    Electrical Conduit Cost Savings: A Must-Have Guide for Engineers & Contractors

    To help identify cost savings that don’t cut corners on quality, Champion Fiberglass developed a free resource for engineers and contractors.

    RachenStocker/Shutterstock.com
    Source: RachenStocker/Shutterstock.com

    Views from the Ground: Electrical Contractors Building Data Centers Weigh In

    David Pala
    David Pala from IBEW Local 26 shares insights on industry changes and the benefits of being a union electrician.

    liquid_cooling_abstracted_image_4
    hero_bpsc
    hero

    White Papers

    DCF_IMDCEBook_2020-05-21_10-12-02

    Transforming Your Business Through Data — Creating a Virtuous Cycle for Your High-Value Data

    Iron Mountain
    June 1, 2020
    Get the new paper from Iron Mountain that explores digital transformation in full, including today’s data landscape, current challenges, opportunities and more.

    Sponsored