Integrators, Do You Offer Cybersecurity Services?

Brian,

I'm an Account Executive at Convergint Technologies, a U.S. based physical security integrator. One of our new partner companies, Cybis is focused on cybersecurity.

Our Physec teams have been getting regular webinars on our new offering.

We feel that we must have an internal cybersecurity practice to be a market-leading, enterprise-level security integrator. That said, we are nowhere close to having a mature practice. We currently partner with competent companies. We are also committing time and money to develop our cybersecurity capabilities.

this is a great topic Brian...

there are many discussion threads here on IPVM where the conversation (whatever it might be) always seems to lead to a clear consensus that Hikvision wants to dominate the world squeezing hardware prices are dictating the need for integrators to be able to offer 'other things' than can help differentiate their companies from their geographical and/or channel competitors.

With all of the high profile companies and govt orgs getting hacked in the news over the last ~2yrs, what are the solutions being offered not only by integrators (which Brian asks) - but also by camera and/or vms providers?

Brian:

Thanks for asking this question - I think you are offering a glimpse into the next major change in the security market.

The flip side to that question might be to ask the companies that are NOT offering Cyber Security Services if they are at least enabling RSTP on their networks to prevent someone from taking the network down by triggering a broadcast storm (plugging both ends of one cable into the same unmanaged network)?

Sadly, most companies are waiting for the customer to demand that the security network be managed (or even secured). I'm suspecting that something like the Target Breach (the HVAC company got hacked and provided access to the corporate network) will have to occur with a security network in order for customers to wake up. When that does happen the result may be that a lot of security companies not offering at least basic network security are left out of the mid to high end of the security market.

First the physec world needs to prove itself as contributing to the solution, not the problem.

One big barrier I see is, for the most part, physical security equipment companies are generally poor at cyber security.

Granted, steps are being taken and the overall condition may be improving, but when leading manufacturers like Hikvision and Axis have such poor responses to glaring vulnerabilities it's hard to promote solutions (or the resellers who promote them) as being the answer to problems.

One starting point would be for the manufacturers to publish "firewall guides" for their products and offer training and support on configuring firewalls with their products.

I also think there should be a recognized list of steps to providing basic security for a security network. This would cover Layer 2 (MAC locking, disabling unused ports and Layer 2 ACLs) - that would at least limit the capacity for someone to "just plug into" the network.

PC security and Layer 3 security could probably be handled as a separate issue.

I'm biased... I'm an independent agent for a manufacturer of network switches and I see training dealers to protect a network as falling squarely in my set of responsibilities. In the market I see two types of clients:

1/ Large entities (City Government, Hospitals etc..) the corporate IT department owns EVERYTHING IT, has a legal responsibility to protect contents of the network and has a 24 hour help desk to work with integrators whenever they need to service a security device on the network.

2/ Mid-sized companies - the IT department is over-stretched and doesn't want to extend their coverage into a security network. The security network presents a problem - if they expend effort securing it then they may cause a problem with the security system or have to babysit the security integrator on every service call. This IT department will only work on protecting the connection points between the two networks. The rest of the security network remains unprotected.

Leaving a network unprotected is inviting a problem - either an attack on that network or allowing someone to use the unprotected network as a means of attacking the corporate network. Sooner or later there will be a basic expectation that the security integrator be able to configure their part of the network and manage at least the Layer 2 security - maybe go as far as configure the firewall settings in Layer 3 for the security devices.

It seems like a lot to ask, but if the security device manufacturers and the network switch manufacturers are contributing good documentation, training and support, then it may not be that much of a training burden on the integrator.