Digitally speaking, your information must have the freedom to move around the internet—connecting, sharing, transmitting, and making the technological world turn. And physically speaking, our bodies must also be able to move around the world in relative safety, working and thriving to keep our lives in motion. It is at this juncture between what we want—namely, the survival of both ours bodies and our digital systems—and how we will keep them safe, that both the virtual and the physical world must look to the realm of cybersecurity to find answers for future protection.
In the world of cybersecurity, we often focus our environmental controls—whether they’re administrative, physical, or logical—on protecting our digital environments from real harm. We already know that implementing the proper degree of controls over our digital resources is key to preventing major disasters like the loss of a power grid, a nuclear meltdown, or an attack on our 911 system. But it’s also critical for us to flip this notion upside down and think about how our digital cybersecurity strategies can do wonders to protect our physical bodies from the increasing threats to our person, something we tend to focus on a lot less. And without putting too fine a point on it, the time to assess how can use our knowledge of technology to change the level of threat we are facing in the real world has never been more critical than it is right now.Â
Why now?
The recent outbreak of gun violence and terrorism in America over the past decade has not only been tragic, it has been positively eye-opening to the many ways danger can infiltrate seemingly safe environments like office buildings and schools, places where people are unarmed and unprepared for physical violence. Sure, a big part of “hardening” our cyber defensive posture involves encryption, application security, and other safeguards, but these digital solutions can also be applied to measures that boost the physical security of our selves as well. And they often are—but not nearly to the extent they could be, or perhaps should be.
The truth is, just like The Open System Interconnection (OSI) model that defines a networking framework in protocols of seven layers, the physical protection of our bodies can be defined (and improved) through an OSI layered approach to our tangible landscape. By implementing “layers” of digital solutions to safeguard physical spaces, like schools, banks, and government buildings, we are able to protect against a wide-range of real-world threats—made by both nature and man—like fire, flood, theft, and more specifically, terrorism and gun violence.
And fortunately for us, the use of technology to manage and support the physical world has made some big improvements lately, with sensors, cameras, electronic door locks, and automated everything now connected to IP networks using open APIs. The development of more mass market machine learning algorithms and systems has essentially created an opportunity where highly automated responses to physical incidents can be a reality. New systems are being innovated all the time, but it’s important for the cybersecurity industry to continually turn their attention to how disastrous events can be limited or removed altogether through this type of security-based technology.
How can we make OSI a physical reality?
Great question! To see this OSI analogy for physical security more clearly, let’s think about the world in layers, just like a network.
Layer 7: Application is at the top and the “closest to the end-user,” which means this piece of the physical world is what’s closest to you, like your computer, your email, your workstation. To protect yourself physically on this layer, the objects and digital systems you interact with everyday need to be protected. This can happen through all sorts of anti-virus and cybersecurity tricks of the trade.
Layer 6: Presentation is all about turning data into something that can stay readable in hidden form—namely, encryption. In the physical world, this “data” might come in the form of an alert about a physical threat, like an intruder, at which point certain digital solutions like alarms or lockdowns would be available to keep the real-life humans hidden and protected from confrontation, all while still mitigating the threat.
Layer 5: Session establishes, manages, and terminates connections between applications. This type of digital solution would effectively break the connection between the threat and the target by removing access or a pathway between them.
Layer 4: Transport is responsible for flow control and the promise of a complete data transfer. Exit strategy! Digital innovations need to ensure that all communications between security measures flow and work properly so each one, like a door or lock or a light, knows what it should be doing at what time. A security dashboard with all physical protocols would be a perfect way to achieve this.
Layer 3: Network creates logical connections between nodes. In the midst of a real-life threat, these “nodes” could be humans or workstations or departments or buildings—whatever groups or individuals that need to communicate about the crisis.
Layer 2: Data Link breaks down data into bits, including how access is gained (MAC) and how the flow is checked for errors (LLC). Backing away from the center of the action and towards the outside of the building, this type of environmental control for the physical world could include how the news of a violent incident is disseminated to authorities and other support entities, who can then respond more effectively.
Layer 1: Physical lets the hardware do the electrical and mechanical stuff for the network. Well, that’s an easy one. The physical layer is about the hard stuff that offers protection. Digital solutions related to strengthening of materials and the “hardening” of physical spaces would be the perfect way to address this layer.
Good for your body, good for business?
Not only is this approach good for self-preservation, it also adds a whole new lucrative layer to an already booming cybersecurity market. A recent survey from GrandView Research, a U.S.-based market research and consulting company, suggests the global physical security market will likely expand from about $134 billion today to $290.7 billion in the next 10 years. This projection is based on the notion that the world is facing growing physical threats and will need innovative technology-fueled solutions to mitigate them. In other words—when it comes to future safety, the real world will need help from the virtual one.
Related Resources:
4 Ways to Address Cybersecurity Gaps