Physical infiltration tests neglected
Much attention today is focused on information security incidents. This seems to come at the expense of physical security. For example, organisations increasingly overlook physical infiltration tests when it comes to security policies. This is according to Isaca, the international professional association in cybersecurity and it-governance, following research.
Physical security, think doormen, guards, cameras, fire alarms and locks but also compliance monitoring, has been around for centuries. But it is in danger of falling into disrepair now that cybersecurity is in the spotlight. While the risks are indeed real. In its study ‘Physical Penetration Testing: The Most Overlooked Aspect of Security‘, professional association Isaca notes a 28 per cent increase in physical security incidents in both 2021 and 2022.
According to the association, organisations today often overlook physical penetration testing when it comes to security. Such tests are designed to identify weaknesses in an organisation’s physical security controls. They also simulate how an attacker tries to gain access to restricted information areas.
‘Technological advances and variability in performing organisational work makes securing sensitive data and assets more difficult. Organisations should not overlook the risks of physical access,’ states Jon Brandt, manager of the Professional Practices and Innovation branch at Isaca. ‘Physical security was around before information security existed. And, although cyber threats may overshadow it, the benefits of physical infiltration tests are innumerable. They strengthen any organisation’s security posture.’