What Is It?
A physical presence is where your organisation physically exists, this could be an office, a manufacturing plant, your data centre or a call centre for example. Wherever you are based there will be some security requirements to protect your property, both intellectual and physical, as well as a requirement to secure the continuation of your organisation’s operations.
Why Assess It?
There are many reasons to conduct a physical security assessment, five of which are below.
Threat Actor Focus
As cyber security is uplifted across organisations threat actors are turning to alternative ways of achieving their objectives. After all, a threat actor is not there to boast about technical excellence. They are there to obtain an objective and will do so using the path of least resistance. Compared to increasingly secure computing systems, organisations offices are often a soft target and once a threat actor is in, cyber attacks become more accessible and successful.
Protect Assets
Most organisations premises have equipment in them which can represent a sizable financial expenditure. By mapping out your premises physical security vulnerabilities, you can take action to reduce the likelihood of theft or malicious damage.
Understand The Risk Of Dependencies
Organisations sometimes utilise shared buildings and presume that their building security is taken care of by the landlord / office owner. Often this can give a false sense of assurance against a resourceful threat actor. Through a physical security assessment, you can gain visibility in the defences present, any limitations and how to mitigate the risks.
Supply Chain Attacks
Your organisation may make a product or sell a service to other organisations and if a threat actor is targeting your customer, then they may target you in order to find another way of achieving their objectives. By ratifying your own security posture, you can ensure you are not the weakest link in the chain and can secure your reputation going forwards.
Human Vulnerability
Physical premises typically have security defences, such as locks and closed circuit television (CCTV) but your teams come and go. It is important to ensure that your security training defends against unauthorised people entering your buildings through social engineering, a scenario undertaken in a physical security assessment.
The Agility Cyber Approach
Like all our engagements, we want you to get the most out of your physical security assessment and we do this by:
Identify Multiple Attack Paths
We do not stop looking for vulnerabilities when we have achieved the end objective of a compromise. Our role in assisting you is to ensure you have the full information and knowledge available of every attack path. This both provides clarity and a realistic view of your risk but also powers effective remediation where short term uplifts in the security posture can be made by securing common points across the different attack chains.
Multi-Phase
Whilst physical access is the centre of this assessment, to provide you an accurate risk insight we explore further to gauge what a threat actors next steps could be. An example of this is once access has been secured to a building, we try to obtain network access and maintaining persistence through deployment of an implant device or by utilising initial access to the visitor booking in system to secure future access for example.
Documented Findings
We want to be clear and specific about our findings so we ensure that we document where the vulnerability was discovered, how it was abused and the ramifications of exploitation, usually supplemented by photographs and a location on a plan if appropriate.
Extensive Open Source Intelligence
Threat actors will spend the time researching your organisation as it increases their success rate, so do we. We enumerate as much relevant information as we can and ensure the level of information and its uses is documented for your organisation, both to help you understand your current risk but to also assist with guarding from future genuine threats.
Controlled Environment
The physical security assessment is not done to you, it is done with you. An engagement plan is discussed and agreed upon prior to any actions taking place. This plan has input from our own intelligence gathering activities, supplemented by our threat actor knowledge as well as direction by you as you know your organisation best and may have specific areas or systems you wish to focus on.
Benefits of Partnering with Agility Cyber
Mutually Invested
Our experts work with you, not against you. There are no egotistical celebrations when a serious issue is discovered, just rapid full disclosure with pragmatic suggestions for effective remediation followed by ongoing support.
Clarity and Simplicity
We always provide clarity, believe in simplicity and value your time. An example is rather than waiting until the engagement starts, we will conduct open source intelligence gathering activities before the scoping meeting to help us understand your organisations position and risk posture thus enabling us to ask better questions, securing you higher value and saving you time.
Full Consultancy
Our team, based in the UK, is technically exceptional but we pair that with business sense to discover, triage and help you remediate the full range of security issues.
Impartiality
We are impartial, we do not sell you products or the latest buzzword laden trending solution.
Outstanding Service
We have an industry leading turnaround, agility is in our name after all. Proposals are shared with you within 24 hours of the scoping meeting. Accurate and complete daily debriefs are given during every engagement. The report is shared within 5 working days at the latest.