Security at the Cyber-Physical Intersections

-
In my previous post Complexity impedes Security I covered the simplification principles. The Cyber-Physical interactions are the focus in this post.

  • The Physical-space comprises the geographical locations and the users and the tools in them orchestrated within a business process context. 
  • The Cyber-space comprises the Network that provides the connectivity, the Platforms that provide containers for the Applications to run on hence process the Data. 



  • Enterprises operate their businesses across the breadth and depth of their capabilities using internal and external entities that share each others’ physical and cyber space. 
E.g., an Order Processing system illustrated here has a Payment Processing Team operating from Vietnam, an Order Processing Application accessible over the extranet (to employees, partners and customers) and a product catalog hosted on the Cloud.
cyber-physical example

  • Today’s Enterprises, old and new alike, operate a network of processes that transact across physical and cyber boundaries. I present a viewpoint that Security vulnerabilities are the highest in these intersections. 


A holistic Security should consider two important factors
  1. Adequate security validations at all Cyber-Physical divides 
  2. Address Security with an end-to-end process in context
The network becomes the glue between the Cyber and Physical entities, however, there may be various networks at play as the process steps are carried out end-to-end. 

Automating the end-to-end process seamlessly is one of the necessary simplification principles that significantly improves Security.  

The tools today are inadequate in addressing the cyber-physical divide and this chasm is filled with security risks. A paradigm shift is required through adoption of Digital Transformation methods such as blockchain. 

Comments

Post a Comment

What do you think?

Popular posts from this blog

Anything on a page

-
Image
A well-thought-out idea, a powerful marketing message, an informative info-graphic, a restaurant menu card, a movie poster, a cheat sheet, London tube map.  What is common in all of the above? The title of this post is a hint.  They are all something on a page. Anything that fits a page is a  well articulated viewpoint of a customer.  Anything on a page is an amazing vehicle to reach the information to the right audience at the right place and time. Three principles to bear in mind:  1. Focus on the outcome of the process (why) 2. Take the viewpoint of the audience (who, when, where) 3. Apply sophistication to the tools yet keep the output simple (how)
Read more

Complexity impedes Security

-
Image
Complexity is the primary reason Enterprises struggle so much with security vulnerabilities.  Today’s Enterprises are complex mashup of capabilities in operations and technology. Even small and medium enterprises aren’t an exception. Business capabilities are both broad and deep often cross-referenced in the context of an end-to-end business process.  Businesses are, in today’s information economy, wide open to internal and external threats. Each possible entry and exit are potential points of vulnerabilities.  Enterprises are forced to invest in complicated security systems to monitor, control and audit access to vital assets that include information. Often the cost of securing are a big operational overhead on the profitability. Enterprises need to constantly re-look at the need for complex systems in securing information. at each level of the capability Breadth and Depth for relevance and consistency.  Simplifying the architecture gives an opportunity to apply security where
Read more