In an era when door readers, CCTV cameras, intercoms, and even turnstiles, operate on IP networks, a cybersecurity failure can instantly become a brick-and-mortar problem. Treating physical security and IT as separate silos is no longer an option for modern organisations.

Unpatched IoT and OT devices
Most video cameras, smart locks, and environmental sensors, rely on embedded operating systems that rarely receive routine updates. A recent industry survey revealed that 57 per cent of organisations cite outdated IT and OT infrastructure as a top challenge. Attackers exploit known vulnerabilities to hijack cameras—effectively blinding facilities—and to pivot laterally into corporate networks. Left unpatched, these always-on endpoints offer a direct path from the internet to server rooms, storerooms, and warehouses.

Cloud misconfiguration
Cloud-managed access-control and video-management systems promise scalability, yet simple configuration errors—such as open storage buckets or over-privileged administrator accounts—put stored footage, credential data, and archive records, at risk. As 43 per cent of organisations now integrate cloud services into their physical-security programme, cloud missteps represent a leading breach vector. A single misplaced access-control list can expose live video feeds and reveal personal data to unauthorised viewers.

Weak identity and access management
Physical-security consoles and back-end platforms, often ship with default credentials or hard-coded login pairs. In a hybrid-IT environment where IT and security teams collaborate more than ever, failing to enforce multi-factor authentication and strict role-based permissions, means any compromised user can unlock doors, disable alarms, or erase critical incident logs.

Supply-chain and third-party risks
Manufacturers of cameras and access-control devices, frequently rely on common software libraries, development toolkits, and third-party modules. A tainted firmware update can embed backdoors across hundreds of sites before anyone notices. Without rigorous vendor-attestation processes, organisations expose their perimeters to upstream compromise.

Insider threats and configuration drift
Security operators may open firewall ports to troubleshoot a malfunctioning card-reader device, then forget to close them. Over time, these ad hoc exceptions accumulate—often without documentation—leaving hidden entry points that attackers or rogue employees can exploit to sabotage operations or conceal theft.

Mitigation recommendations
To address these challenges, organisations must adopt a unified cyber-physical security strategy covering all network-attached assets and devices. Patch management and secure-configuration review remain critical. Cloud settings should be codified using infrastructure-as-code and standardised templates to reduce error. Identity controls must enforce zero-trust principles, with robust multi-factor authentication, and granular permissions. Ongoing vendor risk assessments and regular user training, help manage supply-chain and insider exposures. Finally, continuous monitoring and automated drift detection, ensure that unauthorised changes to network or security policies are identified and remediated, before they can cause harm. By closing both cyber and physical gaps, organisations can safeguard people, property and reputation.

by Michael Gazeley – Managing Director, Network Box