Physical Security in the Crypto Space
Physical security covers the protection of personnel, hardware, software, networks, and data from physical actions and events that could cause serious loss or damage.
Safe. Secure. Traceable. They’re the key elements of crypto — and the reasons many people are turning towards the blockchain. With the recent storm surrounding data breaches and misused personal data, it’s reassuring to know that there’s an immutable record, protected from bad actors by a peer-to-peer network. But are we taking the same sort of care with our physical interactions?
Physical security covers the protection of personnel, hardware, software, networks, and data from physical actions and events that could cause serious loss or damage. The core basis of physical security is situational awareness. A general understanding of your surroundings. Knowing where you are and what’s going on is fundamental when it comes to physical security.
TLDR’s Chief Operating Officer and former Navy SEAL, Chuck McGraw, equates personal security with hygiene — physical actions that can be embedded into daily routines to secure our online interactions and daily lives:
“I think of security like I do basic hygiene. Something that you do every day to take care of yourself. Like in the morning, you wake up, you brush your teeth, you do your hair. You have a cadence that you get into. You should think of security best practices in the same way.”
Taking care of ourselves is often something we take for granted. As obvious as it sounds, being aware of the need to take care of yourself is the first step towards better physical security. So how do you build up those important habits that’ll keep you safe and secure?
Are There Usually Precursor Events To A Threat?
Think about major disasters; volcanic eruptions, earthquakes, floods. There are precursors to these events that can be monitored to ensure safety. It’s no different when looking at personal physical safety. Situational awareness is fundamental to this. Knowing your surroundings and understanding your personal vulnerabilities is a key skill.
“Everybody, depending on their life experience or their training, has the ability to notice precursors to an incident. Even if you have training and the general understanding, but you have very, very little situational awareness, then you’re going to have a blindside and be vulnerable.”
It can be easy to be distracted in the digital era — we’re all carrying smartphones, tablets or laptops. Just taking a moment to check your email on your phone can leave you vulnerable to an attack. By taking the time to be aware of your surroundings and understanding your own vulnerabilities you can reduce the risk.
“If you lock your door every night before going to sleep, why wouldn’t you put your cell phone in your pocket and keep your head up when moving through transitional spaces: building to parking lot, parking lot to stairwell, etc.? It is just about having situational awareness.”
How Can I Take Steps To Improve My Situational Awareness?
Situational awareness is the concept of always being aware of things going on around you. It’s about learning good security hygiene. We’re creatures of habit, and understanding the areas where we are the most vulnerable to threat can help us compartmentalize when we need to be on high alert — both in daily life and online.
Objectively thinking through your day-to-day life, looking for the avoidable and unavoidable risks that we take daily, is the first step in achieving situational awareness.
“Map out that pattern of life. What points in that pattern of life am I vulnerable? You think, maybe when I drive to a certain area and get out of my car? When I go from my car into my office? That could be a place where I’m vulnerable. Now, how do I increase that vulnerability? Do I get out of my car immediately look down at my phone and start texting everybody as I’m walking through the garage? If you’ve identified those areas where you have higher vulnerabilities — don’t add to them. Most attackers look for easy targets. Keep your head up, simply scan your environment, and follow your gut. If you don’t feel safe, do something about it.”
Once you understand your vulnerabilities and potential of an attack, then you can start putting in controls to reduce your risk. For example;
“First, park your car in a well-lit area inside a garage, next to an elevator. Then, when you get out of the car, lock it and don’t take out your phone until you get into the elevator. Over time you build the habit and it becomes second nature.”
The key actions to achieve better situational awareness can easily be broken down into the following points:
- Understand your own vulnerabilities
- Understand what’s going on in your external environment.
- Identify the threats that you may be subject to
- Implement the controls to reduce the risk to an acceptable level.
Where Can Physical Security Play A Big Part In The Crypto Space?
One of the flaws of the crypto space is that it’s mostly unregulated. While the traceability of the blockchain does offer security, as with every aspect of life, nefarious activities do still happen. Take the following as an example:
“If I wanted to steal a million dollars worth of whatever coin and I know you have it on a cold storage device, and I know where it is, would I go after that or would I rob a bank? Would I want to rob a bank or someone who has poor situational awareness and security hygiene? I would go after the soft target.”
Bad actors will always choose a soft target. And that means the softest target with the least amount of risk to the attacker. By increasing your awareness and ingraining good personal security habits you can stop yourself from being a victim.
What’s The Biggest Challenge For Achieving This Level Of Security Hygiene?
The biggest challenge to personal safety is apathy.
“Sometimes we live or lives unaware, not accepting that there are potential bad actors out there who want to negatively affect us. People can be like ostriches with their heads in the sand. You don’t have to live your life in fear, but be a realist. Don’t be a victim. Paranoia and insecurity comes from lack of preparation.”
It might be scary to imagine threats lurking around the corner, but it’s important not to be complacent. Know the precursors, know your vulnerabilities, know the threats around you, and be aware of your situation and surroundings. Know the controls you can put in place.
“It’s not really scary, it’s just knowing how to reduce your vulnerabilities.”
By understanding where you are vulnerable, you can determine what threats you are susceptible to, and can begin putting controls in place to mitigate that risk. But it’s also important to strike a balance:
“In the private sector, in this industry, it’s efficiency versus security. If you implement too many controls it can hinder your efficiency. They can hinder you, or slow you down, or make you less efficient. In the military, we called it speed versus security. It is a constant push and pull. Every environment or situation is different. You need to keep your head out of the sand.”
Ultimately, it’s all about achieving the perfect balance between the two, and that’s where expertise and training can come in. Knowing the areas that are high-focus and prioritizing them can help achieve a healthy security-safety balance.
How Can TLDR Help With Personal Security?
Our Security Team are aware of “the security gaps and vulnerabilities plaguing the space” and bring a wealth of knowledge and a passion for cybersecurity to personally guide crypto institutions through security protocols.
We can use our expertise to guide and advise you into building up routines that will become as second nature as brushing your teeth. We’re passionate about helping you build and maintain good security hygiene.
If you’re interested in finding ways to collaborate and partner with TLDR, don’t hesitate to reach out here.
Find out more about TLDR. Check out our social channels below:
This article is based on views and information held by TLDR on publication date and may be subject to change, although TLDR does not undertake to update them. Nothing contained herein constitutes investment, legal, tax or other advice, nor a recommendation or solicitation of an offer to buy or sell any securities or to adopt any investment strategy. No representation or warranty, express or implied, is made or given by or on behalf of TLDR as to the accuracy and completeness or fairness of the information contained in this article.