Hybrid threats — attacks that seamlessly transition between the physical and digital realms — are not hypothetical. From the real-world incident in Oldsmar, Florida, where a hacker exploited weak passwords and an outdated system to nearly poison a town's water supply, to social engineering tactics used to bypass building security, the risks facing public agencies are growing more sophisticated by the day.
In the first of a two-part series for GovLoop, our Director of Product, Pete Akeley, outlines why traditional, siloed security approaches are no longer enough to protect public agencies from blended threats. Akeley identifies the key vulnerabilities that invite trouble — operational silos between physical and cyber security teams, imbalanced defenses, and security protocols that activate too late in the visitor journey — and makes the case for a new standard: Visitor Management 2.0.
Rather than treating security as a checkpoint at the front door, this approach starts much earlier — at the first point of contact with a potential visitor — and integrates identity, access, and compliance systems into a unified framework. Part two of the series will explore how agencies can put this into practice.
-
Key Takeaways
Hybrid Threats Are Here Now: Attacks that blend physical and cyber vulnerabilities are actively targeting public agencies, exploiting the gaps between disconnected security systems.
Silos Create Blind Spots: Poor communication between physical and cyber security teams, combined with imbalanced defenses, leaves agencies exposed to avoidable risks.
Start Security Earlier: Activating compliance measures only at the point of physical entry is too late — effective security begins at the first contact with a visitor, enabling background checks and pre-clearance well before arrival.
Visitor Management 2.0: Public agencies need to move beyond traditional visitor management and adopt an integrated framework that unifies identity, access, and compliance into a modernised security infrastructure.
Originally published in GovLoop. This is part one of a two-part series.