Skip to the main content.
 
Facebook Instagram Linkedin X YouTube Medium
About our VOSB Designation

vosb_large

Veteran Owned Small Business (VOSB) is a company diversity registration designated under the Veteran Benefits, Health Care, and Information Technology Act of 2006 (Public Law 109-461). Registration ensures that companies qualify for preferential procurement for federal contracts if they are owned and controlled by Veterans.

This certification is non-industry specific and requires that the firm meets the small business requirements established by the Small Business Administration (SBA). Additionally, it requires that the company is at least 51% owned, operated and controlled by a veteran.

About Us

2 min read

Are you Suffering from Security System Sprawl + Technical Debt in a Converged Cyber-physical World? Don't worry, you're not alone!

Picture of Theseus Team Theseus Team : Nov 12, 2025 9:58:44 AM

Risk Assessment Services Risk Assessment Download Guide

Most security managers are juggling decades of mixed gear (old cameras/doors/recorders, cloud services, vendors, and custom scripts) that now sits on the IT network and is therefore part of the cyber attack surface. The real pain isn’t a single device—it’s visibility, control, and risk across all of it.

Eric Moreau and his co-panelists discussed this topic recently at the Security Technology Forum in Washington, D.C. Watch here and read below...

 

What to do about it (best-practice, field-tested)

Adopt a living modernization program focused on attack-surface reduction and lifecycle control:

  1. Build the inventory (facts first).
    One source of truth listing every camera, panel, server/appliance, firmware, credential model, network segment, warranty/end-of-support date, and data flow. No inventory = no control.

  2. Segment like you mean it.
    Put physical security on dedicated VLANs with ACLs; block east-west chatter; broker access through jump hosts/proxies; no flat networks.

  3. Standardize baselines.
    Golden images and config templates per device class: ports/services, TLS, password policy/MFA for admins, logging targets, time sync, hardening checklists. Make “secure by default” the easy path.

  4. Patch and rotate on a schedule.
    Quarterly (minimum) firmware reviews for cameras/recorders/controllers; emergency out-of-band path for CVEs. Rotate local creds/API keys; kill vendor default accounts.

  5. Least privilege & strong auth.
    Centralize admin identities (IdP), enforce MFA for all consoles, role-based rights, time-bound vendor access, and per-site break-glass procedures.

  6. Monitor and measure.
    Send logs/metadata to your SIEM/SOAR; create alerts for new devices joining, policy drifts, failed logins, and firmware mismatches. Review monthly.

  7. Plan for failure.
    Document incident response for cyber/physical overlap (e.g., VMS down, badge system locked, ransomware). Run tabletop exercises twice a year.

  8. Buy for the future.
    New procurements must meet a checklist: supported crypto, published CVE process, API openness, hardening guides, SBOM, five-year support roadmap, and clean integration to your VMS/PSIM/IdP.

  9. Fund the lifecycle.
    Tie every asset to an end-of-life date and a replacement budget line. Technical debt shrinks only when refresh is routine, not “nice to have.”

Quick scorecard you can use next week

  • % of devices discovered vs. estimated (aim: 98%+)

  • % on standard baseline (aim: 90%+)

  • Mean firmware currency (days since vendor release)

  • of admin accounts with MFA (aim: 100%)

  • of open inbound firewall rules to security subnets (trend to zero)

  • Mean time to revoke vendor access after ticket close

If you make asset clarity + segmentation + baselines your drumbeat, the rest (patching, auth, monitoring) becomes repeatable. 

Contact our team to discuss a comprehensive security system assessment and forward-thinking action plan customized to your organization's needs >>

Theseus dialog bubble-1

 

Want to learn more about building a resilient security operation?


Watch our free on-demand webinar featuring insights that transcend healthcare and apply to any facility security program. Whether you're managing a hospital or a corporate campus, the strategies discussed can help improve your environment’s safety and operational readiness.

This webinar is available on-demand, allowing you to watch at your convenience. Don’t miss this opportunity to learn from one of the industry's leading experts and take your facility’s safety and security to the next level. 

To register and access the on-demand webinar, click here >>

Healthcare Ring of Security - Play Button Window

 

 

IN-HOUSE SECURITY RISK ASSESSMENT CONSIDERATIONS magazine coverBONUS: DOWNLOAD OUR FREE IN-HOUSE SECURITY RISK ASSESSMENT CONSIDERATIONS GUIDE

Security professionals are constantly looking for innovative ways to secure their facility and provide a safe environment within their budget. And, they are also constantly looking for resources to help them achieve that mission while expert advice is hard to come by. 

Fortunately, we have released a considerations guide that will help security professionals perform their own in-house security risk assessment. 

What's Inside?

This guide is intended to assist you with performing an in-house physical security risk assessment. In many cases, assistance from a third-party expert, like Theseus Professional Services, is required.

Identification of missing or inadequate physical security measures that safeguard assets (people, property, and information) and critical business functions is of paramount importance. The findings of a security risk assessment are used to measure and communicate the level of risk to the organization.

  • Process Evaluation
  • Threats
  • Vulnerability Assessment Highlights
  • Electronic Security Systems Considerations
  • Site Considerations
  • Building Entrances and Exits
  • Common Functional Areas
  • Building Envelope
  • Utilities and Building Services
  • Building Systems

Download here >>

IN-HOUSE SECURITY RISK ASSESSMENT CONSIDERATIONS magazine cover