I recently had an interview with an organization that specializes in physical security. For most of my career I've dealt with cyber security and information systems, but after the interview I'm now curious about the physical security and alarm industry. Does anyone have experience or references that they can share relating to physical security.The main resource that I learned about was underwriters laboratories, but a lot of their documentation is not "free"...what else is out there?
Are you curious in the standards for physical security controls? Or how to implement security controls?
From a standards perspective, i'd start with reading through NIST special publications related to physical security, such as PE-3 in 800-53 r4:https://nvd.nist.gov/800-53/Rev4/control/PE-3
not sure if this is of any use to you?
Might be a bit high level, not gritty, but mostly common sense.
Side note on Physical Security as part of a CISSP Domain:
Several years ago I successfully logged NRA firearm training for several CPE units under the Physical Security area.
Check out "Effective Security Management", Charles A. Sennewald
There is an international association out there, who is a partner of ISC2: https://www.asisonline.org/ You might want to explore, they are increasingly becoming interested in obtaining CISSP qualifications and moving into the Cyber security world. They have professional examinations, and often they state they are fully licensed consultants, with a pointed finger at us in terms of our credentials.
Thanks for the responses folks.
The resources from ASIS and the "Effective Security management" are along the lines of what I'm looking for.
There quite a bit of material on physical security in the ISSAP CBKs.
Another useful resource is CPNI in the UK: https://www.cpni.gov.uk/physical-security