Last updated: April 29, 2026
A Hyderabad data centre operator passed every cyber audit. Then a “courier” walked into the facility carrying a fake delivery, tailgated through a side door behind a smoking employee, and spent 40 minutes in the server hall photographing rack labels and one open KVM session. The recording from the lobby camera arrived for review three days later. Physical security is the layer that crashes spectacularly when treated as facilities-team problem disconnected from cyber. This module covers physical security as a security-engineering discipline.
Why physical security is a cyber concern
Cyber controls assume an attacker is on the network. Physical access defeats most of them:
- Bootable USB on an unlocked workstation = local admin in 90 seconds
- Plugged-in HID device (Rubber Ducky / Bash Bunny) = keystroke injection with one user touch
- Network-tap on cable = mTLS-bypassing wire-tap if endpoints don’t enforce
- Camera over a screen = MFA token capture during operator session
- Server hall access = direct disk imaging, RAM dump (cold-boot attack), iLO/iDRAC capture
Physical breach often costs less than zero-day acquisition.
Custom team training + practitioner advisory
Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.