The last day of Global Security Exchange (GSX) in Las Vegas proved to be the calm after the storm. But a slower third day could not undermine a largely successful 2018 show for exhibitors and attendees. Sometimes the success of a trade show isn’t measured by numbers of attendees (which were reportedly down again this year). Sometimes it’s the individual successes that make an impression.

Just learning about this made the whole trip worthwhile,” said one GSX attendee at the Johnson Controls booth, referring to the company’s new PowerSeries Pro intrusion devices. It’s the kind of feedback that makes the expense of exhibiting at a big trade show worthwhile. The new PowerSeries Pro is an extension of Johnson Controls’ existing line that is expressly designed for the commercial security market.

The ‘hybrid’ (wired or wireless) device offers ease of installation and full cybersecurity including 128bit AES encryption with spread spectrum for no jamming or interference. It employs frequency hopping technology first developed for the Israeli defence force.

Wireless technology for cybersecurity

PowerG eliminates the need for wires by providing ‘invisible wired technology’, a marketing term that emphasises the cybersecurity of the product

PowerSeries Pro uses PowerG wireless technology and expands the portfolio of PowerG devices from residential through commercial. For use in a wired solution, the main advantage is ease of installation; terminal blocks ‘pop out’ easily and can be wired and plugged back in. Alternatively, PowerG eliminates the need for wires by providing ‘invisible wired technology’, a marketing term that emphasises the cybersecurity of the product – wireless at the same level of cybersecurity as wired.

Johnson Controls addresses three big factors with the product line: cybersecurity, user control, and easy installation and dependability. It’s part of Johnson Controls’ broader approach to provide ‘one-stop shopping’, enabling an end user to control their environments, video and access, and protect their contents, according to the company.

Need for more security in K-12 schools

In addition to reaching end users, lock company Allegion sees the show as an opportunity to meet with technology partners. “It’s great to bring together a concentration of people in the industry,” said Brad Aikin, Channel Led Business Leader, Integrator Channel. “We have had good conversations with technology companies here at the show in terms of partnering, both physical access control and OEM partners. We have also had good conversations with the integrator channel.

From speaking with education end users at GSX, Aikin sees a large unmet need for security in K-12 schools, more so than in colleges and universities. “K-12 is underserved,” he says. “They need to identify their priority of needs, and now they can serve needs they couldn’t before, both layering levels of security and phasing in implementation over time. Now things can be applied and tried out without disrupting the environment.

An example is the Von Duprin RU RM (Remote Undogging and Remote Monitoring) door exit devices, which are being integrated by access control partners Sielox, IDenticard and Vanderbilt. Intelligence is added to the door exit device to enable inexpensive monitoring of secondary, previously unconnected doors. The doors can be monitored and locked or unlocked at various points in the day.

In addition to reaching end users, lock company Allegion sees the show as an opportunity to meet with technology partners
Lock company Allegion sees the show as an opportunity to meet with technology partners

Bridging the gap between IT and physical security

One exhibitor – ADT – noticed more information technology (IT) professionals accompanying their physical security counterparts at this year’s GSX exhibition. “They come along to kill dreams on the spot,” said Morgan Harris, Senior Director Enterprise Solutions, noting the IT department’s frequent hesitancy to add untrustworthy elements to the network.

ADT is looking to transform and expand its 144-year-old brand in the commercial security space and has completed eight acquisitions in the last year to accomplish the goal. Some of the acquisitions build on ADT’s expanding cybersecurity initiative, which is both a fully-functioning stand-alone business and an effort to bridge the divide between IT and physical security. ADT is positioning itself to manage enterprise risk in the broadest sense.

Combining IT and cybersecurity

The Internet of Things (IoT) is fuelling convergence but are we missing out on how to talk to each other and communicate effectively between IT and security?"

The Internet of Things (IoT) is fuelling convergence but are we missing out on how to talk to each other and communicate effectively between IT and security?” asked Harris. “Projects have failed because information was lost in translation.” ADT seeks to have skillsets, experience and certifications on both sides of the issue.

It enables us to be the in-between,” says Harris. “We can blend the two together and be the translator. It’s great for both sides, advocating for security counterparts and for the network simplifies deployment and processes.

Harris sees a trade-off between cybersecurity and convenience in the industry. For example, if a manufacturer says they have a simplified process and only offers firmware updates once a year, cybersecurity suffers, he said. Lack of third-party testing is another way that manufacturers sometimes trade cybersecurity for convenience, at heightened risk to integrators and end users.

Training courses for integrators and partners

Milestone Systems is expanding its level of involvement with integrator partners, and now provides Partner Business Reviews (PBR) to assess an integrator’s activities, sales and training, pipeline and marketing initiatives.

The partner reviews often uncover issues that can be easily rectified through additional training, says Megan McHugh, Milestone’s Training Marketing Manager, Learning and Performance. Milestone uses a dashboard to track each integrator’s completed training courses and can point out additional courses needed to ensure an integrator partner’s success.

Milestone offers a variety of in-person, e-learning and YouTube video courses to train installing partners, systems integrators and self-integrators on best practices

Milestone offers a variety of in-person, e-learning and YouTube video courses (in 12 different languages) to train installing partners, systems integrators and self-integrators on best practices. ‘Cloud Labs’ are instructor-led online classes.

All courses are linked to a variety of support resources. Sometimes a simple checklist accessed on a smart phone can ensure that every aspect of an install is performed and can instil added confidence in customers.

The open platform company’s new agile development cycle – releasing multiple versions of XProtect software throughout the year – creates extra challenges to keep learning initiatives up to date. Along with each new release, various existing courses are updated.

The concepts of “training and certification” are being replaced at Milestone with “learning and performance,” says McHugh. Milestone is also looking to hire 170 new R&D staff and open a new centre in Barcelona (in addition to current R&D centres in Copenhagen and Sofia, Bulgaria).

Making camera installation easy

Hanwha Techwin is another company that is seeing more interest in cybersecurity, as well as concern about whether a product is supported professionally. They have doubled-up production in South Korea and added capacity in Vietnam to avoid manufacturing in China.

Thinking about their integrators, Hanwha Techwin is putting more emphasis on making installation easy. Installation costs may be up to 50 percent of a job, so easier installation frees up money to buy more or better cameras. With a new design of their cameras, an electrical contractor can now install the camera base and conduit, and then the integrator can easily plug in the camera later.

Camera bases are common across multiple models, so a customer could switch out a 5-megapixel for a 2-megapixel camera later on if they want to (same housing plate). ‘Skins’ allow the colour of cameras to be changed to match surrounding décor. “We are changing the idea of how people approach selling a camera, and it’s a whole new idea of how to install cameras,” said Tom Cook, Senior Vice President, North American Sales, Hanwha Techwin.

Thinking about their integrators, Hanwha Techwin is putting more emphasis on making installation easy
Hanwha cameras can include a sound classification analytic to detect sounds such as gunshots

Cameras with sound detection technology

Hanwha offers more flexibility in the field – interchangeable parts are packed together to enable configuration on site. And there is no need to stand on a ladder to position cameras; stepper motors help with remote camera positioning. Multi-sensor cameras have modules (combining lenses and sensors) that can be switched out at installation. Hanwha Techwin cameras can also include a sound classification analytic to detect sounds such as gunshots, screams or glass breaks, especially useful in K-12 education environments.

Unification and the customer journey were a key emphasis for Genetec at GSX 2018. Unification for Genetec means combining multiple functions on one platform, from one vendor and using one source code. The company approaches the market by analysing each customer’s journey as it relates to Genetec products.

A typical customer journey involves (1) a company looking for standalone systems; (2) the need to centralise systems through integration and unification; (3) increasing automation and workflow; and (4) adding intelligence for more informed decision-making.

Genetec wants to get more in-depth with customers, be more comfortable with their business, and understand their challenges,” said Derek Arcuri, Product Marketing Manager. “We want to get naked with our customers.

Machine learning engine for crime prevention

In the city of Chicago, Citigraf detects patterns in crime behaviour and determines where a crime is likely to occur

There was a big crowd at the Genetec booth, and not because the comment was applied literally. Genetec has divided itself into multiple parts, each focussed on a vertical market such as retail or transportation.

The approach is to operate as a ‘federation of startups’, with each market sector accountable to fill in the gaps in the portfolio to meet the specific needs of each vertical. For example, Genetec’s Citigraf is an unsupervised machine learning engine with an algorithm to detect anomalies and trends from a large pool of data in a municipal environment.

In the city of Chicago, Citigraf detects patterns in crime behaviour and determines where a crime is likely to occur. The system alerts operators in a bureau or area that has a higher risk level and should beef up the number of first responders.

Chicago has seen a 39 percent decrease in average response time of first responders as a result. In the retail market, Genetec leverages the security infrastructure to analyse shopping trends and provide data for merchandising and operations. “Each customer is getting a portfolio of products tailored to the industry they are in,” says Arcuri.

Demonstrating IoT devices

Axis Communications displayed its range of products at GSX, demonstrating its almost total transformation from an IP camera company to a supplier of a full range of Internet of Things (IoT) devices. “Axis is broadening its portfolio to include more solutions,” said Scott Dunn, Senior Director, Business Development Systems and Solutions. “Our success is driven by continuing to innovate our portfolio. The market is continuing to grow, and Axis is continuing to expand its market share.” Eight ‘Axis Customer Experience Centers’ around the United States help Axis stay close to their integrators, customers, partners and prospects.

IP addressable audio speakers from Axis can provide music as a service, and then can be interrupted for audio messages on behalf of physical security

Axis has offered access control IP edge devices since 2013, and now has a new A1601 door controller being sold with partner-only software (no embedded Axis software like previous A1001 devices). In audio products, Axis has a portfolio of speakers, intercoms, and public address systems.

Acquisition of IP door intercom company

Enhancing the audio line was acquisition in 2016 of 2N, an IP door intercom company headquartered in Prague, Czech Republic. In North America, the 2N team is now fully part of Axis. The line emphasises simple architecture, programmability, and the ability to integrate widely. The products use Session Initiation Protocol (SIP) to integrate through the cloud or peer-to-peer.

IP addressable audio speakers from Axis can provide music as a service, and then can be interrupted for audio messages on behalf of physical security. Retail, education and enterprise customers are gravitating to IP audio. An IP bridge can tie existing analogue components into the IP system. For perimeter security, Axis offers a radar device to help eliminate false alarms, as well as thermal cameras.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version

Author profile

Larry Anderson Editor, SecurityInformed.com & SourceSecurity.com

An experienced journalist and long-time presence in the US security industry, Larry is SourceSecurity.com's eyes and ears in the fast-changing security marketplace, attending industry and corporate events, interviewing security leaders and contributing original editorial content to the site. He leads SourceSecurity.com's team of dedicated editorial and content professionals, guiding the "editorial roadmap" to ensure the site provides the most relevant content for security professionals.

In case you missed it

Managing security during unprecedented times of home working
Managing security during unprecedented times of home working

Companies are following government guidance and getting as many people as possible working from home. Some companies will have resisted home working in the past, but I’m certain that the sceptics will find that people can be productive with the right tools no matter where they are. A temporary solution will become permanent. But getting it right means managing risk. Access is king In a typical office with an on-premise data centre, the IT department has complete control over network access, internal networks, data, and applications. The remote worker, on the other hand, is mobile. He or she can work from anywhere using a VPN. Until just recently this will have been from somewhere like a local coffee shop, possibly using a wireless network to access the company network and essential applications. CV-19 means that huge numbers of people are getting access to the same desktop and files, and collaborative communication toolsBut as we know, CV-19 means that huge numbers of people are getting access to the same desktop and files, applications and collaborative communication tools that they do on a regular basis from the office or on the train. Indeed, the new generation of video conferencing technologies come very close to providing an “almost there” feeling. Hackers lie in wait Hackers are waiting for a wrong move amongst the panic, and they will look for ways to compromise critical servers. Less than a month ago, we emerged from a period of chaos. For months hackers had been exploiting a vulnerability in VPN products from Pulse Secure, Fortinet, Palo Alto Networks, and Citrix. Patches were provided by vendors, and either companies applied the patch or withdrew remote access. As a result, the problem of attacks died back.  But as companies race to get people working from home, they must ensure special care is taken to ensure the patches are done before switching VPNs on. That’s because remote desktop protocol (RDP) has been for the most part of 2019, and continues to be, the most important attack vector for ransomware. Managing a ransomware attack on top of everything else would certainly give you sleepless nights. As companies race to get people working from home, they must ensure special care is taken to ensure the patches are done before switching VPNs on Hackers are waiting for a wrong move amongst the panic, and they will look for ways to compromise critical serversExposing new services makes them also susceptible to denial of service attacks. Such attacks create large volumes of fake traffic to saturate the available capacity of the internet connection. They can also be used to attack the intricacies of the VPN protocol. A flow as little as 1Mbps can perturbate the VPN service and knock it offline. CIOs, therefore, need to acknowledge that introducing or extending home working broadens the attack surface. So now more than ever it’s vital to adapt risk models. You can’t roll out new services with an emphasis on access and usability and not consider security. You simply won’t survive otherwise. Social engineering Aside from securing VPNs, what else should CIO and CTOs be doing to ensure security? The first thing to do is to look at employee behaviour, starting with passwords. It’s highly recommended that strong password hygiene or some form of multi-factor authentication (MFA) is imposed. Best practice would be to get all employees to reset their passwords as they connect remotely and force them to choose a new password that complies with strong password complexity guidelines.  As we know, people have a habit of reusing their passwords for one or more online services – services that might have fallen victim to a breach. Hackers will happily It’s highly recommended that strong password hygiene or some form of multi-factor authentication (MFA) is imposedleverage these breaches because it is such easy and rich pickings. Secondly, the inherent fear of the virus makes for perfect conditions for hackers. Sadly, a lot of phishing campaigns are already luring people in with the promise of important or breaking information on COVID-19. In the UK alone, coronavirus scams cost victims over £800,000 in February 2020. A staggering number that can only go up. That’s why CIOs need to remind everyone in the company of the risks of clickbait and comment spamming - the most popular and obvious bot techniques for infiltrating a network. Notorious hacking attempts And as any security specialist will tell you, some people have no ethics and will exploit the horrendous repercussions of CV-19. In January we saw just how unscrupulous hackers are when they started leveraging public fear of the virus to spread the notorious Emotet malware. Emotet, first detected in 2014, is a banking trojan that primarily spreads through ‘malspam’ and attempts to sneak into computers to steal sensitive and private information. In addition, in early February the Maze ransomware crippled more than 230 workstations of the New Jersey Medical Diagnostics Lab and when they refused to pay, the vicious attackers leaked 9.5GB or research data in an attempt to force negotiations. And in March, an elite hacking group tried to breach the World Health Organization (WHO). It was just one of the many attempts on WHO and healthcare organisations in general since the pandemic broke. We’ll see lots more opportunist attacks like this in the coming months.   More speed less haste In March, an elite hacking group tried to breach the World Health Organization (WHO). It was just one of the many attempts on WHOFinally, we also have bots to contend with. We’ve yet to see reports of fake news content generated by machines, but we know there’s a high probability it will happen. Spambots are already creating pharmaceutical spam campaigns thriving on the buying behaviour of people in times of fear from infection. Using comment spamming – where comments are tactically placed in the comments following an update or news story - the bots take advantage of the popularity of the Google search term ‘Coronavirus’ to increase the visibility and ranking of sites and products in search results. There is clearly much for CIOs to think about, but it is possible to secure a network by applying some well thought through tactics. I believe it comes down to having a ‘more speed, less haste’ approach to rolling out, scaling up and integrating technologies for home working, but above all, it should be mixed with an employee education programme. As in reality, great technology and a coherent security strategy will never work if it is undermined by the poor practices of employees.

Security technology and AI: A powerful duo in the fight against COVID-19
Security technology and AI: A powerful duo in the fight against COVID-19

A person infected with the Coronavirus (COVID-19) infects an average of 2.5 other people within five days. You do not need to be a mathematician to realise that early detection of infected people is key to successful pandemic containment. The aim of effective containment strategies is therefore not so much to reduce the number of absolute cases as it is to extend the time frame within which they occur. Without effective containment measures, the virus spreads rapidly and is beyond the capacity of the health care system. However, if infection rates can be minimised through early detection and rapid, targeted identification of further infections, cases will continue to occur over a longer period of time and remain within the capacity of the health care system. Identifying, testing and results For example, the goal of many countries is to carry out as many Corona tests as possible to quickly identify infected people. It is then necessary to identify and reach potentially-infected people and isolate them in quarantine. This is a tried and tested procedure. But this method also costs valuable time in the fight against the virus and has many unknowns. The determination of a concrete test result alone sometimes takes up to 48 hours due to limited laboratory capacity. Added to this is the imprecise and slow procedure for determining contact persons. Or do you still remember exactly who and where you shook hands with in the last ten days - and could you provide information on this? Security technology to the rescue When it comes to the time factor, security technology can be a great help. Thermal imaging cameras and temperature sensors, for example, can help to detect a person with elevated body temperatures. Fever can also be one of the symptoms in those infected with the Coronavirus. At neuralgic points such as airports and train stations, or at entrances to hospitals, thermal imaging cameras can quickly reveal which people have fever. Presumably infected people can be easily separated and asked about other symptoms. Physical security technology can make a great contribution here. Dr. Frank Gillert, a professor at the University of Applied Sciences in Wildau, Germany states, however, as one of the leading scientists for logistics-centric security research, he demands "rapid innovation in dealing with situations like COVID-19 should be a priority". He sees enormous potential in the possibilities of IT and artificial intelligence; "We should use the disruptive changes that are currently taking place and that are challenging global orders to strengthen the significance in IT infrastructure development and also in security technology development.“ The goal in a global crisis And he is right: In global crises such as the Corona pandemic, security-related deficits become apparent and space is created for technical innovations. The goal of governments and companies is to restore security and save human lives as quickly as possible. The German data analytics powerhouse G2K, for example, has developed a Corona Detection & Containment System (CDCS) that is ready for immediate use in record time. Detection takes place in combination with AI-supported data analysis to specifically identify virus hotspots and distribution routes, as well as to identify other potentially infected persons. When developing the system, the focus was on two questions: How do I detect a suspected infected person in crowded environments and even more importantly, how do I quickly and comprehensively determine the person's contacts and previous whereabouts, and find correlations and patterns in this information? The data experts of the Berlin-based company found the answer in the combination of physical security technology and their existing data analytics platform. The G2K system The system is based on G2K's scalable IoT platform "Situational Awareness Builder" (SAB), which is already in use in several projects worldwide and sets standards in process automation and process optimisation, including security management. As soon as a person with fever is detected by the system, he or she can be immediately screened to avoid contact with other people and thus prevent possible new infections, i.e. to interrupt the chain of infection. For this purpose, stationary thermal imaging cameras or smartphones equipped with a temperature sensor accessory can be used. The potentially infected person must now be registered and referred to a doctor or hospital for further specific diagnostic measures. The entire process is covered by a mobile G2K application. A combination of security and medicine The platform can bring together available hospital capacity, infection reports, movement and contact profiles and provide an excellent picture of the source of infection. Thus, medically necessary isolations can be implemented quickly. At the same time, infected patients can use the app to document their recovery and become actively involved. All this data is centrally managed and analysed, using deep learning methods. This provides crisis managers with a single monitoring, control and resource management tool that enables immediate action to be taken to combat the spread of the virus and gives officials full transparency on the status of the pandemic. Karsten Neugebauer, founder and CEO of the company behind the solution, explains his commitment as follows "A few weeks ago we too were faced with increasing difficulties due to the Corona crisis. As we have a strong presence in Europe in particular, we had to struggle with postponed project starts and limited resources". But instead of burying their heads in the sand, G2K's dedicated team decided to declare war on the virus." "In our entrepreneurial duty, we, therefore, decided to use our available technology and equip it to fight COVID-19. Our team has been working day and night over the last few weeks to expand our software platform to enable us to contain the pandemic quickly and effectively. Politicians must now immediately push ahead with the unbureaucratic implementation of prevention and control measures such as our CDCS to ensure the stability of our public systems," demands Karsten Neugebauer. The pandemic continues As the COVID-19 pandemic spreads from continent to continent, researchers around the world are working to develop antidotes to the virus. As long as this has not been found, the spread of the virus must be slowed down internationally. Only by this can system-relevant infrastructure be held consistently. Combining modern physical security technology with platform technology and artificial intelligence provides an excellent possibility to slow down the current and for sure, future pandemics.

Emergency response and notification systems: Crucial for improving hospital security
Emergency response and notification systems: Crucial for improving hospital security

When violence or a life-threatening incident occurs, hospitals and other healthcare institutions are often in the crosshairs. Hospitals increasingly face a reality of workplace violence, attacks on patients, and threats to doctors and other support staff. And even if violence happens outside a hospital – such as an active shooter at a public place – the local hospital must be prepared to respond to an influx of injured victims. When conflicts arise inside a hospital, there is an urgent need to lock the facility down quickly. Security professionals and their teams need access control options that allow lockdowns to occur at the touch of a button. Lockdown capabilities are an important aspect of safety and security for hospitals, doctor’s offices and medical facilities The need for mass notification is also growing in the healthcare environment Fire alarm public address system The need for mass notification – another aspect of responding in an emergency – is also growing in the healthcare environment. Various systems can communicate through the fire alarm public address (PA) system to notify people in an emergency, or, alternately, to use email notification, text messaging, pagers, smart phones and/or personal computers (PCs). In lockdown situations, access control systems provide an emergency button with various triggers in the system – a hospital can lockdown specific units or the entire facility. Data capture form to appear here! Jim Stankevich, Global Manager – Healthcare Security, Johnson Controls/Tyco Security Products, points out that the safety of hospital staff, particularly nurses, cannot be overlooked. In the emergency room, 55 percent of nurses are assaulted in some way each year, which is a high percentage. The safety of nurses and all hospital staff deserves more attention. Duress/emergency notification technology Stankevich says one solution is to use duress/emergency notification technology: staff can carry and wear a ‘panic button” or have a two-key combination on their computer as an alarm trigger. When the staff member hits the panic button, a direct message can be sent to security, alerting security staff about the event and requiring a response. There has been an increase in demand for the safety and security of patients, staff and visitors at healthcare institutions, as evidenced by the recent CMS (Centers for Medicare and Medicaid Services) Emergency Preparedness Rule. As of Nov. 17, 2017, healthcare institutions that participate in Medicare or Medicaid must demonstrate compliance with the rule. Emergency preparedness systems A major challenge in compliance to this rule is balancing patient safety with comfort At its core, the rule seeks to establish national emergency preparedness requirements to ensure adequate planning for both natural and man-made disasters, and coordination with federal, state, tribal, regional and local emergency preparedness systems. A major challenge in compliance to this rule is balancing patient safety with comfort. Institutions should consider two-way communication that enables leadership to disseminate targeted messages quickly and efficiently, while arming all employees with a tool that can alert the appropriate staff should an incident occur. Solutions like this enable swift communication of issues without disturbing patients and visitors unless necessary. Effective response to emergencies “Fortunately, hospitals and their security departments are generally well equipped to respond to most emergency situations”, said John M. White, president/CEO of Protection Management, a consultant who works with hospitals to address their security needs. During the Ebola scare in 2014, however, hospitals had to re-examine their plans to ensure they were prepared to meet the challenges specific to rare and deadly disease. “Hospitals are prepared for most things, but Ebola seemed to have caught the whole world off guard, so people responded in different ways,” says White, who previously was security director of two multi-campus medical facilities before becoming a consultant. Hospital security Hospitals made adjustments to their emergency programs to determine how best to handle Ebola patients" He adds, “Hospitals made adjustments to their emergency programs to determine how best to handle Ebola patients and to protect other patients and staff. It was a new threat that healthcare organisations had not specifically addressed.” A particular concern was the possibility of an infected person walking into an emergency room and infecting other people and/or requiring facility decontamination. One role the hospital security department plays in such an emergency is to control access to the facility and to control visitors’ movements once they are inside the facility, says White. If the Ebola scare had progressed to the point that a hospital would need to screen patients, security would be positioned at the front entrance to help with that screening and, if necessary, to direct patients to a specific area for quarantine. Protective equipment Security might also need to wear protective equipment to handle a patient who is resistant to treatment, for example. There are often interactions between security personnel and the general public, a scenario that becomes more complicated if Ebola or a similar infection is likely. In general, security would be tasked with maintaining order and keeping people where they need to be, freeing up the medical professionals to do their jobs more efficiently, says White. To prepare for the impact of the Ebola scare, hospitals addressed various training and equipment needs and adjusted their disaster/emergency response plans. Read parts two and three of our heathcare mini series here and here.