Security Essen 2018 presented itself as the international source of inspiration for the industry. 950 exhibitors from 43 countries showed their innovations for increased safety and convenience to over 36,000 trade visitors from 125 nations at Messe Essen on topics ranging from cyber security to innovations for building security and new solutions for the protection of valuables.

The representatives of the companies, associations and institutions were in great demand as discussion partners. There was strong need for information and investment from trade visitors as a result of current events such as hacker attacks, challenges involving access control at airports, the still-high number of break-ins and increasing legal requirements. The exhibitors praised the significantly increased percentage of international visitors (eight percent up) and the strong decision-making authority of the trade visitors.

Trend-setting solutions

Security Essen attracted more than 36,000 professional visitors – including experts from industry and installers

"Security Essen has underlined its position as a trend-setting international trade fair for all aspects of security. We were able to welcome significantly more visitors from abroad – 125 nations, that's an impressive number", says Oliver P. Kuhrt, CEO of Messe Essen. “Protection – whether public or private, digital or analogue – is the central theme of our time. Our exhibitors provided answers to these challenges and presented trend-setting solutions. The high number of first-time exhibitors who showed their services to the specialist world indicates the importance of our trade fair as an independent platform for the security industry."

There were more than 200 new exhibitors, including Hoppe AG, PwC Cyber Security Services and AEG ID. The trade fair attracted more than 36,000 professional visitors – predominantly including experts from industry, installers and participants from the security sector – who were characterised by greater internationality, a significant interest in new products and new business contacts as well as a strong willingness to invest.

Security Essen attracted more than 36,000 professional visitors including experts from industry and installers
There were more than 200 new exhibitors, including Hoppe AG, PwC Cyber Security Services and AEG ID

Numerous new products

Around 40 percent of the visitors came from abroad (2016: 32). The 76 percent of visitors were decision-makers within their companies and one quarter prepared their investments at the trade fair or concluded contracts directly. After all, the economy is still excellent. Industry sales in Germany alone are estimated at around 17.2 billion euros – a two-year increase of 18 percent. 62 percent of visitors rated the economic situation in the security sector as good to very good. Over 90 percent were satisfied with their visit to the fair and want to recommend Security Essen to others.

The relevance of Security Essen as a pulse monitor for the security industry was particularly evident in the numerous new products. Once again, the influence of digitisation became clear: access solutions are becoming smarter and rely on smartphones or biometric identification as keys.

Evaluate video data faster

Protection of data and networked access was an all-encompassing topic for numerous exhibitors and many lectures

Artificial intelligence helps to evaluate video data faster and more accurately. Apps display unsecured windows in the smart home or help keep track of valuable contents of safes. The protection of data and networked access was an all-encompassing topic for numerous exhibitors and many lectures.

The winners of the Security Innovation Award attracted a great deal of attention. Seven exhibitors were honoured with this award for their pioneering innovations. UrbanAlps convinced the jury with Stealth Key, a forgery-proof key from the 3D printer. The Jansen Tore burglar-proof sectional door with WK5 classification, which also received a prize, is especially secure – suitable, for example, for museums, hazardous material stores or military headquarters. Kötter Security received one of the coveted awards for the new emergency call and service control center, in which high-tech infrastructure and digital processes ensure the best possible customer security.

New service facilities

Security Essen was held for the first time in the modernised halls of Messe Essen, which will set new standards once the final construction phase is completed in 2019. Spacious, single-storey halls, plenty of daylight, the new glass entrance area and new service facilities such as the Business Club have already delighted exhibitors and visitors.

Security Essen also provided optimal visitor and exhibitor communication with a new hall structure organised according to exhibition areas. The guests of Security Essen praised the division of the fair into key topics. The exhibition hall for Cyber Security and Economic Security celebrated a successful premiere. Exhibitors such as the Federal Office for Information Security, Telekom Security, Advancis Software & Services GmbH and the newly founded Federal Association for Critical Infrastructure Protection (BSKI) presented here.

The guided tours were expressly aimed at architects, planners, installers, operators, authorities and employees of construction
Numerous campaigns and events relating to the actual trade fair events offered visitors genuine added value

Thematically suitable exhibitors

Numerous campaigns and events relating to the actual trade fair events offered visitors genuine added value. Thus on the ‘Day of training and further education’, which was organised by the Federal Association of the Security Industry (BDSW) and Messe Essen, 300 participants of the security industry were provided with information on training possibilities and career opportunities. At the new Cyber Security Conference, Arne Schönbohm, President of the Federal Office for Information Security, spoke about cyber security as a challenge for politics, business and society. The computer scientist Jan Krissler, known as Starbug, was also a guest at the top-class conference.

Gregor Gysi, member of the Bundestag of the German party ‘Die Linke’, discussed the economic importance of cash at the BMWL (Federal Association of Medium-Sized Value Logistics Companies) booth. In the security experts’ forum, practical experts designed a non-stop programme with more than 90 presentations. The guided tours were expressly aimed at architects, planners, installers, operators, authorities and employees of construction and planning departments and stopped at thematically suitable exhibitors.

Topic of digitisationCooperation between Western Business Exhibitions and Messe Essen offers a comprehensive platform for business

The organisers are already setting the course for the next Security Essen, which will take place at Messe Essen from 22 to 25 September 2020. The new thematic hall structure will be further expanded and the topic of digitisation will be explored in greater depth. Numerous exhibitors have already confirmed their registration for the next event. 88 percent of the visitors have already stated their intention to participate in Security Essen 2020.

The fair is also taking a further step towards internationalisation: From 9 to 11 April 2019 ‘The Security Event - powered by Security Essen’ will take place for the first time in Birmingham, Great Britain. This cooperation between the British trade fair organiser Western Business Exhibitions and Messe Essen offers the European security industry a comprehensive platform for business in Great Britain. Over one hundred of the world's leading security brands are exhibiting.

Excellent platform

950 exhibitors from 43 nations presented innovations in the field of civil security at Messe Essen. The projection for the last day of the fair estimated 36,000 visitors from 125 nations including conference participants, VIP guests, delegation participants and journalists (including FKM projection of 33.000). The proportion of professional visitors was 99 percent.

The projection for the last day of the fair estimated 36,000 visitors from 125 nations
The hall distribution was particularly great success this year

Andreas Straubinger, Region Manager D/A/CH, Vanderbilt International GmbH said, “Our stand position in the new Hall 6 was a very good choice. Visitor footfall was above average and the results were even better than we saw at the last Security 2016 trade fair. We thought the hall distribution was a particularly great success this year. The number and quality of our D/A/CH trade fair contacts were very good; not only this but we were delighted to see how many trade fair visitors attended from around the world, which was a great fit for Vanderbilt’s global orientation. The trade fair contributed to further developing the level of awareness of the Vanderbilt brand. We consider Security to be the leading trade fair for our industry. It is an excellent platform from which to present our solutions to a broad audience.”

Extremely well informed

Security Essen set up its own exhibition hall for cyber security this year for the first time, to us it was a logical step to come and present our products"

Bernd Hohlfeld, Management Board, ALVARA Cash Management Group AG commented, “For us, Security Essen has been our most successful trade fair to date. The high levels of demand for our ALVARA Logistic App and ‘Digital Driver Legitimation’ were one reason, but not the only reason by any means. In particular, the BMWL joint stand brought together all of the stakeholders in cash services, offering an overall solution for efficient cash circulation. The joint stand was well placed not only to present the route to innovation but also to confirm it. The concept is very impressive and we will be back in 2020.”

Knud Brandis, Managing Director of PwC Cyber Security Services GmbH said, “PwC Cyber Security Services GmbH is Germany’s leading consultancy firm for data security. As Security Essen set up its own exhibition hall for cyber security this year for the first time, to us it was a logical step to come and present our products and services here. The topics which were in particularly high demand were information security, data protection, emergency services and cyber security. The trade visitors were extremely well informed and precisely our target audience.”

Invaluable validation stamp

Sebastian Mosbacher, Managing Director, Stölting Service Group commented, “Stölting Security was extremely satisfied with Security Essen 2018 in Essen. As a large security services provider operating in Germany, we were able to present our services and position ourselves in the best possible manner. The second day saw high footfall and was of great significance for us as a trans-regional personnel service provider operating in the sector of cleaning, security and staffing. Stölting Service Group will be back in 2020!”

Dr. Alejandro Ojeda, CEO and Founder of UrbanAlps AG said, “Security Essen was beyond our wildest expectations; it has been one of our best platforms to get in direct contact with our target audience at an international level. Furthermore, winning the Security Innovation Award 2018 for our core product the Stealth Key, the worlds’ first 3D metal printed key, has been an invaluable validation stamp from arguably the world’s leading security fair. It is clearly the place to be for security and we eagerly look forward to come back once again in 2020.”

Apps display unsecured windows in the smart home or help keep track of valuable contents of safes
Topics discussed at Security Essen were information security, data protection, emergency services and cyber security

Convenient contactless handles

Rainer Schratz, Marketing Manager, HOPPE AG, Stadtallendorf commented, “HOPPE presented at Security Essen for the first time this year – and so far, we are extremely satisfied with the results of the trade fair. Security Essen is a good platform for HOPPE innovations and expertise in the field of protection and amenities; this is also clear from the high number of contacts we made at the trade fair – both with customers as well as visitors who came from segments which are new to us, for example from the electrical wholesale trade.

Of course, the quality of the new contacts can only be evaluated after the trade fair but we are delighted with the high level of interest shown by visitors in our products – both from trade visitors and from the media. Visitors were particularly appreciative of our innovations such as the burglar-proof window handles SecuForte with automatic locking function and convenient contactless front door handles or the wireless window handle offering central locking.”

Diverse possibilities offered

Current aspects such as ‘Security technology in the smart home’ and ‘Digitisation and cyber security’ were afforded a great deal of attention"

Norbert Schaaf, Chairman of the Federal Association of Security Technology (BHE) and Chairman of the Advisory Board for Security Essen said, “Trade fair visitors from around the world were able to seek information about the diverse possibilities offered by modern security technology from around 950 exhibitors. The new layout, with six primary areas, also received very positive feedback. The profile of the Security trade fair offers the right background for the entire security industry.”

As a specialist trade fair, it specialises in security and therefore offers the ideal platform for providers and users to share information and views. Current aspects such as ‘Security technology in the smart home’ and ‘Digitisation and cyber security’ were afforded a great deal of attention. The innovative spirit of the security providers also became particularly clear at the presentation ceremony of the Security Innovation Awards 2018.”

Secured connectivity platform

Serge Coppens d'Eeckenbrugge, Regional Manager BNL - DACH, Managing Director DACH, UTC Fire & Security commented, “Smart buildings and smart homes were the focal point of this year’s Security Essen. Thanks to UltraSync, the new secured connectivity platform, integrated smart home or smart building security solutions can be managed using the internet. UTC Fire & Security presented their Lenel range, which offers various security technologies (video, access, fire and burglary), which are integrated into both the home and larger-scale environments in a user-friendly manner.”

The trade fair offered us the ideal platform to present our upcoming new product range of cable and wireless fire alarm systems. The feedback we received from both the domestic market and neighbouring countries was outstanding. The relaxed stand design provided the perfect environment for intense yet enjoyable conversations. Security Essen was very successful for us and we are looking forward to taking part again.”

Visitor footfall was above average and the results were even better than Security 2016 trade fair
The relaxed stand design provided the perfect environment for intense yet enjoyable conversations

Digital burglary protection

Dr. Florian Scharr, Press Spokesman, VdS Schadenverhütung GmbH said, “Our goals were surpassed at Security Essen. At times, our stand was besieged! The burglar protection was particularly important and the topic of digital burglary protection was in high demand, which was very pleasing. We are delighted that so many industry representatives as well as numerous installers and planners came to find out more about VdS. Security Essen is a very important trade fair for us.”

For the first time, the three security associations -BDGW, BDSW and BDLS – presented themselves together at Security Essen"

Dr. Harald Olschok, Managing Director, BDSW Bundesverband der Sicherheitswirtschaft commented, “Once again we can look back on a successful trade fair week. For the first time, the three security associations – Federal Association of German Money and Value Services (BDGW), Association of private security industry (BDSW) and Federal Association of Aviation Security Companies (BDLS) – presented themselves together at Security Essen.

Buy something specific

The expert visitors and interested guests were informed about the work of the security associations through various events and lectures in the trade fair forums. Alone on the ‘Day of training and further education’, which takes place in cooperation with Messe Essen, around 300 visitors again took part.”

Friederike Nielsen, VP of Marketing, Dedrone GmbH said, “Two years ago, our subject area ‘protection from civil drones’ was still very new. Even then, we made a great deal of interesting contacts with German and international customers and partners at Security Essen. Since then, our market has seen a great deal of additional growth. A great deal of visitors has come to our stand with a specific intention – many of them have an intention to buy something specific. We are leaving the trade fair very satisfied and will definitely be back.”

Download PDF version

In case you missed it

The Security Event 2019: a new security event to reconnect UK commercial security industry
The Security Event 2019: a new security event to reconnect UK commercial security industry

There is a new event on the calendar for the security industry in 2019: The Security Event 2019, 9-11 April, at NEC, Birmingham. For additional details and a preview of the new trade show and conference, we spoke with Tristan Norman, Founding Partner and Event Director, The Security Event. Q: It seems recently that some trade shows have been on the decline in terms of exhibit size and attendance. Why does the physical security industry need another trade show? Norman: I think there are numerous factors that play into the decline of trade shows in general and not something that is limited to the security industry. Those events that are suffering are no longer serving their target market or have failed to adapt to the changes in the industry they serve. However, what we are seeing now is the rise of focused, more “evolved” trade events which fulfil a gap in the industry event calendar and provide something new and fresh to a disillusioned audience. Q: What will be unique about The Security Event, and what role will it serve in bringing together buyers and sellers in the market? Where (geographically) will attendees come from? What we are seeing is a rise of trade events which provide something fresh to a disillusioned audience Norman: The driving ethos behind The Security Event is that we are “designed by the industry, for the industry.” We were able to start with a blank canvas and take onboard all the feedback from stakeholders throughout the security buying chain and create an event that is sustainable and fit for purpose. We see the role of the event as a very important one – to truly reconnect the currently fragmented UK commercial security industry, back at the NEC in Birmingham. We had originally anticipated that this would be an almost-exclusively UK event in year one. However, we have seen significant interest from potential visitors from across the wider EMEA region who are keen to do business in the UK. We formed a strategic alliance with Security Essen to help facilitate and strengthen our reach in these regions through additional marketing and PR activities. Consequently, early registrations indicate that it will be approximately an 80% UK and 20% international split. Q: What conference programming is being planned to augment the trade show event? Norman: Content will be delivered across three focused theatres, serving the needs of our audience throughout the buying chain. Emphasis will be placed on the latest technology innovations impacting the industry, practical advice on the most pressing issues facing security technicians, and important industry updates and insights. All sessions are focused on delivering tangible benefits to ensure professionals are equipped to stay relevant and to grow their business and we’re excited to be working with key industry bodies, innovators and experts to deliver the programme. We look forward to announcing those in coming weeks. Exhibitors want to re-engage with the thousands of industry colleagues who no longer attend other events on offer Q: Comparisons to IFSEC are inevitable. How will The Security Event be different than the IFSEC Security and Fire shows? What are the advantages of locating at Birmingham NEC? Norman: Both The Security Event and The Fire Safety Event, based at the NEC are completely different to any other trade show in the UK. We pride ourselves in creating a business platform that puts the exhibitors’ needs first, by limiting the size of stands and total number of exhibitors as well as creating a comprehensive CPD accredited educational programme for the visitors. Q: Which big industry players are supporting the launch of The Security Event, and what feedback are you hearing in terms of why they signed up at the show's inception? If a global manufacturer has a footprint in both the US and Europe, any tradeshow will be managed locally Norman: Our founding partners are Assa Abloy, Avigilon, Anixter, Comelit, Dahua, Honeywell, TDSi, Texecom, Tyco and Videcon. The full list of exhibitors and supporting partners can be found on our website. The reasons why they have signed up are very simple. They all see the exact same gap in the industry event landscape as we do. We believe there is a need for a 3-day channel focused commercial security exhibition based at The NEC in Birmingham. Our exhibitors want to re-engage with the thousands of industry colleagues who no longer attend the other events on offer. Q: Your 2019 show will be the same week as ISC West in Las Vegas. Do you think the competitive calendar will be a factor? Norman: In terms of our both our audience and our exhibiting base there is very little overlap with ISC West. Generally, if a global manufacturer has a footprint in both the US and Europe, any tradeshow will be managed locally so we haven’t observed any issues so far. We do acknowledge that having two shows at the same time globally isn’t ideal and we have moved our dates in 2020 to the 28-30 April to mitigate this going forward. The Security Event 2020 will not clash with Las Vegas' ISC West 2020 as it will in 2019, says Norman Q: How will you measure success in the first year of the show? What measurements (show size, number of attendees, exhibitor feedback, etc.) will constitute a "successful" first year for the show?Security Event will continue to evolve year after year, but will intent to stay true to the event's original concept Norman: Great question – the most important barometer of success for me and the team next April is the general industry reaction, after all, this show was created for them. Furthermore, it is vital to us that our exhibitors feel they have achieved their objectives for the show, whether it be quality, quantity of leads or raising awareness of a new product launch. We’ll also be keen to understand how satisfied visitors are with the event, including their views of the content, access to new products/services, effectiveness of the out of hours networking, etc. We are anticipating 6,000 visitors over the 3 days and I believe if we achieve this goal, we will have a strong rebooking on site, laying a great foundation for our 2020 event. Q: How would you expect/hope the show would continue to evolve in coming years? Norman: I hope over the next few years The Security Event cements itself as the industry’s favourite trade show and that exhibitors and visitors alike look forward to every year for both the business opportunities at the event and the networking outside of it. The Security Event will continue to evolve year after year, but I am determined that we stay true to our original concept and the principles on which the show was founded. After all, it is this formula that has proved to be so popular to date.

Why aren’t the Federal Government’s Physical Access Systems compliant with HSPD-12?
Why aren’t the Federal Government’s Physical Access Systems compliant with HSPD-12?

In the wake of 9/11, the Federal Government’s secure-the-fort, big idea was to create an identity credential for all federal employees and contractors. Homeland Security Presidential Directive (HSPD)-12 set it all in motion. Today, we know the smartcard-based credential that arose from HSPD-12 as the Personal Identity Verification (PIV) card. The PIV card is meant to give employees/contractors physical access to federal facilities and logical access to federal information systems. While using a PIV card for logical access has been largely successful and compliant with HSPD-12, implementing PIV-based, physical access control systems (PACS) has been much more difficult to conquer. As a result, HSPD-12 compliance for PACS has largely eluded the Federal Government. The noncompliance reasons are many, but there is now hope for fully achieving HSPD-12’s mandates. Interoperability with any agency’s PIV Beyond Passports, PIV cards represent the only other open-standards-based, multi-vendor-supported, identity credential program on the planetAll Executive Branch employees and long-term contractors, including the entire Department of Defense, have been issued PIV cards. This has been true since 2013. Beyond Passports, PIV cards represent the only other open-standards-based, multi-vendor-supported, identity credential program on the planet. It seems so simple, where employees/contractors previously used their proximity card to open a federal facility door or go through a turnstile, they should now be able to use their PIV card. However, HSPD-12 took the PIV requirement one step further – compliant PACS must be interoperable with any agency’s PIV. This introduced an entire magnitude of additional complexity. A compliant, interoperable, PIV-based PACS should work like this: an authorised employee (or contractor) presents a PIV card (contact or contactless) to a card reader to enter whichever federal agency building they have reason to be. Over the last 14 years, in all but a very few cases, the lack of PACS’ HSPD-12 compliance has prevented this from happening. Secure credential policy Today, less than 1% of the Federal Government’s PACS are HSPD-12-compliant. At most federal facilities, especially those outside the National Capitol Region, a noncompliant PACS works like this: an authorised employee (or contractor) presents a proximity (‘prox’) badge to a proximity card reader to enter his or her agency’s facility. At the fraction of federal facilities with upgraded PACS that work with PIV cards, virtually all such PACS fail to properly use a minimum number of PIV security features before granting access – let alone interoperate with a PIV card from any other agency. Active government solicitations are issued for new, non-compliant, proximity-based systems that perpetuate the delay to HSPD-12 complianceNew federal initiatives frequently suffer from having no policy to enforce their roll-out. That isn’t the case with PACS compliance. Policies have been in place for so long that newer policies like Office of Management and Budget (OMB) M-11-11 (February 3, 2011) remind everyone what the policies said in 2004 and 2006. This year, OMB publicised its proposed OMB M-18-XX (Draft), which will replace M-11-11. OMB M-18-XX’s (Draft) main PACS thrust is, once again, to ensure that everyone understands what the Federal Government’s secure credential policy is. It hasn’t changed since 2004. It would be tempting to say that PACS technology isn’t mature, but that isn’t the case. In 2013, the Federal Government revamped the PACS portion of the FIPS 201 Evaluation Program and, since that time, all PACS on the General Services Administration’s (GSA) Approved Products List are 100% compliant and interoperable. Yet, on any given day, active government solicitations are issued for new, non-compliant, proximity-based systems that perpetuate the delay to HSPD-12 compliance. The usual suspects, policy and technology, are not the culprits for this epic delay. An authorised employee presents a PIV card to a card reader to enter whichever federal agency building they have reason to be Difficulties in adopting HPSP-12 compliance for PACS Standards – The Federal Government’s approach to standards is to avoid a great deal of specificity. It’s an unspoken tenet that federal standards must be flexible, promote innovation and avoid disadvantaging any participating market segment. The opposite is true if your goal is interoperability: nearly every detail must be specified. Consider the standards-based success story of chip-based credit cards. When was the last time you used a credit card and it didn’t work? Interoperability failures are nearly unheard of. If you look at the hundreds of volumes of technical specifications that cover minute aspects of every component in credit cards and payment terminals, you quickly realise why it works so well. Nothing is left to chance, nothing is a variable, and there is no optionality. The Good News: Work to increase viability through deep scrutiny has progressed in recent years. The GSA APL PACS Testing Lab, set up in 2013, annually tests credentials from all PIV issuers against all GSA-approved PACS. This testing has significantly reduced interoperability failures at federal facilities. Collaboration – In the past, physical access practitioners from federal agencies rarely collaborated, unlike their logical access counterparts. This is also true for PACS procurement decision-makers across agencies and facilities. The Good News: In 2018, an agency trend has emerged where finally physical access, physical security and IT practitioners have begun sitting down to discuss their shared responsibilities. We have already begun to see coordinated budget requests between IT and Security with enterprise architectures positioning PACS as an enterprise service on the network. Scale – The Federal Government owns so many buildings that they can’t be counted. Google doesn’t know how many there are and neither does any one government official. Variability – A significant percentage of facilities have unique aspects making a one-size-fits-all approach infeasible. The Good News: Mature consulting services can now help agencies marry federal requirements with their unique environments to develop robust PACS enterprise architectures. As we see this occurring more and more frequently, a repeatable, achievable, systems-based upgrade of all PACS may be on the horizon. The GSA APL PACS Testing Lab annually tests credentials from all PIV issuers against all GSA-approved PACS Provenance – In many cases, different groups own different parts of a single facility, not all of whom might be subject to, or wish to interoperate with, a high-assurance compliant PACS. For example, GSA manages facilities for Legislative and Judicial tenants who aren’t subject to HSPD-12. Policy dictates that GSA manage the PACS for the front doors of these facilities should be HSPD-12-compliant, despite the fact that these tenants likely don’t have credentials that work with this technology. Sure, these tenants could commercially obtain a PIV-I credential, but almost none have. Economics – It’s difficult for agencies to create their annual security budget requests when HPSD-12 PACS upgrades are in scope, because so many unknowns exist at each facility. To assess the cost, the time to complete, and the facility’s existing equipment inventory, it would be logical for an agency to hire a contractor with PACS expertise to perform a site assessment. Having to do capital planning for an assessment phase in advance of making the annual budget request for the PACS upgrade creates a never-ending cycle of delay. Especially at agencies with multi-year capital planning requirements. Many agencies, trying to avoid this delay cycle, have fallen prey to doing site assessments themselves. This results in their integrators doing their walk-throughs after the contract is awarded. This is the leading cause of PACS upgrade cost overruns. Dependence on the agency’s IT department – Historically, PACS have been deployed on dedicated networks and are rarely ever connected to the enterprise, let alone the Internet. High-assurance PACS that validate credentials from other agencies must now communicate with many different systems on an enterprise network and over the Internet – so much so that the Federal Government reclassified PACS as IT systems. The Good News: With collaboration increasing between Physical Security Officers (PSOs) and Chief Information Officer (CIOs), we expect this to improve in due course. Resistance to change – This is a classic human factors challenge, and it’s a big one. PSOs have spent decades achieving their positions. PIV-based PACS could not be more different from the technologies that proceeded it, and such radical change is often resisted. When the value proposition is clear, change is adopted more readily. But security value isn’t easily measured or observed. It is often said that the best performance review for a PSO is to note that nothing happened. And when something does happen, it is necessarily kept quiet so the risk can be remediated without calling attention to the vulnerability in the interim. To date, the value proposition of moving to PIV-based PACS has been entirely based on policy (without corresponding funding in most cases) and through the shock value of white hat hackers, showing how easily most proximity badges can be cloned. This is not the stuff of change agents.   PIV-based PACS could not be more different from the technologies that proceeded it, and such radical change is often resisted Are these challenges a unique situation? No, these PACS challenges are not unique. Cybersecurity initially faced many of the same challenges that federal PACS face today. By 2000, the Federal Government recognised its urgent need to improve cybersecurity practices across its computing infrastructure and issued many policies that required agencies to improve. Improvement was sparse and inconsistent. GSA Schedules were set up to help agencies buy approved products and services to assist them, but this too produced lacklustre results. The Federal Government found that the best cybersecurity results occurred when enforced at the time an agency commissioned a system Congress enacted the Federal Information Security Management Act of 2002 (FISMA) (now amended by the Federal Information Security Modernization Action of 2014). FISMA mandates an Authority To Operate (ATO) accreditation process for all information systems. The Federal Government found that the best cybersecurity results occurred when enforced at the time an agency commissioned (vs. purchased) a system. FISMA and ATO accreditation has been highly successful when implementing new systems. These cybersecurity requirements are the closest thing that the Federal Government has to the ‘PIV Police’ today. However, the PIV requirements in FISMA and ATOs currently apply to only logical access for information systems. The proposed OMB M-18-XX (Draft) mentions that a FISMA PACS overlay to NIST SP 800-53 is forthcoming. The intent of the PACS overlay is to use the army of ATO accrediting officials in the Federal Government and enable them to assess implemented PACS as fit for purpose. This is the first time an enforcement approach has been brought forward that could reasonably succeed. How long for HSPD-12 compliance? We know that it won’t take another 14 years to achieve HSPD-12 compliance. Pockets of compliance are popping up. Compliant procurements do exist, and the state of PACS across the Federal Government is better in 2018 than in any previous year. Progress to date has been at a constant rate. The question is: what would take for progress to occur at an exponential rate instead? A major attack or compromise involving PACS would certainly hasten upgrades, but let’s hope that’s not the solution. The energy distribution sector has been riding a wave of security upgrade demands to retrofit their facilities across the U.S. The energy distribution sector, under nearly constant Advanced Persistent Threat attacks, has been riding a wave of security upgrade demands to retrofit their facilities across the U.S. The potential threat exists for Federal Government facilities as well. Looking into the federal PACS-compliance crystal ball, we’re beginning to see the faint outline of a multi-faceted campaign of education, budgetary oversight and accreditation of PACS that will ultimately see us past the tipping point. Consider though, at the current rate of PACS enablement, a 50% compliance rate is still far in the future. When that day arrives, the PIV card form factor may no longer be the key that fits that future lock. (Are you already using a mobile device’s Bluetooth interface to open the door to your office building?) Taking decades to perform a technology upgrade is the aging elephant in the room no one talks about. By the time critical mass is achieved with an upgrade facing these many challenges, there are typically compelling reasons to start over again with the next generation of technology. That cycle may well prove to be the Federal Government’s biggest PACS challenge of all.

How leveraging new technologies in the workplace will enhance its security
How leveraging new technologies in the workplace will enhance its security

As the world continues to become more connected, it’s becoming increasingly important to adjust security and safety procedures in the workplace. But today’s ever-evolving office environment can present unique safety and preparedness challenges. No two businesses are exactly alike, with some located in numerous buildings or spread out across campuses, while others have employees that frequently journey from different locations, work remotely or travel internationally. With this shifting environment, Rave Mobile Safety’s recent Workplace Safety and Preparedness survey asked over 500 full-time employees in various industries across the United States about their views on safety at work and emergency preparedness. Preferred safety measures Only 57 percent of respondents indicated that their workplace currently had preparedness drills in place for critical situationsThe survey looked at how employees and companies respond to various workplace emergencies: workplace violence, active shooter, medical emergency, fire, hazmat incidents, weather events and cyberattacks/system outages. Respondents provided insight on the current state of safety in their workplace, as well as how they want to be contacted when an emergency occurs. Though opinions on the preferred safety measures differed between generations and also between on-site and offsite workers, one fact remains consistent: there is much to be done to instil a better sense of safety in the workplace. While the findings show that employees feel safe in their workplace, only 57 percent of respondents indicated that their workplace currently had preparedness drills in place for critical situations. Quick thinking Of the plans currently in place, excluding fire, 57 percent of the other major emergency plans were rarely or never tested. With so few drills in place, employees are left not knowing the best ways to respond to emergencies like weather events or hazmat incidents or if their employer recommends a certain response to situations like medical emergencies. Testing these plans is essential so that all employees, whether they are new to the company or not Even if plans are in place to begin with, not ensuring your employees understand and are comfortable with how to react to certain situations, can put the organisation in harm’s way. Testing these plans is essential so that all employees, whether they are new to the company or not, have the appropriate response top of mind and their actions become second nature during a situation that will likely require quick thinking. Workplace violence Instilling regular practices will only further ensure that responses will happen seamlessly, regardless of the emergency. Beyond the general awareness of drills and practices, most surprising in the responses was the fact that 34 percent of female respondents were unaware of workplace violence emergency plans. This is particularly shocking because workplace violence is the second leading cause of death for women in the workplace, according to the U.S. Bureau of Labour Statistics. This shows an obvious lack of preparedness from organisations. It’s immensely important that employees to understand the relevant dangers of the workplace, especially when alternative could have a fatal result. The differences between baby boomers and millennials in the workplace is a common barometer showing how the workplace is continuing to change. Emergency plans Workplace violence is the second leading cause of death for women in the workplace, according to the U.S. Bureau of Labour StatisticsWhat may have worked for previous generations must be reworked and adjusted so every generation is made aware of and understands the plans and procedures in place. These changes can help make workplace safety plans fresh and continuously relevant. With that in mind, millennials currently represent the largest segment of employees unaware of emergency plans for major workplace emergencies. 38 percent of this age group are unaware of existing emergency plans, compared to just a 28 percent average of employees over the age of 35. This could be associated with the fact that some organisations are not communicating plans with newer employees or even that organisations that employ a significant number of millennials might not have plans in place at all. Affecting everyday work If the newest generation is unaware of these plans, then it is only a matter of time before Generation Z enters the workforce and is in even worse position when it comes to emergency awareness. The survey results showed that on average, workplaces use two methods of communication for emergencies Feeling safe and secure at work should not be something that workers need to focus on, however more than a quarter of respondents that work remotely said that worrying about safety is exactly what is affecting their everyday work. With that in mind, it’s even more concerning to see that there seems to be a clear divide between current methods and preferred methods of communication during an emergency. The survey results showed that on average, workplaces use two methods of communication for emergencies, with the top two being intercom system announcement/building alarm (27 percent) and email (22 percent). Mass text messages At first, these methods seem to cover both remote and in-office employees, but survey results actually showed that both groups preferred and would be better reached during other methods. While email is the second most common emergency method currently in place by organisations, it actually ranks as the fourth most preferred method at a mere 11 percent. Even with a clear preference towards communication via mass text messages by respondents (39 percent of remote workers prefer this method), less than 20 percent of companies actually take advantage of this technology. This clear disconnect shows that organisations must find what works best for their employees instead of using methods that were previously established or that are just currently being used. Preparedness plans What remains important for organisations, regardless of size or industry, is to keep emergency preparedness plans ever evolving Communication can not only be essential to alert employees to everyday situations, like office closures, but it is also imperative in preventing emergencies to escalate when they do occur. Although this survey discusses the current state of safety in the workplace, it’s that the disconnect between employee perceptions and employer polices that’s the most concerning. Companies need to take steps to understand how their employees would like to be reached during an emergency, as well as how employees would also like to reach out to management to report their own concerns. What remains important for organisations, regardless of size or industry, is to keep emergency preparedness plans ever evolving and well communicated, so your employees are confident in the emergency plans in place. By proactively planning and practicing for emergency events through table top exercises and drills, employers can demonstrate their commitment to employee safety and preparedness and build employee confidence.