The jury is in: traditional security is out — and it’s being replaced with service-based solutions. The bottom line is: if you’re not embracing it, you’ll soon be left behind. XaaS — the collective term referring to the delivery of anything as a service — includes all services made possible through the use of the cloud. Security-as-a-Service (SaaS), which encompasses any type of system from access control to video surveillance, has paved the way for users to...
Fugue, the company delivering autonomous cloud infrastructure security and compliance, has announced its support for Open Policy Agent (OPA), an open source general-purpose policy engine and language for cloud infrastructure. Fugue is leveraging OPA and Rego, OPA’s declarative policy language, for cloud infrastructure policy-as-code to provide customers with maximum flexibility when implementing their custom enterprise policies. The Cloud Native Computing Foundation (CNCF) accepted OPA as...
Crossword Cybersecurity plc, the technology commercialisation company focusing exclusively on the cyber security sector, is pleased to announce the signing of a two-year contract with a FTSE 250 global chemical manufacturer. The customer will use Rizikon Assurance to issue onboarding assessments to their 250 strategic suppliers, in turn displaying their key risk data in the tool’s ‘Supplier Scorecard’ feature. Rizikon Assurance will automate the supplier management process, re...
The ETSI Industry Specification Group (ISG) for Network Functions Virtualisation (NFV) has started working on its next specification release, known as Release 4. While NFV-based deployments are expanding worldwide and show the benefits of network function virtualisation, new technologies are expected to be leveraged and features are being added in support of 5G and novel fixed access network deployments that are emerging in many countries. Network Functions Virtualisation-based deployments The...
Cobalt Iron Inc., a provider of SaaS-based enterprise data protection, and Northdoor Ltd., a London-based IT consultancy, will sponsor, exhibit, and make a presentation at the upcoming IBM Think Summit London on Oct. 16 at the Olympia London event center. Scheduled for 12:39 p.m. as part of the Cloud and Infrastructure Think Tank, the presentation is titled "Machine Learning Meets Data Protection — the unstoppable force meets the immovable object?" The companies will be exhibiting in the...
Umbo Computer Vision, an artificial intelligence company that specialises in autonomous video security, announced that it raised an $8 million post-A round, bringing funding to a total of $17.6 million to date. This round was co-led by Translink Capital and Susquehanna International Group. Shin-Kong Capital and Shin-Kong Security, Asia’s security alarm companies, also joined as strategic investors, with continued participation by earlier investors. Cloud-based security management platfor...
At the end of September 2019, eleven professional application developer companies, primarily from Nordic countries, got together in Stockholm to demonstrate their creations for Airbus’s Tactilon Dabat device. This was the 5th edition of the Critical App Challenge, which has already taken place in Germany, Belgium, Hungary, and the Middle East and North Africa region in order to give local innovative companies from these regions the chance to demonstrate their solutions for public safety and mission-critical use. IoT, data analytics and artificial intelligence The innovative aspect, user experience on behalf of public-safety and mission critical professionals were key evaluation criteria This one-day event in the Swedish capital allowed the companies to present their applications to a jury of seven customers and Tactilon Dabat end-users from various industries and scopes of use. The innovative aspect, as well as the user experience on behalf of public-safety and mission critical professionals, were key evaluation criteria. In short, the participants had to take into account the use of IoT, data analytics, and artificial intelligence in order to propose unique ways to retrieve data, as well as the means of processing and exploiting that same data. “I am extremely satisfied with the outcome of this new Nordic-oriented edition,” explains Rahim Zaknoun, Head of Developer Ecosystem for Secure Land Communications at Airbus. “This concept is a unique way to show our customers that we are actively listening to their needs and are also proposing tailored applications and solutions which take into account technological advances, as well as current and future specific requirements, while finding means to optimise daily missions and tasks for all end users, regardless of which industry they work in. Whether it be in public safety, law enforcement, transport, utility and industry, and even healthcare, amongst others.” Zaknoun adds. 4K and data security The prize winners, selected as the best existing solutions suitable for the Tactilon Dabat presented state-of-the-art mission-critical solutions. The top three were: Mesensei with a decentralised platform for private social media communication and decentralised data ownership, Dottli, a communication solution which collects and shares data on each end-user by using sensors, and Ansur, a secure application which aims to reduce emergency response time for mission-critical interventions by proposing an option that handles visual situational awareness data by processing high-resolution – and even 4K – imagery. All companies have received invitations to participate in two large events in November: Rakel Day, a major Swedish customer event which will take place on the 12th of November, and Slush; the world’s leading start-up event in Finland, from the 21st to the 23rd of November, at the Airbus stand. This will give them a unique chance to demonstrate their apps to both Airbus and end-users alike. Airbus Tactilon Dabat hybrid terminal The Airbus Tactilon Dabat hybrid terminal offers both Tetra and LTE radio technologies in one single device The Airbus Tactilon Dabat hybrid terminal offers both Tetra and LTE radio technologies in one single device. Tactilon Agnet 800 is an app for smart devices such as the Tactilon Dabat. It makes it possible to use features such as push-to-talk, status notifications, text messaging, and emergency calls on the Tactilon Dabat. Group communication with other professional radio carriers or the control room is also possible. Indeed, end-users of Airbus’s Tactilon Dabat can already take advantage of an array of professional applications available in the Airbus SmarTWISP catalogue, which offer features such as biometric, licence plate recognition and geo-positioning. Tactilon Agnet solution In addition to the possibility of installing such applications on the device, Airbus’s very own Tactilon Agnet solution is also available on the device to allow users to share voice, data, image and video information with other individuals or a group of individuals in a secure and reliable way.
Ping Identity, a pioneer in intelligent identity solutions, has announced the release of PingCentral, a self-service delegated administration and converged operating portal for enterprise identity and access management (IAM). The solution addresses common tasks across the Ping Intelligent Identity platform with simple, self-service workflows and standardised templates that can be delegated to business users and application teams that don’t have IAM expertise. Ping Intelligent Identity platform Dedicated IAM admins struggle to manage the high volume of requests required to keep application teams functioning Dedicated IAM administrators often struggle to manage the high volume of requests required to keep application teams functioning. An example of this is adding a connection for an application or API, or handling minor changes like updating configurations, security certificates and more. Meanwhile, business application teams generally have limited IAM knowledge and ability to make these modifications on their own. The result can be IAM changes that take up to several weeks of back and forth activities between IAM administrators and business application teams, including multiple requests, emails and meetings. This leaves little time for identity security teams to focus on value-add activities like enhancing security posture and improving end user productivity. PingCentral streamlines IAM processes PingCentral streamlines IAM processes and helps enterprises efficiently leverage IAM services as a valuable business driver for digital transformation. In doing so, it helps enable business application teams to rapidly onboard their own resources through delegated administration. This extends and increases the value of IAM teams, so they can do more with less, serve the business faster, and achieve widespread adoption and usage of centralised identity services. PingCentral puts IAM teams and application teams on the same page by providing the following capabilities and benefits: Delegated Administration Portal: Contains a self-service, user-friendly interface and template workflow that allows IAM administrators to create, update and deploy standard templates for single sign-on (SSO) and authentication. Orchestration Engine: Automates promotions across the application development and deployment lifecycle by maintaining configuration across environments, and allows IAM administrators to designate protected environments that require approval to reduce risk. Central Monitoring System: Provides visibility of application connections, clients and environment tiers from a single screen, and permits IAM and business application administrators to assign and/or update resource ownership. Lifecycle Management: Supplies an audit trail across the lifecycle of client configuration changes and promotions—so administrators always know who has done what and when to a connection and/or client—and allows for easy reversion back to previous configurations as needed. Enterprise identity and access management solutions Ping Identity is dedicated to providing implicit value to our customers through our IAM solutions" “Ping Identity is dedicated to providing implicit value to our customers through our IAM solutions, helping enterprises to achieve their digital transformation goals,” said Loren Russon, vice president, product management at Ping Identity. “By simplifying fundamental IAM processes and enabling non-technical business teams to manage standard administrative tasks, PingCentral helps enable organisations to save valuable time and resources while strengthening their overall security posture.” "We see enormous potential for PingCentral’s ability to positively impact our organisation,” said Dan Ricke, manager, information security at BlueCross BlueShield of Tennessee. “A range of staff roles will be able to collaborate on and work in this solution regardless of IAM sophistication, speeding up the connecting process and saving time for the identity and access management team.” Zero Trust identity-defined security The Ping Intelligent Identity platform provides customers, employees, partners and, increasingly, IoT, with access to cloud, mobile, SaaS and on-premises applications and APIs, while also managing identity and profile data at scale. Ping Identity helps enterprises achieve Zero Trust identity-defined security with a much more personalised, streamlined user experiences
PSA, the consortium of professional systems integrators, announces the addition of Seagate Recovery Services to the partners in its Managed Security Service Provider (MSSP) program. The MSSP program is designed to help systems integrators diversify their service offerings and realise the full potential and benefits of a managed services business model. Data recovery services “Seagate Recovery Services is a wonderful addition to our vendor line up as the Seagate Rescue product accounts for the data recovery services that are so necessary to the success of any managed services program,” said Dan Dunkel, managing director of PSA’s MSSP program. “The reality is, twenty-five percent of PC users lose data annually, so Rescue is a product everyone needs to help avoid negative ramifications.” With Seagate Rescue, businesses get their critical data back as soon as possible without having to recreate it. The user simply sends the hard drive to Seagate Recovery Services and their team performs data recovery services on the drive in a secure, clean lab. Cloud-based cybersecurity solutions The recovered data is then encrypted on a new drive and sent back to the user. “PSA customers understand the value of what they store on their systems. We are excited that Rescue Data Recovery Service Plans will offer an extra level of protection for their data,” said Paul Steele, general manager of Seagate Recovery Services. PSA’s MSSP program will hinge on uniting partners in cybersecurity and cloud-based security solutions, offering training and certification opportunities and financing options with assistance from PSA.
Eagle Eye Networks has announced up to US$ 1,000,000 in available funding for the 2020 Drako School Grant, supporting the implementation and operation of security equipment, and cloud recording services at local school buildings and/or campuses. Eligible schools, or school districts, include accredited private and public schools; elementary schools, middle schools, high schools, and colleges. School security “By increasing access to high-quality cloud video surveillance we’re cultivating a safer environment for our students, parents, and staff. We believe that the future of video surveillance is in the cloud, and our schools deserve a flexible, secure, low-cost solution that only migrating to a Cloud VMS can guarantee,” said Dean Drako, CEO of Eagle Eye Networks. Eagle Eye Networks has extensive experience protecting schools across the nation Eagle Eye Networks has extensive experience protecting schools across the nation, collaborating with schools in over 15 states to provide modern, simple-to-use video surveillance solutions. Cloud video surveillance “We love Eagle Eye Networks. Compared to our slow, outdated surveillance system, we now have full confidence that the video is recording reliably in the cloud,” said former Drako School Grant winner, Timothy Lee, Principal at Oakwood High School in Oakwood, Illinois. More schools are moving their video surveillance to the Cloud because: Flexible permission-based accessibility: Administrators can see what is happening in any location from any device running the Cloud VMS mobile app or a modern browser. First Responders access: School VMS administrators have the option to designate first responders to receive real-time and historical video access during emergency situations. Access control: Integrations with global companies like Brivo, DMP and Salto provide customers with comprehensive solutions that combine cloud video surveillance with key access control functions. IT efficiencies: Reduce the amount of equipment and human resources needed onsite by eliminating the need for maintaining outdated on-site storage systems. Centralised management: The Eagle Eye Cloud VMS provides central management tools that enable administrators to track user activity and delegate or revoke user access, all from a mobile or web browser. Unlimited scalability: Eagle Eye Cloud VMS allows customers to expand storage capacity on demand, minimising capital expenditures and eliminating the need to decide how many servers will be needed in the future. Cyber security: All Eagle Eye Networks video is encrypted on site and remains encrypted at rest, in flight, and in our Cloud. This means your campus is not subject to unauthorised viewing or recording of school video. Cloud-based Eagle Eye Security Camera VMS The solution includes cameras, gateways, cloud services, and centralised management Grant recipients will receive one full year of funding for the cloud-based Eagle Eye Security Camera Video Management System (VMS) and associated components. The solution includes cameras, gateways, cloud recording services, and centralised management. Optionally, schools can use their existing security cameras, and integrate their on-site surveillance system to the Eagle Eye cloud-based VMS. School grant recipients are responsible for the cost of installation if necessary. Compatible IP, analog and HD over coax The Eagle Eye Security Camera VMS will work with a broad array of IP, analog, or HD over coax. Grant applications will be accepted through December 31, 2019. Grant winners will be notified of the next steps within 2 weeks of submission.
Cyber security giant, Microworld have announced the unveiling of their new cyber security solution, Nemasis (VAPT) at the 39th edition of Gitex Technology week, which is to be held at the World Trade Center in Dubai from the 6th to the 10th of October 2019. MicroWorld along with its seniority team can be located at the SR F1 booth at the Sheik Rashid Hall. Vulnerability management suite Nemasis is a vulnerability management suite, which assists in implementing comprehensive GRC strategy for managing an organisation’s overall governance, risk and compliance with regulations. The brand is in accordance with the #SecureYourAccount campaign which was launched by Dubai Police earlier this year and MicroWorld, would be using Gitex 2019 as a platform to educate businesses across the world about the perils of a potent cyber-attack that could have a crippling economic effect. The corporates feel the need for such a solution to prevent any network breaches Nemasis, helps to uncover the weaknesses in an organization’s IT infrastructure by focusing on the areas that are vulnerable to a security breach and improves their security outcome. Fight against cyber threats Various sectors around the world have realized the need for a potent vulnerability management suite. If, the pharmaceutical sector requires organisations to comply with The Health Insurance Portability and Accountability Act (HIPAA) ensuring the protection of sensitive patient data, the corporates feel the need for such a solution to prevent any network breaches from compromising their valuable data as well. Governments across the globe have also felt the necessity to safeguard their critical data since any kind of security incident could hamper the growth of the nation. Globally, there has been a surge in the number of cyber-attacks in recent years. According to the Cost of Cybercrime study of 2019, cybercrime rose by about 11% in the last year, while it has risen by 67% in the last 5 years. Since, cyber security has become an essential part of doing business; Nemasis is all set to become the cutting edge resource in the fight against cyber threats. Paradigm shift in the cyber security industry With Nemasis we are introducing a more proactive and sophisticated tool " Senior VP of Global Sales and Marketing, Mr. Sunil Kripalani quoted. “With the financial sector witnessing an increase in the severity and sophistication of cyber-attacks, across the globe, we are proud to present a solution to the entire sector that not only helps mitigate the threats against global economy but also helps in prevention of these attacks, protecting businesses and customers against digital malice.” Further elaborating about Nemasis MD & CEO of MicroWorld Mr. Govind Rammurthy said, “With the launch of Nemasis we expect to bring a paradigm shift in the cyber security industry. Rather than relying on incident response and recover methods, with Nemasis we are introducing a more proactive and sophisticated tool that is designed to successfully recognize adversary methodology before any malevolent attack could occur. This prevention plus response method is a step taken towards the future of cybersecurity in today’s generation.” MicroWorld houses another cyber security product range named eScan, whose solutions have been continuously, displayed and appreciated in the previous editions of Gitex.
Cobalt Iron Inc., a provider of SaaS-based enterprise data protection, announces Cobalt Iron Compass™, the new name for its flagship SaaS-based enterprise data protection platform. The new name signifies the immediate insights and guidance the company delivers to its customers. With the renaming, Cobalt Iron kicks off a new phase of growth for the company and a new level of innovation for the platform. Previously known as Adaptive Data Protection, Compass is the full software stack of Cobalt Iron technologies that allows enterprise data managers to save time and money while increasing their data protection and performance. Analytics-driven data management capabilities Cobalt Iron has delivered significant improvements to the platform, grown its high-performing team With this proven platform, data custodians can implement the right solution to fit their unique business needs, and they have access to a range of analytics-driven data management capabilities through a unified web user experience. Renaming its flagship platform is the first step in a series of updates from Cobalt Iron as the company continues expanding its capabilities. In the past 12 months, Cobalt Iron has delivered significant improvements to the platform, grown its high-performing team, and taken on strategic partnerships that have allowed it to deliver increased value to the enterprise data protection market. The components of the platform remain the same. Today, Compass includes four product components: Commander, Analytics Engine, Accelerators, and Accelerator Operating System. Enhanced cloud platform and application protection In the next 12 months, Cobalt Iron will roll out version enhancements and accelerate company growth to meet market demands and exceed customer expectations. The next version of Compass will contain new capabilities such as enterprise search, which will enable users to perform centralised searches and identify where objects exist across the enterprise. These enhancements will deliver improved technology features for VMware, Hyper-V, and cloud providers This new release will also have enhanced virtual environment support as well as enhanced cloud platform and application protection. These enhancements will deliver improved technology features for VMware, Hyper-V, and cloud providers. Cobalt Iron will also expand the Compass technology integrations with a wider portfolio of data protection features and functions to help customers make better use of their investments. Simplified migration experience Finally, users will see a simplified migration experience that reduces the timeline and complexity of data migration and fully enables them to decommission their legacy backup systems and infrastructure. "Cobalt Iron provides Compass as the way to navigate through the complexity of data backup and recovery while meeting all the business outcomes the enterprise requires," said Andy Hurt, chief marketing officer of Cobalt Iron. "Defining our platform with the name 'Compass' marks a milestone for us as a company and as a technology leader in the industry. The name reflects our commitment to empowering companies to improve their data protection outcomes. What is more empowering than a tool that points you in the right direction?"
Rodrigue Zbinden, CEO at Morphean, discusses the business benefits from merging video surveillance and access control technologies as demand for ACaaS grows. The big question facing businesses today is how they will use the data that they possess to unlock new forms of value using emerging technologies such as the cloud, predictive analytics and artificial intelligence. Some data is better utilised than others: financial services were quick to recognise the competitive advantages in exploiting technology to improve customer service, detect fraud and improve risk assessment. In the world of physical security, however, we’re only just beginning to understand the potential of the data that our systems gather as a part of their core function. Benefits of ‘Integrated access control’ The first thing to look for is how multiple sources of data can be used to improve physical security functionsWhat many businesses have yet to realise is that many emerging technologies come into their own when used across multiple sources of data. In physical security, for example, we’re moving from discussions about access control and CCTV as siloed functions, to platforms that combine information for analysis from any source, and applying machine learning algorithms to deliver intelligent insights back to the business. ‘Integrated access control’ then looks not just to images or building management, but to images, building management, HR databases and calendar information, all at the same time. And some of the benefits are only now starting to become clear. The first thing to look for, of course, is how multiple sources of data can be used to improve physical security functions. For example, by combining traditional access control data, such as when a swipe card is used, with a video processing platform capable of facial recognition, a second factor of authentication is provided without the need to install separate biometric sensors. CCTV cameras are already deployed in most sensitive areas, so if a card doesn’t match the user based on HR records, staff can be quickly alerted. Making the tools cost-effective In a similar vein, if an access card is used by an employee, who is supposed to be on holiday according to the HR record, then video data can be used to ensure the individual’s identity and that the card has not been stolen – all before a human operator becomes involved. This is driving growth in ‘access control as a service’ (ACaaS), and the end-to-end digitalisation of a vital business functionThese capabilities are not new. What is, however, is the way in which cloud-based computing platforms for security analytics, which absorb information from IP-connected cameras, make the tools much more cost effective, accessible and easier to manage than traditional on-site server applications. In turn, this is driving growth in ‘access control as a service’ (ACaaS), and the end-to-end digitalisation of a vital business function. With this system set up, only access control hardware systems are deployed on premise while the software and access control data are shifted to a remote location and provided as a service to users on a recurring monthly subscription. The benefits of such an arrangement are numerous but include avoiding large capital investments, greater flexibility to scale up and down, and shifting the onus of cybersecurity and firmware updates to the vendor. Simple installation and removal of endpoints What’s more, because modern video and access control systems transmit data via the IP network, installation and removal of endpoints are simple, requiring nothing more than PoE and Wi-Fi. Of all the advantages of the ‘as a service’ model, it’s the rich data acquired from ACaaS that makes it so valuable, and capable of delivering business benefits beyond physical security. Managers are constantly looking for better quality of information to inform decision making, and integrated access control systems know more about operations than you might think. Integrating lighting systems with video feeds and access control creates the ability to control the lightsRight now, many firms are experimenting with ways to find efficiencies and reduce costs. For example, lights that automatically turn off to save energy are common in offices today, but can be a distraction if employees have to constantly move around to trigger motion detectors. Integrating lighting systems with video feeds and access control creates the ability to control the lights depending on exactly who is in the room and where they are sitting. Tracking the movement of employees Camera data has been used in retail to track the movement of customers in stores, helping managers to optimise displays and position stocks. The same technology can be used to map out how employees move around a workspace, finding out where productivity gains can be made by moving furniture around or how many desks should be provisioned. Other potential uses of the same data could be to look for correlations between staff movement – say to a store room – and sales spikes, to better predict stock ordering. What makes ACaaS truly exciting is it is still a very new field, and we’re only just scratching the surface of the number of ways that it can be used to create new sources of value. As smart buildings and smart city technology evolves, more and more open systems will become available, offering more ways to combine, analyse and draw insights from data. Within a few years, it will become the rule, rather than the exception, and only grow in utility as it does.
The cyber security threat is constant and real. Entire businesses, large enterprises and even whole cities have been vulnerable to these attacks. Growing threat of cyber attacks The threat is not trivial. Recently, two cities in Florida hit by ransom ware attacks – Rivera Beach and Lake City – opted to capitulate and pay ransom totaling more than $1.1 million to hackers. The attacks had disrupted communications for first responders and crippled online payment and traffic-ticketing systems. It was reminiscent of the $4 billion global WannaCry attacks on financial and healthcare companies. A full two years after the WannaCry attack, many of the hundreds of thousands of computers affected remain infected. And hackers are continuously devising new techniques, adapting the latest technology innovations including machine learning and artificial intelligence to devise more destructive forms of attack. Indeed, AI promises to become the next major weapon in the cyber arms race. For enterprises, there is no choice but to recognise the threat and adopt effective countermeasures Enterprise security For enterprises, there is no choice but to recognise the threat and adopt effective countermeasures. Not surprisingly, as the number, scale and sophistication of cyber-attacks has grown, so has the significance of the Chief Information Security Officer, or CISO, who owns the responsibility of sounding the alarm to the C-suite and the board – and recommending the best defense strategies. Consider it a grim irony of the digital economy. As companies have migrated to the cloud to gain scale and efficiency and integrated new channels and touch points to make it easier for their customers and suppliers to do business with them, they have also created more potential points of entry for cyber-attacks. IoT increases threat of cyber-attacks Amplifying that vulnerability is the trend of allowing employees to bring their own laptops, smartphones and other digital devices to the office or use to work remotely. And thanks to the Internet of Things, as more devices connect to enterprise systems – from thermostats to cars – the threat surface or targets of intrusion are multiplying exponentially. According to the McAfee Labs 2019 Threats Predictions Report, hackers will increasingly turn to AI to help them evade detection and automate their target selection. Companies will have no choice but to begin adopting AI defenses to counter these cybercriminals. Importance of cyber security This escalation in the cyber arms race reflects the sheer volume of data and transactions in modern life. In businesses like financial services and healthcare it is not humanly possible to examine every transaction for anomalies that might signal cyber snooping. Even when oddities are glimpsed, simply flagging potential problems can create so-called threat fatigue from endless false alarms. What’s more, attacks like those from Trickbots are specifically designed to go undetected by end users. The fact is, even if throwing more people at the problem were a solution, there aren’t enough skilled cyber security workers in the world. By some estimates, as many as 10 million cyber security jobs now go unfilled. AI is being used to conduct predictive analysis at a scale beyond human means Deploying AI As a result, AI is being deployed on multiple cyber-defense fronts. So far, it is mainly being used to conduct predictive analysis at a scale beyond human means. AI programs can sift through petabytes of data, identifying anomalies and even helping an organisation recognise and diagnose intrusions before they turn into catastrophic attacks. AI can also be used to continually monitor and allocate levels of access to a network’s multitude of legitimate users – whether employees, customers, partners or suppliers – to ensure that all parties have the access they need, but only the access they need. Countering cyber security threats To harden defenses, some AI programs can be configured to perform simulated war games To harden defenses, some AI programs can be configured to perform simulated war games. Because cyber attackers have stealth on their side, organisations might need dozens of experts to counter only a handful of attackers. AI can help even the odds, scoping out the potential permutations of vulnerabilities. As CISOs – and the CIOs they typically report to – advise C-suites and boards on their growing cybersecurity risk, they can also help those leaders recognize an enduring truth: AI programs cannot replace experienced cybersecurity professionals. But the technology can make staff smarter, more vigilant and more nimbly responsive. AI-based cyber security tools Financial and healthcare companies are leading this charge because of the sheer volume and variety of transactions they handle and because of the value and sensitivity of the data. Organisations like the U.S. Department of Defense and the space agency NASA, as well as governments around the world are also implementing AI-based tools to address the cyber threat. For businesses of all types, the threat stretches from the back office to the supply chain to the store front. That is why recognising and countering that threat must involve everyone from the CISO to the CEO to the Chairman of the Board. The AI arms race is underway in security. To delay joining it is to risk letting your enterprise become one of the grim statistics.
We live in an information and data-led world, and cybersecurity must remain top-of-mind for any organisation looking to both protect business operation critical assets. Businesses without proper cyber measures allow themselves to be at risk from a huge list of threats - from cybercriminals conducting targeted spear-phishing campaigns - like the 2018 Moscow World Cup vacation rental scam, to nation-state actors looking to collect intelligence for decision makers - no organisation is safe from innovative cyber threats. Security solutions enterprises Organisations can then set the groundwork necessary to stop malicious activity and keep their business’ data safe The evolving threat space means organisations need to ensure they have the most innovative prevention and detection frameworks in order to withstand adversaries using complex and persistent threats. When implementing new security solutions enterprises must start by assuming that there is already a bad actor within their IT environment. With this mindset, organisations can then set the groundwork necessary to stop malicious activity and keep their business’ data safe. As there is no one silver bullet that truly stops all cyberattacks, organisations must adopt a multipronged approach to be widely adopted to stop adversaries. This must include tracking, analysing and pinpointing the motivation of cyber actors to stay one step ahead through global intelligence gathering and proactive threat hunting. In addition, deploying new technologies leveraging the power of the cloud give a holistic view of the continuously evolving threat landscape and thereby secure data more efficiently. Traditional security approach In today’s landscape, the propagation of advanced exploits and easily accessible tools has led to the blurring of tactics between statecraft and tradecraft. Traditional security approaches are no longer viable when it comes to dealing with the latest trends in complex threats. To make defending against these threats even more complicated, adversaries are constantly adapting their tactics, techniques and procedures (TTPs), making use of the best intelligence and tools. CrowdStrike’s latest Global Threat Report tracked the speed of the most notable adversaries including Russian, Chinese, North Korean and Iranian groups. As the adversaries’ TTPs evolve into sophisticated attack vectors defenders need to recognise we are amidst an extreme cyber arms race, where any of the above can become the next creator of a devastating attack. Russian efficiency is particularly high; they can spread through an enterprise network in 18 minutes 48 seconds on average, following the initial cyber-intrusion. Sophisticated cyber weapons Actors tend to use a simple trial and error technique where they test the organisation's network So, reacting to threats in real-time is a priority. Bad actors are extremely vigilant and committed to breaking down an organisation’s defences, and speed is essential to finding the threats before they spread. Actors tend to use a simple trial and error technique where they test the organisation's network, arm themselves with more sophisticated cyber weapons, and attack again until they find a vulnerability. This has highlighted the need for tools that provide teams with full visibility over the entire technology stack in real-time in order to meet these threats head-on. Traditional solutions are scan-based, which means they don’t scale well and can’t give the security teams context around suspicious activity happening on the network. They lack full visibility when a comprehensive approach is needed. Businesses without proper cyber measures allow themselves to be at risk from a huge list of threats - like the 2018 Moscow World Cup vacation rental scam Malicious behaviour Through leveraging the power of the cloud and crowdsourcing data from multiple use cases, security teams can tap into a wealth of intelligence collated from across a vast community. This also includes incorporating threat graph data. Threat graphs log and map out each activity and how they relate to one another, helping organisations to stay ahead of threats and gain visibility into unknowns. Threat graph data in conjunction with incorporating proactive threat hunting into your security stack creates a formidable 360-degree security package. Managed threat hunting teams are security specialists working behind the scenes facing some of the most sophisticated cyber adversaries through hands on keyboard activity. Threat hunters perform quickly to pinpoint anomalies or malicious behaviour on your network and can prioritise threats for SOC teams for faster remediation. In-depth knowledge Security teams need to beat the clock and condense their responseIt is key for security teams to have an in-depth knowledge of the threat climate and key trends being deployed by adversaries. The TTPs used by adversaries leave are vital clues on how organisations can best defend themselves from real-life threats. Intrusion ‘breakout time’ is a key metric tracked at CrowdStrike. This is the time it takes for an intruder to begin moving laterally outside of the initial breach and head to other parts of the network to do damage. Last year, the global average was four hours and 37 minutes. Security teams need to beat the clock and condense their response and ejection of attackers before real damage is done. Next-generation solutions When managing an incident clients need to be put at ease by investigations moving quickly and efficiently to source the root of the issue. Teams need to offer insight and suggest a strategy. This can be achieved by following the simple rule of 1-10-60, where organisations should detect malicious intrusions in under a minute, understand the context and scope of the intrusion in ten minutes, and initiate remediation activities in less than an hour. The most efficient security teams working for modern organisations try to adhere to this rule. As the threat landscape continues to evolve in both complexity and scale, adequate budget and resources behind security teams and solutions will be determining factors as how quickly a business can respond to a cyberattack. To avoid becoming headline news, businesses need to arm themselves with next-generation solutions. Behavioural analytics The solution can then know when to remove an adversary before a breakout occurs Behavioural analytics and machine learning capabilities identify known and unknown threats by analysing unusual behaviour within the network. These have the ability to provide an essential first line of defence, giving security teams a clear overview of their environment. With this at hand, the solution can then know when to remove an adversary before a breakout occurs. Attackers hide in the shadows of a network’s environment, making the vast volume and variety of threats organisations face difficult to track manually. The automation of responses and detection in real-time is a lifeline that organisation cannot live without as adversaries enhance and alter their strategies. Adversaries continue to develop new ways to disrupt organisations, with cybersecurity industry attempting to keep pace, developing new and innovative products to help organisations protect themselves. These technologies empower security teams, automating processes and equipping security teams with the knowledge to respond quickly. Organisations can set themselves up for success by integrating the 1-10-60 rule into their security measures, giving them an effective strategy against the most malicious adversaries.
Many exhibitors at GSX 2019 saw the show as a success, despite slower booth traffic on the second and third days. According to show sponsor ASIS International, there were more than 20,000 registrants from 125 countries around the world, including those who attended the conference as well as the exhibition. Exhibitors definitely put their best feet forward, enthusiastically promoting their technology breakthroughs, but how convincing were they? The comments from at least one attendee – a large corporate end user who represents a key demographic for show organisers – bluntly suggest that healthy scepticism was on display side-by-side with the promotional energy in play.On this floor, there are some lies being given out. Ask the tough questions, make the exhibitors show you" “On this floor, there are some lies being given out,” said Rudy A. Wolter, CTO, Security and Investigative Services for Citigroup, a financial services corporation. He advised fellow attendees to “listen for them, ferret them out, ask the tough questions. Make [the exhibitors] show you.” “Don’t be afraid to ask these men and women questions,” added Wolter. “Don’t be afraid to challenge them. If you don’t challenge them, they’re not getting any better which means we aren’t getting any better. At the end of the day, they’re the leaders; they’re the ones making change; they’re the ones touching systems; they’re the ones helping integration.” Banking security with Verint At Citigroup, Wolter oversees 1,300 bank branches in North America that use Verint systems, including 23,000 cameras tied into a single command centre. Skepticism aside, Wolter also provided evidence that even tough customers can be brought around. Specifically, he is sold on Verint: “When you have a problem, this company listens,” he told attendees at a Verint gathering on the show floor. New at GSX 2019 is the Verint Video Investigator, which is software that empowers investigators to quickly find the data they need to identify security threats in near real-time. In all, Verint serves in excess of 2,300 individual financial institutions, with tens of thousands of branches. Wolter was one of several end users willing to sing their praises publicly. Other GSX exhibitors were also proud to have their own real-world success stories. Placing the emphasis on outcomes At GSX, I heard more than once that outcomes are more important than technologies. Customers don’t want to hear about technologies, but rather about what those technologies can do for them. Avigilon, now a subsidiary of Motorola Solutions, is another company that is focused on outcomes rather than technology per se. “Instead of focusing on megapixels and terabytes, the end user is focused on perimeter security, loss prevention and risk management,” says John Kedzierski, Sr. VP of Video Solutions at Motorola Solutions. “We are working to provide that outcome." The end user is focused on perimeter security, loss prevention and risk management" How operators work to ensure outcomes is another aspect that is changing, says Kedzierski. “Watching video is obsolete,” he says. Using Avigilon’s new system, the operator instead is looking at colour-coded hexagons; one color means motion, another means an analytic event. Operators click on various hexagons to view video. Also at GSX 2019, Avigilon featured its new H5A camera line, with expanded object classification analytics, detailed object detection, and tracking in crowded scenes; and focused on the Avigilon Blue cloud system. They are working to make every camera capable of detecting faces, which can be matched to a watch list. How technology addresses marketplace changes Addressing the changing marketplace was another GSX theme. As the workplace changes, ASSA ABLOY Americas is adapting its technology to address new employment practices such as "hot-desking", and remote and mobile workers, says Peter Boriskin, Chief Technology Officer. Systems have to be able both to protect assets and also to provide flexibility to accommodate the changing workforce, he said. Corporate acquisitions are directly expanding the capabilities that ASSA ABLOY brings to the market. For example, they recently acquired Luxer One, a locker company that enables secure delivery of packages without customers needing to stand in line or wait for service. Deliveries can be made in seconds. Peter Boriskin of ASSA ABLOY Americas led a booth tour, including new power capabilities gained in the acquisition of LifeSafety Power Another recent ASSA ABLOY acquisition is LifeSafety Power, which is expanding the company’s capability to provide proactive data on wired systems by tracking power usage. For example, a spike in current might mean a problem with a component. Compiling “intelligent triggers” enables creation of a dashboard to provide analytics of wired systems. ASSA ABLOY has also been devising predictive analytics of wireless locks to predict battery life, for instance, and to address other maintenance challenges. “We want to know what’s going on at a door without visiting it,” says Boriskin. New exhibitors make their mark New exhibitors were part of the GSX mix. One new exhibitor was Vaion. It’s their first trade show after launching at IFSEC in London in June. Vaion combines a small camera portfolio with on-premise servers and software managed through the cloud for an end-to-end solution. Tormod Ree, co-founder and CEO, calls it a “hybrid cloud delivery model”. Vaion is also a “more proactive security model”, said Ree. Video is analysed for anomalies, and the server “learns” what is normal and not normal. The system provides alerts and notifications, occupancy counting and traffic control, among other features. And “overlays” are employed to present information on a map. Vaion can highlight video that is more likely to be relevant and prioritise feeds that have more activity. Vaion designs the hardware, which is manufactured in Taiwan. Vaion was a first-time exhibitor at GSX 2019 with their end-to-end video system; Tomod Ree is co-founder and CEO Gunshot detection technology EAGL Technology displayed their “Firefly” gunshot detection technology at GSX 2019. Based on technology originally developed for use in the military for sniper detection, the U.S. Department of Energy adapted it to civilian uses after the Sandy Hook School shooting. Boaz Raz, CEO, said the technology is the “most advanced and affordable, wireless for use indoors or outdoors, and it can control doors and cameras”. It doesn’t “listen” for gunshots like some competitors; rather it measures energy for “6 sigma” accuracy (almost 100%). Defining, and redefining, end-to-end solutions End-to-end solutions were all the rage at GSX 2019, but Allied Universal was one exhibitor that pondered what, exactly, is an end-to-end solution? It means different things to different people. For example, a video company’s end-to-end solution would not include access control. When Allied Universal claims to offer an end-to-end solution, they mean it in the broadest definition of the term, including all security systems deployed for a customer as well as the important human element (i.e., manguarding). “The industry’s emphasis on ‘end-to-end’ doesn’t encompass a full solution,” says Mike Mullison, Allied Universal’s Chief Information Officer. “When somebody uses the term end-to-end, you have to ask: What’s at both ends?” The lines between cyber and physical threats are blurring. Clients want full-service solutions" “The lines between cyber and physical threats are blurring,” adds Mullison. “Clients want full-service solutions.” Allied Universal is adding new technology elements to its offering, and Mullison says “the next phase of growth will be fueled by technology.” Allied Universal recently introduced the Heliaus product, a smart phone app that accesses an analytics engine to predict outcomes and prescribe optimum responses. It literally puts technology in a security guard’s hand. One customer has found that use of the technology resulted in a 20% reduction in safety and security incidents. The latest in access control among exhibitors In addition to video, access control had a big profile at GSX 2019, as evidenced by ASSA ABLOY America and many other companies. Another example is SALTO Systems, featuring its new NEO cylinder for wireless access control and the SALTO Virtual Network (SVN); the SVN-Flex extends and increases the number of updating points directly to the door. The SVN-Flex extends and increases the number of updating points directly to the door The compact SALTO NEO Cylinder is designed for doors where fitting an electronic escutcheon is not possible or required and can be installed on standard doors, server racks, gates, cabinets, electric switches, or sliding doors. Low energy consumption results in 110,000 cycles with just one set of batteries. Other SALTO products are SALTO KS (Keys as a Service); SALTO BLUEnet Wireless for Bluetooth RF-driven real-time control of doors; the XS4 One Deadlatch stand-alone electronic lock; and JustIN Mobile, which replaces the need for an access card by securely sending a mobile key Over the Air (OTA) to an iOS or Android device from SALTO’s ProAccess SPACE management software. The next step in integration A new company reflecting the GSX emphasis on integration is Security and Safety Things (SAST), which is still in launch mode but expects to have its first pilot customers in the Q4. The first camera vendors embracing the SAST platform will have cameras for sale at ISC West in the spring. SAST is creating an Internet of Things (IoT) platform for the next generation of security cameras. The SAST App Store will allow developers to build and market new applications, similar to today’s app stores for smartphones.SAST is creating an IoT platform for the next generation of security cameras “SAST is a technology platform, but it is also a business platform and a relationship platform,” said Emmanuel Ventadour, VP Sales and Marketing. For app developers, SAST also provides non-technical commercial services (i.e., easing their route to market.) Hartmut Schaper, CEO, emphasises the “openness” of the company. Even though they are a spinoff of Bosch, they are treating every camera manufacturer equally, he says. For integrators, the use of apps can expand their field of play. Apps will empower integrators to use video for more business processes – not just security – and expand their reach with customers, says Schaper. From scepticism to sales There were plenty of product claims at GSX to feed the skepticism of even the toughest of potential customers. Fortunately, product claims were only the beginning of conversations with attendees at this year’s show. No doubt manufacturers were put through their paces more than once, and a few of them even came out on the other side with potential new business to show for their efforts. That’s the true measure of success at GSX 2019, or any trade show. Click here to read our reviews from Day One and Day Two of the show.
One of the common characteristics of trade shows is booths with walls and walls of new products. Sometimes exhibitors seem intent on displaying everything in their portfolio, even though the displays appear cluttered and may not be welcoming. In an age of system sales, in particular, the emphasis on products can seem off kilter. Discussions with exhibitors at this year’s GSX show reveal a new awareness of the need for less cluttered booths, but the equipment walls persist. Here’s a review of Day 2 from the show floor. Allegion embrace more open booth design At GSX 2019, Allegion is among the exhibitors embracing a new, more open booth design that encourages engagement with customers and puts less emphasis on product displays. Discussions at the Allegion booth have centred around the value proposition and lower complexity of network-connected access control systems. The approach has been gaining a higher profile at Allegion since the company acquired Isonas, whose system configuration involves a reader-controller connected to the network via power-over-Ethernet cable. “Customers are also asking about Bluetooth technology and mobile applications,” said Jonathan Mooney, Allegion sales leader. Allegion is looking to deploy the Isonas software in other products in their portfolio; it will be offered in the range of Schlage wireless locks by the middle of 2020.The benefit of the cloud and network is to remove a lot of complexity and unnecessary costs for access control" “The benefit of the cloud and network is to remove a lot of complexity and unnecessary costs for access control,” said Mooney. Bosch offer complete security solution Bosch is introducing 55 new products at GSX 2019, but when it comes down to it, the company’s overarching message is not about individual products but about how they can be combined into a larger system. “At the end of the day, the message from Bosch is ‘how do I create a complete security solution?’” said Paul Garms, Bosch Director, Regional Marketing Security. “That’s what we are trying to demonstrate: How do all these things integrate?” Most of interest to attendees are actual demonstrations, which are a unique aspect of the trade show experience. “It’s nice at a show where we can really demonstrate what we are talking about when we say ‘integrated solution,’” said Garms. “And people can say, ‘oh yeah, if I trip this video analytic, the speaker will warn me I am approaching a restricted area.’ Or, when the manager signs in on the intrusion panel, now the associate can access a door he wasn’t able to before. It’s that integration and the complete solution that resonates. People are also interested in new products. At a show, they like to see them in operation.” At the Bosch booth, there is a big wall that illustrates some integration possibilities. An array of cameras was among the 55 new products introduced by Bosch, which also emphasised systems. Machine learning and advanced video analytics One implementation featured on the wall is Bosch’s Camera Trainer machine learning system. The system can “train” a camera to recognise a car in a parking lot, for example. Among the new Bosch products is the Autodome 7000i, the next generation of a best-selling camera, now with H.265 encoding and analytics such as line crossing. There is also an outdoor panoramic camera that is adjustable to 180-degree or 360-degree views. The new, less expensive 3000i series cameras provide an affordable option with edge analytics and Bosch’s data security protection included. Integration from Honeywell as well as 'the bigger picture' At Honeywell Security Group, Senior Product Manager G. Eric Green said the show seems to be much better attended than last year, “and we have had a lot of interest in our products.” Even end-user attendees typical of the GSX show are interested in the details of technology, as well as “the bigger picture,” commented Green. “Some of our booth visitors want to get into the weeds,” he said. “They say they want this piece of hardware. But they also also interested in the big picture. How things are interacting is very important.” Honeywell announced the 30 Series IP cameras, which can be used as part of video systems that comply with National Defense Authorization Act Section 889" “Most customers have installed products from other vendors that they expect us to work with. So integration is always at the top of the list. Can you work with these guys? Do you have an API? Do you support this piece of equipment? We always hear that a lot,” said Green. “There are customers who want best-in-breed products, but they’re not necessarily concerned about that coming from one manufacturer,” he said. “Other customers want ‘one throat to choke.’ When something goes wrong, they don’t want any finger-pointing.” Web-based security console and frictionless access control Honeywell is showing a beta version of its Pro-Watch 5.0 product, which is coming out in Q1 next year. It is an integrated security console that provides a map view of access control, video management, intrusion and other third party systems. The web-based platform offers access to each element, all controlled by permissions. “We are also building in an incident workflow engine that allows an operator to see exactly what steps he should take when something occurs as defined by the supervisor or a security director,” said Green. “It can literally walk you through, and it is completely freeform. Whatever you want it to say, it will say. This works in conjunction with access control, video, and all the things we talk to.” The Honeywell booth was a busy place on day two of GSX 2019 Another new Honeywell product is the OmniAssure Touch reader, a “frictionless” device that can read a credential off a smart phone in a user’s pocket. The user merely touches the reader, and it scans the area for a nearby mobile device that is authorised, and you can walk through the door. Honeywell also announced the 30 Series IP cameras, which are encrypted and can be used as part of video systems that comply with National Defense Authorization Act Section 889. They are made in Taiwan. Arcules' cloud security solution “There are fewer people here at GSX 2019, but we have seen a lot of really big companies looking for a cloud service,” said Andreas Pettersson, CEO of cloud video company Arcules. At previous shows, questions about the cloud often seemed out of curiosity. Now, potential customers are more decisive: They say “we want to move to the cloud.” Pettersson theorised that concerns about a possible weakening economy may prompt some companies to avoid the large capital expenditure of procuring a new on-premise system and instead opt for the minimal investment needed for a cloud system. Monthly operating expenses of a cloud system are also predictable and more easily managed, said Pettersson.At previous shows, questions about the cloud often seemed out of curiosity. Now, potential customers are more decisive Arcules is proactive on the subject of cybersecurity and has a two-page handout that summarises the cybersecurity advantages of their system. They are eager to talk about cybersecurity as it relates to cloud systems, said Pettersson. He said that, in his experience, on-premise systems tend to have more cybersecurity issues, whether because ports are left open or a firewall is implemented incorrectly. Users may also seek to bypass the firewall — a dangerous practice that is not an option with cloud systems. Security patches may not have been implemented; in a cloud system, such updates are pushed out automatically. The recurring monthly revenue (RMR) aspect of cloud systems are a windfall to integrators who embrace the cloud. “One integrator said he went on vacation for the first time in years because he had the extra money coming in,” said Pettersson. Control room integration from Vistacom "We're still fairly new to GSX, as our first show was 5 years ago, but what we have noticed is that the show continues to attract valuable attendees and drive critical conversations around what companies like ours must bring to the table in order to be successful in this space," said Dan Gundry, Director of Sales and Marketing, Vistacom. "We've had so many chances to learn from and share with potential customers and partners, and as a result, we continue to forge great relationships.” Vistacom is highlighting its control room integration and the value enterprise organisations can gain from implementing one in their facility. The company works alongside end-user customers and security integrators to build a command centre space, taking into account video wall display technology, operator consoles and furniture, audio and lighting considerations, as well as temperature and more, in an effort to optimise these centres. Stay tuned for the full GSX 2019 show review.
GSX 2019 got off to a jaunty start Tuesday. The show was humming with activity much of the day, and most exhibitors said they were pleased with the numbers and types of potential customers visiting their booths. There seemed to be less emphasis on product introductions than at the ISC West show in the spring (although there is much that is on the new side), while the trend toward system sales is continuing. Here's a review of Day 1 from the show floor. Dahua continues to educate market “Traffic-wise, the show is better than last year,” observed Tim Shen, Director of Marketing at Dahua Technology USA, at midday on Tuesday. “We met more people from Latin America,” he added. Shen theorised that Chicago is at the center of a larger territory of customers than last year’s location (Las Vegas). Dahua’s presence at the show makes a statement: We’re still here" Dahua has faced some negative publicity in the last year since they were banned from procurement by U.S. government customers by the National Defense Authorization Act (NDAA). Dahua’s presence at the show makes a statement, says Shen. The statement is “We’re still here.” Shen said only one visitor to the Dahua booth even mentioned the NDAA on the first day of the show, and the visitor was misinformed about the provisions and implications of the law. “There is a lot of misinformation,” he says. “We need to continue to educate the market.” Facial recognition, video metadata, and people counting New at the show is the Dahua Analytics+ line of cameras that feature more in-depth analysis of data such as facial attributes, video metadata, and people counting. For example, the cameras can identify 128 points in a face, with an additional 256 attributes analysed by the back-end recorder. Analysis can provide information such as age and gender, which can help a retailer analyse the demographics of their customers, for instance. Dahua is also adopting some of its consumer line of products for sale through the commercial channel. These include a flood light camera, a 2-megapixel WiFi camera and a doorbell camera. The products might be used outside of a retail store, for example, to complement Dahua commercial cameras that are used inside the store, says Shen. Dahua previewed a new multi-sensor camera that also includes a speed dome. The multi-sensor component combines eight views, each 2 megapixels, for a total of 16 megapixels. Below the multi-sensor camera is mounted a speed dome that can zoom in on regions of interest in the larger multisensor view. The camera will be launched in the fourth quarter. The show was humming with activity much of the day, and most exhibitors said they were pleased with the numbers and types of potential customers visiting their exhibits ACRE report continued North American growth “The industry’s momentum will continue to grow,” predicted Joe Grillo, Principal of ACRE. New areas such as cloud and mobile credentialing have the fastest growth rate, but are starting from a much smaller base, he said, so momentum in those categories will take time. ACRE sees continued rapid growth with no slowdown in the North American market Grillo noticed the first morning of GSX was busy, although there was a bit of a lull at midday. In terms of the business outlook, Grillo sees continued rapid growth with no slowdown in the North American market, although there have been some negative elements creeping into the outlook in Europe. Cybersecurity concerns in access control I caught up with Grillo at the booth promoting RS2, a Munster, Ind., access control company that Acre acquired last May. It is the only Acre company that is exhibiting at GSX. RS2 is one of two access control companies acquired by Acre in the last year — the other was Open Options, Addison, Texas. Grillo said the two acquired companies are complementary, especially in terms of their sales channels and geographic strengths. Although both are national companies, RS2 tends to be stronger in the Midwest, while Open Options sales emphasis is centered in Texas and emanates to the rest of the country. Concerns about vulnerabilities are a growing issue in access control, said Grillo, and more large endusers are conducting penetration testing of systems. The industry should welcome the scrutiny, he added. Cybersecurity also represents an business opportunity in access control, noted Grillo. Concerns about the vulnerabilities of legacy technologies such as 125Khz proximity cards and the Wiegand protocol will likely accelerate the pace of companies upgrading their access control systems There seemed to be less emphasis on product introductions than at the ISC West show in the spring (although there is much that is on the new side) Eagle Eye Networks and cloud-based VMS Ken Francis of Eagle Eye Networks had already realised some new client opportunities during the first day of the show, although he was not optimistic at the outset. In contacting potential clients to meet at the show, he had heard that many were not attending. Among Eagle Eye Networks’ news at the show is full integration of body-cams into their cloud-based video management system. “It’s the most unique thing happening from a video management perspective,” Francis said. Previously, if someone needed a video clip from a body cam, they had to use a separate software system.Five years from now, at least 80 percent of all VMS systems will be cloud-managed" Francis continues to be bullish on the subject of cloud adoption of video management and made a bold prediction: “Five years from now, at least 80 percent of all VMS systems will be cloud-managed.” Eagle Eye Networks is doing its part with “rocket growth” that is reflected in an increase of company employees from 27 to 165 or so. Economies of scale have enabled Eagle Eye Networks to lower subscription prices by up to 45 percent. Genetec's release self-service PIAM system Many of the “new” products at GSX 2019 are slight variations on what was introduced at ISC West last spring. An exception is Genetec’s introduction of ClearID, a self-service physical identity and access management (PIAM) system that enforces security policies while improving the flow of people within the organisation. The new system is integrated with the Genetec's Security Center Synergis access control system. PIAM systems have historically been customisable, complex to install and costly, which is why a lot of companies have not used a system. Genetec’s differentiator is that it is an off-the-shelf, out-of-the-box solution for a broader base of customers. “We scanned the market and found a lack of off-the-shelf identity management systems,” said Derek Arcuri, Product Marketing Manager, Genetec. “Targeting the mid-market, we are providing an accessible, ready-to-go cloud-based system that is ‘baked’ for the average company but can be integrated and expanded to include other systems.” The trend toward system sales at the show is continuing ClearID will simplify operation for the security department, which was previously tasked with a lot of administrative work in response to various departments. ClearID “pushes down” the authority to use the system to stakeholders (such as IT and/or facilities directors) and provides a system they can use themselves without involving security. “It empowers stakeholders and employees to work directly through the system rather than going through security,” says Arcuri. “It gives employees access based on stakeholder policies and improves the flow of people through an organisation. The security director is relieved of administrative work and can work on ‘real’ security.” I saw some other things today, too, which I will share in a future GSX article... And more about the show tomorrow.
Located in Eastern China, Hangzhou is the capital and most populous city of Zhejiang Province. It has registered population of 9,800,000, with total area of 16,596 km². Jianggan District is one of the five main urban areas of Hangzhou. With a floating population of about 1.06 million, Jianggan District ranks first among Hangzhou's main urban areas. As the new administrative center of Hangzhou, it boasts the most important CBD and the largest train station and car hub in Hangzhou, bringing together various traffic elements such as highway junctions and bridges across the river. The entire Jianggan District is promoting vital transformation in urban areas Intelligent surveillance system Covering 8 streets, 141 communities and 4 villages, the entire Jianggan District is promoting vital transformation in urban areas. Nevertheless, the non-registered population, accounted for about 40% of the total population, makes it hard for the local government to improve urban management in the district. Every policeman needs to manage 1,700 citizens on average. The shortage of police force affected their work precision and led to difficulties in providing timely police response. In addition, insufficient surveillance coverage and limited intelligence system in the area resulted in inactive security measures, making it difficult for the police to achieve their goals Integrating DoT, IoT and the internet Based on the Dahua Heart of City (HOC) architecture supported by "Full Sensing, Full Intelligence, Full Computing and Full Ecosystem (4 Full) capabilities, Dahua Technology firmly focused on the construction needs of the area and built the overall plan of establishing an ‘online police’. Integrating the Internet, DoT and IoT, Dahua Technology has successfully assisted the Hangzhou Jianggan Public Security in building a multi-dimensional network that targets customer value, and combines AI, big data, and cloud computing in order to obtain accurate real-time data and strengthen the current technology of “online police” operations. Sensors and monitoring products Dahua Technology deployed 19 sensors, hundreds of monitoring products and a sophisticated network Moreover, Dahua Technology deployed 19 sensors, hundreds of monitoring products and a sophisticated network. It also set up 46 actual police investigation models to provide accurate instructions for Jianggan police, including property crimes analysis, situation analysis, vehicle management, people management, psychiatric control, online apprehension of violators, as well as missing person search, etc. Compared with traditional police operation, Dahua HOC Safe City Solution has built an “Online Police” mechanism to obtain the most authentic real-time data through information technology, and carry out accurate computer applications for a more scientific service deployment, efficient police force and powerful security control. Dahua HOC Safe City Solution It ensures that the Jianggan police can perform properly at a given time. It also promotes the transformation of police affairs from passive to active, from extensive to subtle, from imprecise to accurate, and from offline to online, gradually carrying out the prediction, early-warning, and prevention measures of police operations. Since 2016, the Dahua HOC Safe City Solution has helped Jianggan Public Security achieve outstanding results including enhanced police intelligence, reduced crime cases, increase in case closure rate and efficiency, improvement in public service, and speedy recovery of missing individuals, opening a new chapter for intelligent police operations.
Genetec Inc., globally renowned technology provider of unified security, public safety, operations, and business intelligence has announced that the city of New Orleans (NOLA) is relying on Security Center, the company’s unified IP security platform, to improve public safety and enhance city-wide collaboration. With about 400,000 residents, New Orleans (NOLA) is the most populous city in the State of Louisiana. Like other big cities, NOLA is focused on enhancing public safety for its citizens and the 1.2 million visitors who flock to the city’s French Quarter for Mardi Gras celebrations. Using Security Center, the NOHSEP agency has saved police officers about 2000 hrs of investigative work in just a year Genetec Security Center As part of a Citywide Public Safety Improvement Plan that included the deployment of a new citywide public safety system and the construction of a Real-Time Crime Center (RTCC), the New Orleans Homeland Security and Emergency Preparedness (NOHSEP) chose the Genetec Security Center unified platform to support all city agencies. Using Security Center, the NOHSEP agency has saved police officers about 2000 hours of on-foot investigative work in just one year. “It might take a police officer over an hour to visit business locations, speak with owners, look through video, find what they are looking for, get a copy of video onto USB keys, drive back to the precinct, and then submit that into evidence." said George Barlow Brown, IT Manager at the New Orleans Real Time Crime Center. Video and ALPR cameras He adds, “So, we have essentially saved the department over 2000 hours of manual labor in physically collecting and storing video evidence. That’s more time for officers to respond to calls of service and be present in our many neighborhoods, which helps build community confidence. The ROI is there for us in terms of the efficiency,” The team can now easily retrieve evidence from over 325 city-owned video cameras and 100 automatic license plate recognition (ALPR) cameras (60 of which are Security Center AutoVu cameras) from the Real-Time Crime Center. The new security platform is integrated with other public safety solutions such as a Briefcam analytics system and a computer-assisted dispatch (CAD) system. All this information gets routed through to a central command center, speeding up emergency response. Share video access with RTCC “Our operators do the full investigative work right from within Security Center. It’s just one of the most intuitive solutions that I have ever seen. We can display up to six video tiles and hit ‘synchronise video’ to see various angles of the same scene playing at the same time. We can then select the segment of video we need and hit export. Each 10-minute segment from all the video tiles is then archived for viewing later on,” said Brown. NOLA is also leveraging Security Center to foster a true public-private partnership. The city launched a platinum version of the SafeCam project, which allows businesses to share access to external video cameras with the RTCC. Motion-detection alarms Using the Genetec Federation feature, the NOHSEP team can access video from participating companies’ systems Using the Genetec Federation feature, the NOHSEP team can access video from participating companies’ systems. Participating businesses can be identified by discrete signage at their front entrances. This tells on-the-ground officers that this business has shared their outdoor cameras with the RTCC, and there is no reason to disturb the establishment or their customers. The officer can simply call RTCC operators to get the evidence they need. Brown and his team also have motion-detection alarms set up on cameras facing some known illegal dumping sites. As soon as someone dumps refuge in these locations, the team can proactively notify the Sanitation Department so they can collect the debris. Mining video and data NOLA is making the most of its security investments to improve city life too. For one, the RTCC operates a backup emergency operations center for the city of New Orleans. The NOHSEP team has also shared video feeds with other city departments such as the Sewage and Water Board, so they can determine the rate at which an intersection floods. As plans continue to evolve, the RTCC team is taking full advantage of the new technology to keep NOLA safer. “As far as investigations and the ability to mine video and data, Security Center is hands-down the best product out there. With this platform, we’re extending greater efficiency to responding officers, and we’re also forging stronger partnerships with our community. Together, we’re all working smarter and faster to keep New Orleans safe,” concluded Brown.
Delfina Chain, Sr Associate Customer Engagement & Development at Flashpoint, discusses what resources defenders must access to in order to keep a finger on the pulse of the cybercriminal underground. Artificial intelligence (AI) is already being applied to diverse use cases, from consumer-oriented devices - such as voice-controlled personal assistants and self-directed vacuum cleaners - to ground-breaking business applications that optimise everything from drug discovery to financial portfolio management. So naturally, there is growing interest within the information security community around how we can leverage AI - which encompasses the concepts of machine learning (ML) and deep learning (DL) - to combat cyber threats. AI-enhanced cyber security The effectiveness and scalability of cybersecurity-related tasks has already been enhanced by AI The effectiveness and scalability of cybersecurity-related tasks, such as malware and spam detection, has already been enhanced by AI, and many expect ongoing AI innovations to have a transformative impact on cyber defence capabilities. However, security practitioners must also recognise that the rise of AI presents a potent opportunity for cybercriminals to optimise their malicious activities. Much like the rise of cybercrime-as-a-service offerings in the underground economy, threat-actor adoption of AI technology is expected to lower barriers to entry for lower-skilled actors seeking to conduct advanced malicious operations. A report from the Future of Humanity Institute emphasises the potential for AI to be used toward beneficial and harmful ends within the cyber realm, which is amplified by its efficiency, scalability, diffusibility, and potential to exceed human capabilities. Encrypted chat services Potential uses of AI among cybercriminals could include the development of highly evasive malware, the ability for automated systems to exhibit human-like behaviour during denial-of-service attacks, and the optimisation of activities such as vulnerability discovery and target prioritisation. Fortunately, defenders have a leg up over adversaries in this arms race to harness the power of AI technology, largely due to the time- and resource-intensive nature of deploying AI at its current stage in development. The purpose of intelligence is to inform a course of action. For defenders, this course of action should be guided by the level of risk (likelihood x potential impact) posed by a threat. The best way to evaluate how likely a threat is to manifest is by monitoring threat-actor activity on the deep-and-dark-web (DDW) forums, underground marketplaces, and encrypted chat services on which they exchange resources and discuss their tactics, techniques, and procedures (TTPs). Cobalt Strike threat-emulation software Flashpoint analysts often observe cybercriminals abusing legitimate technologies in a number of way Cybercriminal abuse of technology is nothing new, and by gaining visibility into adversaries’ ongoing efforts to develop more advanced TTPs, defenders can better anticipate and defend against evolving attack methods. Flashpoint analysts often observe cybercriminals abusing legitimate technologies in a number of ways, ranging from the use of pirated versions of the Cobalt Strike threat-emulation software to elude server fingerprinting to the use of tools designed to aid visually impaired or dyslexic individuals to bypass CAPTCHA in order to deliver automated spam. EMV-chip technology Flashpoint analysts also observe adversaries adapting their TTPs in response to evolving security technologies, such as the rise of ATM shimmers in response to EMV-chip technology. In all of these instances, Flashpoint analysts provided customers with the technical and contextual details needed take proactive action in defending their networks against these TTPs. When adversaries’ abuse of AI technology begins to escalate, their activity within DDW and encrypted channels will be one of the earliest and most telling indicators. So by establishing access to the resources needed to keep a finger on the pulse of the cybercriminal underground, defenders can rest easy knowing they’re laying the groundwork needed to be among the first to know when threat actors develop new ways of abusing AI and other emerging technologies.
Pulse Secure, the provider of software-defined Secure Access solutions, has announced the successful delivery of a project to help Hogarth Worldwide refresh its secure access platform as part of a Zero Trust approach to security. Hogarth Worldwide is a creative production business, providing marketing production and adaptation services for some of the world’s most recognisable brands and global multinationals. Security is a critical part of this service and Hogarth manages its own multi-layered secure access platform. Having grown rapidly over the last decade, the company had reached capacity on its legacy Juniper VPN solution that was also heading towards end of support. With the need to upgrade fast approaching, Hogarth decided to both refresh its secure access platforms to meet greater demand and gain access to more advanced capabilities. Requirement of VPN and NAC platform Hogarth contacted ANSecurity, a trusted cyber security advisor that it had worked with previously on several projectsPeter Smith, Global Network Architect at Hogarth, said, “We initially created a shortlist of vendors from the Gartner Magic Quadrant and started examining a few options. Our key criteria was a VPN and NAC platform that was easy to deploy and manage, with strong compatibility across a wide range of devices, plus the ability to adapt.” Hogarth contacted ANSecurity, a trusted cyber security advisor that it had worked with previously on several projects. The team at ANSecurity provided guidance to help scope the project and design a technical implementation. “We looked at a number of options, but we felt that Pulse Secure offered the best combination of features and compatibility along with the flexibility we needed to meet our current requirements and future needs,” said Smith. Pulse Connect Secure (PCS) virtual appliances Based on these requirements, Hogarth selected Pulse Connect Secure (PCS) virtual appliances deployed within its main data centres in London and several branch offices across the world to provide VPN access. This is supported by Pulse Policy Secure (PPS), a next-generation NAC appliance that enables Hogarth to gain deeper visibility and understanding of its security posture. The combined solution is deployed as part of a Zero Trust approach to security allowing Hogarth to ensure its distributed workforce is authenticated, authorised and secure when accessing applications and resources across its own data centre and cloud-based resources. The data from all these systems is passed to a SIEM to allow the IT department to quickly detect any issues The solution is integrated into its Ruckus based Wi-Fi network, Radius authentication server and multi-factor authentication which runs in Azure. The data from all these systems is passed to a SIEM to allow the IT department to quickly detect any issues and automate threat response to mitigate malware, rogue devices, unauthorised access and data leakage risks. Meeting the requirements of TISAX “The virtual appliance offered better performance than our legacy solution and the Pulse Secure VPN and NAC appliances were easy to deploy with a low management overhead,” commented Smith. “We have a high availability configuration and the built-in licence server makes it easy to add more users or devices as needed.” The new solution has also helped Hogarth to meet the requirements of TISAX (Trusted Information Security Assessment Exchange) that enables mutual acceptance of Information Security Assessments which was a key requirement for several of its clients within the automotive industry. “The upgrade to Pulse Secure has gone very smoothly, we have had no issues and the solution has delivered as expected with the potential to adapt as our security needs evolve,” Smith concluded.
ANSecurity, globally renowned specialist solutions firm in advanced network and data security, has announced the successful completion of a Secure Access platform upgrade for the South Hams District Council and West Devon Borough Council. South Hams District Council and West Devon Borough Council serves a large portion of the county of Devon in South West England. With just under 400 staff, the council provides a variety of services to over 100,000 properties and 140,000 residents. Due to a need to protect sensitive data and at the same time accommodate modern, flexible ways of working, South Hams District Council and West Devon Borough Council was undergoing the process of transforming the way it worked. Secure Access platform The council opted for an “always on” VPN - one which would use a device ID to authenticate to the council’s network The council wanted to ensure that in the future, its employees could work in a location agnostic way. Secure Access was central to that transformation, providing a secure connection between an employee’s device and the council’s network. The council approached ANSecurity for help in managing the upgrade to the latest platform. After a series of calls and on-site meetings, the full upgrade was purchased. It chose Pulse Secure appliances for their unparalleled ability to combine Secure Access with a user friendly experience. The council opted for an “always on” VPN - one which would use a device ID to authenticate to the council’s network - thereby circumventing the manual sign-in process and providing a streamlined authentication process for users. From there the processes of logging in at home, or the office became almost identical. By deploying fewer physical 2 factor tokens, the council made further savings. ANSecurity helped the council configure the VPN with a couple of days of on-site consultancy. Pulse Secure VPN Mike Ward, the council’s head of IT commented, “Security of this type is an enabler to the way we work - we couldn't do it without a VPN. ANSecurity have been a great partner for us and nothing was too much trouble, they provided good guidance and were there every step of the project. We look forward to working with them on an on-going basis.” The council’s new operating model has proved tremendously popular with staff, allowing them to work agilely in whatever location they choose. The council’s offices are now hot desking locations with around 100 to 150 people using Pulse Secure VPN to log into the office network every day. The ability to capture business processes into its workflow allowed the council to downsize its staff costs and save £1.4 million a year. The resultant savings in money, staff and space has also cut its carbon footprint and paper waste significantly.
In the aging trend of 21th century with rapid aging population and high healthcare costs are creating a growing demand for care at home, especially for seniors with long-term health conditions. Home care is moving towards tele-health monitoring and telemedicine, including video conferencing and remote monitoring technology to help increase caregiver efficiency while still providing constant convenience to the patients. Living independently and aging gracefully are the ideals that every individual seeks to pursue, and the challenge is to ensure that all people can age with dignity and security. Climax’s GX Cubic Smart Care Medical Alarm is an all-in-one wellness, and personal safety medical alarm solution, designed to help the elderly to manage their long-term health conditions, bridging medical health monitoring information to care providers/hospitals and create points of care to keep them safe in their own homes. GX Cubic medical alarm GX Cubic can be flexibly connected with third-party Bluetooth (BLE) healthcare sensors GX Cubic can be flexibly connected with third-party Bluetooth (BLE) healthcare sensors, like blood glucose monitor, pulse oximeter, blood pressure monitor, or weight for tracking health data and providing customised alerts to meet individual needs. The measurements can be automatically sent to a health professional who can review the results and continuously keep an eye on the patient’s health needs and provide early treatment as necessary. In addition to medical health monitoring, GX Cubic is also compatible with Pivotell Advance Automatic Pill Dispenser to keep secure of all pills, and remind the user to take the correct medicine at the pre-set time. The solution allows health professionals to monitor pill taking timely results and keep an eye on the patients’ treatment as needed. For situation when remote monitoring care given is insufficient and the user requires onsite assistance, GX Cubic can raise an emergency alarm to inform the caregiver or medical personnel for immediate action. Seniors can be assured that they are always being taken care of, and provide their family members with a peace of mind. Voice recognition solution Voice recognition has innovated over time and continues to advance, allowing products to become even more intuitive and easier to use. GX Cubic has built-in voice recognition and can activate an emergency call to care provider or central monitoring center by preset vocal commands or keywords. This allows seniors to receive emergency attention even in situations where they are immobilised or cannot manually reach the panic button. Working with the leading voice ecosystems Amazon Alexa and Google Home via cloud, GX Cubic also features voice control to activate home electronic devices, complete daily tasks, and seek help during emergencies. Voice over Internet Protocol With the VoIP (Voice over Internet Protocol) feature, GX Cubic users can also initiate two-way voice callsWith the VoIP (Voice over Internet Protocol) feature, GX Cubic users can also initiate two-way voice calls to contact their caregivers or family members at any time. With the additional add-on of DECT, GX Cubic can pair with voice extenders, talking pendants, call points, and voice extenders placed strategically around the home to create a safety net. Smart Home Automation Comprehensive elderly-friendly health care should also have a focus on preventive action to maintain a healthy ageing process. To realise independent living in a smart way, GX Cubic pairs with Zigbee or Z-Wave sensors to enable the whole-home control with various protocol-of-choice. GX Cubic can be programmed to turn on the hallway lights automatically when a sensor reports a senior’s movement in the middle of the night, to reduce a chance of falling; or automatically adjusting air conditioning when there is a sudden temperature-drop. The scenarios are unlimited to fit individual requirements, ensuring a safest living experience for the senior users. GX Cubic can also integrate IP security cameras and camera PIR motion sensors to deliver real-time visual monitoring and verification. When an emergency occurs, alerts are immediately sent to family members, and Monitoring Center to verify the event and sending immediate assistance as needed. Lastly, GX Cubic can support wireless sensor devices, allowing users to add in smoke detectors, water leakage sensors, and gas sensors to monitor environmental emergencies; and motion sensors, door contacts, sensor pad transmitters for inactivity monitoring, to build a healthier, safer independent living.
Round table discussion
Along with the integration of security and other systems in an enterprise environment comes a need to centralise monitoring and control of the unified network. A control room is at the center of managing integrated systems, providing the focal point to collect information from a variety of sensors, analyse the data, and then respond appropriately. The technologies that drive these functions are changing and evolving, thus increasing the efficiency and efficacy of systems. We asked this week’s Expert Panel Roundtable: What’s new in command-and-control systems, and what is the impact?
While unpacking our bags from a trade show, it is interesting to consider the dominant themes and trends we heard and saw at the show. So it is with the recently concluded Global Security Exchange (GSX) show in Chicago, presented by ASIS International. Amid all the product promotion, training sessions, networking and tired feet at the show, what really stood out? We asked this week’s Expert Panel Roundtable: What was the big news at the GSX 2019 trade show in Chicago?
An aging employee population and the influx of a new generation of workers and customers is driving change in the physical security industry. Millennials – those born in the 1980s and mid-1990s – are especially impacting how the industry operates, the technologies it produces, and the customers it serves. This tech-savvy generation grew up with the Internet at their fingertips. They embrace innovation in all its glory and expect it to play a seamless role in their lives – and work. We asked this week’s Expert Panel Roundtable: How are millennials changing how security systems are designed, installed and/or operated?