A larger proportion of cyberattacks in the first half of 2019 can be attributed to electronic criminals (eCrime adversaries) compared to state-sponsored or unidentified attacks. CrowdStrike, a cybersecurity company that provides the CrowdStrike Falcon endpoint protection platform, observes that 61% of targeted cybersecurity campaigns in the first half of 2019 were sourced from eCrime adversaries, compared to 39% from other sources. Technology was the top vertical market targeted by cyber-attack...
PAC & GDX, global provider of access control and door entry solutions, has announced the availability of its new Architect range of readers. By integrating cutting edge radio frequency identification (RFID), near field communication (NFC) and Bluetooth technologies into the Architect range, PAC & GDX has made it possible for smartphones to be used as an access control identification tool, thereby providing the highest level of convenience, flexibility and ease of operation. Integrating...
Guest-of-Honour Ms. Sun Xueling, Senior Parliamentary Secretary, Ministry of Home Affairs & Ministry of National Development officially launched the Security Industry Conference (SIC) 2019, and the Safety & Security Asia (SSA) 2019, Fire & Disaster Asia (FDA) 2019 and Work Safe Asia (WSA) 2019 showcases at the Architecture & Building Services (ABS) 2019; located at the Marina Bay Sands Singapore Expo & Convention Centre. This year, SIC 2019 will focus on the topic “Tot...
Share911, a security technology company that offers critical communication solutions, announced that the company will be showcasing its collaborative mass notification platform at the ISC East Show in booth #1449. ISC East is the northeast’s largest security trade show and will be taking place at the Jacob Javits Center on November 20th-21st, 2019. The show boasts over 7,000 security and public safety professionals coming together in New York each year to meet experts from over 250 leadin...
Confederation of European Security Services, CoESS and Euralarm have published a joint brochure on cyber security. The first copy of the brochure ‘Cyber security - Threat or Opportunity? It’s up to you!’ was launched during the General Assembly of CoESS held on 11 October in Rome. Cyber security breaks up the borders between product development, design, installation, operational continuity and alarm response. The guidelines highlight that when addressing cyber security, it is...
Fugue, the company delivering autonomous cloud infrastructure security and compliance, has announced its support for Open Policy Agent (OPA), an open source general-purpose policy engine and language for cloud infrastructure. Fugue is leveraging OPA and Rego, OPA’s declarative policy language, for cloud infrastructure policy-as-code to provide customers with maximum flexibility when implementing their custom enterprise policies. The Cloud Native Computing Foundation (CNCF) accepted OPA as...
Genetec Inc., global technology provider of unified security, public safety, operations, and business intelligence has announced the new camera registry module for Genetec Clearance, a digital evidence management system that facilitates collaboration between public safety agencies, corporate security departments, businesses, and the public. Video evidence is an invaluable tool to help investigators review events and solve crimes. However, the process of retrieving recorded evidence from surveillance cameras deployed by cities and private businesses located nearby an incident is cumbersome and time-consuming. This can lead to delays in an investigation and increase the risk of evidence being missed. Genetec Clearance camera registry module The new camera registry module in Genetec Clearance simplifies the video request process and improves collaboration between businesses and public safety agencies. Organisations can share a registry of the cameras they’ve deployed —including surveillance cameras, body cameras, and on-board recorders from different manufacturers— to allow authorised users to rapidly identify cameras of interest and request video to assist in an investigation. The ability for administrators to customise request forms and their required approval workflow also ensures protocols are followed when releasing video to a requesting party. Once a request is approved, encrypted recordings can automatically be sent to an authorised investigation, while also maintaining the chain of evidence. Compatibility with varied video codecs The technology allows organisations to maximise the use of their staffing" Genetec Clearance supports a variety of video codecs, so recipients can easily review recordings from a web browser without having to download and install a separate video player. “The Genetec Clearance camera registry allows organisations to reduce the time to fulfill access requests and share video evidence between stakeholders operating across different systems, departments, and jurisdictions,” said Erick Ceresato, Genetec Product Manager. Fast access to video evidence Erick further said, “The technology allows organisations to maximise the use of their staffing and provides investigators faster access to evidence to help enhance their response, and focus on public safety within their communities.”
My Alarm Center (MAC) has announced two new additions to its executive leadership team. Evan Flamm, Senior Vice President of Finance, and Chris Honigman, Senior Vice President of Sales and Marketing, will provide critical departmental oversight and continue company growth initiatives, out of the Philadelphia-area-based corporate headquarters, reporting to President and Chief Executive Officer, Amy Kothari. Evan Flamm is responsible for developing the company's financial strategy, policies and plans Strategic acquisitions As Senior Vice President of Finance, Evan Flamm is responsible for developing the company's financial strategy, policies and plans. These include assessing operating results and impact on profitability, reviewing potential strategic acquisitions, as well as managing the annual budget process. Evan will be actively involved in improving the overall fiscal soundness and operating effectiveness of the company. He will also maintain relationships with external financial institutions, equity sponsors and the Board of Directors, along with working in coordination with the rest of the leadership team to further company strategic initiatives. Operational analytics Evan most recently worked at Connect America as Vice President of Corporate Finance and Strategic Planning, where he led their strategic and financial initiatives and operational analytics. His previous experiences include various roles in financial operations and analysis, as well as IT strategy consulting at IBM. Flamm holds a BS Degree in Finance from Penn State University and lives in Center City, Philadelphia. Chris will focus on continued revenue growth in our current markets Chris Honigman joins My Alarm Center as Senior Vice President of Sales & Marketing and will have oversight of branch leadership as well as sales operations and marketing. Chris will focus on continued revenue growth in our current markets, including PA, GA, TX and CA, and assist with the strategic review of potential acquisitions that support overall revenue growth plans. Cyber security expert Honigman joins the My Alarm Center team with more than thirty years of sales and marketing leadership both inside and outside the security industry. He most recently worked at Identity Guard, a globally renowned cyber-security company, where he was responsible for strategic business development. Honigman has led national sales teams in the communications and IT consulting verticals, and earlier in his career, worked for Interface Security which, at the time, owned My Alarm Center's Texas operation, HAWK Security. Chris holds a BA in Communications from West Chester University and lives in Ambler PA.
Globally renowned cyber security company, BullGuard has announced releasing BullGuard Small Office Security, a new, powerful, cloud-managed endpoint security service for the small business market. BullGuard Small Office Security enables businesses to operate with the knowledge they are protected against identity and data theft, account takeover, malware such as ransom-ware, and other cyber threats. Robust endpoint protection BullGuard Small Office Security provides robust endpoint protection for desktops, laptops, tablets and smartphones, making it perfect for mobile workforces to work safely on their devices in the office, at home, or while hot desking or travelling. Small Office Security safeguards Windows, Android and MacOS devices and is backed by BullGuard’s highly acclaimed live 24/7 technical support, while endpoint security management is simple via an easy-to-use cloud-based portal. BullGuard Small Office Security is designed explicitly to meet the needs of today’s small offices" “Cyber security solutions for small offices are typically complex and challenging for businesses to deploy and use because they are re-engineered from legacy enterprise solutions designed for organisations with thousands of users,” said Paul Lipman, CEO of BullGuard. Enhanced cyber security “Small businesses are more vulnerable to cyber-attacks as cyber criminals increasingly focus their attention on the small office space and these companies are typically not as well protected as their enterprise counterparts. BullGuard Small Office Security is designed explicitly to meet the needs of today’s small offices.” At the heart of BullGuard Small Office Security is BullGuard’s award-winning anti-malware protection, which consistently scores very highly in independent malware detection tests. Companies that fall victim to a cyber-attack often experience significant downtime that seriously impacts productivity, data privacy, and even earnings. Endpoint-based machine learning With BullGuard Small Office Security, small office businesses are fully protected by a proprietary multi-layered behavioural engine that stops all types of malware in its tracks. It also includes endpoint-based machine learning to bolster security even further with advanced zero-day threat detection, which ensures systems are protected even when offline, and without requiring signature updates. Small companies can enjoy complete endpoint protection from a trusted brand" BullGuard Small Office Security is ideal for any small office, including those that currently use third-party companies to install and manage their endpoint cyber security, as well as small offices that prefer to manage their own security in-house. Set-up and deployment take just minutes, security issues can be resolved in an instant, and the service uses minimal device resources. BullGuard Cloud Admin Portal The BullGuard Cloud Admin Portal is designed exclusively to meet small office endpoint management requirements, providing easy and comprehensive real-time management of all devices: Easy deployment: A company administrator simply emails employees from the portal and they click on a link and register without the need for any credentials to be entered. This includes fixed workstations as well as personal mobile devices (BYOD). Safe mobile working: Devices are completely secured enabling employees in the field to go safely about their business. Missing devices can be located and remotely locked or wiped. Remote management: BullGuard Small Office Security provides an immediate 360-degree view of device security status, which in turn enables remote actions such as applying updates, disabling, enabling and restarting devices as well as the management of quarantined files. Red flags: Malware infections spread rapidly and those such as ransom-ware can take businesses down in seconds. An alert system provides immediate notification about security events allowing instant remedial action, ensuring the company isn’t held hostage by cyber criminals. Filter out danger: Blocks malicious websites, phishing emails and browser plug-ins and extensions that are known to be dangerous, keeping the company and employees safe from harmful downloads Stay ahead of remote device infections: Sometimes devices can be infected via a USB or by plugging into a computer outside of the company network. In these cases, BullGuard Small Office Security detects, blocks and notifies the administrator. It also sends an alert if a device has been offline for too long. Simple employee management: When an employee leaves or joins the company the relevant computing device is simply disabled via the portal, while security for new employee devices is just as easily enabled. Group settings: Many websites can hide malicious code and some IP addresses can be identified as the source of undesirable websites and server hosts. An administrator can use group settings to stop suspicious websites and server hosts from causing harm to the company network and individual endpoints. Full reports: Provides complete reports on device status, threats and tasks so that nothing is overlooked. Data security “We have made cyber security a less daunting challenge for small business owners, making it simple for them to stop professional cybercriminals from gaining access to their company’s data, intellectual property and funds. Now, small companies can enjoy complete endpoint protection from a trusted brand and get on with the more important task of running their business,” added Paul Lipman.
Arteco keeps pursuing its global expansion strategy and, after the USA, South Africa and Mexico, is now aiming for the Southeast Asia and Pacific region by signing a representation agreement with YEM International for the management of the export activities in the Asia Pacific Area. Arteco expands to Southeast Asia region The big economic powers are pushing this growth of the sector with infrastructural projects “It is a wise and far-sighted choice”, affirms Giampaolo Sabbatani, CEO of Arteco Global. “Let’s look at the recent records of the APAC area: in 2018, security market in that region registered revenue of $26.3 billion in 2018, and is expected to register a CAGR of 14.3% during 2019-2024, when it is expected to hit $57.9 billion”. The big economic powers are pushing this growth of the sector with infrastructural projects (India alone is going to build 100 airports) and a strong focus on the development of smart cities. Video management solutions expert “The future is bright, despite the strong competition we will have to face” underlines Mario Ali, Regional Sales Director for Critical Infrastructure Protection & Video Analytics of YEM, that from the branch in Singapore will deal with Arteco export in the region. “We all know the giants of the industry, but VMS is the widest battle field, where quality makes the difference”. Despite the biggest competitors of the western tech companies are exactly from the APAC area, the extensive Asian markets have room for companies that can leverage their quality to create fruitful business opportunities. For this reason, Arteco chose YEM International, the company guided by Franco Pesci, to make a further step on the path of the international expansion.
The ETSI Industry Specification Group (ISG) for Network Functions Virtualisation (NFV) has started working on its next specification release, known as Release 4. While NFV-based deployments are expanding worldwide and show the benefits of network function virtualisation, new technologies are expected to be leveraged and features are being added in support of 5G and novel fixed access network deployments that are emerging in many countries. Network Functions Virtualisation-based deployments The Release 4 work programme will provide the right setting to further enhance the NFV framework The Release 4 work programme will provide the right setting to further enhance the NFV framework by considering recent technological advances, as well as ways to simplify its usage, that are aligned with the current trends in the industry towards network transformation. Release 4 addresses several new issues in the following technical areas: the evolution of the NFV framework to support the most recent cloud, software, and virtualisation techniques; novel management architectural styles and operationalisation aspects, leveraging virtualisation characteristics to simplify deployments; and increased support for automation. VNF generic operations More specifically, at its twenty-seventh plenary meeting, the ETSI ISG NFV approved, among others, new Release 4 work items to conduct a set of studies about service-based architecture design for NFV, VNF generic operations, administration and management (OAM) functions, as well as enablers for autonomous management in NFV management and orchestration (NFV-MANO). Normative work in Release 4 to enhance the support in the NFV framework for container-based deployment of VNFs was also started, addressing service interfaces for OS container management and orchestration, as well as the requirements for the management and orchestration of container cluster nodes. A better setting for the applicability to NFV of current network cloudification trends, as well as new tools to make network deployments and their operation more automatic and simpler, yet flexible, are among the expected outcomes from the new work that was launched. Network and cloud security Technical topics comprising the Release 4 scope exemplify how the NFV framework is continuously being enhanced" “The technical topics comprising the Release 4 scope exemplify well how the NFV framework is continuously being enhanced to consider existing and new technology trends and provide the demanded support by network operators and network function providers for deploying current and future network generations”, says Joan Triay, ETSI ISG NFV Technical Manager. While the ETSI ISG NFV is transitioning into the new release, the group will also continue the maintenance of Release 2 specifications, dealing with implementable protocol and data models, as well as their counterpart testing specifications to the end of 2019 and into 2020. This will ensure that bug fixes based on industry feedback are addressed, and that interoperability activities are continuously fostered. ETSI ISG NFV At the same time, protocols and data models for supporting Release 3 features are also under development. The Release 3 feature set has been frozen, after the ETSI ISG NFV delivered the specifications of the corresponding enhancements to the architecture, interface and information models in the summer of 2019.
IMG GlobalSecur, Inc., an international travel security consulting firm, is proud to announce a new post on privacy and travel safety apps on its FoneTrac website. The post highlights some of the important issues HR managers facing when selecting a best-in-class travel security app for employee security including itinerary monitoring. Most businesses and HR managers must be transparent when it comes to privacy issues in contrast to government agencies and law-enforcement personnel who face a different institutional environment. FoneTrac travel security app solution “The privacy relationship between employer and employee needs to be transparent,” explained Chris Hagon, CEO of IMG GlobalSecur. “Our new post highlights some of the different issues that government agencies face when dealing with international travel vs. employers who are seeking a ‘win/win’ and transparent travel security app solution that is also mindful or privacy concerns.” In fact, he continued, ‘FoneTrac is purposely designed to be user driven’. This means that the App and backend are unaware of a traveler’s exact location unless they press the ‘Check-In’ or ‘Panic Alert’ button.” GPS tracking To view the new post on travel security and privacy concerns, please visit the FoneTrac blog post What this means is that the app is ‘position-locating’ rather than ‘travel monitoring’, providing a happy medium between employee privacy concerns and the technical needs of the app to be able to help in the event of a security concern. This innovative feature has propelled FoneTrac to be one of the most popular travel security and itinerary monitoring apps for employees in the ecosystem. To view the new post on travel security and privacy concerns, please visit the FoneTrac blog post. Persons who want a robust overview to the features of the travel security app can visit and those who would like to know more about the GlobalSecur backend can also visit the blog post. International travel security HR managers and employers are encouraged to reach out for a demo, as demos are available of the FoneTrac travel security app as are one-on-one consultations. Journalists and bloggers are encouraged to reach out to the company for commentary on emerging privacy trends vis-a-vis international travel security.
The cyber security threat is constant and real. Entire businesses, large enterprises and even whole cities have been vulnerable to these attacks. Growing threat of cyber attacks The threat is not trivial. Recently, two cities in Florida hit by ransom ware attacks – Rivera Beach and Lake City – opted to capitulate and pay ransom totaling more than $1.1 million to hackers. The attacks had disrupted communications for first responders and crippled online payment and traffic-ticketing systems. It was reminiscent of the $4 billion global WannaCry attacks on financial and healthcare companies. A full two years after the WannaCry attack, many of the hundreds of thousands of computers affected remain infected. And hackers are continuously devising new techniques, adapting the latest technology innovations including machine learning and artificial intelligence to devise more destructive forms of attack. Indeed, AI promises to become the next major weapon in the cyber arms race. For enterprises, there is no choice but to recognise the threat and adopt effective countermeasures Enterprise security For enterprises, there is no choice but to recognise the threat and adopt effective countermeasures. Not surprisingly, as the number, scale and sophistication of cyber-attacks has grown, so has the significance of the Chief Information Security Officer, or CISO, who owns the responsibility of sounding the alarm to the C-suite and the board – and recommending the best defense strategies. Consider it a grim irony of the digital economy. As companies have migrated to the cloud to gain scale and efficiency and integrated new channels and touch points to make it easier for their customers and suppliers to do business with them, they have also created more potential points of entry for cyber-attacks. IoT increases threat of cyber-attacks Amplifying that vulnerability is the trend of allowing employees to bring their own laptops, smartphones and other digital devices to the office or use to work remotely. And thanks to the Internet of Things, as more devices connect to enterprise systems – from thermostats to cars – the threat surface or targets of intrusion are multiplying exponentially. According to the McAfee Labs 2019 Threats Predictions Report, hackers will increasingly turn to AI to help them evade detection and automate their target selection. Companies will have no choice but to begin adopting AI defenses to counter these cybercriminals. Importance of cyber security This escalation in the cyber arms race reflects the sheer volume of data and transactions in modern life. In businesses like financial services and healthcare it is not humanly possible to examine every transaction for anomalies that might signal cyber snooping. Even when oddities are glimpsed, simply flagging potential problems can create so-called threat fatigue from endless false alarms. What’s more, attacks like those from Trickbots are specifically designed to go undetected by end users. The fact is, even if throwing more people at the problem were a solution, there aren’t enough skilled cyber security workers in the world. By some estimates, as many as 10 million cyber security jobs now go unfilled. AI is being used to conduct predictive analysis at a scale beyond human means Deploying AI As a result, AI is being deployed on multiple cyber-defense fronts. So far, it is mainly being used to conduct predictive analysis at a scale beyond human means. AI programs can sift through petabytes of data, identifying anomalies and even helping an organisation recognise and diagnose intrusions before they turn into catastrophic attacks. AI can also be used to continually monitor and allocate levels of access to a network’s multitude of legitimate users – whether employees, customers, partners or suppliers – to ensure that all parties have the access they need, but only the access they need. Countering cyber security threats To harden defenses, some AI programs can be configured to perform simulated war games To harden defenses, some AI programs can be configured to perform simulated war games. Because cyber attackers have stealth on their side, organisations might need dozens of experts to counter only a handful of attackers. AI can help even the odds, scoping out the potential permutations of vulnerabilities. As CISOs – and the CIOs they typically report to – advise C-suites and boards on their growing cybersecurity risk, they can also help those leaders recognize an enduring truth: AI programs cannot replace experienced cybersecurity professionals. But the technology can make staff smarter, more vigilant and more nimbly responsive. AI-based cyber security tools Financial and healthcare companies are leading this charge because of the sheer volume and variety of transactions they handle and because of the value and sensitivity of the data. Organisations like the U.S. Department of Defense and the space agency NASA, as well as governments around the world are also implementing AI-based tools to address the cyber threat. For businesses of all types, the threat stretches from the back office to the supply chain to the store front. That is why recognising and countering that threat must involve everyone from the CISO to the CEO to the Chairman of the Board. The AI arms race is underway in security. To delay joining it is to risk letting your enterprise become one of the grim statistics.
Edward Snowden’s name entered the cultural lexicon in 2013, after he leaked thousands of classified National Security Agency documents to journalists. He’s been variously called a traitor, a patriot, a revolutionary, a dissident and a whistleblower, but however you personally feel about him, there’s one way to categorise him that no one can dispute: He’s a thief. There’s no doubt about it: Snowden’s information didn’t belong to him, and the scary truth is that he is neither the first nor the last employee to attempt to smuggle secrets out of a building – and we need to learn from his success to try to prevent it from happening again. Since the dawn of the digital age, we’ve fought cyber pirates with tools like firewalls, encryption, strong passwords, antivirus software and white-hat hackers. But with so much attention on protecting against cyber risks, we sometimes forget about the other side of the coin: the risk that data will be physically removed from the building. Douglas Miorandi, director of federal programs, counter-terrorism and physical data security for Metrasens, recently discussed the major risks to physical data security with SourceSecurity.com. Q: What do you believe are the main physical threats to data? The biggest threats I have seen in the physical data security space have varied over the years, but there are four specific risks that remain the same across the board for any organisation, which are: Every organisation is at risk of having data walk out the building with that employee The Insider Threat The Outsider Threat The Seemingly Innocent Personal Item Poor or Nonexistent Screening To beginning with, every company or government agency has at least one disgruntled employee working for them, whether they know it or not, and that means every organisation is at risk of having data walk out the building with that employee. That is what security experts call the insider threat. Q: What do you think influences employees to steal data from their own organisation? People steal data from their workplaces because they see some means to an end, whether it’s to expose something embarrassing or damaging due to a personal vendetta, or because they can sell it to a competitor or the media and benefit financially – meaning they don’t even need to be disgruntled; they might just want a quick way to make a buck. Financial data, too, is attractive, both for insider trading and selling to the competition. People steal data from their workplaces because they see some means to an end, whether it’s to expose something embarrassing or damaging due to a personal vendetta, or because they can sell it to a competitor or the media and benefit financially This can happen to both private companies as well as government agencies. Take Natalie Mayflower Sours Edwards for example, a Treasury Department employee who was caught in the act just last month, when she disclosed sensitive government information about figures connected to the Russia investigation to a reporter. She didn’t hack the system, she simply used a flash drive. And let’s not forget that Snowden was a contractor working for the NSA. Q: Many of us think of security threats coming from an outsider, do companies still face these type of threats? Yes. Unfortunately, organisations do not only need to worry about their own employees – companies and government agencies need to be wary of threats from outsiders. COTS devices include SD cards, external hard drives, audio recorders and even smart phones They can come in the form of the corporate spy – someone specifically hired to pose as a legitimate employee or private contractor in order to extract information – or the opportunistic thief – a contractor hired to work on a server or in sensitive areas who sees an opening and seizes it. Either one is equally damaging to sensitive data because of the physical access they have. Q: Whether it be an insider threat or an outsider threat, what are ways these individuals can steal sensitive data? There are two types of personal items that can be used to steal data: the commercially available off-the-shelf (COTS) variety, and the intentionally disguised variety. This is considered risk number three – the seemingly innocent personal item. COTS devices include SD cards, external hard drives, audio recorders and even smart phones, any of which can be used to transport audio, video and computer data in and out of a building. Intentionally disguised devices are straight out of the spy novel; they could be a recording device that looks like a car key fob, or a coffee mug with a USB drive hidden in a false bottom. Intentionally disguised devices are straight out of the spy novel; they could be a recording device that looks like a car key fob, or a coffee mug with a USB drive hidden in a false bottom Q: What is the difference between COTS and disguised devices? The difference between COTS and disguised devices is that if someone gets caught with a COTS device, security will know what it is and can confiscate it. The disguised device looks like a security-approved item anyone could be carrying into the workplace, making it especially devious. Sometimes these devices don’t just function to bring information out of a building; they are used to damage a server or hard drive once it’s plugged in to a computer or the network. Some are both – a recording device that extracts data and then destroys the hard drive. Companies with airtight cyber security protocols can sometimes fall down when it comes to physically screening peopleQ: With these types of discrete items, can security personnel still catch individuals in the act? For example, through security screenings? Poor or nonexistent screening is the most substantial security threat to any organisation when it comes to sensitive data. Whether it’s an employee, an outside contractor or a device, the physical security risks are real, and everyone and everything entering and leaving a building needs to be screened. Unfortunately, screening often isn’t occurring at all, or is ineffective or inconsistent when it does occur. Even companies with airtight cyber security protocols can sometimes fall down when it comes to physically screening people and stopping them from stealing data through recording devices. Q: It’s surprising that so many organisations would neglect physical security when protecting their data. It’s a huge mistake, and the consequences can be dire. They range from loss of customer trust, exorbitant lawsuits and tanking stock prices in the private sector; and risks to national security in the public sector. Costs and resource allocation increase as well during efforts to reactively fix or mitigate the effects of physically stolen data. For both the private and public sectors, the risk for data to be physically removed from a building has never been greater. Years ago, it was much harder for the average Joe to figure out where they could sell stolen data. Now, with the Deep Web, anyone with Tor can access forums requesting specific information from competing spy agencies, with instructions on how to deliver it, greatly reducing the risk of getting caught – and increasing the likelihood people will try it. Although it’s getting easier to sell data, the good news is that all of these threats are avoidable with the right measures. Physical data security and cybersecurity must be considered the yin and yang of an airtight policy that effectively protects sensitive or confidential assets from a malicious attack Q: So how can an organisation protect against these risks? There are a number of ways – and the first one requires a change of mindset. Not long ago, the building/physical security department and the IT/cybersecurity department were considered two different entities within an organisation, with little overlap or communication. Organisations now are realising that, because of the level of risk they face from both internal and external threats, they must take a holistic approach to data security. Physical data security and cybersecurity must be considered the yin and yang of an airtight policy that effectively protects sensitive or confidential assets from a malicious attack. Q: How can companies and government agencies combine both physical data security and cybersecurity initiatives? Physical security managers can advise cybersecurity managers on ways to reinforce their protocols – perhaps by implementing the newest surveillance cameras in sensitive areas, or removing ports on servers so that external drives cannot be used. Organisations need to create an effective program and ensure it stays effective so people know it’s not worth the hassle to try In turn, the cybersecurity team can let the physical security team know that they have outside contractors coming in to work on the server, and the physical security team can escort the contractors in and stand guard as they work. Constant communication and a symbiotic relationship between the two departments are crucial to creating an effective holistic security protocol and, once you’ve got the momentum going, don’t let it slow down. Sometimes efforts start off strong and then peter out if priorities change. When guards are down, it’s an excellent time for a malicious actor to strike. Organisations need to create an effective program and ensure it stays effective so people know it’s not worth the hassle to try. It’s not just about the mentality, though. Using the right technology is just as important. Q: What type of technology can you use to protect physical data? Many problems can be avoided by simply using the right technology to detect devices that bring threats in and carry proprietary information out. Electronics such as hard drives, cell phones, smart watches, SD cards and recording devices have a magnetic signature because of the ferrous metals inside them. Using a ferromagnetic detection system (FMDS) as people enter and exit a building or restricted area means that anything down to a small microSD card triggers an alert, allowing confiscation or further action as needed. Electronics such as hard drives, cell phones, smart watches, SD cards and recording devices have a magnetic signature because of the ferrous metals inside them Q: How does FMDS work? In the most basic terms, FMDS uses passive sensors that evaluate disturbances in the earth’s magnetic field made by something magnetic moving through its detection zone. Nothing can be used to shield the threat, because FMDS doesn’t detect metallic mass; it detects the magnetic signature, down to a millionth of the earth’s magnetic field. FMDS is the most reliable method of finding small electronics items and should be part of the “trust, but verify” model Although it is a passive technology, it is more effective and reliable than using hand wands or the walk-through metal detectors typically seen in an airport, which cannot detect very small ferrous metal objects. FMDS can see through body tissue and liquids, so items cannot be concealed anywhere on a person or with their belongings. Whether or not the items are turned on doesn’t matter; FMDS doesn’t work by detecting a signal, but rather by spotting the magnetic signature that electronics contain. This is ideal, because most recording devices do not emit any signal whatsoever. In my experience, FMDS is the most reliable method of finding small electronics items (as well as other ferrous metal objects, like weapons), and should be part of the “trust, but verify” model, in which companies assume the best of their employees and anyone else entering the building, but still take necessary precautions. Q: What are the key takeaways for organisations looking to enhance data security? The toughest challenge in the security sector – whether it’s cyber or physical – is remembering that the bad guys are constantly looking for ways to slip in through the cracks, and security departments need to stay one step ahead to ward off both internal and external threats. Recognising the existing threats, putting together a holistic security strategy, and using the right technology to detect illicit devices comprises an effective three-pronged approach to protecting an organisation’s data. Organisations cannot afford to be passive about security and assume employees won’t steal data and spies won’t sneak in. Strong countermeasures are necessary because data loss can come from both inside and outside, in both private and public sectors, from places not everyone thinks of – and with technology like FMDS acting as a backup to the human element, organisations can lock down their data and keep the wolves in sheep’s clothing from getting through the door.
There’s only so much a corporation can do to counteract the threat of a major incident. You can ask everyone to be vigilant and to report anything suspicious, but you cannot stop someone intent on deliberately starting a fire, threatening a work colleague with a knife or something much worse. And of course, most businesses recognise that even routine events – such as burst pipes, IT system failures, extreme weather event or power outages – can have significant consequences unless they are quickly brought under control. Training security officers Governments and organisations across the world are increasingly encouraging businesses to re-assess risks and to plan for and conduct drills for major emergencies. This is driving different agencies and companies to invest in new skills, resources and systems, and encouraging businesses to routinely re-evaluate their emergency response strategies. UK police forces are increasingly training security officers in the public and private sectors on how best to react to potential terrorist incidents For example: UK police forces are increasingly training security officers in the public and private sectors on how best to react to potential terrorist incidents, as part of the UK government’s Action Counter Terrorism programme. And organisations including the Association of University Chief Security Officers (AUCSO) and Higher Education Business Continuity Network (HEBCoN) are developing customised training for their members to improve their own response and business continuity plans. Mass notifications systems Whether an organisation is facing a terrorist attack or a severe weather event, follow up reports consistently identify that the same types of challenges are common to all crisis situations, with similar errors often occurring again and again. Typically, these are centred on three key areas: poor communications, fractured command and control structures, and delayed deployment of resources. Communications skills and technologies clearly play a pivotal role in how effective an organisation is in responding to major incidents, particularly when it comes to assessing the situation and its implications, moving people towards safety and providing updates as an incident unfolds. However, when an organisation is considering its technology options, emergency response and mass notification systems (MNS) are often touted as the ideal platform to deliver all the required critical communications and ongoing updates. UK police forces are increasingly training security officers in the public and private sectors on how best to react to potential terrorist incidents Emergency notification system All the incident reporting, command and control, and communications functions have been brought together on a single platform But, if an organisation does not know exactly where all its staff or students are, and it cannot see the location and availability of its first responders and other emergency coordinators relative to them and the incident, then how useful is it to send a top-down alert to everyone? And what about fast moving or multi-centre incidents, where previously agreed evacuation procedures, recommended actions or mustering points may need to change if an incident takes an unexpected turn? Many organisations may have been lulled into believing that an emergency notification system will allow them to confidently handle all the communications aspects of virtually any crisis. In reality, too many businesses are still unaware that there are now much more sophisticated and proven technologies where all the incident reporting, command and control, and communications functions have been brought together on a single platform. Using live map tracking The benefit of using these advanced and more integrated approaches – often categorised as mobile distributed command and control systems – is that they enable faster and better decision making in a crisis using real-time feedback and two-way dialogue with those closest to the emergency. And they avoid the risks of any potential delays, miscommunications or mistakes that can happen when an organisation is under pressure to respond and often switching between multiple systems. Leading universities and multi-national corporations are already using new mobile/web-enabled platforms to improve their incident response These next generation emergency management platforms have been specifically designed to enable real-time mapping of an organisation’s security assets and its users on a single screen and to fully integrate it with a highly targeted geo-fenced notification capability. The mass notification aspect of the system can then be used to advise specific groups on the best actions to take at their location as an incident develops. The use of live map tracking enables real time mapping of an organisation's security assets Segmented messaging Many leading universities and multi-national corporations are already using these new mobile/web-enabled platforms to plan, manage and improve their incident response, leading to 50% faster reactions and more positive outcomes.During a crisis, users can receive push notifications so the security centre can immediately see their exact location and advise them accordingly The systems have been widely adopted within the higher-education sector, but they are equally applicable to any large company with multiple international sites or those situated in research or corporate campuses where the bulk of assets and people are based in one or more key locations. Typically, systems provide users with a smartphone app that they can use to call for immediate emergency or first aid support when at work, or to report something suspicious which could prevent an apparently minor incident from escalating into a full-scale emergency. During a crisis, users can receive push notifications, SMS and E-mails asking them to open the app if they are not already logged in, so the security centre can immediately see their exact location and advise them accordingly. Supporting dispersed mustering Now that communications can be more nimble, responsive and flexible this can support the increasing numbers of planners are recognising the advantages of dispersed mustering. This is a strategy that has been developed to reduce the risk of secondary attacks on unprotected people complying with instructions to evacuate from premises and gather in what are, effectively, exposed locations. It is now acknowledged that evacuees waiting outside for any length of time are more vulnerable to targeted attacks or to injury, from flying glass for example. With dispersed mustering – a strategy made more effective by these new mobile distributed command and control systems - a building’s occupants can be advised not to go outside, but to move to known safe internal locations. People in each specific area can then be kept regularly updated. Many corporations are now using new mobile/web-enabled platforms to improve their incident response Coordination between response agencies The software platforms can be integrated with an organisation’s fixed security infrastructure to take real-time sharing of information First responders are permanently logged in, so the emergency operations centre can see their exact locations in real-time and can advise what actions to take in mustering people or in setting up and protecting security cordons. Bringing everything together on one platform, with real-time feedback and in a fully integrated system also removes what is often seen as the weakest communication link in managing any major incident: the need to rely on conventional two-way radio as the sole means of communication between the command and control centre and its first responders and other team members on the ground. The software platforms can be integrated with an organisation’s fixed security infrastructure to take real-time sharing of information to a new level for improved collaboration, coordination and communications between users, the incident management team and external agencies. Improving emergency response strategies One of the most powerful features of some of these new systems is the ability to record and view all alerts, responses and the detailed conversations between first responders, emergency coordinators and other parties. This allows the systems to be used to simulate major incidents involving inputs from the emergency services and other key agencies and to ensure the organisation’s crisis management plans have been fully tested against a range of possible incident scenarios.
Private video systems are offering new sources of evidence for police investigations. Growing popularity of private camera registration schemes are facilitating police department access to video captured by cameras in homes and businesses for use in their investigations. Camera registration programmes are organised locally by individual police departments but have common features and operation. By registering their camera systems, citizens and business people provide information to a confidential database listing any cameras police can quickly access in the event of a crime. Knowing which cameras may be near a crime scene avoids police having to go door-to-door in search of possible video footage. Because perpetrators are more careful and aware of possible video coverage in and around a crime scene, video to solve a crime may also come from a camera several blocks away. The best evidence may not be of the crime scene itself but video of nearby pathways and streets. Today’s camera systems also provide information such as location, date and time that can help an investigation Ability to record and retain video Access to cameras can also provide additional viewing angles to provide police new leads such as type of car, clothing, etc. Another benefit is possible use of a camera’s view to help locate lost children, elderly or disabled persons. In addition to actual video, today’s camera systems also provide information such as location, date and time that can help an investigation or be used as evidence in court. Basic requirements for participating video systems are exterior-facing cameras and the ability to record and retain video. It is important to note that registering a camera system with a local police department does not provide active surveillance or a “live feed” of video. Video is only shared after a crime has been committed and when the police request specific video as possible evidence. Registration of camera systems is voluntary Registration merely enables a police department to know where accessible cameras are located. Police then arrange viewing of video footage after the fact by communicating with the camera owners; if a police visit to a residence might pose an additional risk for any reason, camera video today can often be accessed remotely. Registration of camera systems is voluntary; a state-wide proposal in New Jersey in 2015 calling for mandatory camera registration faced privacy backlash and was later amended to make registration voluntary. Collected information is typically the name of the camera owner, contact information, an address where the cameras are located; how many cameras are at the location, the area recorded by the cameras and how the footage is saved. Police arrange viewing of video footage by communicating with the camera owners Residential security camera Portland, Oregon, launched its CrimeReports camera registration programme in 2017, part of its wider effort to get residents involved in fighting crime. In Philadelphia, the police department has been registering cameras since 2011 under its SafeCam programme. The Philadelphia Department of Commerce offers a payment, up to $3,000, to reimburse business owners who install cameras and register them with the police. Camera registration is yielding results. Baltimore’s Citiwatch camera registration system has had a direct impact on criminal apprehension. The San Luis Obispo, California, Police Department reports a high success rate identifying suspects in cases where additional video evidence exists because of the camera registration programme. In Fort Worth, Texas, last May, a residential security camera played a role in capturing a kidnapping suspect. Privacy concerns and community feedback Many of the camera registration schemes have localised branding or acronyms, such as the S.C.R.A.M. (Security Camera Registration and Mapping) programme of Milton, Georgia; the C.A.P.T.U.R.E. (Community and Police Team Up to Record Evidence) programme of New Braunfels, Texas; or the RockView programme of Rockville, Maryland. The idea is based on willing participation of public citizens in helping law enforcement do their jobs Privacy concerns and community feedback prompted Vancouver, Washington, to suspend a camera registration programme for weeks until it could be re-launched earlier this year. Although cities seek to protect information about the locations of cameras, it might be subject to disclosure because of public records laws. Law enforcement and crime prevention Registration of cameras is another aspect of involving the community in law enforcement and crime prevention, not unlike the commonplace Neighbourhood Watch programmes. The idea is based on willing participation of public citizens in helping law enforcement do their jobs. Making video footage available provides important evidence in much the same way a witness to a crime would hopefully testify if asked. By multiplying the availability of cameras that could view elements of a possible crime, the idea is also akin to the modern concept of “crowdsourcing” – the practice of obtaining information or input by enlisting a large number of people. Local jurisdictions stipulate that registrants in the programme should not be construed as agents and/or employees of the police department. There is also a crime prevention element to the programmes, in addition to helping police do their jobs better and more efficiently. Some camera registration programmes provide stickers or yard signs to let the neighbourhood know that their security cameras are helping to fight local crime.
Many venues are using access control, video surveillance systems, sensors, and additional hardware solutions as part of a broader security strategy. By utilising so many disparate systems, corporate security teams are left with information “silos” that create inefficiencies and hamper communication. This abundance of hardware has left teams with too much data or too many tools, to manage effectively. Armored Things offers a software solution. The company’s “spatial intelligence platform” currently collects more data than other security intelligence solutions, utilising a broader range of sources and fusing data together rather than integrating it. The platform currently focuses on taking in data from WiFi, access control, and video surveillance systems and applying machine learning to deliver customers features such as real-time predictive analytics to prevent incidents like bottlenecks or overcrowding. Spatial Intelligence is an approach to physical security that enables users to collect, manage, and interpret data in a single platform. Combine machine learning with data The term can best be used to describe how digital transformation has affected physical security. Spatial Intelligence in its infancy looked like video surveillance data combined with machine learning to produce video analytics. The spatial intelligence solutions of today can combine machine learning with data of any source, type, and size to deliver value across a large organisation, not just the security team, says the company. Armored Things’ Spatial Intelligence platform unifies data from information silos to support data-driven decisions around operations and security. By fusing data from multiple sources, we can produce more consistent and useful insights for our customers” A suite of analytics, reporting and visualisation tools helps customers gain a real-time understanding of people and flow in their space. By removing the guesswork of everyday decisions, the product enables customers to make data-driven decisions at a moment’s notice, according to the company. Armored Things is more than a data management tool. “By fusing data from multiple sources (rather than only cameras or only WiFi), we can produce more consistent, accurate, and useful insights for our customers,” says Kevin Davis, Chief Security Officer at Armored Things. "Being able to collect the data is the first step, but turning it into actionable intelligence is where Armored Things excels.” IP cameras and other IoT-enabled devices The range of data sources includes IP cameras and other IoT-enabled devices and even outside data sources like bus schedules and weather reports. Armored Things has built a team of public safety and technical experts with the mission to keep people safe where they live, work, and play. By leveraging emerging technology to enhance physical security, the company built the software-centric Spatial Intelligence Platform for large organisations to enhance the safety and operations of their space. Schools and education facilities are among the customers that can benefit. The leadership at Armored Things cares deeply about school safety, so the recent epidemic of campus violence has definitely been a large topic of conversation, according to the company. “By delivering our products to a greater number of customers, Armored Things hopes to continue making schools a safe place to learn and gather,” says Davis. Recently, there was a significant bottleneck lasting nearly 30 minutes at the Syracuse-Clemson football game. Unifying data into one platform Digital transformation is disrupting the way our customers think about physical security,” Using Armored Things technology and providing real-time data to security and operations personnel could have identified the bottleneck as it began to form. This would have notified relevant personnel, who could have taken steps to mitigate the problem before it turned into a security risk. Keeping the security infrastructure simple is imperative to success. Integrating a software solution into the security strategy shouldn’t complicate existing operations, says the company. “Armored Things Spatial Intelligence Platform can bring your security and operations into focus by unifying all of your data into one platform for ease of use,” says Davis. For this reason, the team chose to integrate not only with customers’ existing security infrastructure but with non-traditional data sources (e.g. WiFi, event schedules, ticketing) as well. “By combining and analysing a more diverse dataset, Armored Things can help our customers make better decisions with deeper data-driven insights,” says Davis. "Digital transformation is disrupting the way our customers think about physical security,” says Davis. “As a team, our aim is to help our customers adapt to the digital age, as they transition from hardware to software-centric security solutions. Fostering organisational change is difficult, and our team hopes to make the transition process easier for our customers.”
Physical security has been stuck in a forensic and siloed mindset for decades, while the rest of the enterprise has evolved and transformed into proactive, connected operations. A new security management platform based on artificial intelligence (AI) seeks to change that status quo by using modern tools for unification, analytics and controls. AI-based security management “Security teams are managing more moving parts than ever,” says Clayton Brown, Co-Founder of ReconaSense. “As it stands today, the industry can’t keep pace with the digital transformation and the ‘smart’ movement. Physical security must transition from forensic security to proactive, risk-adaptive security.” ReconaSense says the company is changing the physical security industry with AI-based technology and a risk-adaptive approach ReconaSense says the company is changing the physical security industry with AI-based technology and a risk-adaptive approach. “We’re focused on making security integrated, adaptive and proactive,” says Brown. The flagship product, ReconAccess, is a risk-adaptive physical access control system. It controls who can go where, when, in a building. Taken a step further, ReconAccess analyses risk to prevent an authorised person from entering a room if there is a danger or threat present. It also can spot abnormal activity that may warrant further investigation, i.e., insider threats. ReconAccess unification security solution ReconAccess is part of a unification platform that includes geospatial AI, mobile apps and analytics. ReconaSense helps organisations to mitigate risk effectively in two ways. First, the system pulls in data from disparate systems into a unified language. And then, it enables users to proactively identify risk and threats before they become issues. “We provide actionable guidance and unprecedented visibility so that they can implement appropriate controls for quick remediation and risk mitigation,” says Brown. In general, ReconaSense will improve life safety, future-proof physical security, and provide enhanced situational awareness, he says. Application programming interfaces (APIs) By creating a database translation layer through application programming interfaces (APIs), ReconaSense normalises diverse data into a common language, or database. Previous unification platforms have presented data from different systems into a common presentation layer. ReconaSense goes deeper by extracting, transforming and loading these diverse languages into a common format for humans and machines alike to understand what is going on across their operation in real-time. ReconaSense was honoured with the Security Industry Association (SIA) New Product Showcase Award for Access Control Software at ISC West 2019 Security and risk unification The ReconaSense security and risk unification platform integrates and translates siloed data across systems, devices and applications into a common language, which makes it easier to focus on what matters most and keep risk at bay. “We can change permissions in real time based on any individual behavior or environment,” says Brown. “Being able to assess risk on both sides of the door enables organisations to not only improve security but also improve life safety. We are also positioned to detect insider threats and to streamline operations overall.” Security and data integration ReconaSense provides a common operating picture integrating all the incoming security and relevant data across an organisation ReconaSense provides a common operating picture integrating all the incoming security and relevant data across an organisation. The security intelligence platform can detect early warning signs and abnormal events and implement remediation actions swiftly. The platform can more deeply integrate 3rd-party data systems, analyse and score the data for risk trends, and then activate changes with a native access control system based on this intelligence. ReconaSense works with traditional security integrators as its exclusive channel. They are actively adding more dealers to the network. At this point, distribution is not on the roadmap, but could be beyond the current horizon as the industry matures. Intelligent approach to physical security "The market is ready for the new technology", says Brown. “We must continue to educate integrators and end users on the need to move to a more proactive, intelligent and integrated approach for physical security,” he says. “We have to help demonstrate that AI is not as scary or far away as you think. It’s here today.” In one year, ReconaSense expects to grow its team and partner network significantly and to be deployed in a variety of sites across North America. The current team consists of technologists, engineers, IT and physical security experts and data scientists. ReconaSense is headquartered in Austin, Texas, and has a technology center in New York.
Following a competitive tender process Corps Security has been awarded a three-year contract to provide security services to Registers of Scotland at Meadowbank House, in Edinburgh. A team of 10 officers will provide guarding services with a focus on front-of-house, customer service, CCTV monitoring and patrols. Like-minded organisation Registers of Scotland is the public body responsible for compiling and maintaining registers relating to property and other legal documents in Scotland. Mike Bullock, Chief Executive of Corps Security, said: “We are delighted to be working with such a like-minded organisation. Corps Security is a trust which was set up to provide employment for ex-servicemen returning from the Crimea. We share values with Registers of Scotland and look forward to working closely together.”
Delfina Chain, Sr Associate Customer Engagement & Development at Flashpoint, discusses what resources defenders must access to in order to keep a finger on the pulse of the cybercriminal underground. Artificial intelligence (AI) is already being applied to diverse use cases, from consumer-oriented devices - such as voice-controlled personal assistants and self-directed vacuum cleaners - to ground-breaking business applications that optimise everything from drug discovery to financial portfolio management. So naturally, there is growing interest within the information security community around how we can leverage AI - which encompasses the concepts of machine learning (ML) and deep learning (DL) - to combat cyber threats. AI-enhanced cyber security The effectiveness and scalability of cybersecurity-related tasks has already been enhanced by AI The effectiveness and scalability of cybersecurity-related tasks, such as malware and spam detection, has already been enhanced by AI, and many expect ongoing AI innovations to have a transformative impact on cyber defence capabilities. However, security practitioners must also recognise that the rise of AI presents a potent opportunity for cybercriminals to optimise their malicious activities. Much like the rise of cybercrime-as-a-service offerings in the underground economy, threat-actor adoption of AI technology is expected to lower barriers to entry for lower-skilled actors seeking to conduct advanced malicious operations. A report from the Future of Humanity Institute emphasises the potential for AI to be used toward beneficial and harmful ends within the cyber realm, which is amplified by its efficiency, scalability, diffusibility, and potential to exceed human capabilities. Encrypted chat services Potential uses of AI among cybercriminals could include the development of highly evasive malware, the ability for automated systems to exhibit human-like behaviour during denial-of-service attacks, and the optimisation of activities such as vulnerability discovery and target prioritisation. Fortunately, defenders have a leg up over adversaries in this arms race to harness the power of AI technology, largely due to the time- and resource-intensive nature of deploying AI at its current stage in development. The purpose of intelligence is to inform a course of action. For defenders, this course of action should be guided by the level of risk (likelihood x potential impact) posed by a threat. The best way to evaluate how likely a threat is to manifest is by monitoring threat-actor activity on the deep-and-dark-web (DDW) forums, underground marketplaces, and encrypted chat services on which they exchange resources and discuss their tactics, techniques, and procedures (TTPs). Cobalt Strike threat-emulation software Flashpoint analysts often observe cybercriminals abusing legitimate technologies in a number of way Cybercriminal abuse of technology is nothing new, and by gaining visibility into adversaries’ ongoing efforts to develop more advanced TTPs, defenders can better anticipate and defend against evolving attack methods. Flashpoint analysts often observe cybercriminals abusing legitimate technologies in a number of ways, ranging from the use of pirated versions of the Cobalt Strike threat-emulation software to elude server fingerprinting to the use of tools designed to aid visually impaired or dyslexic individuals to bypass CAPTCHA in order to deliver automated spam. EMV-chip technology Flashpoint analysts also observe adversaries adapting their TTPs in response to evolving security technologies, such as the rise of ATM shimmers in response to EMV-chip technology. In all of these instances, Flashpoint analysts provided customers with the technical and contextual details needed take proactive action in defending their networks against these TTPs. When adversaries’ abuse of AI technology begins to escalate, their activity within DDW and encrypted channels will be one of the earliest and most telling indicators. So by establishing access to the resources needed to keep a finger on the pulse of the cybercriminal underground, defenders can rest easy knowing they’re laying the groundwork needed to be among the first to know when threat actors develop new ways of abusing AI and other emerging technologies.
Amthal Fire & Security has installed a bespoke designed Keyzapp management system at its head offices, to ensure the safekeeping and accountability of client keys at all times. Electronic Fire and security company Amthal required a system to improve key management processes, especially as the business has seen significant growth with an increased number of customer keys being kept on site for property protection, maintenance and monitoring services. Audit control capability for key transactions Keyzapp was selected due to its flexible design. This enabled Amthal to create a system that was easy for authorised engineers to operate, whilst management could rely on audit control capability for all key transactions, without the need for a dedicated member of staff 24/7 manually issuing and recording them. It’s really automated our complete process and has proven to save the engineering team valuable time and resource" Says Simon Kendall, Amthal Supply Chain Leader: “Amthal has a growing network of dedicated engineers that work across the country, with varying access requirements for customer’s keys that are all kept at Amthal offices. Completing manual audits for keys taken had become increasingly time consuming to ensure awareness of allocations and traceability. “The implementation of Keyzapp’s system has made such a difference. It’s really automated our complete process and has proven to save the engineering team valuable time and resource, which they can dedicate to better serving our customers. It runs itself in the background and if there is an issue, it can be resolved quickly and efficiently.” Control to key access with smart credentials Keyzapp’s simple management solutions are designed using latest technology to decrease downtime and improve work efficiencies. The ability to further add control to key access with smart credentials and audit capability ensures full visibility of keys at any time. Tim Hill, Keyzapp Director added: “What Amthal demonstrates is the importance of attention to key control. We worked with the team to tailor our system around the business requirements for asset management, including allowing 24 / 7 access with no need for dedicated staff issuing keys. “The management side has also been scaled around ensuring instant traceability to ensure growing number of keys held on site are accounted for at all times. It’s great to see it’s made such a positive impact on a leading fire and security specialist, who prides itself on ‘protecting what’s precious,’ which includes its key customer assets!” Traceability and visibility for valuable equipment Our engineers find it simple to use, and we’ve even recorded improved site attendance times" So impressed with Keyzapp, Amthal is now working on a bespoke system to manage the specialist loan equipment being booked in and out of its office stores and warehouse, to reflect the same level of traceability and visibility for valuable equipment. Jamie Allam, Commercial Director Amthal Fire & Security concluded: “Keyzapp had an instant impact on the whole team, with improved time and operational savings. Our engineers find it simple to use, and we’ve even recorded improved site attendance times. Plus the management capability is great from our perspective to help towards the efficient, operational running of our business.” User needs for security safety and convenience Independently owned, Amthal Fire & Security is dedicated to satisfying end user needs for security safety and convenience offering design, installation, service and remote monitoring of advanced electronic fire & security solutions, including intruder, Fire, Access and CCTV systems. Amthal Fire & Security is accredited by the Security Systems and Alarm Inspection Board (SSAIB) United Kingdom Accreditation Services (UKAS) and British Approvals for Fire Equipment (BAFE.)
Traka has launched a new downloadable white paper to open a discussion on the changing nature of retail banking in the UK, using latest case examples to consider branch management and shifting customer expectations. The white paper, titled ‘Shaping the retail banking industry’ looks at several factors influencing the sector, including the increasing expectations and values of customers demanding a more personalised branch experience. Key and equipment management Incorporating analysis from globally renowned financial services, including PwC, Accenture and Deloitte, the paper highlights the opportunities for innovation, together with collaboration and adoption of new operational processes. This incorporates key and equipment management to enable retail banks to deliver on top quality service. The future for retail banking could arguably also be cited as bleak and in a state of industry disruption" Says Mike Hills, Traka UK Market Development Manager and Author of the white paper: “Against a backdrop of negative press concerning the state of UK high streets, the future for retail banking could arguably also be cited as bleak and in a state of industry disruption, as customers move towards a more mobile-connected lifestyle.” Staff and customer security “However, our research in putting together this white paper tells a different story. That actually, the sector has a real chance to embrace the changes occurring and entice their customers, meeting demands for personal service. We found that brands riding the storm are taking small yet significant steps to tailor their services and make operational differences that are proving key to their success.” The white paper focusses on Traka’s experience with Nationwide Building Society to demonstrate how supporting operational efficiency can benefit banking staff and ensure they can focus on serving their customers, without compromising on security. Retail Banking security Mike concluded, “We have brought this white paper together using the latest research and intrinsic market reports, together with case evidence on the future of the retail banking industry and the issues faced by the sector to ensure long term success.” “Within this, we wish to stimulate debate and encourage views and contributions from as many different voices as possible. We look forward to your opinion, experience or comment on this matter of growing importance so together, we can look to support and shape the future of retail banking.”
Crossword Cybersecurity plc, has announced that Stevenage Borough Council, Peterborough City Council and East Hertfordshire District Council (‘the Councils’), will use Rizikon Assurance to manage compliance with the GDPR (General Data Protection Regulation) with their suppliers and for wider information governance. GDPR compliance GDPR makes many requirements of organisations, including taking adequate steps to ensure data is both encrypted and anonymised, so that in the event of a breach, the data cannot be exploited. Infringements under GDPR can lead to fines of €20 million, or 4% of annual global turnover for an organisation. Data breaches can be accidental, through the loss of a laptop for example, or as a result of an intentional breach or cyber-attack With a combined residential population of over 430,000, the Councils have a duty to ensure that the personal information of all residents is adequately protected against the risk of data breach, either by the Councils themselves or the third-party suppliers and agencies with which they work. Data breaches can be accidental, through the loss of a laptop for example, or as a result of an intentional breach or cyber-attack. GDPR risk exposure Using Rizikon Assurance, the Councils will improve the process and accuracy of securing third party assurance. This will support compliance with GDPR, and establish a way to manage on-going assurance checks when needed at regular intervals. Additionally, the Councils will be in a position to identify GDPR risk exposure across their supplier portfolio, so that remedial action can be taken to improve the protection of citizen data. Jake Holloway, Director responsible for Rizikon Assurance, commented, “The role of every public service organisation is to serve its citizens, often holding personal information about them on many sensitive topics such as health, benefits and education. With that comes the responsibility of ensuring that information is protected, especially when it needs to be shared with partner organisations.” Rizikon Assurance Jake adds, “Rizikon Assurance will help any organisation dramatically improve the speed and reliability of its third-party assurance processes, covering areas such as GDPR, health & safety, the Modern Slavery Act and any other requirements that they may have. It moves third party assurance from a siloed and reactive activity, to a connected, proactive continuous process that delivers a complete view of third-party risk.”
Modern office design needs an advanced access control system that is powerful, flexible and aesthetically in tune with workspace users and their needs. At Plexal, a new £15 million flexible work environment located in the heart of Olympic East London, where the city’s ‘innovation community’ meet to brainstorm and explore new ideas, Aperio achieves all the three virtues wirelessly. At Plexal enterprise and academia work together, with technology companies, start-ups, universities and creatives under one roof. Up to 800 entrepreneurs use the workspace to devise, create and launch products and services. Innovative access control solution Easy, non-disruptive installation of new locking devices was another goal: Plexal preferred a wireless solution Plexal required a tried-and-tested access control solution they could rely on for high-end security to protect this new co-working office against unauthorised intrusion and burglary. Easy, non-disruptive installation of new locking devices was another goal: Plexal preferred a wireless solution. Any chosen solution would need the flexibility to expand access control as Plexal’s site scales over time. Device aesthetics must complement a contemporary, light-filled interior design with lots of glass. Powerful, flexible, wireless connectivity Plexal offices are now fitted with Aperio wireless, access card-based locking technology. Plexal’s battery-powered Aperio locks are integrated with DoorFlow, NetNodes’ online platform for managing and auditing building access. So far, 59 Aperio L100 wireless high-security door locks have been installed and integrated online with DoorFlow. These Aperio locks provide Plexal with a high level of physical protection and transmit door status to DoorFlow in real time. Adaptable locking solution Plexal required an adaptable locking solution for a range of different doors and, with no wiring required" “Plexal required an adaptable locking solution for a range of different doors and, with no wiring required, it was quick and easy to install Aperio with minimal disruption,” says Stewart Johnson, Director at NetNodes. Because Aperio locks are battery- rather than mains-powered, the new wireless solution also keeps Plexal’s maintenance costs and energy consumption low. Aperio wireless locks use no power when idle, only “waking up” to read credentials or maintain a system heartbeat. Annual running cost savings over traditional wired doors are significant. Modern locking device design Aperio aesthetics were a good fit for Plexal’s modern workspace. “We have a futuristic-style, open-plan design here at Plexal — our offices are predominantly glass-fronted, so we needed an effective design which was not only robust but adaptable, too,” says John Herbert, Facilities Manager at Plexal. “What really appealed to me about ASSA ABLOY access control’s products was the aesthetic.” Aperio technology integration And because Aperio technology is built on an open platform for integration with almost any security or building management system, Plexal’s access control solution is fully future-proofed. They have the option to expand to new offices, floors or even buildings easily. Aperio can upgrade mechanically locked doors and wirelessly connect them — online or offline — to new or existing access control systems. This is achieved with minimal modification to doors and premises, offering a simple, cost-effective security upgrade. Aperio can upgrade mechanically locked doors and wirelessly connect them to new or existing access control systems Wireless access control “Should any additional doors need to be added to the system in the future, this can be done easily, without modifying or changing the aesthetics of the environment,” confirms Stewart Johnson. “This also minimises future installation costs, offering a cost-effective and straightforward access control upgrade.” “We foresee change in the not-too-distant future and are delighted at our options to modify,” adds John Herbert. Secure physical and digital access ASSA ABLOY's innovations enable safe, secure and convenient access to physical and digital places, offering efficient door opening solutions, electronic locking devices, trusted identity solutions and entrance automation technologies.
Round table discussion
Statistically speaking, incidents of terrorism are unlikely to impact most businesses and institutions. However, the mere possibility of worst-case-scenario attacks is enough to keep security professionals awake at night. Compounding the collective anxiety is the minute-by-minute media coverage when an attack does occur. The immediacy of the shared experience of global tragedy impacts us all – including security system decision-makers. We asked this week’s Expert Panel Roundtable: How is the rise in terrorism impacting the physical security market?
Employee turnover is a problem for many companies, especially among younger employees who have not developed the philosophy of employer loyalty that was common in previous generations. Nowadays, changing jobs is the norm. The idea of spending decades working for a single employer seems almost quaint in today’s economy. However, excessive employee turnover can be expensive for employers, who are looking for ways to keep their brightest and best employees happily toiling away as long as possible. We asked this week’s Expert Panel Roundtable: How can the physical security market promote better employee retention in a competitive employment environment?
In today’s global economy, goods are manufactured all over the world and shipped to customers thousands of miles away. Where goods are manufactured thus becomes a mere detail. However, in the case of “Made in China”, the location of a manufacturer has become more high-profile and possibly more urgent. The U.S. government recently banned the use in government installations of video system components from two Chinese manufacturers, presumably because of cybersecurity concerns. A simmering trade war between China and the United States also emphasises other concerns related to Chinese manufacturing. We asked this week’s Expert Panel Roundtable: Should "Made in China" be seen as a negative in the video surveillance marketplace? Why or why not?