Cyber security

ExtraHop, globally renowned provider of cloud-native network detection and response solutions, has announced a new integration with Amazon Web Services (AWS) that automates the isolation of compromised Amazon Elastic Compute Cloud (EC2) instances and empowers security operations teams to create a wide range of customisable response automations, from quarantining and blocking to ticketing and tagging. ExtraHop Reveal(x) Cloud Alongside the new automation capability, ExtraHop Reveal(x) Cloud offers continuous packet capture in AWS Alongside the new automation capability, ExtraHop Reveal(x) Cloud now offers continuous packet capture in AWS. That reduces the amount of time, effort, and money required to perform packet-level analysis while providing security teams with the forensic detail they need to get to root cause or to fulfill chain-of-custody requirements.   Response automation is considered the Holy Grail for many security operations, allowing teams to snuff out threats before they further infiltrate or damage the organisation. But when done at a tool level instead of a system level, response automation too often results in devices being quarantined or systems being shut down based on unreliable data or incomplete information. ExtraHop integration with AWS Lengthy investigation time compounds the challenge, leaving critical systems idle until the threat can be remediated, and potentially resulting in business downtime and lost revenue. The latest ExtraHop integration with AWS brings precision to both response automation and investigation workflows in the cloud. The AWS quarantine integration combines high-fidelity detections from Reveal(x) Cloud with AWS security group policies to automatically quarantine compromised EC2 instances, enabling timely and targeted response. Streamline investigations in cloud and hybrid environments Security teams can also modify the trigger, or write a new trigger, to take different actions when detection violates policies. With right-sized continuous packet capture, Reveal(x) Cloud takes an analytics-first approach to investigation, allowing security operations teams to go from detection to associated packets in a matter of clicks, keeping investigations fast and focused. Reveal(x) Cloud also includes new features that streamline investigation in cloud and hybrid environments, enabling analysts to rapidly identify and respond to the highest priority threats. 1G, 5G, and 10G SaaS offerings with Continuous Packet Capture within AWS environments support streamlined and guided investigation for any incident. Customers can begin purchasing the Reveal(x) Cloud PCAP for AWS offering in early 2020. Related Detections reduce response time by automatically surfacing similar threats across architectures in a Reveal(x) Cloud investigation workflow. This provides SecOps teams with a unified view of attack patterns happening in the environment. Enhanced reporting capability provides executive-level overviews of security posture at the touch of a button. Reports zero in on critical threats while also delivering high-level insight into compliance across hybrid and cloud environments. Advanced visibility and detection “Though AWS supports strong controls, companies are responsible for securing their own workloads, which is a daunting task with the current cyber security skills shortage and nascent cloud security market,” said Jesse Rothstein, CTO and co-founder, ExtraHop. Jesse adds, “Our Reveal(x) solution provides SecOps teams with advanced visibility, detection, and response for hybrid environments. We are constantly working to expand our capabilities, and this integration with AWS is another step towards winning the arms race in enterprise security.”

SureCloud, the provider of cloud-based, Integrated Risk Management solutions, has been placed on Gartner’s Magic Quadrant for IT Vendor Risk Management Tools for the first time after being recognised on Gartner’s Magic Quadrant for Integrated Risk Management Solutions back in July 2019. The quadrant names 16 key solution vendors identified by Gartner as offering vendor risk management (VRM) solutions. VRM solutions enable organisations to accurately ascertain the security and compliance risks associated with their IT third-parties, creating a centralised register of these parties and integrating this with wider risk management processes. Highly configurable software-as-a-service We think it underlines our ability to offer a truly comprehensive third-party risk management solution" Richard Hibbert, CEO and Co-Founder at SureCloud, said: “We are delighted that SureCloud has been included in the Magic Quadrant for IT Vendor Risk Management Tools; we think it underlines our ability to offer a truly comprehensive third-party risk management solution.” “Our flexible, scalable and highly configurable software-as-a-service (SaaS) delivery model, combined with managed service options, is proving particularly attractive to organisations looking to build a robust, central view of their vendor assurance program.” Security and risk management Third-party risk management is a vital part of any organisation’s cybersecurity posture, with many third parties having access to highly sensitive data and offering criminals a potential route into their organisations. Demonstrating a clear awareness of each third party’s approach to security and risk management is also an increasingly significant element of privacy regulations such as the GDPR. In response, SureCloud’s Vendor Risk Management solution is designed to offer a smooth and scalable means for organisations to assess and review all their IT third party vendors for potential risks. IT risk management processes The SureCloud Vendor Risk Management solution offers: A centralised register of all third-party IT vendors, giving a holistic view of risk A dynamically generated risk-assessment for each third party, ensuring they are only asked questions which apply to them Automated third party notifications and response reporting. Full integration with wider IT risk management processes and data privacy programs.

LenelS2, a provider of advanced security systems, introduces OnGuard version 7.6, its latest enterprise security management system that offers rich feature and operability enhancements to its access control platform, while also extending its cloud compatibility, integration capabilities and convenience. LenelS2 is a part of Carrier, a global provider of innovative heating, ventilating and air conditioning (HVAC), refrigeration, fire, security and building automation technologies. “With the technology enhancements in OnGuard 7.6, our valued-added resellers and growing customer base will be able to leverage operability improvements as well as enhanced cyber security, cloud and mobile features to experience a more scalable, accessible and cloud-compatible enterprise security platform,” said Jeff Stanek, president, LenelS2. “OnGuard 7.6 demonstrates our ongoing investment in the platform while continuing our progress in browser-based application usability.” Manage privacy or safety concerns OnGuard 7.6 browser-based client applications enable system administrators to more easily deploy and operate the system. End user customers who monitor alarms, manage visitors and approve access requests will appreciate the convenience of mobile browser-based clients as part of the standard installation process. In addition, an enhanced setting in OnGuard Surveillance and OnGuard Monitor browser clients enables role-based restrictions. OnGuard 7.6 also includes a dynamic new reader/alarm panel interface, the LNL-1324e An operator is able to view recorded video beyond a specified timeframe to manage privacy or safety concerns. Both clients feature new options that enhance video viewing and simplify navigation. Cyber security and compliance enhancements include use of the TLS 1.2 protocol to encrypt OnGuard 7.6 communications, including email and browser client use; elimination of default passwords for compliance; as well as an updated OnGuard Hardening Guide. Expanded cloud compatibility OnGuard 7.6 also includes a dynamic new reader/alarm panel interface, the LNL-1324e. This I/O module, with AES 256 encryption, enables doors to be conveniently connected to an OnGuard platform using either structured cabling or via the onboard Ethernet for easier installation. Additional OnGuard 7.6 enhancements include: OnGuard Visitor Management support of PDF417 barcode technology, providing greater scalability and reliability. Expanded cloud compatibility that leverages Amazon Web Services virtual machine images or Amazon Machine Images. A new BlueDiamond Active Credentials option that enables administrators to see the quantity of currently active mobile credentials to better plan their purchasing decisions. Updated integration with Bosch and Digital Monitoring Products (DMP) intrusion panels and improved integrations with Otis Elevator CompassPlus controllers.    

MOBOTIX is exhibiting at the International Security Exposition (ISE) 2019, global show for the UK Government, in the London Olympia venue at Stand J30, from Dec 3 to 4 2019. International Security Expo 2019 ISE is bringing Government, Industry, Academia and the entire end-user community in charge of regulation and procurement together under one roof to debate current challenges and to source the latest security technologies and services. The demonstrations will show visitors the newly launched MOBOTIX 7 smart solution platform and M73 three-module IoT cameras, offering a whole new set of functions plus application solutions based on deep learning, opening up new possibilities far beyond traditional video security. Already at its launch, the M73 comes with more than 15 apps integrated into its camera software, which can be used to optimise business processes in practically any industry. AI-based analytics and intelligent solutions MOBOTIX partners and their customers can now even develop their own apps or have them configured and certified by MOBOTIX MOBOTIX partners and their customers can now even develop their own apps or have them configured and certified by MOBOTIX. By combining image sensors and environmental sensors with AI-based analytics, any application can be addressed with increased efficiency and improved preventive measures. ISE visitors will be from government sectors including utilities, prisons and other custodial facilities where perimeter protection is at a premium and false alarms must be minimised so that security managers can focus on credible threats so reaping cost benefits. MOBOTIX 7 smart solution platform MOBOTIX analytics filters out unnecessary alarms so that users can respond to situations with the vigilance that meets the MOBOTIX mission statement of going ‘Beyond Human Vision’. Phillip Antoniou, MOBOTIX’s Vice President Sales Europe South/West & MEAPAC said “MOBOTIX is participating at ISE for the first time. We see this as a great launching stage in the UK for our new MOBOTIX 7 platform which brings Analytics on the edge to the forefront of our solutions. This new product as well as our existing offering, with our Cyber Security focus means we can provide optimum solutions for the public sector as well as private.” M73 three-module IoT cameras He continued, “MOBOTIX has always prioritised quality in our solutions, this is further highlighted with the newest member of our product family. The M73 is the world’s first decentralised and modular IOT video system based on deep learning modules.” MOBOTIX’s technology partners Cathexis, Eizo and Nelysis will be providing their integrated solutions bringing additional offering’s with decoding, further video management software, hazardous area expertise and cyber security solutions.

The explosive expansion of IT infrastructure has led to the identity and access management market gaining substantial momentum. As the onslaught of information technology continues, organisations are able to offer users quick and easy access to systems and information from any place, at any time. However the ease of access is inherently associated with the risk of security breach. Organisations must find a balance between fulfilling user demands and doing so in a manner that is safe enough so that cybercriminals cannot take advantage of the system, thus strengthening identity and access management market trends. The prominence of IAM solutions in the BFSI sector In 2016, the world was shocked by the news of the Bangladesh bank heist in which cybercriminals were successful in conducting unauthorised money transfer from Bangladesh Central Bank to banks in Philippines, Sri Lanka and other parts of Asia. In the heist, criminals used Society for Worldwide Interbank Financial Telecommunication (SWIFT) credentials of Bangladesh Bank's employees to carry out more than three dozen fraudulent transactions and extracted $81 million from Bangladesh Central Bank. More than three dozen fraudulent transactions and extracted $81 million from Bangladesh Central Bank. More recently in 2018, hackers were able to siphon nearly $20 million from Mexican banks. Analysts point out that targeted bank systems had security holes that made access to internal servers much easier. Lack of strong access controls were also used by hackers to use credentials of a compromised employee to gain considerable mileage in the siphoning. Identity and access management industry has therefore registered a lot of interest through the financial sector and banks as financial institutions need to prove themselves reliable of customers’ trust. Banks and other financial institutions are rapidly adopting identity and access management solutions capable of providing strong security starting at authentication level and extending to application and data layers. IAM solutions make it possible for financial institutions to integrate new applications and deploy to cloud with greater ease and rapidity. With versatile hybrid deployment model provided by leading IAM solutions, connectivity to SaaS applications as well as legacy enterprise web applications happens more quickly as well as securely. IAM solutions make it possible for financial institutions to integrate new applications and deploy to cloud The significance of cloud and its impact on IAM market outlook Just as the banking sector is facing the challenge of identity authentication as customers around the world are demanding any time access, the proliferation of IoT and cloud technologies is changing the very essense of society in multiple ways. With advancement in IoT technologies, the advent of smart cities has gathered considerable traction. While sensors have been installed in New York that can detect gunshots and alert police, the city of Boston has developed a mobile app to help citizens report civic problems such as burnt out streetlights and potholes. Cities like Paris, Oslo and Hong Kong have large internet-connected statues that are filled with moss to absorb air pollution and notify operators about malfunctions. The network of connected devices continues to expand and the rise of 5G connectivity is anticipated to connect traffic signals, air quality sensors, police patrol cars, etc., over the coming years. Reportedly there would be billions of connected devices around the world by 2020 which will naturally create immense opportunities for identity and access management industry players. This is because new security threats will continue to surface, as without efficient security all connected devices are at the risk of being hacked. The evolution of the smart era – how will it impact IAM market dynamics? Connected devices that constitute the very fabric of smart cities are essentially IoT devices that would be in the field for the next ten fifteen years and therefore identity and access management must be built into the system from the beginning. As identities, keys and tokens have to be managed every time new devices are added, or old ones are removed and the cloud ecosystem is updated, the security components within devices have to be managed well to extend their lifecycle. Identity and access management must be built into the system from the beginning Not only cities but factories are also getting smarter. The term Industry 4.0 came to be first used when the German government used it to define the country’s strategy towards increased digitization in manufacturing. As technologies like IoT and cloud computing continued to expand, they came to be included in the term, and Industry 4.0 came to represent the ecosystem of Internet-connected machines with streamlined and automated workforce and reduced production costs. As the ecosystem continued to expand, trust and identity became important issues in order to ensure the integrity of a smart factory. Healthcare is rapidly becoming a fully digital environment IAM solutions – Influencing the coveted medical domain Other fields like healthcare have also not been impervious to the effects of technological transition. Healthcare is rapidly becoming a fully digital environment that has reaped the benefits of sophisticated IT tools in delivery of care. This has however exposed sensitive healthcare data to cybercriminals who had attempted to hold critical systems and patient records of hospitals to ransom. Healthcare is rapidly becoming a fully digital environment In recent years more than 80% of healthcare institutions have reported that they registered some degree of cyberattacks. Providers and users are increasingly operating from multiple locations, many of which are outside the hospital premises. With users demanding to access systems through a variety of devices, identity and access management has come to witness greater traction from healthcare providers. Over the coming years, the world will be rapidly adopting 5G networks. Though 5G promises much more speedy services for users and business ecosystems, the technology is also expected to impose greater responsibilities on confidentiality of user data and integrity of applications. Identity and access management industry players had been investing in expansive R&D as cyber threats continue to evolve and introduction of new technologies and advent of IoT drastically changes the relationship that users have with their devices. Identity and access management is expected to be useful when much more than personal information is at stake. When cyber criminals have the power to hold hospitals or traffic signals to ransom and disrupt daily lives, health and safety become a priority for authorities and security measures have to be tightened. For instance, after the bank heists in Mexico, the Mexican bank authorities have come to recognize the inevitability for the need of greater control and security of banking networks. Mexican banks have invested heavily over the last year in strengthening their defenses. As such measures against cyberattacks become the norm, identity and access management market is expected to register massive gains over the ensuing years.

One of the responsibilities of construction project managers is to account for risks during the initial planning for a project and mitigate them. With all the tools, construction materials, and heavy machinery during the initial stages of a project, the construction site is a dangerous place to be at. However, this is not the only risk that project managers need to protect a site from. With plenty of valuables both physical and virtual within a construction site, it is also a prime target for theft and arson. Improving the security of construction sites It is important now more than ever that construction business owners and project managers invest in improving the security of construction sites. After all, security on construction sites is for the protection not only of valuable assets but also of workers and members of the public. Investing in adequate resources for construction site security can prevent several issues, including: Theft of expensive tools and construction equipment Cybersecurity breaches leading to loss of sensitive information such as invoice data Arson resulting in loss of life and property Vandalism of construction site property Trespassing by unauthorised parties and exposure to construction site dangers Risks of injuries that can result in litigation and legal claims Identifying security issues Having a dedicated security team in place is a good first step in bolstering a construction site’s security. They will be able to prevent theft, vandalism, and deter unauthorised personnel from entering the site. They can also identify security issues that can potentially arise and even respond quickly to accidents and other calamities should they occur. Having a dedicated security team in place is a good first step in bolstering a construction site’s security For a better implementation of construction site security measures, it is critical that business owners and managers assess an assessment of the site itself. This will help identify both internal and external risks that can affect the site’s security and guide project managers in putting systems in place to address them. Construction site security checklist To guide you, here is a sample template that you can use to form your own construction site security checklist.  SECURITY COORDINATION  YES   NO  1. Does the site have designated security coordinators?     2. Are the security coordinators available for contact during non-business hours?     3.  Does the construction site provide a means to contact the police, fire department, and other relevant authorities in case of emergencies?     4. Does the construction site have a written security plan, including procedures for specific scenarios?     5. If so, are construction site employees aware of the security plan?       GENERAL MACHINERY  YES   NO  1. Are all machinery adequately marked? (Identification number, corporate logo, tags, etc.)     2. Have all the machinery been inventoried? (Serial number, brand, model, value, etc.)     3. Does the project have a list of the names of operators handling the machinery?     4. Are all the machinery fitted with immobilisers and tracking devices when appropriate?     5. Are all the machinery stored in a secure area with a proper surveillance system?     6. Are the keys to the machinery stored in a separate, secure area?      TOOLS AND OTHER EQUIPMENT  YES   NO  1. Are all power tools and hand equipment marked? (Identification number, corporate logo, tags, etc.)     2. Have all power tools and hand equipment been inventoried? (Serial number, brand, model, value, etc.)     3. Are tools and equipment fitted with tags and tracking devices when appropriate?     4. Are tools and equipment stored in a secure place?      INVENTORY CONTROL  YES   NO  1. Is there a system in place to check material inventory to ensure they are not misplaced or stolen?     2. Are there procedures in place for checking materials that go in and out of the construction site?     3. Is there a set schedule for checking materials and equipment?     4. If so, do the records show that the schedule is followed strictly?     5. Are all material suppliers arriving for delivery properly identified? (e.g license plates, driver’s license, etc)      CONSTRUCTION SITE PERIMETER  YES   NO  1. Is there a physical barrier in place to secure the site?     2. Is the number of gates kept to a minimum?     3. Are there uniformed guards at every gate to check personnel and vehicles entering and leaving the site?     4. Are security warnings displayed prominently at all entry points?     5. Are entry points adequately secured? (With  industry-grade padlocks, steel chains, etc.)     6. Is there an alarm system?     7. Is the locking system integrated with the alarm?     8. Is the site perimeter regularly inspected?     9. Are “NO TRESPASSING” signs displayed prominently along the perimeter?      LIGHTING AND SURVEILLANCE  YES   NO  1. Is there sufficient lighting on the construction site?     2. Is there a dedicated staff member assigned to check if the lighting is working properly?     3. Is the site protected by CCTV cameras?     4. Are there signs posted on site indicating the presence of security cameras?     5. Are there motion detection lights installed on-site?      INTERNAL CONTROLS  YES   NO  1. Is there a policy on employee theft?     2. Are employees aware of the policy?     3. Are employees required to check in and check out company properties when using them?     4. Are staff members encouraged to report suspicious activity?     5. Is there a hotline employees can call to report security lapses and breaches?      SITE VISITORS  YES   NO  1. Are visitors checking in and out?     2. Are vehicles entering and exiting the site recorded?      CYBERSECURITY  YES   NO  1. Are the construction site’s documents and other sensitive data stored in the cloud securely?     2. Does the company have a strong password policy?     3. Are asset-tracking data accessible online?     4. Are confidential documents and data regularly backed up?     5. Are employees well-informed about current cyberattack methods such as phishing?     Security is a serious business in construction. Because of the dangers already present on your construction site, a lapse in security can have devastating effects on your business’s operations. Not only do you risk losing money in a security breach, but more importantly, you also risk endangering the lives of your site’s personnel and third parties.  Business owners and project managers need to make a concerted effort to educate employees about security and double down on their best practices for protecting their sites.

It’s hard to believe that we’re in the final quarter of 2019. It’s time to wrap up goals and make new ones that will guide us into another decade. As we look forward, we can’t help but look back at some of the key trends that emerged in the last couple of years, and their continued presence in the product road maps and plans that so many security industry leaders and manufacturers are creating.  Some of these trends have enhanced the efficacy of security systems, whereas others have the potential of having adverse impacts.  Cybersecurity Cyber-attacks of all kinds have become, and will continue to be, a major threat, making this one of the most important initiatives that today’s businesses embrace. From a manufacturer’s perspective, building cybersecurity into the product from its inception is critical, with integrators beginning to demand this level of consideration from the products they sell. As a result of a rise in the convergence of IT applications alongside security investments, end users are now seeking out solutions designed with data security top-of-mind. All network connected devices such as DVRs/NVRs, servers, IP cameras, access controllers, intrusion alarms, smart sensors, are vulnerable, which is why this added step in developing cybersecurity protocols and applying them across the organisation is critical.  Building cybersecurity into the product from its inception is critical More connected devices The Internet of Things (IoT) has been a major trend for the past few years in many industries, and this will continue as we integrate sensors of all kinds into the network. The collection and analysis of the data collected by these sensors is giving rise to a plethora of applications such as industrial applications, intelligent building management, event management, and much more. The physical security industry benefits by having additional intelligence for situational awareness and emergency management, as well as opportunities to provide additional value-added services and business insights. Being deployed in an increasing number of scenarios and with continued improvements in computing capabilities, video has the opportunity to become the eye of IoT. AI-enabled devices Software manufacturers are looking toward artificial intelligence to help propel advanced analytics in an effort to deliver more situational awareness to operators, and an increased ability to proactively assess threats or anomalies. While video and data analytic capabilities have been around for quite some time, some would argue they were rudimentary in comparison to software that uses AI to make existing applications such as facial recognition much more accurate, and to create new ways to detect anomalies. In addition, AI continues to be used to make sense of the large amounts of data that are being generated by intelligent sensors and by analysing the growing amount of video. 5G connectivity It’s safe to say that 5G will revolutionize the way people stay connected to the internet. Extra speed, extra bandwidth are going to make our mobile devices faster, more powerful and hyperconnected, with the same thing happening to IoT connected devices such as cameras. This is going completely change the way we think about smart cities: more powerful IP devices connected to one another, powered by AI, will have a massive impact on the way we move, shop and live in urban areas. more powerful IP devices connected to one another, powered by AI, will have a massive impact on the way we move, shop and live in urban areas Privacy concerns  In most advanced economies around the globe, citizens are increasingly concerned with privacy of their data, and many governments have put – or are in the process of doing so – stringent data protection laws in place. The EU has lead the way in using these concerns to develop privacy regulations that govern the development of data-driven applications. This trend is starting to impact the entire globe, as we shift toward more data autonomy and privacy. Since most physical security applications involve the collection of video and data about people and assets, privacy regulations will continue to have a significant impact on the industry well into the future. Cloud and mobile capabilities Mobility is critical for physical security and is emerging through the development and use of cloud-based services, as well as the ability to access security devices through a smart phone or Web-based browser. That’s why there’s been such an influx of mobile apps created to manage cameras, receive automatic alerts for the most diverse event, and giving users the ability to grant or restrict access to a facility. All of this demonstrates the world’s demand for mobility, connectivity and ease-of-use. More video — everywhere Video is the cornerstone of security, providing both real-time and forensic coverage for emerging threats and incidents, which is why it’s one of the fastest growing segments of the marketplace. The use of video for traditional applications in new markets, as well as for use in newer applications that are not necessary security related is poised to see the most movement. In some industries such as oil and gas, there is a trend towards extending video coverage into extremely harsh and hazardous environments, so manufacturers are challenged to develop appropriately certified equipment to meet a more stringent demand. Manufacturing facilities such as food processing plants are also increasing their use of video for training and compliance purposes to prevent incidents such as food recalls that can be extremely costly for the business. It’s an exciting time to be a part of the security market, as we’re really just beginning to see that, when it comes to technology advancements, the sky is the limit. I would argue at the core of these innovations is the video data being collected, and as we work to build technologies that can harness the power of these applications, we will continue to be at the forefront of this movement toward greater intelligence and business insights. 

It is an exciting time at German intelligent video company MOBOTIX, which has launched a next-generation platform that builds on their legacy of video at the edge while opening up the system to third-party partners that can build even more capabilities. MOBOTIX unveiled the new M7 platform and M73 camera at the MOBOTIX Global Partner Conference in Mainz, Germany, in October. MOBOTIX M7 is a powerful, decentralised and secure modular IoT-video system based on deep learning modules. The feedback has been “overwhelming,” says MOBOTIX CEO Thomas Lausten. The new technology will also be featured in the United States at the 2020 MOBOTIX Partner Summit in Hollywood, Fla., in January. A different video surveillance  "What you see is a different way of doing video surveillance,” says Lausten. “Our focus on the edge is the difference between us and other companies.” The new MOBOTIX 7 open solution provides an “edge platform” that can be used for a variety of applications, which are provided as “apps” that leverage the platform’s hardware for specific uses, from object detection to face detection to people counting. The new M75 high-end camera incorporates the new platform. The MOBOTIX application programming interface (API) makes it possible for hundreds more apps to be developed over time Currently there are 19 apps available to empower various applications, and availability of the MOBOTIX application programming interface (API) makes it possible for hundreds more apps to be developed over time. If a MOBOTIX partner creates a new app for a specific project, “now he can use it not just for one project but can put it in the app store and sell it all over the world,” says MOBOTIX CTO Hartmut Sprave. Field Programmable Gate Array The new MOBOTIX platform uses Field Programmable Gate Array (FPGA) integrated circuits that provide flexibility and versatility to be adapted to a variety of needs, from deep learning, to higher resolution, or to use with a variety of sensors, such as color, black-and-white or night vision cameras, temperature sensors or microphones. “We can literally include any sensor requested by the market,” says Lausten.   The new camera can also be used for age analysis, crowd management or traffic analysis. It can even be used for fire or biohazard detection, incorporating thermal sensors and deep learning. MOBOTIX have added to their legacy of video with a next generation platform Partnerships MOBOTIX developed its new platform in conjunction with Konica Minolta, which owns a majority share of the German manufacturer. The combined knowledge of the two companies created the new platform, with most of the engineering done in Germany. Konica Minolta provided an object detection algorithm, for example, and deep learning capabilities that are being used with the cameras. The two companies are also developing the business together. “They are rolling out our technology on their website throughout the world,” says Lausten. “We are basically part of a global development organisation.” MOBOTIX developed its new platform in conjunction with Konica Minolta The new platform is also completely compatible with legacy MOBOTIX systems: “We have added what we need to what we have,” says Lausten. Cybersecurity is a top priority for MOBOTIX. “With our camera, everything is under our control, every single line of code, and we do all the penetration testing and everything is safe,” says Sprave. In fact, MOBOTIX won the French "Trophée de la Sécurité 2019" Gold Award in the cybersecurity category for the MOBOTIX Cactus Concept, which refers to the fact that all the modules in the MOBOTIX system have “digital thorns” that protect them from unauthorized access. End-to-end encryption is used with no blind spots.   Driven by cybersecurity Stronger cybersecurity and a focus on edge devices makes MOBOTIX inherently more cybersecure than a system of networked low-cost cameras, each of which could present a possible cyber-vulnerability. Stronger cybersecurity and a focus on edge devices makes MOBOTIX inherently more cybersecure The flexibility of the MOBOTIX platform expands its utility beyond security to include broader business functions. For example, the same camera that can detect criminals with face recognition can track where people are moving in a retail store, and even analyse age or demographics of customers to track buying patterns. “Cameras are required to think and process at the edge, and that is where we see a lot of focus going, driven by cybersecurity,” Lausten says. Lausten sees opportunity for even faster growth in the U.S. market, where they already have 30 or 40 partners. In the near term, there will be large opportunities provided by the U.S. trend toward “Chinese skepticism,” and cybersecurity concerns that have plagued the lower-cost Chinese imports. MOBOTIX products are proudly “Made in Germany.”

We live in an age when private customer data is constantly under attack from hackers. Cyber-threats have taken a front seat in the line-up of primary risks facing banks and financial institutions. The fact that cyber-attacks are becoming more prevalent isn't the only issue; they're also becoming more complex and therefore harder to address. And although the convenient interconnectivity of the Internet of Things (IoT) creates many advantages for financial institutions, there is also an increased risk to dangerous threats. Data capture form to appear here! The impact of cyber heists Money taken in cyber heists, both in banking and elsewhere, was estimated at $3 trillion According to Cybersecurity Ventures, the amount of money taken in cyber heists, both in banking and elsewhere, was estimated at $3 trillion overall for 2015, and this substantial amount is expected to double by 2021. In today’s environment, banks, credit unions, and financial organisations of all types are primary targets for hackers. But it’s not just the monetary loss that these businesses need to be concerned about — there is also a threat to the brand, customer trust, and employee safety. Banking surveys Banking choices are influenced by how secure consumers feel when conducting transactions, either in their local branch, at an ATM or online. In one survey, a vast majority of consumers (98%) felt most secure when conducting transactions at their local banking branch, compared with 92% when conducting transactions online and 85% using a mobile phone app. Further, 90% of consumers said they feel safer when they can see video surveillance cameras in their bank or credit union and would choose a financial institution with surveillance over one without, all other things being equal. Here are some other key findings from the survey: Half of consumers have walked away from an ATM without conducting their intended transaction because someone was loitering in the vestibule 60% of consumers noticed a fraudulent transaction before their financial institution, leaving plenty of opportunity for banks and credit unions to be more proactive when it comes to identifying and notifying customers about potential fraud “Banks and credit unions recognise that today’s consumers want a mix of in-person and online banking service options and have very high expectations when it comes to security and customer service,” said Peter Strom, President and CEO, March Networks, which provides security systems for banks. To increase security, biometric solutions are replacing PINs at physical ATMs To increase security, biometric solutions are replacing PINs at physical ATMs and providing a more fool-proof form of identification for banking security. Ways to increase banking security Popular use cases include a) PIN replacement at physical ATMs; b) proof-of-presence (such as pension benefit distribution) that requires liveness detection; c) more easily authenticating multiple transactions during a single ATM session; d) incorporating biometric information directly into a smart device; and e) the ability to leverage investments in biometric enrolment databases across multiple applications. An example of the latter is when fingerprint authentication on mobile devices used for payments and secure mobile banking is also used in conjunction with enrolled information for authentication at an ATM. The availability of interoperable authentication devices would permit cross-bank usage and pave the way for many new applications in the future. By enrolling a citizen’s fingerprints and then creating an ecosystem in which these transactions are strongly tied to that individual’s biometrics, the potential for fraud and identity theft approaches zero, and the process is simple and convenient for users. Read part two of our mini series here.

As security embraces IT-centric solutions, it can provide business value over and above security. Now in charge of managing a variety of data – e.g., from video platforms – a company’s security function has access to a range of new metrics. While security may use video to analyse a security event, machine learning can analyse the same data for other business capabilities, such as quality control or when a policy has been breached. “It’s the same camera, but with dual purpose,” says Matt Kushner, President of STANLEY Security. STANLEY Security, one of the largest integrators with a global footprint, has positioned itself at the centre of the industry’s transformation by information technology (IT) and the Internet of Things. “Security will become an expanded business partner with corporations,” Kushner comments. In response to the trend, STANLEY is hiring more IT-oriented technicians and salespeople within the IT community and who can “speak at the C-level”, Kushner comments. Sonitrol is the most recognised brand by law enforcement for verified response Data centres, higher education and logistics STANLEY manages very large, multi-national clients. As a consequence, the STANLEY security organisation has some of the best and brightest minds for enterprise-class security. To maintain that level of talent, STANLEY is committed to education. “We bring them into the family and focus on education, such as IT and IoT training. That’s critical in a world where unemployment is less than 3%. Finding good people, growing good people, and retaining good people – we do that exceptionally well at STANLEY,” says Kushner. STANLEY’s strong vertical markets including data centres, higher education, and logistics. They are also strong in multi-location installations (such as banking.) STANLEY has a big footprint throughout North America and Europe.  PACOM access control and 3xLOGIC cloud-based solutions In addition to STANLEY’s core integrator business, the company also manages several manufacturing brands such as PACOM access control and 3xLOGIC cloud-based solutions.Mergers and acquisitions have been commonplace in the integrator space Beyond its company-owned integrator locations under the STANLEY brand, the company also owns Sonitrol, the strongest brand in the market for verified response with 65 franchises in North America. Sonitrol is the most recognised brand by law enforcement for verified response. Mergers and acquisitions have been commonplace in the integrator space, and Kushner says that STANLEY is “open and actively looking for properties that fit our commercial growth strategy”. He notes that STANLEY focuses on the commercial side of the market, where there are good margins and continuing growth. They pay less attention to the residential side which is “being heavily disrupted”. Strong partnerships with manufacturers STANLEY has strong partnerships with several manufacturer partners, through which they bring new breakout technologies to market from emerging companies. An example is Evolv Technology, a manufacturer of gun and bomb detection technology. “We see them as a leading provider of the technology, and they are, in my mind, a very disruptive provider,” says Kushner. STANLEY is also collaborating with a company – to be announced – that provides a unique gunshot detection technology, he says. STANLEY is also cooperating with dormakaba to implement Switch Tech, a Bluetooth wireless core that can replace any standard mechanical lock core. Existing locks can be transformed into electromechanical locks in minutes. STANLEY is also developing a tight integration with Lenel’s mobile credentialing system. STANLEY is also cooperating with dormakaba to implement Switch Tech GSX 2019 and ISC West 2020 At the recent GSX 2019 show in Chicago, Kushner says STANLEY heard a lot about cybersecurity, especially customers wanting to make sure they are investing in cyber-hygiene and who are looking to expand into providing cyber protection. “In concert with cyber-hygiene, they are looking for health monitoring or assurance that network devices are operating properly,” he says. “They want to ensure their security platforms are cyber-secure and up to date with the latest software versions.” STANLEY is also a big proponent of cloud offerings, and Kushner hints at a big announcement at the upcoming ISC West show in Las Vegas of additional cloud offerings and/or partnerships. “There will be a variety of new solutions to be introduced, including hosted solutions and applications that benefit both security and that add new value to businesses overall.”

Device and application security solutions provider, Trustonic has announced that OPTOLANE has selected Trustonic Secured Platform (TSP) to bring security and trust to the company’s new connected medical diagnostic device. The product is primarily used at the point-of-care for early diagnosis and preventative healthcare, particularly for diagnosing cancer, infectious diseases and congenital abnormalities. Healthcare devices have become top targets for cybercriminals due to their critical nature, the valuable intellectual property they employ and the sensitive personal information that they collect and store. Research shows that there were 8.2 attempted cyber-attacks per connected healthcare endpoint in each month of 2018. Smart diagnostic platform OPTOLANE’s simple, fast and smart diagnostic platform is based on Nexell’s system on chip (SoC) platform To ensure security, privacy and high performance, OPTOLANE’s simple, fast and smart diagnostic platform is based on Nexell’s system on chip (SoC) platform, which integrates Trustonic’s Trusted Execution Environment (TEE). OPTOLANE’s in vitro diagnostic (IVD) platform, called LOAA (Lab on an Array) Analyser, examines blood and tissue samples for multiple targets, including DNA, RNA, proteins and metabolites, in real-time. It was developed to satisfy market demand for ‘sample to answer’ IVD tools and enables sample extraction through to analysis with a single cartridge. “Investment in connected healthtech is increasing and IVD is an important segment in the global diagnostics industry,” comments Ben Cade, CEO of Trustonic. “These solutions add significant value to diagnosis and treatment, enhancing the well-being of the general public while increasing productivity and reducing costs. But, where personal data this sensitive is being captured, processed, and transmitted, the appropriate steps must be taken to protect it from malicious actors.” Trustonic security platform Trustonic’s hardware-backed security platform, TSP, enables secure and private data extraction, processing, storage and transmission. The technology: Enables a secure image processing channel from the sensor to the application processor; Provides cryptographic tools to protect individuals’ sensitive medical data; Ensures data integrity; Creates a secure environment to run algorithms analysing raw data from the sensor; Encrypts sensitive data when being shared with the cloud. Do Young Lee, CEO of OPTOLANE, says “There is clear demand for innovative new diagnostics solutions that go from ‘sample-to-answer’ in real-time. Importantly, though, we fully understand our responsibility to protect patient data." Enhanced data security To deliver connectivity while protecting the sensitive personal data collected by diagnostic devices, we needed a proven hardware-backed security foundation. Trustonic’s experience protecting smartphones, wearables and IoT hardware, and securing critical mobile applications in the financial and automotive sectors, is assurance that our devices and patient data are secured to the highest standard.” OPTOLANE expects to receive FDA certification for the new device in the first quarter of 2020. Once certification is achieved the product will be available to clinicians in healthcare facilities around the world.

Bluebird House is a specialist UK inpatient facility, providing treatment and care for young people with complex mental health problems which mean they pose a risk to themselves or others. Run by Southern Health NHS Foundation Trust, the centre also houses adolescents detained under the Mental Health Act, so the highest standards of care, protection and security are required. As part of a wider review of security and safety across the trust, Bluebird House was earmarked for a comprehensive video surveillance upgrade and IDIS technology was chosen as the best-fit for this major project. Providing comprehensive coverage All IDIS equipment uses true plug-and-play set up, which minimises disruption and disturbance to patients Galeco engineers installed 110 IDIS 12MP Super Fisheye cameras in communal and therapeutic areas inside the facility and over 40 bullets and 13 PTZ cameras cover the exterior. All the cameras are connected to six 32-channel NVRs and managed via IDIS Center video management software (VMS). All IDIS equipment uses true plug-and-play set up, which minimises disruption and disturbance to patients, while protection against gaps in footage is provided by IDIS Smart Failover ensuring 24/7 continued recording even during network instability or drop-out. Implemented across three secure wards and two high care units, the 12MP IR Super Fisheyes provide comprehensive coverage much more affordably than two or more fixed lens cameras. Advanced IDIS video capture technology delivers complete high-definition scene coverage in all lighting conditions and allows staff to de-warp in live view as well as playback. Automatic object detection The 5MP bullet cameras, deployed around the building exteriors provide coverage of gardens, courtyards and car parks. IR LED that allows night-time image capture at distances up to 30m and includes intelligent functions such as active tampering alarms and trip zones and will notify the security team to any breach. Each camera is set to perform virtual guard tours at specific times throughout the day and night IDIS 31x Zoom IR PTZ cameras are installed along the perimeter to provide clear night-time image capture at distances up to 200m. Each camera is set to perform virtual guard tours at specific times throughout the day and night. Featuring automatic object detection, the cameras recognise and automatically track objects, people or cars capturing useful footage and alert operators of any suspicious activity. To meet patient privacy requirements, access to live and recorded footage, is limited to staff according to their ward and role. Access to advanced features and functionality Staff can only view and review footage from their area of responsibility at designated monitoring stations using specialist IDIS monitors designed for high-performance surveillance operations. To meet future requirements, the new IDIS solution can be linked to the trust’s local area networks (LANs) without increasing cyber- security concerns, thanks to IDIS’s use of proprietary software which is inherently resilient. The totally cost-free IDIS Center video management software (VMS) gives security managers and senior staff a complete overview of the entire site from a 24/7 manned and centralised control room. Using the intuitive IDIS Center interface, operators have complete command and control of each camera and access to advanced features and functionality to ensure the secure and smooth day-to-day running of the site. Authorised monitoring and access of footage IDIS technology made this easy, and it was also the quickest and least disruptive to install Video surveillance is a key resource for clinicians, Sr. managers and security staff at Bluebird House as they need to work closely together to deal with incidents and reduce risks of harm. Improved video coverage was needed as it would allow ongoing review of care standards and full investigation of any alleged incidents. Patient privacy is also of paramount importance, so specialist integrator Galeco Communications was selected to implement a solution that would allow authorised monitoring and access of footage for specific rooms and wards. IDIS technology made this easy, and it was also the quickest and least disruptive to install, the most secure against cyber-attacks - in compliance with NHS requirements – and yet would deliver the lowest total cost of ownership (TCO). Ensuring better safety and security Replacing the centre’s ageing camera system, the IDIS solution would give complete coverage of corridors, wards and other high-risk areas in all lighting conditions. The IDIS solution has improved security, safety and care at Bluebird House by providing a complete video record of events. Exterior cameras ensure better safety and security in outdoor communal areas Footage from the 12MP Super Fisheye cameras give a full 360 view without any blind spots with a choice of 6 view modes and crucially provides staff with the ability to de-warp footage retrospectively. Now, if incidents need to be investigated it’s a simple task to retrieve video and provide any high-definition evidence required. Exterior cameras ensure better safety and security in outdoor communal areas, while security operators can quickly detect and respond to any suspicious activity on the perimeter. Access and review recordings "A key benefit for us is that this new system is so easy to use, and particularly for our clinical staff who can now access and review recordings to help them improve patient care. This video technology gives us extra confidence that our patients and staff are safe and protected” said Tracey Edwards, Head of Security at Southern Health NHS Trust. With minimal disruption, and working in this sensitive location, Galeco engineers were able to replace an outdated system with an affordable, high-performance, cybersecure solution that is easy to maintain and operate without any ongoing license fees.

Pulse Secure advances remote access to web applications such as Microsoft Office 365 and network resources to help 3,000 staff enjoy a better work-life balance leveraging Pulse Secure. Pulse Secure, a provider of software-defined Secure Access solutions, has announced the delivery of a successful project at one of Italy’s largest media organisations designed to help foster mobile workforce productivity while ensuring protected, compliant access to cloud and data centre applications.  RCS MediaGroup is one of the leading multimedia publishing groups, active mainly in Italy and Spain across all publishing fields, spanning from newspapers to magazines, from digital to books, from TV to new media, and to training. It is also one of the top players in the advertising market and in the organisation of iconic events and major sporting formats, such as the Giro d’Italia. Protecting against cyber-attack We maintain several security controls across our network, as well as regularly cyber-security training" The RCS Group publishes the daily newspapers Corriere della Sera, La Gazzetta dello Sport, El Mundo, Marca and Expansion, as well as numerous magazines, the most popular including Oggi, Amica, Io Donna, 7, YO Dona and Telva. Like many other popular enterprises, being an integral part region’s culture and communications has made RCS Group a target for cyber threat actors. “Protecting our systems against cyber-attack is a critical requirement as is ensuring our staff and journalists have easy, flexible and secure access to their work,” says Monica Venanzetti, Network Manager for RCS MediaGroup in Milan. “To meet this need, we maintain several security controls across our network, as well as regularly conduct cyber-security training. We deployed our first VPN solution in 2006 to enable secure access to our systems and it was time to progress our capabilities.” New cloud services RCS MediaGroup employs over 3,000 staff including 700 journalists and as Giandomenico Oldano, Director of IT operations for RCS MediaGroup, explains, “As a group, we have an ongoing strategy to help our staff embrace smart working. This is part of an initiative to improve the work-life balance of our employees and reduce their traveling time, which in a busy city like Milan can be very time consuming.” As part of this work-life balance strategy, RCS MediaGroup has invested in more remote, mobile and cloud technologies and recently moved its staff onto Microsoft Office 365 to encourage this transition. “To meet this need and as part of our commitment to ensuring best practice secure access, we decided to upgrade our legacy VPN to provide more capacity and to better integrate with new cloud services such as Office 365,” says Venanzetti. Cloud single-sign on The simplified management interface allows RCS MediaGroup to set up enterprise-wide policies" “We examined several options and Pulse Secure provided us a modernised platform with more advanced features including endpoint compliance and cloud single-sign on. We found the tool comparatively simpler to administer, very interoperable and with a broader feature-set.” The upgrade process was straightforward, and the simplified management interface allows RCS MediaGroup to set up enterprise-wide policies that make it easy for its remote users to connect to its critical publishing systems. The solution also incorporates client checking technology that ensures that its users’ devices, both corporate and personally owned endpoints, are running the right system and security patches before they can attach to the corporate network. “One of the most important features was deep support for our users’ devices including tablets, laptops and PCs across both Apple and Microsoft environments,” says Oldano. Cloud-based applications “Our upgrade has been a success and provides a lot of potential for future projects that will allow us to offer secure access for more cloud-based applications. Pulse Secure has been with us throughout this process and its technology is helping us to deliver on our commitment towards smarter working for all our staff.” Pulse Secure enables enterprises to centrally manage Zero Trust Secure Access to applications, resources and services that are delivered on-premise, in private cloud and public cloud environments. The Pulse Access Suite delivers protected connectivity, operational intelligence and threat response across mobile, network and multi-cloud environments in order to provide easy, compliant access for end users and single-pane-of-glass management for administrators. “Enterprises are fortifying capabilities to accelerate mobile workforce productivity and take advantage of cloud computing.” Comprehensive and integrated Pulse Secure offers a proven, comprehensive and integrated suite that works with an enterprises hybrid IT infrastructure to enable a simpler, more manageable and scalable approach to secure access,” said Paul Donovan, vice president of EMEA sales at Pulse Secure. “We are pleased to have been selected by RCS MediaGroup, a prominent and progressive market leader in multimedia publishing and look forward to supporting their on-going digital transformation initiatives.”

Located in Eastern China, Hangzhou is the capital and most populous city of Zhejiang Province. It has registered population of 9,800,000, with total area of 16,596 km². Jianggan District is one of the five main urban areas of Hangzhou. With a floating population of about 1.06 million, Jianggan District ranks first among Hangzhou's main urban areas. As the new administrative center of Hangzhou, it boasts the most important CBD and the largest train station and car hub in Hangzhou, bringing together various traffic elements such as highway junctions and bridges across the river. The entire Jianggan District is promoting vital transformation in urban areas Intelligent surveillance system Covering 8 streets, 141 communities and 4 villages, the entire Jianggan District is promoting vital transformation in urban areas. Nevertheless, the non-registered population, accounted for about 40% of the total population, makes it hard for the local government to improve urban management in the district. Every policeman needs to manage 1,700 citizens on average. The shortage of police force affected their work precision and led to difficulties in providing timely police response. In addition, insufficient surveillance coverage and limited intelligence system in the area resulted in inactive security measures, making it difficult for the police to achieve their goals Integrating DoT, IoT and the internet Based on the Dahua Heart of City (HOC) architecture supported by "Full Sensing, Full Intelligence, Full Computing and Full Ecosystem (4 Full) capabilities, Dahua Technology firmly focused on the construction needs of the area and built the overall plan of establishing an ‘online police’. Integrating the Internet, DoT and IoT, Dahua Technology has successfully assisted the Hangzhou Jianggan Public Security in building a multi-dimensional network that targets customer value, and combines AI, big data, and cloud computing in order to obtain accurate real-time data and strengthen the current technology of “online police” operations. Sensors and monitoring products Dahua Technology deployed 19 sensors, hundreds of monitoring products and a sophisticated network Moreover, Dahua Technology deployed 19 sensors, hundreds of monitoring products and a sophisticated network. It also set up 46 actual police investigation models to provide accurate instructions for Jianggan police, including property crimes analysis, situation analysis, vehicle management, people management, psychiatric control, online apprehension of violators, as well as missing person search, etc. Compared with traditional police operation, Dahua HOC Safe City Solution has built an “Online Police” mechanism to obtain the most authentic real-time data through information technology, and carry out accurate computer applications for a more scientific service deployment, efficient police force and powerful security control. Dahua HOC Safe City Solution It ensures that the Jianggan police can perform properly at a given time. It also promotes the transformation of police affairs from passive to active, from extensive to subtle, from imprecise to accurate, and from offline to online, gradually carrying out the prediction, early-warning, and prevention measures of police operations. Since 2016, the Dahua HOC Safe City Solution has helped Jianggan Public Security achieve outstanding results including enhanced police intelligence, reduced crime cases, increase in case closure rate and efficiency, improvement in public service, and speedy recovery of missing individuals, opening a new chapter for intelligent police operations.

Video storage is an important – and expensive – aspect of almost any surveillance system. Higher camera counts equate to a need for more storage. New analytics systems make it easier for operators to manage video, but that video must be dependably stored and easy to access if and when it is needed. To keep up to date on the latest developments, we asked this week’s Expert Panel Roundtable: What’s new in video storage solutions?

Securing large campus environments can be particularly demanding and requires a range of technology solutions. In effect, a campus may represent a dozen or more individual facilities to be secured, in addition to protecting the overall environment. Seeking more insight into the number and variety of needs of securing a campus, we asked this week’s Expert Panel Roundtable: What are the security challenges of protecting large campus environments?

While unpacking our bags from a trade show, it is interesting to consider the dominant themes and trends we heard and saw at the show. So it is with the recently concluded Global Security Exchange (GSX) show in Chicago, presented by ASIS International. Amid all the product promotion, training sessions, networking and tired feet at the show, what really stood out? We asked this week’s Expert Panel Roundtable: What was the big news at the GSX 2019 trade show in Chicago?