The Security Industry Association (SIA) has named ASSA ABLOY as the recipient of the 2020 Member of the Year Award, which honours SIA member companies that have shown noteworthy involvement in SIA committees and working groups, SIA events and the SIA Education@ISC conference program; leadership activity; recruitment of SIA members; and contributions to SIA thought leadership and the industry overall. SIA will present ASSA ABLOY with the award at The Advance, SIA’s annual membership meeting, during ISC West.

ASSA ABLOY – the global provider of access solutions – is a long-time SIA corporate member that takes an active role in participating in SIA’s array of programs, products and services and fully supports its employees’ involvement in SIA committees, working groups and advisory boards. The company is a regular sponsor of key SIA events, including the Market Leaders Reception at ISC West, SIA GovSummit and Securing New Ground.

On-demand training courses

SIA is proud to honor ASSA ABLOY as the 2020 SIA Member of the Year and applauds the company for its invaluable engagement

“SIA is proud to honor ASSA ABLOY as the 2020 SIA Member of the Year and applauds the company for its invaluable engagement, thought leadership efforts and contributions to SIA, our members and the security industry overall,” said Scott Schafer, Chairman of the SIA Board of Directors. “Thanks in large part to the outstanding support of members like ASSA ABLOY, SIA is able to continue building on its robust suite of resources, programming and education and training offerings to better serve our members and the industry.”

ASSA ABLOY is a contributing member to the SIA Center of Excellence, SIA’s online repository of vendor-neutral, vetted information – including on-demand training courses, e-learning modules, articles and webinars – to foster industry knowledge and help organizations keep at the forefront of market demands.

Significant resources and services

Additionally, the company has contributed content to SIA Technology Insights, SIA’s journal distilling the most current thinking for applying today’s security technologies and moderated webinars in partnership with SIA and Security Systems News, and ASSA ABLOY executives have spoken at SIA events including Securing New Ground.

“ASSA ABLOY is honored to receive SIA’s Member of the Year Award. Since serving on the SIA Board of Directors, my eyes have been opened to the significant resources and services provided by the SIA management team and staff under the leadership of Don Erickson and Scott Schafer,” said Martin Huddart, Head of Smart Residential for ASSA ABLOY.

Vast network of member volunteers

The Advance will take place during ISC West 2020 on Tuesday, March 17, from 10:30 to 11:30 a.m"

I have also been impressed by the vast network of member volunteers who work on important committees and support SIA events – I think this is a reflection of the relevance and vitality of this trade association. I’d like to thank not only the ASSA ABLOY volunteers that led to this recognition, but all SIA members who contribute their time to the advancement of security in the workplace and in our homes. We shouldn’t forget that our collective impact makes a real difference in the world.” 

The Advance will take place during ISC West 2020 on Tuesday, March 17, from 10:30 to 11:30 a.m. in the Sands Convention Center in Las Vegas, Nevada.

Exchange market intelligence

In addition to the presentation of the SIA Member of the Year Award, attendees will enjoy a high-impact presentation from William Wilkins, Executive Director of Global Security Operations at Valero Energy Corporation, on the Chief Security Officer framework and key lessons for security professionals. SIA will also review key association business, exchange market intelligence for the year ahead and present the SIA Chairman’s Award, Committee Chair of the Year Award and Sandy Jones Volunteer of the Year Award. Attendees of The Advance will receive complimentary lunch and have the opportunity to network with industry colleagues.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

In case you missed it

Water Plant Attack Emphasizes Cyber’s Impact On Physical Security
Water Plant Attack Emphasizes Cyber’s Impact On Physical Security

At an Oldsmar, Fla., water treatment facility on Feb. 5, an operator watched a computer screen as someone remotely accessed the system monitoring the water supply and increased the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million. The chemical, also known as lye, is used in small concentrations to control acidity in the water. In larger concentrations, the compound is poisonous – the same corrosive chemical used to eat away at clogged drains. The impact of cybersecurity attacks The incident is the latest example of how cybersecurity attacks can translate into real-world, physical security consequences – even deadly ones.Cybersecurity attacks on small municipal water systems have been a concern among security professionals for years. The computer system was set up to allow remote access only to authorized users. The source of the unauthorized access is unknown. However, the attacker was only in the system for 3 to 5 minutes, and an operator corrected the concentration back to 100 parts per million soon after. It would have taken a day or more for contaminated water to enter the system. In the end, the city’s water supply was not affected. There were other safeguards in place that would have prevented contaminated water from entering the city’s water supply, which serves around 15,000 residents. The remote access used for the attack was disabled pending an investigation by the FBI, Secret Service and Pinellas County Sheriff’s Office. On Feb. 2, a compilation of breached usernames and passwords, known as COMB for “Compilation of Many Breaches,” was leaked online. COMB contains 3.2 billion unique email/password pairs. It was later discovered that the breach included the credentials for the Oldsmar water plant. Water plant attacks feared for years Cybersecurity attacks on small municipal water systems have been a concern among security professionals for years. Florida’s Sen. Marco Rubio tweeted that the attempt to poison the water supply should be treated as a “matter of national security.” “The incident at the Oldsmar water treatment plant is a reminder that our nation’s critical infrastructure is continually at risk; not only from nation-state attackers, but also from malicious actors with unknown motives and goals,” comments Mieng Lim, VP of Product Management at Digital Defense Inc., a provider of vulnerability management and threat assessment solutions.The attack on Oldsmar’s water treatment system shows how critical national infrastructure is increasingly becoming a target for hackers as organizations bring systems online “Our dependency on critical infrastructure – power grids, utilities, water supplies, communications, financial services, emergency services, etc. – on a daily basis emphasizes the need to ensure the systems are defended against any adversary,” Mieng Lim adds. “Proactive security measures are crucial to safeguard critical infrastructure systems when perimeter defenses have been compromised or circumvented. We have to get back to the basics – re-evaluate and rebuild security protections from the ground up.” "This event reinforces the increasing need to authenticate not only users, but the devices and machine identities that are authorized to connect to an organization's network,” adds Chris Hickman, Chief Security Officer at digital identity security vendor Keyfactor. “If your only line of protection is user authentication, it will be compromised. It's not necessarily about who connects to the system, but what that user can access once they're inside. "If the network could have authenticated the validity of the device connecting to the network, the connection would have failed because hackers rarely have possession of authorized devices. This and other cases of hijacked user credentials can be limited or mitigated if devices are issued strong, crypto-derived, unique credentials like a digital certificate. In this case, it looks like the network had trust in the user credential but not in the validity of the device itself. Unfortunately, this kind of scenario is what can happen when zero trust is your end state, not your beginning point." “The attack on Oldsmar’s water treatment system shows how critical national infrastructure is increasingly becoming a target for hackers as organizations bring systems online for the first time as part of digital transformation projects,” says Gareth Williams, Vice President - Secure Communications & Information Systems, Thales UK. “While the move towards greater automation and connected switches and control systems brings unprecedented opportunities, it is not without risk, as anything that is brought online immediately becomes a target to be hacked.” Operational technology to mitigate attacks Williams advises organizations to approach Operational Technology as its own entity and put in place procedures that mitigate against the impact of an attack that could ultimately cost lives. This means understanding what is connected, who has access to it and what else might be at risk should that system be compromised, he says. “Once that is established, they can secure access through protocols like access management and fail-safe systems.”  “The cyberattack against the water supply in Oldsmar should come as a wakeup call,” says Saryu Nayyar, CEO, Gurucul.  “Cybersecurity professionals have been talking about infrastructure vulnerabilities for years, detailing the potential for attacks like this, and this is a near perfect example of what we have been warning about,” she says.  Although this attack was not successful, there is little doubt a skilled attacker could execute a similar infrastructure attack with more destructive results, says Nayyar. Organizations tasked with operating and protecting critical public infrastructure must assume the worst and take more serious measures to protect their environments, she advises. Fortunately, there were backup systems in place in Oldsmar. What could have been a tragedy instead became a cautionary tale. Both physical security and cybersecurity professionals should pay attention.

What Are The Positive And Negative Effects Of COVID-19 To Security?
What Are The Positive And Negative Effects Of COVID-19 To Security?

The COVID-19 global pandemic had a life-changing impact on all of us in 2020, including a multi-faceted jolt on the physical security industry. With the benefit of hindsight, we can now see more clearly the exact nature and extent of that impact. And it’s not over yet: The pandemic will continue to be top-of-mind in 2021. We asked this week’s Expert Panel Roundtable: What have been the positive and negative effects of Covid-19 on the physical security industry in 2020? What impact will it have on 2021?

Expert Roundup: Healthy Buildings, Blockchain, AI, Skilled Workers, And More
Expert Roundup: Healthy Buildings, Blockchain, AI, Skilled Workers, And More

Our Expert Panel Roundtable is an opinionated group. However, for a variety of reasons, we are sometimes guilty of not publishing their musings in a timely manner. At the end of 2020, we came across several interesting comments among those that were previously unpublished. Following is a catch-all collection of those responses, addressing some of the most current and important issues in the security marketplace in 2021.