Mathieu Chevalier

Our Expert Panel Roundtable is an opinionated group. However, for a variety of reasons, we are sometimes guilty of not publishing their musings in a timely manner. At the end of 2020, we came across several interesting comments among those that were previously unpublished. Following is a catch-all collection of those responses, addressing some of the most current and important issues in the security marketplace in 2021.

Passwords are one of the most familiar elements of information systems, but also one that can be overlooked or underutilized. New alternatives are emerging, and the role of passwords is evolving in the age of the Internet of Things. We asked this week’s Expert Panel Roundtable: How is the role of passwords changing in physical security systems?

Ethical hackers are familiar to the world of cybersecurity. As cybersecurity awareness increases in physical security, they are also playing a larger role to ensure the safety of networked and information technologies used in our market. We asked this week’s Expert Panel Roundtable: What is the role of ‘ethical hackers’ to ensure cybersecurity of networked products in the physical security market?

Our Expert Panel Roundtable is an opinionated group. However, for a variety of reasons, we are sometimes guilty of not publishing their musings in a timely manner. At the end of 2020, we came across several interesting comments among those that were previously unpublished. Following is a catch-all collection of those responses, addressing some of the most current and important issues in the security marketplace in 2021.

Genetec Inc., a globally renowned technology provider of unified security, public safety, operations, and business intelligence solutions, has announced that Firmware Vault, the industry’s first camera firmware update service developed by an open architecture VMS vendor, now supports cameras from Axis, Bosch, and Panasonic, in addition to existing support for Hanwha Techwin cameras. Firmware Vault Designed to help IT administrators and systems integrators stay up to date with the latest camera firmware, Firmware Vault helps organizations ensure they have the latest protection from the manufacturer against cyber threats. Outdated camera firmware presents one of the biggest weaknesses in cybersecurity defense. But for many security administrators, keeping pace with the latest updates can be very time-consuming. According to recent research conducted by Genetec, 68.4% or almost 7 out of 10 cameras are currently running out-of-date firmware. Enhancing cybersecurity protection  Ensuring that you are running the latest version of your cameras’ firmware can be tricky and time-consuming Firmware Vault streamlines the camera firmware update process so that customers can implement the latest cybersecurity protection measures as soon as they become available, a crucial step in ensuring their organization’s resilience against cyber-attacks. Firmware Vault is available free of charge with Security Center Version 5.8 and above. “Ensuring that you are running the latest version of your cameras’ firmware can be tricky and time-consuming. Yet, when the firmware on a single video surveillance camera is out of date, your entire IT network can be at risk of a cyber-attack. Firmware Vault makes it easy to keep on top of the firmware update process,” explains Mathieu Chevalier, Lead Security Architect, at Genetec. Cloud-based locker The Firmware Vault feature relies on the same highly-secure cloud-based locker used by the Genetec Update Service to provide access to Windows and Security Center updates. When new camera firmware is available, system administrators are notified in the Security Center Configuration Tool. This allows them to track and download new firmware packages and the latest manufacturer cybersecurity protection measures for the connected cameras in a matter of minutes. The Firmware Vault allows users to have a unified view of all cameras and their update status so that they can take corrective action more quickly and efficiently.

Outdated camera firmware and failing to change default passwords present some of the biggest weaknesses in cybersecurity defense. As the number of interconnected security devices keeps on growing, keeping pace with the latest updates can be tricky and very time-consuming. According to new research conducted by Genetec Inc. (“Genetec”), a technology provider of unified security, public safety, operations, and business intelligence, as many as 68.4%¬—or almost 7 out of 10—cameras are currently running out of date firmware. Installing the latest firmware is not just about accessing exciting new features, warns Genetec. It ensures the latest cybersecurity protection measures are implemented as soon as they become available, a crucial step in ensuring an organization’s resilience against cyber-attacks. Cybersecurity vulnerabilities IP cameras came with default security settings, including admin login information that is often publicly available “Our primary research data points to the fact that more than half of the cameras with out of date firmware (53.9%) contain known cybersecurity vulnerabilities. By extrapolating this to an average security network, nearly 4 out of every 10 cameras are vulnerable to a cyber-attack,” said Mathieu Chevalier, Lead Security Architect at Genetec.  The research conducted by Genetec also showed that nearly 1 in 4 organizations (23%) fail to use unique passwords, relying instead on the same password across all cameras from the same manufacturer, leaving an easy point of entry for hackers once only one camera has been compromised. Until recently, IP cameras came with default security settings, including admin login information that is often publicly available on the manufacturers’ websites. Physical security systems While most camera manufacturers now request users to set up a new password and admin credentials at installation, businesses, cities and government organizations with older equipment never updated their passwords, potentially compromising the other critical data and systems that reside on their network. “Unfortunately, our research shows that the “set it and forget it” mentality remains prevalent - putting an entire organization’s security and people’s privacy at risk. All it takes is one camera with obsolete firmware or a default password to create a foothold for an attacker to compromise the whole network,” added Chevalier. “It is critical that organizations should be as proactive in the update of their physical security systems as they are in updating their IT networks.”

Genetec Inc. (“Genetec”), a technology provider of unified security, public safety, operations, and business intelligence solutions announced that Security Center Omnicast, its video management system (VMS), received the UL 2900-2-3 Level 3 cybersecurity certification. A long-standing advocate for cybersecurity and the ‘Security of Security’, Genetec participated in the UL evaluation process, which today validates its resilience against cyber-attack with the highest Level 3 (L3) assessment certification. UL’s Cybersecurity Assurance Program (CAP) tests network-connectable products and systems against established criteria from the UL 2900 series of cybersecurity standards. Following a standardized methodology, the UL 2900-2-3 standard applies a three-tiered evaluation model, ranking with an increasing level of security for each tier. Three Levels Of Certification The Level 3, which has been achieved by Security Center Omnicast, includes a series of checks including fuzz testing, code and binary analysis, penetration testing, risk assessment methodology, and vulnerability testing. Genetec ranks at the top in its industry for cybersecurity resilience and trust""UL is a globally recognized safety and security solutions company dedicated to promoting safe environments. The UL 2900-2-3 certification was created with three possible levels of certifications to test physical security systems for cybersecurity integrity,” said Chris Hasbrook, UL’s Vice President & General Manager, Building & Life Safety Technologies Division. “After passing our most challenging testing processes, Genetec ranks at the top in its industry for cybersecurity resilience and trust,” added Hasbrook. Validating The ‘Security Of Security’ Initiative “Many security companies claim to follow cybersecurity best practices, noting that their software and systems are ‘hardened’ against cyber-attacks. By participating in this certification process, our Level 3 ranking proves and validates the Genetec ‘Security of Security’ initiative—which we have been sharing with our channel partners, integrators, press, and end-users for many years now,” said Mathieu Chevalier, Lead Security Architect, Genetec Inc. “We’ve always taken an active approach to architecting our unified security solutions with intelligent and fastidious attention to cybersecurity,” added Chevalier.