NTT Ltd., a global technology services provider, has announced the most critical cyber security trends that will shape the business technology landscape in 2020 – and the steps organisations need to take to address them. The Future Disrupted: 2020 Technology Trends, which include key insights from the company’s Security division, reveal that Security Orchestration, Automation, and Response (SOAR) will rocket as attacks happening at machine speed demand an AI-based approach to security.
Around 75% of the threats detected in NTT Ltd.’s Security Operation Centres (SOCs) are now orchestrated by supervized machine learning and threat intelligence. Its security experts use algorithms to recognize patterns, identify anomalies and automatically orchestrate security controls. Embedding this level of intelligence into infrastructure and applications will therefore become a top priority for businesses.
Active cyber defence in 2020
Organizations need to regularly evaluate the security hygiene of applications across their entire business"
“Cyber attacks are happening at machine speed, not human speed”, comments Azeem Aleem, VP Consulting Security, NTT Ltd. “To keep up, organizations will need the help of machines – and data scientists – and this is why we believe Security Orchestration, Automation, and Response will be the hottest area in cyber security in the year to come."
"It enables organizations to predict when an attack is going to happen – and fast. In fact, we don't even talk about proactive security to our clients anymore. We talk about predictive security, which we believe will become essential for delivering an active cyber defence in 2020.”
NTT Ltd. also reveals that applications are becoming the new attack vector, with application-specific and web-application attacks now accounting for a third (32%) of hostile traffic – making them the single most common form of hostile activity, according to NTT Ltd.’s 2019 Global Threat Intelligence Report (GTIR).
Cloud-based and software-defined
Azeem Aleem adds: “Now that infrastructure is more cloud-based and software-defined, we are entering a world where the application is the easiest way to compromise data. If our latest GTIR is anything to go by, the number of attacks on applications is only going to increase."
Fixed infrastructure tends to have standard traffic patterns that make it relatively easy to identify anomalies
"At a minimum, organizations need to regularly evaluate the security hygiene of applications across their entire business and apply the necessary patches – an exercise that can no longer be neglected. Infrastructure will still be a target, however, so organizations also need to test and manage security from the data centre right through to the edge.”
Software-based security controls
Some of the other cyber security trends include:
Security goes to the cloud: While organizations still buy on-premises equipment, largely for compliance reasons, more applications and workloads are being created and hosted in cloud environments. However, if organizations are using multiple hosting centres or hyperscalers, it’s more difficult to apply standardised, software-based security controls across the entire infrastructure. Applying security to the application or workload will enable them to monitor and implement the appropriate controls.
Hyperscaler patterns continue to be elusive: Fixed infrastructure tends to have standard traffic patterns that make it relatively easy to identify anomalies. This is not the case with hyperscalers, which also make hundreds of thousands of high-speed updates to their platform on any given day. This will make it very difficult for organizations to monitor the interactions between humans, machines, data and applications in order to identify patterns and anomalies. Information, context and intelligence therefore need to be applied for a modern and robust security posture.
Data lakes and data wallets: Data lakes will enable new models of predictive analytics. What’s more, we will see data wallets that put data in the hands of the person who owns it and making it completely secure for them. Nobody can access that data without certain permissions being in place and, if the user is under threat, can be locked down.
Most effective intelligent technology solutions
NTT Ltd. is the newly-formed company bringing together 40,000 people from across 31 brands – including NTT Communications, Dimension Data and NTT Security – to serve 10,000 clients from around the world. Using the insights gathered from its global client base, NTT Ltd. is able to better understand the future and shape the most effective intelligent technology solutions for its customers. The Future Disrupted: 2020 Technology Trends looks at the way businesses need to prepare for tomorrow, in the next year.
HID Global, globally renowned provider of trusted identity solutions, has announced that it has expanded its digital certificate family to offer an Extended Validation (EV) Code Signing (EV CS) certificate that protects software from tampering and forgery.
Customers who download software that has been digitally signed with the IdenTrust TrustID EV CS certificates can identify the source and launch its applications or other code without receiving an ‘Unknown Publisher’ warning from the widely used Microsoft anti-phishing and anti-malware application filter.
Digital certificate authority
“We have brought our expertise as the world’s most trusted digital certificate authority to the challenge of securing software code in today’s increasingly vulnerable digital world,” said Vishvas Patel, vice president and chief architect with HID Global, Identity and Access Management.
IdenTrust code signing certificate identifies a software publisher at the highest level of assurance specified in industry standards"
He adds, “Our IdenTrust code signing certificate identifies a software publisher at the highest level of assurance specified in industry standards and can be used to verify that desktop and mobile applications, firmware, drivers or other software code are being sent from an authenticated source and have not been altered by unauthorized parties.”
TrustID EV CS digital certificate
Each TrustID EV CS digital certificate is issued into a FIPS 140-2 Level 2-compliant HID Crescendo smartcard or USB Token that ensures publishers can only access it through a two-factor authentication process. This also protects the private key from being exported, which provides additional assurance about who published the software code and eliminates the risk of tampering or unauthorized updates to the published software.
A free HID Global Timestamp Authority service further enhances the IdenTrust TrustID EV CS certificate offering by adding long-term validation of the digital signature’s integrity as well as non-repudiation even after the IdenTrust TrustID EV CS certificate has expired or been revoked.
Microsoft Smartscreen Application Reputation filtering system
HID IdenTrust TrustID EV CS certificates are only issued after a strict vetting and authentication process that instantly gives a software publisher a trusted reputation as defined by the Microsoft Smartscreen Application Reputation filtering system.
The process of establishing this reputation can take much longer when code is not signed with an EV CS certificate. Until the reputation is established, the filtering system will continue to flag an application as a potential source of malware infections the first time that customers launch it. The IdenTrust TrustID EV CS digital certificates are available now.
MOBOTIX, the manufacturer of premium-quality and secure IP video systems, will showcase its latest advancements in Internet of Things (IoT) video surveillance technology at ISC East from November 20-21, at the Javits Center in New York (Booth #760).
Furthering its mission to go ‘Beyond Human Vision,’ MOBOTIX will be showcasing the new MOBOTIX 7 Platform and the award-winning M73 camera that uses it, along with the company’s flagship Mx6 IoT series and MOVE line.
Artificial intelligence and deep learning
MOBOTIX will preview its latest video surveillance solutions, including the 2019 IoT Integration Award winning M73 camera. The M73 IoT camera features high-octane processer technology, combining three separate image and environmental sensors with AI-based analytics for unparalleled performance.
The Mx6 line provides intelligence at the edge with video analytics and programmable logic
Additionally, MOBOTIX will highlight the new MOBOTIX 7 Platform. The MOBOTIX 7 open solution platform comes with pre-installed applications supported by artificial intelligence and deep learning, covering a wide range of vertical-deployment needs. MOBOTIX will display the flagship Mx6 IoT camera line, featuring cutting-edge 6MP moonlight sensor technology for brilliant images. The Mx6 line provides intelligence at the edge with video analytics and programmable logic and can be easily integrated into existing infrastructure, thanks to a decentralized architecture.
Enabling seamless integration
MOBOTIX will also showcase the MOBOTIX MOVE line, featuring enhanced infrared technology and pan-tilt-zoom functionality. Both product lines are embedded with MOBOTIX’s layered cybersecurity protocols and support ONVIF standards to enable seamless integration into third-party systems.
“We are excited to introduce our latest innovations in intelligent video solutions at this year’s ISC East,” said Joseph Byron, Vice President: America’s MOBOTIX. “We look forward to sharing our new MOBOTIX 7 platform and M73 camera, highlighting the nearly endless customizable solutions this new system can offer our customers.” All MOBOTIX solutions are manufactured and hand-tested in Germany, featuring low failure rates and exceeding product warranty standards.
Arecont Vision Costar (AVC), the industry pioneer in IP-based megapixel camera technology and video surveillance solutions, has named experienced sales provider Geoff Stoliker as regional sales manager for Northern California and the Pacific Northwest Region. “Geoff brings a wealth of security industry knowledge to Arecont Vision Costar, which will be appreciated by our growing customer base across the region, including his own extensive customer and partner contacts,” said Kyle Parker, Vice President, Americas Sales.
“I’m confident Geoff will make an immediate impact, having experience with our original Arecont Vision MegaIP products, and already fully conversant with the other components of the Total Video Solution, including our advanced ConteraIP cameras, cloud-enabled ConteraVMS, and cloud-managed ConteraCMR recorders.”
Cyber-secure hybrid cloud surveillance system
Total Video Solution delivers cyber-secure hybrid cloud surveillance system, integrated with megapixel cameras"
The Northern California and Pacific Northwest Region is international in nature, including Northern California, Northern Nevada and the states of Alaska, Idaho, Oregon, Montana, and Washington in the USA. The Canadian provinces of Alberta and British Columbia are also part of the territory. Mr. Stoliker is supported by two manufacturer’s representative firms in the region – Axiom Technologies for the Pacific Northwest, and Badger Reps for Northern California and Northern Nevada.
“Our Total Video Solution delivers a powerful, cyber-secure hybrid cloud surveillance system, integrated with the industry’s best megapixel cameras, and easily accessible from a range of devices from just about anywhere” stated Mr. Stoliker. “I look forward to bringing this outstanding solution to the attention of new and existing Arecont Vision Costar customers throughout the entire region.”
Focus on video surveillance
Mr. Stoliker’s career includes 21 years security sales assignments across industry manufacturers through to distributors, all with a focus on video surveillance. He previously served from 2009 – 2014 with Arecont Vision Costar’s predecessor company, familiar to his customers and partners as a knowledgeable and trusted advisor.
“I’m thrilled to add Geoff and his sales acumen to this large, critically important portion of our region,” said Steve McGlasson, regional sales director. “Customers and partners will immediately appreciate the benefit of his knowledge and expertise, working in conjunction with our manufacturer’s reps, inside sales, and field application engineering teams.”
It’s hard to believe that we’re in the final quarter of 2019. It’s time to wrap up goals and make new ones that will guide us into another decade. As we look forward, we can’t help but look back at some of the key trends that emerged in the last couple of years, and their continued presence in the product road maps and plans that so many security industry leaders and manufacturers are creating.
Some of these trends have enhanced the efficacy of security systems, whereas others have the potential of having adverse impacts.
Cyber-attacks of all kinds have become, and will continue to be, a major threat, making this one of the most important initiatives that today’s businesses embrace. From a manufacturer’s perspective, building cybersecurity into the product from its inception is critical, with integrators beginning to demand this level of consideration from the products they sell. As a result of a rise in the convergence of IT applications alongside security investments, end users are now seeking out solutions designed with data security top-of-mind. All network connected devices such as DVRs/NVRs, servers, IP cameras, access controllers, intrusion alarms, smart sensors, are vulnerable, which is why this added step in developing cybersecurity protocols and applying them across the organization is critical.
Building cybersecurity into the product from its inception is critical
More connected devices
The Internet of Things (IoT) has been a major trend for the past few years in many industries, and this will continue as we integrate sensors of all kinds into the network. The collection and analysis of the data collected by these sensors is giving rise to a plethora of applications such as industrial applications, intelligent building management, event management, and much more. The physical security industry benefits by having additional intelligence for situational awareness and emergency management, as well as opportunities to provide additional value-added services and business insights. Being deployed in an increasing number of scenarios and with continued improvements in computing capabilities, video has the opportunity to become the eye of IoT.
Software manufacturers are looking toward artificial intelligence to help propel advanced analytics in an effort to deliver more situational awareness to operators, and an increased ability to proactively assess threats or anomalies. While video and data analytic capabilities have been around for quite some time, some would argue they were rudimentary in comparison to software that uses AI to make existing applications such as facial recognition much more accurate, and to create new ways to detect anomalies. In addition, AI continues to be used to make sense of the large amounts of data that are being generated by intelligent sensors and by analyzing the growing amount of video.
It’s safe to say that 5G will revolutionize the way people stay connected to the internet. Extra speed, extra bandwidth are going to make our mobile devices faster, more powerful and hyperconnected, with the same thing happening to IoT connected devices such as cameras. This is going completely change the way we think about smart cities: More powerful IP devices connected to one another, powered by AI, will have a massive impact on the way we move, shop and live in urban areas.
More powerful IP devices connected to one another, powered by AI, will have a massive impact on the way we move, shop and live in urban areas
In most advanced economies around the globe, citizens are increasingly concerned with privacy of their data, and many governments have put – or are in the process of doing so – stringent data protection laws in place. The EU has lead the way in using these concerns to develop privacy regulations that govern the development of data-driven applications. This trend is starting to impact the entire globe, as we shift toward more data autonomy and privacy. Since most physical security applications involve the collection of video and data about people and assets, privacy regulations will continue to have a significant impact on the industry well into the future.
Cloud and mobile capabilities
Mobility is critical for physical security and is emerging through the development and use of cloud-based services, as well as the ability to access security devices through a smart phone or Web-based browser. That’s why there’s been such an influx of mobile apps created to manage cameras, receive automatic alerts for the most diverse event, and giving users the ability to grant or restrict access to a facility. All of this demonstrates the world’s demand for mobility, connectivity and ease-of-use.
More video — everywhere
Video is the cornerstone of security, providing both real-time and forensic coverage for emerging threats and incidents, which is why it’s one of the fastest growing segments of the marketplace. The use of video for traditional applications in new markets, as well as for use in newer applications that are not necessary security related is poised to see the most movement. In some industries such as oil and gas, there is a trend towards extending video coverage into extremely harsh and hazardous environments, so manufacturers are challenged to develop appropriately certified equipment to meet a more stringent demand. Manufacturing facilities such as food processing plants are also increasing their use of video for training and compliance purposes to prevent incidents such as food recalls that can be extremely costly for the business.
It’s an exciting time to be a part of the security market, as we’re really just beginning to see that, when it comes to technology advancements, the sky is the limit. I would argue at the core of these innovations is the video data being collected, and as we work to build technologies that can harness the power of these applications, we will continue to be at the forefront of this movement toward greater intelligence and business insights.
Insider threat programs started with counter-espionage cases in the government. Today, insider threat programs have become a more common practice in all industries, as companies understand the risks associated with not having one. To build a program, you must first understand what an insider threat is.
An insider threat is an employee, contractor, visitor or other insider who have been granted physical or logical access to a company that can cause extensive damage. Damage ranges from emotional or physical injury, to personnel, financial and reputational loss to data loss/manipulation or destruction of assets.
Financial and confidential information
While malicious insiders only make up 22% of the threats, they have the most impact on an organization
Most threats are derived from the accidental insider. For example, it’s the person who is working on a competitive sales pitch on an airplane and is plugging in financial and confidential information. They are working hard, yet their company’s information is exposed to everyone around them. Another type of insider, the compromised insider, is the person who accidentally downloaded malware when clicking on a fake, urgent email, exposing their information.
Malicious insiders cause the greatest concerns. These are the rogue employees who may feel threatened. They may turn violent or take action to damage the company. Or you have the criminal actor employees who are truly malicious and have been hired or bribed by another company to gather intel. Their goal is to gather data and assets to cause damage for a specific purpose. While malicious insiders only make up 22% of the threats, they have the most impact on an organization. They can cause brand and financial damage, along with physical and mental damage.
Insider threat program
Once you determine you need an insider threat program, you need to build a business case and support it with requirements. Depending on your industry, you can start with regulatory requirements such as HIPAA, NERC CIP, PCI, etc. Talk to your regulator and get their input.
Everyone needs to be onboard, understand the intricacies of enacting a program
Next, get a top to bottom risk assessment to learn your organization’s risks. A risk assessment will help you prioritize your risks and provide recommendations about what you need to include in your program.
Begin by meeting with senior leadership, including your CEO to discuss expectations. Creating an insider threat program will change the company culture, and the CEO must understand the gravity of his/her decision before moving forward. Everyone needs to be onboard, understand the intricacies of enacting a program and support it before its implemented.
Determining the level of monitoring
The size and complexity of your company will determine the type of program needed. One size does not fit all. It will determine what technologies are required and how much personnel is needed to execute the program. The company must determine what level of monitoring is needed to meet their goals.
After the leadership team decides, form a steering committee that includes someone from legal, HR and IT. Other departments can join as necessary. This team sets up the structure, lays out the plan, determines the budget and what type of technologies are needed. For small companies, the best value is education. Educate your employees about the program, build the culture and promote awareness. Teach employees about the behaviors you are looking for and how to report them.
Behavioral analysis software
Every company is different and you need to determine what will gain employee support
The steering committee will need to decide what is out of scope. Every company is different and you need to determine what will gain employee support. The tools put in place cannot monitor employee productivity (web surfing). That is out of scope and will disrupt the company culture.
What technology does your organization need to detect insider threats? Organizations need software solutions that monitor, aggregate and analyze data to identify potential threats. Behavioral analysis software looks at patterns of behavior and identifies anomalies. Use business intelligence/data analytics solutions to solve this challenge. This solution learns the normal behavior of people and notifies security staff when behavior changes. This is done by setting a set risk score. Once the score crosses a determined threshold, an alert is triggered.
Case and incident management tools
Predictive analytics technology reviews behaviors and identifies sensitive areas of companies (pharmacies, server rooms) or files (HR, finance, development). If it sees anomalous behavior, it can predict behaviours. It can determine if someone is going to take data. It helps companies take steps to get ahead of bad behavior.
If an employee sends hostile emails, they are picked up and an alert is triggered
User sentiment detection software can work in real time. If an employee sends hostile emails, they are picked up and an alert is triggered. The SOC and HR are notified and security dispatched. Depending on how a company has this process set-up, it could potentially save lives. Now that your organization has all this data, how do you pull it together? Case and incident management tools can pool data points and create threat dashboards.
Cyber detection system with access control
An integrated security system is recommended to be successful. It will eliminate bubbles and share data to see real-time patterns. If HR, security and compliance departments are doing investigations, they can consolidate systems into the same tool to have better data aggregation. Companies can link their IT/cyber detection system with access control. Deploying a true, integrated, open system provides a better insider threat program.
Big companies should invest in trained counterintelligence investigators to operate the program. They can help identify the sensitive areas, identify who the people are that have the most access to them, or are in a position to do the greatest amount of harm to the company and who to put mitigation plans around to protect them. They also run the investigations.
Potential risky behavior
Using the right technology along with thorough processes will result in a successful program
You need to detect which individuals are interacting with information systems that pose the greatest potential risk. You need to rapidly and thoroughly understand the user’s potential risky behavior and the context around it. Context is important. You need to decide what to investigate and make it clear to employees. Otherwise you will create a negative culture at your company.
Develop a security-aware culture. Involve the crowd. Get an app so if someone sees something they can say something. IT should not run the insider threat program. IT is the most privileged department in an organization. If something goes wrong with an IT person, they have the most ability to do harm and cover their tracks. They need to be an important partner, but don’t let them have ownership and don’t let their administrators have access.
Educating your employees and creating a positive culture around an insider threat program takes time and patience. Using the right technology along with thorough processes will result in a successful program. It’s okay to start small and build.
Rodrigue Zbinden, CEO at Morphean, discusses the business benefits from merging video surveillance and access control technologies as demand for ACaaS grows.
The big question facing businesses today is how they will use the data that they possess to unlock new forms of value using emerging technologies such as the cloud, predictive analytics and artificial intelligence. Some data is better utilized than others: financial services were quick to recognize the competitive advantages in exploiting technology to improve customer service, detect fraud and improve risk assessment. In the world of physical security, however, we’re only just beginning to understand the potential of the data that our systems gather as a part of their core function.
Benefits of ‘Integrated access control’
The first thing to look for is how multiple sources of data can be used to improve physical security functionsWhat many businesses have yet to realize is that many emerging technologies come into their own when used across multiple sources of data. In physical security, for example, we’re moving from discussions about access control and CCTV as siloed functions, to platforms that combine information for analysis from any source, and applying machine learning algorithms to deliver intelligent insights back to the business. ‘Integrated access control’ then looks not just to images or building management, but to images, building management, HR databases and calendar information, all at the same time. And some of the benefits are only now starting to become clear.
The first thing to look for, of course, is how multiple sources of data can be used to improve physical security functions. For example, by combining traditional access control data, such as when a swipe card is used, with a video processing platform capable of facial recognition, a second factor of authentication is provided without the need to install separate biometric sensors. CCTV cameras are already deployed in most sensitive areas, so if a card doesn’t match the user based on HR records, staff can be quickly alerted.
Making the tools cost-Effective
In a similar vein, if an access card is used by an employee, who is supposed to be on holiday according to the HR record, then video data can be used to ensure the individual’s identity and that the card has not been stolen – all before a human operator becomes involved.
This is driving growth in ‘access control as a service’ (ACaaS), and the end-to-end digitalization of a vital business functionThese capabilities are not new. What is, however, is the way in which cloud-based computing platforms for security analytics, which absorb information from IP-connected cameras, make the tools much more cost effective, accessible and easier to manage than traditional on-site server applications. In turn, this is driving growth in ‘access control as a service’ (ACaaS), and the end-to-end digitalization of a vital business function.
With this system set up, only access control hardware systems are deployed on premise while the software and access control data are shifted to a remote location and provided as a service to users on a recurring monthly subscription. The benefits of such an arrangement are numerous but include avoiding large capital investments, greater flexibility to scale up and down, and shifting the onus of cybersecurity and firmware updates to the vendor.
Simple installation and removal of endpoints
What’s more, because modern video and access control systems transmit data via the IP network, installation and removal of endpoints are simple, requiring nothing more than PoE and Wi-Fi.
Of all the advantages of the ‘as a service’ model, it’s the rich data acquired from ACaaS that makes it so valuable, and capable of delivering business benefits beyond physical security. Managers are constantly looking for better quality of information to inform decision making, and integrated access control systems know more about operations than you might think.
Integrating lighting systems with video feeds and access control creates the ability to control the lightsRight now, many firms are experimenting with ways to find efficiencies and reduce costs. For example, lights that automatically turn off to save energy are common in offices today, but can be a distraction if employees have to constantly move around to trigger motion detectors. Integrating lighting systems with video feeds and access control creates the ability to control the lights depending on exactly who is in the room and where they are sitting.
Tracking the movement of employees
Camera data has been used in retail to track the movement of customers in stores, helping managers to optimize displays and position stocks. The same technology can be used to map out how employees move around a workspace, finding out where productivity gains can be made by moving furniture around or how many desks should be provisioned. Other potential uses of the same data could be to look for correlations between staff movement – say to a store room – and sales spikes, to better predict stock ordering.
What makes ACaaS truly exciting is it is still a very new field, and we’re only just scratching the surface of the number of ways that it can be used to create new sources of value. As smart buildings and smart city technology evolves, more and more open systems will become available, offering more ways to combine, analyze and draw insights from data. Within a few years, it will become the rule, rather than the exception, and only grow in utility as it does.
Penetration testing of physical security systems is used to evaluate if a company’s security measures operate as intended. From a technology angle, penetration testing (pen testing) assesses whether the totality of the systems operate as designed, rather than testing each individual component. Does the system work with the officers, the policy and procedures that are in place?
A session at ISC East, Nov. 20 in New York, will address the need for and benefits of penetration testing (also known as red teaming). The session, titled “We Sneak into High Security Buildings and Get Paid for It,” will be presented by Michael Glasser, President, Glasser Security Group. He has two decades of experience providing security design strategic planning, implementation oversight, auditing and penetration testing.
“Penetration testing determines whether people and systems are providing the protection you think they are,” says Glasser. Various system components should come together into a solution that works for the client. People, technology and architecture are all components of successful security systems. His motto: “Stop guessing and starting testing."
Test-driving security systems
“You can compare it to driving a car,” says Glasser. “You want to be sure the brakes work and the engine works, but then somebody has to test-drive the car.”
Stop guessing and starting testing"
The concept of penetration testing goes back to the Cold War, when the military had “Red Teams” and "Blue Teams,” competing squads that used their skills to imitate attack techniques enemies might use. More recently, the term “pen testing” has become common in the cybersecurity industry, often referring to “white hat” hackers that test the effectiveness of cybersecurity measures. Applying the concept to physical security in corporate America brings the concept full circle.
“People think their controls work, but they realize they really need to see if it all works together,” says Glasser.
Pen testing in corporate America
“You can go to any military base or nuclear power site and you see pen testing,” says Glasser. “But often it doesn’t happen in corporate America.” Sometimes physical pen testing is approached as an extension of cybersecurity testing because addressing physical threats is an element in cybersecurity, too. “It’s the same service, except to make sure the physical house is in order,” says Glasser.
Glasser’s session will be among the SIA Education@ISC East presentations scheduled at the education theaters on the show floor at ISC East, Nov. 20-21 at the Javits Center in New York.
If you believe the movies, Glasser’s job is all fun and excitement, like a “bunch of kids having fun.” The reality is more mundane, he says. “People think it’s fun, but it’s work, not fun.” The process is front-loaded with weeks of research and surveillance to determine possible vulnerabilities before attempting a break-in. Research is based on threat modeling: What is a company worried about? Who is the bad guy? What do they want to do? What are the threats?
The process is front-loaded with weeks of research and surveillance to determine possible vulnerabilities
Among other tools, Glasser uses Open Source Intelligence (OINT), which is collection and analysis of information gathered from public, open sources, such as media, the Internet, public government data, etc.
Glasser comes from a physical security industry family – both his mother and father were employed in the security industry – and he attended his first ISC East show in the 1990s when he was 11 years old. As a security consultant and security expert witness for more than 20 years, he has previously spoken at GSX and various ASIS International events.
Gallagher Security, a division of Gallagher Group, a privately-owned New Zealand company, is a global presence in integrated access control, intruder alarm and perimeter security solutions.
Gallagher entered the global security industry in the 1990s with the purchase of security access control business Cardax. In the last several decades, the company has leveraged its experience in electric fence technology to develop a variety of innovative solutions used to protect some of the world's most high-consequence assets and locations.
Solving business problems
Among Gallagher’s recent innovations is the Security Health Check, a software utility that enables customers to run an automated check on their Gallagher Command Centre security system.
To get an update on the company, we interviewed Richard Huison, Gallagher’s Regional Manager for the U.K. and Europe, who says he has a passion for technology and solving business problems. Huison says working in the industry for more than 20 years has shown him you can never stop evolving and adapting.
Q: What are Gallagher's points of differentiation versus competitors?
Huison: Gallagher’s strengths are in solving business problems outside of the normal access control and intrusion detection solutions. Enforcing company policy through compliance and competency is what really matters to business continuity. Using Gallagher Command Centre to oversee the security, health and safety and compliance brings true business value to the client who benefits from reduced costs and risk to the success of their growth and strategy.
Q: What is the biggest challenge for customers in the security market, and how does Gallagher help to meet that challenge?
Huison: A great solution fit is key. Where most fail is choosing a solution that does not meet the needs of the client in 10 to even 20 years’ time. As businesses evolve and grow, so must the security solution. In a recent conversation, a client had to replace a 300-door access control system that was no longer supported. ‘Why Gallagher?’ they asked. The answer: ‘If you had chosen Gallagher 10 years ago, we would not be having this conversation.’ Ensuing the system you choose is legacy-compliant is king.
Gallagher’s brand is well known for protecting Critical National Infrastructure
Q: Please describe Gallagher's geographic presence in the UK and Europe.
Huison: Gallagher’s brand is well known for protecting Critical National Infrastructure. They choose to adopt our solutions because we meet the highest levels of resilience against cyber-attacks. Our ability to modernize legacy systems ensures the maximum return on investment with minimal disruption to business continuity. Gallagher solutions cover a broad mix of verticals, with strengths in high security, education and large corporate entities. Our Channel Partner network is continually growing so more clients can benefit from the diverse and powerful Gallagher Command Centre software.
Q: Describe how Gallagher is typically integrated into larger systems.
Huison: Our systems offer the flexibility of being standalone or globally networked via our Multi-Server environment. Most integration happens logically where data is pushing into our Command Centre database. The single point of truth allows for minimal data errors and efficiencies around manual input. The total cost of ownership is greatly reduced in allowing the system to work for the client and not the other way round. Over and above this, Integration into other solutions brings that rich data back to one software front end.
Q: What is Gallagher's biggest challenge and how will the company seek to meet that challenge?
Huison: Our biggest and continual opportunity is being a relentless innovator. We are not short of ideas and how we are bucking the trends with our solutions. Broadcasting these messages is not always easy in the digital age. This is why Gallagher is investing heavily in more shows, publications and specific vertical conferences globally.
Q: What is the market's biggest misconception about Gallagher?
Huison: Our brand is known for perimeter solutions with our monitored Pulse Fence. What many forget is we have a very powerful access control and integrated intrusion detection solution that meets Government standards around the world. We are unique in that all three can be controlled via one software platform that is cyber-resilient and infinitely configurable to suit many verticals.
Q: What is your message to the security market?
Huison: Many see Gallagher as only suitable for large and complex sites. I openly challenge our audience, speak to us and you may find we can provide an Enterprise Level solution that is delivered on budget and provide an outstanding return on investment for the client. Our pedigree of 80 years shows we never stop innovating and building that trusted advisor status with many lifelong clients.
Securing New Ground, the security industry’s annual executive conference this week in New York, offered food for thought about current and future trends in the security marketplace. Highlights from SNG 2019 included keynote remarks from security leaders at SAP, Johnson Controls and the Consumer Technology Association, discussions on how CSOs mitigate security risks, topic-focused thought leadership roundtables and a lively networking reception.
Top trends observed at the event include cybersecurity, data privacy, facial recognition and artificial intelligence. A "View from the Top" session covered the need for companies to consider responsible use and ethics around technology; responsibility should extend throughout the organization.
A panel of security leaders emphasized the need to understand the diversity of risks that end users face. As the Internet of Things (IoT) expands connectivity, the inputs, outputs and "attack surface" also expand. It's critical to have security "baked" into products themselves, and also to undertand the mission of the organization being protected, the context and correlation.
Technologies transforming security market
Keynote speaker Gary Shapiro, President and CEO of the Consumer Technology Association, listed the many technologies that will impact the consumer electronics market – and the security market – in the near future: artificial intelligence (AI), voice recognition, the transition to 5G and self-driving cars.As the Internet of Things expands connectivity, the inputs, outputs and "attack surface" also expand
“What we're seeing today is a huge turning point in where the world is going,” said Shapiro, whose organization presents the giant CES trade show each year in Las Vegas. “It’s not just about jobs and technology, but who we are and how we address fundamental human rights.” Privacy is a component of human rights, but “in the world of AI, there is a tradeoff between innovation and privacy”.
Balance between security standards
Shapiro sees Europe as representing one extreme of privacy, epitomized by General Data Protection Regulation (GDPR), which he sees as stifling innovation. Meanwhile, China is pushing innovation using massive amounts of data with no regard to privacy. The United States, therefore, should look for a balance that acknowledges the inevitability of innovation while respecting privacy and realizing it is “always situational.”With new technologies, biometric ID and cybersecurity issues, your business is in a strong and growing place"
Too much concern for privacy comes at a cost, Shapiro said. “Privacy zealots are killing facial recognition, step by step by step,” he said. “Regulators should not throw away the baby with the bathwater. Every technology in history has been used to cause evil and to do good. Throughout history any new technology could have been banned and made illegal.”
Shapiro offered encouraging words to the security marketplace, even in the wake of large tech firms such as Amazon entering the market. “With new technologies, biometric ID and cybersecurity issues, your business is in a strong and growing place,” he said. “There is opportunity. There will be increasing new things people want, and always new threats. People will want what you're providing, which is physical and technology security in their facility.”
Scott Schafer, Chairman of the Board of the Security Industry Association (R), interviewed Steve Jones, CEO, Allied Universal, on stage about the importance of merging technology with security officers
Allied Universal CEO Steve Jones discussed holistic approach
Steve Jones, CEO, Allied Universal, was interviewed on stage about the importance of merging technology with security officers for a holistic approach to securing a facility.
“Today, customers are asking us to look at their facility holistically and asking: What is my best approach?” said Jones. A holistic approach includes protecting people, the facility, intellectual property (IP), and how to handle visitors.
Manguarding perspective on security
Allied Universal looks at security from a manguarding perspective and also from a technology perspective, based on their daily experience managing security for 40,000 customer sites across the United States and Canada.Allied Universal has a new handheld technology platform that uses AI
“We are in a unique position in the channel,” said Jones. “We know the stats at any customer site. We know the last time there were repairs on cameras, which card reader is malfunctioning, how long the systems company takes to respond to a call. We are at these locations 24/7 and have an intimate relationship with customer. We are a significant influencer in the decision-making process. We have an opportunity to have a voice, and to build a business around it.”
“We are looking for technology that will enhance the security of the customer,” said Jones, including situational awareness and analysis of data to predict patterns. Allied Universal has a new handheld technology platform that uses artificial intelligence (AI) to analyze data, predict outcomes, and prescribe optimum responses.
Workforce development – hiring and training new employees – is a big issue for Allied Universal, which last year interviewed more than a million applicants to find around 100,000 employees. They are targeting every demographic, and last year hired 33,000 veterans. The company is using technology to help with the massive recruiting effort, including AI to analyze applicant qualifications and a computer-generated avatar to conduct the first online interview.
Future security challenges
Jones sees the rapid increase in the homeless population in the United States as one of the biggest security challenges of coming years. The rapid increase in the US homeless population is one of the biggest security challengesMany businesses face the prospect of homeless individuals living in front of their buildings, possibly using drugs or approaching customers.
“It has become a real threat,” he said. “When they are living in front of your buildings, in many cases, there are ordinances that allow them to be there so the police will not get involved. It falls on the facility owner and private security to address the problem. Given the large homeless population we have now during good economic times, I don’t know what it will look like in an economic downturn.”
Human side of security
An SNG session on the human side of security observed that people are the biggest source of vulnerability. Companies should foster a "safety climate" in which security is integral to operations and viewed as something that helps employees rather than create hassles. Human resources is now a technology field and should work together with security to achieve shared goals.
At the consumer and small business level, cybersecurity must also be top-of-mind and built into a security companies' DNA. SNG attendees heard about opportunities to move beyond providing products and devices to providing experiences, by partnering with customers to protect what matters most to them. While a bit of inconvenience comes along with security, products should be built in a way that is easy to use, with security baked in. The results are systems people are comfortable engaging with every day.
Securing New Ground is presented by the Security Industry Association (SIA).
Pulse Secure advances remote access to web applications such as Microsoft Office 365 and network resources to help 3,000 staff enjoy a better work-life balance leveraging Pulse Secure. Pulse Secure, a provider of software-defined Secure Access solutions, has announced the delivery of a successful project at one of Italy’s largest media organizations designed to help foster mobile workforce productivity while ensuring protected, compliant access to cloud and data center applications.
RCS MediaGroup is one of the leading multimedia publishing groups, active mainly in Italy and Spain across all publishing fields, spanning from newspapers to magazines, from digital to books, from TV to new media, and to training. It is also one of the top players in the advertising market and in the organization of iconic events and major sporting formats, such as the Giro d’Italia.
Protecting against cyber-attack
We maintain several security controls across our network, as well as regularly cyber-security training"
The RCS Group publishes the daily newspapers Corriere della Sera, La Gazzetta dello Sport, El Mundo, Marca and Expansion, as well as numerous magazines, the most popular including Oggi, Amica, Io Donna, 7, YO Dona and Telva. Like many other popular enterprises, being an integral part region’s culture and communications has made RCS Group a target for cyber threat actors. “Protecting our systems against cyber-attack is a critical requirement as is ensuring our staff and journalists have easy, flexible and secure access to their work,” says Monica Venanzetti, Network Manager for RCS MediaGroup in Milan.
“To meet this need, we maintain several security controls across our network, as well as regularly conduct cybersecurity training. We deployed our first VPN solution in 2006 to enable secure access to our systems and it was time to progress our capabilities.”
New cloud services
RCS MediaGroup employs over 3,000 staff including 700 journalists and as Giandomenico Oldano, Director of IT operations for RCS MediaGroup, explains, “As a group, we have an ongoing strategy to help our staff embrace smart working. This is part of an initiative to improve the work-life balance of our employees and reduce their traveling time, which in a busy city like Milan can be very time consuming.”
As part of this work-life balance strategy, RCS MediaGroup has invested in more remote, mobile and cloud technologies and recently moved its staff onto Microsoft Office 365 to encourage this transition. “To meet this need and as part of our commitment to ensuring best practice secure access, we decided to upgrade our legacy VPN to provide more capacity and to better integrate with new cloud services such as Office 365,” says Venanzetti.
Cloud single-sign on
The simplified management interface allows RCS MediaGroup to set up enterprise-wide policies"
“We examined several options and Pulse Secure provided us a modernized platform with more advanced features including endpoint compliance and cloud single-sign on. We found the tool comparatively simpler to administer, very interoperable and with a broader feature-set.” The upgrade process was straightforward, and the simplified management interface allows RCS MediaGroup to set up enterprise-wide policies that make it easy for its remote users to connect to its critical publishing systems.
The solution also incorporates client checking technology that ensures that its users’ devices, both corporate and personally owned endpoints, are running the right system and security patches before they can attach to the corporate network. “One of the most important features was deep support for our users’ devices including tablets, laptops and PCs across both Apple and Microsoft environments,” says Oldano.
“Our upgrade has been a success and provides a lot of potential for future projects that will allow us to offer secure access for more cloud-based applications. Pulse Secure has been with us throughout this process and its technology is helping us to deliver on our commitment towards smarter working for all our staff.” Pulse Secure enables enterprises to centrally manage Zero Trust Secure Access to applications, resources and services that are delivered on-premise, in private cloud and public cloud environments.
The Pulse Access Suite delivers protected connectivity, operational intelligence and threat response across mobile, network and multi-cloud environments in order to provide easy, compliant access for end users and single-pane-of-glass management for administrators. “Enterprises are fortifying capabilities to accelerate mobile workforce productivity and take advantage of cloud computing.”
Comprehensive and integrated
Pulse Secure offers a proven, comprehensive and integrated suite that works with an enterprises hybrid IT infrastructure to enable a simpler, more manageable and scalable approach to secure access,” said Paul Donovan, vice president of EMEA sales at Pulse Secure.
“We are pleased to have been selected by RCS MediaGroup, a prominent and progressive market leader in multimedia publishing and look forward to supporting their on-going digital transformation initiatives.”
Located in Eastern China, Hangzhou is the capital and most populous city of Zhejiang Province. It has registered population of 9,800,000, with total area of 16,596 km². Jianggan District is one of the five main urban areas of Hangzhou.
With a floating population of about 1.06 million, Jianggan District ranks first among Hangzhou's main urban areas. As the new administrative center of Hangzhou, it boasts the most important CBD and the largest train station and car hub in Hangzhou, bringing together various traffic elements such as highway junctions and bridges across the river.
The entire Jianggan District is promoting vital transformation in urban areas
Intelligent surveillance system
Covering 8 streets, 141 communities and 4 villages, the entire Jianggan District is promoting vital transformation in urban areas. Nevertheless, the non-registered population, accounted for about 40% of the total population, makes it hard for the local government to improve urban management in the district.
Every policeman needs to manage 1,700 citizens on average. The shortage of police force affected their work precision and led to difficulties in providing timely police response. In addition, insufficient surveillance coverage and limited intelligence system in the area resulted in inactive security measures, making it difficult for the police to achieve their goals
Integrating DoT, IoT and the internet
Based on the Dahua Heart of City (HOC) architecture supported by "Full Sensing, Full Intelligence, Full Computing and Full Ecosystem (4 Full) capabilities, Dahua Technology firmly focused on the construction needs of the area and built the overall plan of establishing an ‘online police’.
Integrating the Internet, DoT and IoT, Dahua Technology has successfully assisted the Hangzhou Jianggan Public Security in building a multi-dimensional network that targets customer value, and combines AI, big data, and cloud computing in order to obtain accurate real-time data and strengthen the current technology of “online police” operations.
Sensors and monitoring products
Dahua Technology deployed 19 sensors, hundreds of monitoring products and a sophisticated network
Moreover, Dahua Technology deployed 19 sensors, hundreds of monitoring products and a sophisticated network. It also set up 46 actual police investigation models to provide accurate instructions for Jianggan police, including property crimes analysis, situation analysis, vehicle management, people management, psychiatric control, online apprehension of violators, as well as missing person search, etc.
Compared with traditional police operation, Dahua HOC Safe City Solution has built an “Online Police” mechanism to obtain the most authentic real-time data through information technology, and carry out accurate computer applications for a more scientific service deployment, efficient police force and powerful security control.
Dahua HOC Safe City Solution
It ensures that the Jianggan police can perform properly at a given time. It also promotes the transformation of police affairs from passive to active, from extensive to subtle, from imprecise to accurate, and from offline to online, gradually carrying out the prediction, early-warning, and prevention measures of police operations.
Since 2016, the Dahua HOC Safe City Solution has helped Jianggan Public Security achieve outstanding results including enhanced police intelligence, reduced crime cases, increase in case closure rate and efficiency, improvement in public service, and speedy recovery of missing individuals, opening a new chapter for intelligent police operations.
Genetec Inc., globally renowned technology provider of unified security, public safety, operations, and business intelligence has announced that the city of New Orleans (NOLA) is relying on Security Center, the company’s unified IP security platform, to improve public safety and enhance city-wide collaboration.
With about 400,000 residents, New Orleans (NOLA) is the most populous city in the State of Louisiana. Like other big cities, NOLA is focused on enhancing public safety for its citizens and the 1.2 million visitors who flock to the city’s French Quarter for Mardi Gras celebrations.
Using Security Center, the NOHSEP agency has saved police officers about 2000 hrs of investigative work in just a year
Genetec Security Center
As part of a Citywide Public Safety Improvement Plan that included the deployment of a new citywide public safety system and the construction of a Real-Time Crime Center (RTCC), the New Orleans Homeland Security and Emergency Preparedness (NOHSEP) chose the Genetec Security Center unified platform to support all city agencies.
Using Security Center, the NOHSEP agency has saved police officers about 2000 hours of on-foot investigative work in just one year. “It might take a police officer over an hour to visit business locations, speak with owners, look through video, find what they are looking for, get a copy of video onto USB keys, drive back to the precinct, and then submit that into evidence." said George Barlow Brown, IT Manager at the New Orleans Real Time Crime Center.
Video and ALPR cameras
He adds, “So, we have essentially saved the department over 2000 hours of manual labor in physically collecting and storing video evidence. That’s more time for officers to respond to calls of service and be present in our many neighborhoods, which helps build community confidence. The ROI is there for us in terms of the efficiency,”
The team can now easily retrieve evidence from over 325 city-owned video cameras and 100 automatic license plate recognition (ALPR) cameras (60 of which are Security Center AutoVu cameras) from the Real-Time Crime Center. The new security platform is integrated with other public safety solutions such as a Briefcam analytics system and a computer-assisted dispatch (CAD) system. All this information gets routed through to a central command center, speeding up emergency response.
Share video access with RTCC
“Our operators do the full investigative work right from within Security Center. It’s just one of the most intuitive solutions that I have ever seen. We can display up to six video tiles and hit ‘synchronize video’ to see various angles of the same scene playing at the same time. We can then select the segment of video we need and hit export. Each 10-minute segment from all the video tiles is then archived for viewing later on,” said Brown.
NOLA is also leveraging Security Center to foster a true public-private partnership. The city launched a platinum version of the SafeCam project, which allows businesses to share access to external video cameras with the RTCC.
Using the Genetec Federation feature, the NOHSEP team can access video from participating companies’ systems
Using the Genetec Federation feature, the NOHSEP team can access video from participating companies’ systems. Participating businesses can be identified by discrete signage at their front entrances. This tells on-the-ground officers that this business has shared their outdoor cameras with the RTCC, and there is no reason to disturb the establishment or their customers. The officer can simply call RTCC operators to get the evidence they need.
Brown and his team also have motion-detection alarms set up on cameras facing some known illegal dumping sites. As soon as someone dumps refuge in these locations, the team can proactively notify the Sanitation Department so they can collect the debris.
Mining video and data
NOLA is making the most of its security investments to improve city life too. For one, the RTCC operates a backup emergency operations center for the city of New Orleans. The NOHSEP team has also shared video feeds with other city departments such as the Sewage and Water Board, so they can determine the rate at which an intersection floods.
As plans continue to evolve, the RTCC team is taking full advantage of the new technology to keep NOLA safer. “As far as investigations and the ability to mine video and data, Security Center is hands-down the best product out there. With this platform, we’re extending greater efficiency to responding officers, and we’re also forging stronger partnerships with our community. Together, we’re all working smarter and faster to keep New Orleans safe,” concluded Brown.
Delfina Chain, Sr Associate Customer Engagement & Development at Flashpoint, discusses what resources defenders must access to in order to keep a finger on the pulse of the cybercriminal underground.
Artificial intelligence (AI) is already being applied to diverse use cases, from consumer-oriented devices - such as voice-controlled personal assistants and self-directed vacuum cleaners - to ground-breaking business applications that optimize everything from drug discovery to financial portfolio management. So naturally, there is growing interest within the information security community around how we can leverage AI - which encompasses the concepts of machine learning (ML) and deep learning (DL) - to combat cyber threats.
AI-enhanced cyber security
The effectiveness and scalability of cybersecurity-related tasks has already been enhanced by AI
The effectiveness and scalability of cybersecurity-related tasks, such as malware and spam detection, has already been enhanced by AI, and many expect ongoing AI innovations to have a transformative impact on cyber defence capabilities. However, security practitioners must also recognize that the rise of AI presents a potent opportunity for cybercriminals to optimize their malicious activities.
Much like the rise of cybercrime-as-a-service offerings in the underground economy, threat-actor adoption of AI technology is expected to lower barriers to entry for lower-skilled actors seeking to conduct advanced malicious operations. A report from the Future of Humanity Institute emphasizes the potential for AI to be used toward beneficial and harmful ends within the cyber realm, which is amplified by its efficiency, scalability, diffusibility, and potential to exceed human capabilities.
Encrypted chat services
Potential uses of AI among cybercriminals could include the development of highly evasive malware, the ability for automated systems to exhibit human-like behaviour during denial-of-service attacks, and the optimization of activities such as vulnerability discovery and target prioritization. Fortunately, defenders have a leg up over adversaries in this arms race to harness the power of AI technology, largely due to the time- and resource-intensive nature of deploying AI at its current stage in development.
The purpose of intelligence is to inform a course of action. For defenders, this course of action should be guided by the level of risk (likelihood x potential impact) posed by a threat. The best way to evaluate how likely a threat is to manifest is by monitoring threat-actor activity on the deep-and-dark-web (DDW) forums, underground marketplaces, and encrypted chat services on which they exchange resources and discuss their tactics, techniques, and procedures (TTPs).
Cobalt Strike threat-emulation software
Flashpoint analysts often observe cybercriminals abusing legitimate technologies in a number of way
Cybercriminal abuse of technology is nothing new, and by gaining visibility into adversaries’ ongoing efforts to develop more advanced TTPs, defenders can better anticipate and defend against evolving attack methods.
Flashpoint analysts often observe cybercriminals abusing legitimate technologies in a number of ways, ranging from the use of pirated versions of the Cobalt Strike threat-emulation software to elude server fingerprinting to the use of tools designed to aid visually impaired or dyslexic individuals to bypass CAPTCHA in order to deliver automated spam.
Flashpoint analysts also observe adversaries adapting their TTPs in response to evolving security technologies, such as the rise of ATM shimmers in response to EMV-chip technology. In all of these instances, Flashpoint analysts provided customers with the technical and contextual details needed take proactive action in defending their networks against these TTPs.
When adversaries’ abuse of AI technology begins to escalate, their activity within DDW and encrypted channels will be one of the earliest and most telling indicators. So by establishing access to the resources needed to keep a finger on the pulse of the cybercriminal underground, defenders can rest easy knowing they’re laying the groundwork needed to be among the first to know when threat actors develop new ways of abusing AI and other emerging technologies.
Video storage is an important – and expensive – aspect of almost any surveillance system. Higher camera counts equate to a need for more storage. New analytics systems make it easier for operators to manage video, but that video must be dependably stored and easy to access if and when it is needed. To keep up to date on the latest developments, we asked this week’s Expert Panel Roundtable: What’s new in video storage solutions?
Securing large campus environments can be particularly demanding and requires a range of technology solutions. In effect, a campus may represent a dozen or more individual facilities to be secured, in addition to protecting the overall environment. Seeking more insight into the number and variety of needs of securing a campus, we asked this week’s Expert Panel Roundtable: What are the security challenges of protecting large campus environments?
While unpacking our bags from a trade show, it is interesting to consider the dominant themes and trends we heard and saw at the show. So it is with the recently concluded Global Security Exchange (GSX) show in Chicago, presented by ASIS International. Amid all the product promotion, training sessions, networking and tired feet at the show, what really stood out? We asked this week’s Expert Panel Roundtable: What was the big news at the GSX 2019 trade show in Chicago?