Sean Sutton has been appointed as Cyber Security Partner at PwC UK, based at the Firm’s new Birmingham home at One Chamberlain Square. A former MD for Accenture’s UK & Ireland Cyber Security business, Sean brings over 16 years direct experience. This includes advising clients on topics ranging from security strategy and organizational design to technical security solution design, delivery and implementation.
Enhancements financial services organizations
As a seasoned program manager, he has led some of the UK’s largest security transformation programs including multi-million-pound capability enhancements for oil and gas, utilities, energy, pharma and financial services organizations. Sean joins PwC as the business continues to deliver large and complex transformations for clients across the UK.
Based in Birmingham, his primary responsibilities will be to provide leadership for the practice outside of London and he will take responsibility for teams in the Midlands and the North. Part of Sean’s remit will be to grow the team and continue to deliver consulting services to a broad range of clients across both regions where he has an excellent understanding of the marketplace. He will also develop PwC’s Operational Technology security proposition, including the Industrial Internet of Things and operational systems across health, manufacturing and other industries.
Regional growth aspirations
It is exciting to be joining the firm at such a pivotal time for its regional growth aspirations"
Sean Sutton, Cyber Security Partner at PwC, said: “I'm excited to be taking on this role at such an interesting time. Companies are going through a rapid period of change and disruption, which presents new cyber challenges and opportunities. Increasingly there is a need for businesses to work smarter to respond to these challenges and align cyber priorities to their corporate strategy."
"I am confident we can play an important and valuable role in helping our clients navigate this ever-changing environment, especially as they adapt and grow to face the future. It is exciting to be joining the firm at such a pivotal time for its regional growth aspirations. The firm is putting more people, technology and expertise into strategic sites, including its new landmark Birmingham office at One Chamberlain Square."
Accelerate digital transformation
Matthew Hammond, Midlands Region Chairman and Senior Partner for PwC, said: “I am delighted to welcome Sean to PwC and particularly to focus on clients here in the Midlands and other UK markets. As our 23rd Global CEO survey highlighted 80% of UK CEOs are concerned about the risks of cyber threats to their business, Sean joins the team to lead our clients through the acute and dynamically changing risks and opportunities to leverage technology successfully."
"Businesses are wrestling with the speed of technological change, a relative scarcity of specialist key skills and a desire to accelerate digital transformation. Supporting our clients to improve cyber resilience and build strong technology infrastructure is critical to helping achieve sustainable growth. Sean and the team are a key element in providing these business critical services.”
DigiCert, Inc., a provider of TLS/SSL, IoT and PKI solutions, is upgrading channel partners to DigiCert CertCentral® Partner, a comprehensive TLS certificate management solution for cloud and hosted environments. CertCentral helps partners customize and automate all stages of lifecycle management for their end customers, as well as easily deliver new features and solutions, while simplifying business management.
Management of customer accounts
CertCentral Partner offers an updated API that lets partners easily integrate key features into their own offerings for their customers. Pre-validation capabilities, as well as support for change orders during order processing, help improve business agility. Using CertCentral, partners can support multiple sub-accounts under a main account, simplifying management of customer accounts, ordering, payments and other processes.
CertCentral Partner helps partners simplify and expedite their selling processes"
“DigiCert CertCentral Partner is part of our comprehensive strategy to support our partners with world-class technology and services to help them succeed,” says Philip Antoniadis, executive vice president of worldwide sales at DigiCert. “Many of our partners are already experiencing compelling business outcomes, including new growth and organizational efficiencies.”
DigiCert CertCentral Partner
“Partners have distinct requirements for managing customers’ digital certificates, and DigiCert CertCentral Partner helps them better address each customer’s specific needs,” says Tobias Zatti, product manager at DigiCert. “CertCentral Partner helps partners simplify and expedite their selling processes while delivering a superior experience to end customers to set the stage for growth, new revenue and upsell opportunities.”
CertCentral Partner provides an advanced set of account management tools for better TLS certificate deployment to end customers.
Leading features allow partners to:
Access all certificate types from one place, through an advanced API, to better address end customer requirements and easily build new solutions that help drive growth;
Take advantage of flexible ordering processes, including order changes, for improved efficiency, enhanced agility and an improved experience for end customers;
Gain 360-degree visibility through an easy-to-use UI that provides fast access to everything they require in just a few clicks;
View and use a comprehensive library of documentation with API details, technical support and more.
Support certificate management
It’s intuitive UI gives you quick access to all the features you need in just a few clicks"
DigiCert has received an enthusiastic response from partners who have deployed CertCentral Partner to support certificate management for their end customers.
“DigiCert CertCentral Partner is a fantastic, progressive upgrade for us,” says Einar Ágúst Baldvinsson, system administrator at Sensa ehf. “It’s intuitive UI gives you quick access to all the features you need in just a few clicks. Ordering certificates in CertCentral takes far less time than before. It is feature-rich and greatly improves the service level that we are able to provide to our customers.”
Flexible domain validation
“The streamlined API gives us access to more products than before,” says Marco Hoffmann, head of product management & domain registrar services at InterNetX. “With enhanced features like pre-validation and the detailed document library, DigiCert CertCentral Partner makes our daily tasks a lot easier.”
“DigiCert CertCentral Partner simplifies our reselling processes,” says Kenta Shinoda, sales manager, and Furuki Ikko, president, at Sophia Research Institute. “Flexible domain validation, certificate issuing format and authentication status tracker are so great.”
Lifecycle management solution
“At Secure128, we’ve found the DigiCert CertCentral Partner and API to be a breath of fresh air,” says John Monnett, managing partner, operations, at Secure128. “The level of tools, reporting, automation options, sub-account functionalities, and ease of use are professional-grade and second to none. We believe CertCentral to be the most comprehensive certificate lifecycle management solution we’ve ever used.”
With DigiCert CertCentral Partner, we have achieved much improved certificate lifecycle management"
“With DigiCert CertCentral Partner, our customers and our organization have saved so much time,” says Marcus Wessberg, head of IT at Ports Group. “The pre-validation of organizations and domains make it really easy.”
“Through the API and ACME, DigiCert CertCentral Partner gives us the ability to issue certificates instantly and automatically for all our customers,” says Rollin Yu, technical director at TrustAsia. “The product is highly flexible: the certificate chain, the algorithm, the validity period and other extensions can be customized accordingly.”
Manage all TLS certificates
“With DigiCert CertCentral Partner, we, as well as our customers, have achieved much improved certificate lifecycle management, which is now more visible and intuitive,” says Roger Werner, CEO of CertSuperior. “And we can manage all TLS certificates in one location.”
Partners can get details about upgrading to CertCentral Partner by speaking with their account representative.
VMware, Inc., an innovator in enterprise software, announces new innovations to advance the company’s strategy to make security intrinsic to the digital enterprise. Intrinsic security makes protecting critical applications and data more automated, proactive and pervasive across the entire distributed enterprise.
The announcements made at RSA Conference 2020, include:
New VMware Advanced Security for Cloud Foundation, which will enable customers to replace legacy security solutions and deliver unified protection across private and public clouds
Advancements to the VMware Carbon Black Cloud, which including automated correlation with the MITRE ATT&CK framework and upcoming prevention coverage for Linux machines
New VMware Secure State auto-remediation capabilities to automate actions across cloud environments and proactively reduce risk
New Approach To Cybersecurity
VMware’s Sanjay Poonen will deliver a keynote address: ‘Rethink the Way You Secure Your Organization with Intrinsic Security,’ which will discuss how making security intrinsic can unlock new advantages and make life easier for security practitioners.
There has never been a more challenging and exciting time in security"
“There has never been a more challenging and exciting time in security,” said Sanjay Poonen, chief operating officer, customer operations, VMware. “Attacker sophistication, security threats, breaches, and exploits are becoming more prevalent with no end in sight. And with cloud, new applications, pervasive mobility, IoT, and data at the edge, the problem is only getting harder to solve. There must be a new approach to cybersecurity – one that is built-in, unified and context-centric.”
Delivering best-In-Class financial services
“We believe the best strategy and approach is to make security intrinsic, enabling organizations to leverage their infrastructure and its unique capabilities across any app, any cloud and any device to better secure the world’s digital infrastructure – from networks, to endpoints, to workloads, to identities, to clouds.”
“Our members rely on us to deliver best-in-class financial services,” said Mark Fournier, Systems Architect for the U.S. Senate Federal Credit Union. “VMware has put our team in a position to deliver consistent innovation, evolve our digital transformation and keep our data better secured amidst an attack landscape that’s constantly evolving. VMware’s ability to deliver and help secure our digital infrastructure gives us the confidence that we’re staying ahead of the latest threats in an environment where cybersecurity is built into the fabric of our enterprise, not just bolted on.”
Single point of compromise
Most security professional know this, but struggle to adequately protect their data centers
Data breaches are increasingly devastating, often wiping out billions in market capitalization and costing public company CEOs their jobs. Damage rarely results from a single compromised server. It results from attackers moving laterally (East-West) through the datacentre from a single point of compromise, often for months, as they locate, harvest and exfiltrate sensitive data.
Most security professional know this, but struggle to adequately protect their data centers. A survey commissioned by VMware and conducted by Forrester Consulting shows that 75 percent of respondents depend on perimeter firewalls, however East-West security controls need to be different than those for traditional perimeter (North-South) security as 73 percent of respondents believe their existing East-West traffic is not adequately protected.
Protecting data center workloads
VMware is specifically addressing the internal data center security challenge with the new VMware Advanced Security for Cloud Foundation, which will include VMware Carbon Black technology, VMware NSX Advanced Load Balancer with Web Application Firewall capabilities and VMware NSX Distributed IDS/IPS. Each one is purpose-built for the data center and together deliver a unique and more comprehensive data center security solution.
VMware Carbon Black technology protects workloads with Real-time Workload Audit/Remediation
Also, all three will tightly integrate into VMware vSphere, the industry standard for data center workloads, enabling security to follow workloads wherever they go through their entire life. Data center security starts with a strong foundation—properly protecting data center workloads. VMware Carbon Black technology protects workloads with Real-time Workload Audit/Remediation, Next-Generation Antivirus (NGAV) and Endpoint Detection & Response (EDR).
VMware Carbon Black will be tightly integrated with VMware vSphere to yield an ‘agentless’ solution, eliminating the need to insert antivirus and other agents. Instead, endpoint telemetry will be managed and gathered via built-in sensors protected by the hypervisor. This also means, unlike agent-based solutions, the hypervisor will be able to detect if an attacker attempts to gain root access and tamper with the VMware Carbon Black technology — all from a separate trust domain.
The web server is the ‘front door’ of the data center, and NSX Advanced Load Balancer / Web Application Firewall safeguards this frequent point of attack. Often customers using hardware-based solutions with fixed capacity will turn off security filtering under heavy loads, leaving critical servers vulnerable. The unique, scale-out software architecture of the NSX Web Application Firewall helps confirm web servers have enough computation capacity for maximum security filtering even under peak loads.
Traditional perimeter security products
Policies will be automatically generated and enforced on an application-specific basis
The NSX Web Application Firewall uses rich understanding of applications, automated learning, and app-specific rules to provide strong security with lower false positives. Behind the web tier, micro-segmentation and in-band East-West firewalling helps prevent lateral movement of attackers. The VMware NSX Distributed IDS/IPS, a new capability of the VMware NSX Service-defined Firewall, will provide intrusion detection on the many different services that make up an application making it easier to get deep visibility.
The distributed architecture of NSX Distributed IDS/IPS will enable advanced filtering to be applied to every hop of the application, significantly reducing the blind spots created when using traditional perimeter security products. Policies will be automatically generated and enforced on an application-specific basis, thereby lowering false positives.
Discovering potential threats
VMware has introduced automated correlation with MITRE ATT&CK framework Technique IDs (TIDs)—a list of common tactics, techniques, and procedures (TTPs)—built into the VMware Carbon Black Cloud. Using MITRE’s ATT&CK framework, customers can begin searching for specific TTPs based on MITRE ATT&CK techniques within the VMware Carbon Black Cloud to discover potential threats and identify areas of improvement in their security posture.
VMware Carbon Black has also integrated with the Microsoft Windows Anti-Malware Scanning Interface (AMSI) to provide additional visibility by decoding obfuscated commands. Using the integration, customers will be able to seek visibility into the exact content executed by script interpreters, such as PowerShell. Customers will also be able to search across their continuously collected endpoint activity data and create custom detections based on AMSI-related script content.
Endpoint prevention solutions
VMware Carbon Black will be adding malware prevention capabilities for Linux machines
Finally, VMware Carbon Black will be adding malware prevention capabilities for Linux machines. This innovation will empower customers to migrate away from other endpoint prevention solutions specific to Linux and consolidate their security programs. This addition to the VMware Carbon Black Cloud platform means customers will have the option for comprehensive security coverage across all major operating systems (Windows, Mac, and Linux).
With VMware Secure State’s real-time detection and remediation capabilities, customers can now close the loop on cloud security and compliance to mitigate risks proactively. VMware Secure State is adding a new, flexible remediation framework to help customers automate actions across multicloud environments. Currently in Beta, this solution is designed to help cloud security teams collaborate with DevOps teams and gain trust as they gradually scale best practices.
Maintaining centralized visibility
The service provides pre-defined, out of the box actions or ability to create new, custom actions as code. All actions can be targeted to selectively remediate resources based on conditions such as cloud accounts, regions or resource tags. Security teams will also get comprehensive capabilities for managing overall cloud risk. To address existing misconfigurations, they can either bulk remediate violations themselves or publish actions to delegate decisions to DevOps teams.
Customers maintain centralized visibility into remediation progress and changes to cloud resources
In order to prevent new misconfigurations, they can build guardrails that auto-remediate violations at real-time speed. With an extensible, policy as code approach, users can programmatically execute all remediations as code using API and integrate them within the CI/CD pipeline. No matter how actions are triggered, customers maintain centralized visibility into remediation progress and changes to cloud resources.
Hosting two breakout sessions
The new portfolio offerings, product demos and more will be on display this week at the RSA Conference in the Moscone North Expo, booth #6145. VMware Carbon Black will be in Moscone Expo North, booth #5873. In addition to Poonen’s keynote address on February 26, VMware will host two breakout sessions during the conference.
VMware’s SVP and GM of Network Security, Tom Gillis, will deliver ‘Unshackle Legacy Security Restrictions for 2020 and Beyond.’ VMware Carbon Black’s Cybersecurity Strategist, Rick McElroy, and Senior Threat Researcher, Greg Foss, will deliver ‘2020 ATT&CK Vision: Correlating TTPs to Disrupt Advanced Cyber Attacks.’
The Security Industry Association (SIA) has announced details for the second annual AcceleRISE conference – an essential experience for tomorrow’s security leaders. AcceleRISE 2020 will be held July 29-31 at the Omni Austin Hotel Downtown in Austin, Texas.
AcceleRISE – hosted by SIA’s RISE community for young security professionals and those new to the industry – was created to ignite new thinking, strengthen leadership and sharpen business acumen in young security talent. The conference features a diverse array of premier learning sessions, interactive workshops and fun activities geared toward rising stars in the industry.
Dynamic and approachable speakers
Austin will be the perfect backdrop for making connections, fostering ideas, inspiring creativity
“SIA is thrilled to present the second annual AcceleRISE – an event that’s unlike your standard conference. At AcceleRISE it’s about dynamic and approachable speakers, unique sessions and activities to help young security talent take their careers to the next level and engaged attendees who are ready to make valuable connections and have fun,” said SIA CEO Don Erickson.
“For this year’s event, we have selected a location that’s known for being different – Austin, Texas. Austin will be the perfect backdrop for making connections, fostering ideas, inspiring creativity and helping AcceleRISE attendees grow into stronger leaders and contributors at their organizations.”
Insights on the leadership
AcceleRISE 2020 attendees will leave with:
Insights on the leadership and business skills needed to be more productive
A unique understanding of the latest security trends and how they impact the industry
Tools and guidance to help in accomplishing goals and forging a security career path
Workshops on critical security topics
SIA RISE is a collaborative community that fosters the careers of young professionals in the security industry
“AcceleRISE has addressed a gap in the security industry by helping young talent build meaningful connections, learn about emerging trends and discover fresh perspectives,” said Katie Greatti, Associate Director of Certification at SIA, Staff Liaison for the SIA RISE committee and Conference Manager for AcceleRISE. “For the 2020 event, SIA will offer attendees a mix of blended learning sessions including team-building exercises, keynotes, panel sessions, networking activities and workshops on critical security topics, business and career management and more.”
Conference proposals are now being accepted for AcceleRISE 2020; SIA is seeking fresh ideas and speakers for this year’s event. Priority will be given to proposals that address critical topics like corporate social responsibility, cybersecurity, career progression, business management and leadership, security 101, finance, sales and marketing, networking, artificial intelligence and SaaS models.
Vendor-neutral and educational
Proposed content must be vendor-neutral and educational in nature and designed to contribute to the general knowledge base of the security industry. Proposals are due Wednesday, April 1. SIA RISE is a collaborative community that fosters the careers of young professionals in the security industry. RISE is available to all employees of SIA member companies who are under 40 or who have been in the security industry for less than two years.
RISE hosts fun in-person networking events during top trade shows and in major cities around the United States and offers career growth webinars on a variety of topics, thought leadership opportunities, career tracks at ISC West and East and a scholarship program for security industry education and professional development.
At ISC West this year, emerging technologies will be on display to help organizations manage their environments, from the building itself to who’s on the premises and what’s going on at any given moment. Top of mind this year is cybersecurity, compliance and management of security assets as threats rise and governing bodies put regulations in place that businesses need to react to. The good news is that the shift in approach to holistic monitoring of cyber and physical assets can move enterprises to a place of digital transformation and proactive management rather than reactive practices based on threats and changing regulations. The show provides an opportunity for both vendors and potential customers to learn from each other about what’s out there and what’s needed in terms of future solutions as the industry evolves.
Are you in cyber and physical security compliance?
At this year’s show, we’ll continue to see developments focused on integration of cyber physical security that will lead to deeper understanding of the relationship between devices, device monitoring and spaces in which all devices physically reside. Digital solutions help achieve a digital transformation which stitches the data relationships together to provide better threat vector impact and overall understanding of risk. The technologies in smart buildings are subject to cyberattacks, which pose not just a threat to data and privacy but can compromise the physical space as well. Think of the locked door in a smart building that now is opened with access control via key cards or mobile devices given only to certain members of staff. These integrations increase safety and restrict access across the enterprise, but a bad actor can access and duplicate the necessary data to open the door with a copycat device while hiding the event from the surveillance system. By having a comprehensive cyber whitelist of installed devices, potential rouge devices are prevented from transmitting on the network, therefore providing an automated guard against internal and external attacks. When systems are compromised due to a hack or physical intervention, it puts what’s behind the door at risk, whether it’s money in a bank or information in a sensitive work environment, such as a laboratory.
Digital solutions help achieve a digital transformation which stitches the data relationships together
It’s increasingly important to highlight the relationship between cyber and physical security. A great illustration of this is the digital twin. A digital twin is a replica of a physical space that uses both informational and operational technology to give real-time information about what’s going on in a space. These can include things like floor plans for the building as well as real-time sensor data from the building management system, HVAC systems, lighting, fire, security, and more. By getting a complete picture of the physical and digital assets of an organization, it becomes possible to monitor all systems from one central location to see how they’re working together and act on the insights they provide. So, in the example of a breach from before, it’s possible to flag that hack, isolate its exact location and devices involved, and resolve it quickly while maintaining preservation of evidence.
Compliance: how to get there safely, efficiently and effectively
As these threats evolve, governing bodies are taking action to ensure that data is protected to minimize these kinds of threats and ensure that organizations feel confident in the security of their data. Norms and compliance measures are emerging quickly, such as General Data Protection Regulation (GDPR) which began to be enforced in March 2018, and the California Cybersecurity Law, which went into effect in the US just this past January. The regulations of what can be done with data mean that companies need to react or face penalties such as fines, which can be as high as 4% of worldwide annual revenue of the previous year. These are also fluid and can change rapidly, meaning flexibility is important in compliance solutions. However, this presents an opportunity for companies to invest in innovation to ensure they’re prepared for those changes and to protect the safety of not just employees, customers and target markets, but of the larger organization.
Getting to a place of compliance can seem costly and time consuming at the beginning
Getting to a place of compliance can seem costly and time consuming at the beginning, especially for larger organizations. They may have thousands of security assets (cameras and sensors, for example) and might not even be fully aware of what they have, where they are, and whether those assets are functional, never mind compliant with data protection legislation. The right solution takes all the steps to becoming safe and compliant into account, beginning with inventory and mapping of all assets to get a complete picture of where things stand and where changes need to be made. One large financial institution, upon embarking on this journey, identified an additional 10% of assets that they didn’t know they had, and additional ones that were nonfunctioning and needed to be repaired or replaced for compliance and safety.
Monitoring: centralized and remote for rapid response
Once assets and data are centralized and a complete inventory is taken, it’s much easier to effectively monitor the complete enterprise. At this year’s show, smart technologies will be on display that reduce cybersecurity risks and monitor assets for compliance. If something changes, that can be flagged, and appropriate parties can be quickly notified to act and neutralize security threats or avoid the expensive penalties that come with noncompliance. Since all these components are centralized in one location, it becomes possible to monitor much more effectively and fix issues remotely in minutes rather than scheduling a trip to a location that may not happen for days or even weeks. A security camera for a large chain enterprise such as a retail store or bank in a small-town location deserves service just as quickly as one in a major city, since the threat that each non-functional device poses is the same to who and what it is there to protect.
Keeping it up: a proactive approach to service and maintenance
One of the ways that emerging technologies can be a game changer is when it comes to the cost and approach
One of the ways that emerging technologies can be a game changer is when it comes to the cost and approach to systems maintenance and operation. In addition to performance and compliance, other types of data, such as historical events, can also be monitored centrally. This gives context to security events and can move organizations from a reactive to a proactive approach to their security as well as operations. If small problems are identified and resolved before they become larger problems, it means that security events can be mitigated more quickly or prevented entirely due to early intervention. On the operations side, early insights into asset performance means that fewer resources are expended on noncompliance fees and large-scale, emergency repairs. These resources can take the form of money, but also of time spent by employees and enforcement agencies to ensure continued compliance. Staff can spend time engaged in active monitoring rather than generating reports, since that can now be automated.
In the new decade, it’s time to use the technological resources available to better protect systems for smarter, safer and more sustainable environments. On every level, compliance is important not just for its own sake, but so are the other benefits associated with intelligent management.
The show presents an educational opportunity for vendors and customers alike. Walking around the show floor and talking to everyone is a unique way to see what’s out there and evaluate what is and isn’t working for a business while getting information from all the industry experts. Even if they’re not ready for a complete overhaul, taking stock of what’s available, where things are heading and how their operations and mission can be better served by implementing one or more of the solutions showcased is more important than ever. On our end, those conversations about needs and concerns are invaluable in driving innovation.
Cloud technologies and the IoT have opened up seemingly endless possibilities for the modern retail organization. Customers have never had as much control over purchasing decisions as they do today, with the ability to make transactions at the touch of a button for goods and services from the comfort of their own homes or on the move.
However, the customer data lying at the heart of this frictionless shopping experience presents an ever more attractive commodity to cyber criminals. Attacks are growing in number and it has been reported that in the last 12 months there have been 19 significant data breaches. This presents a major problem for both retailers and customers.
Cloud technologies and the IoT have opened up seemingly endless possibilities for the modern retail organization
In addition to the immediate disruption and downtime a breach can cause, the damage to the reputation of a business or brand can be lifelong. With GDPR related fines from the ICO now as much as €20m or 4% of an organization’s global annual turnover, whichever is higher, the resulting combination of the cost of the breach itself, reputational erosion and any crippling fines can be devastating. It is therefore essential that retailers are aware of the steps and procedures they should be following to ensure full data compliance and to guarantee the integrity of their IT infrastructure.
Ensuring full GDPR compliance
It’s vital to ensure that everyone understands the security implications and knows how to respond effectively in the event of a breach. Internally, all teams and departments should have the confidence to raise the alert if a breach is suspected. Externally, companies should look to encourage conversations across the entire supply chain to ensure requirements are effectively met and security risks are adequately addressed.
It is a requirement of the GDPR that the necessary steps be taken to guard against attack and protect existing software and systems
It is a requirement of the GDPR that the necessary steps be taken to guard against attack and protect existing software and systems. Effective cybersecurity lifecycle management of IoT devices, such as network video surveillance cameras, is an example of a measure which should be put in place to help prevent such devices from being compromised, mitigating risk and ultimately maintaining customer trust. Establishing a truly secure retail solution can only be accomplished if security has been analyzed at every stage.
Evolving physical systems
For protection of the physical retail environment, the move away from legacy security solutions such as traditional CCTV, which typically sat outside of a company’s IT operation, to the modern cloud-enabled security technologies we see today, allows retailers to unlock a wealth of business benefits previously impossible with analog technologies. Today’s systems provide far greater accuracy of detection, vastly improved image quality, even in low light, and an array of business intelligence options to aid operations, such as people counting, queue monitoring and stock control.
Protecting the physical security of the retail environment
The ability to create live security alerts as well as forensic evidence for later analysis allows security teams to be proactive rather than reactive. In addition, the growing use of edge capabilities to process data within the cameras themselves negates the additional time and potential lag associated with continually passing surveillance information back and forward to servers, streamlining and therefore vastly improving operations.
System vulnerabilities equals vulnerable data
For network cameras being introduced onto an IT network, it’s essential to ensure that they do not become compromised and used as a backdoor to gain entrance to a business’s innermost workings and most valuable commodity; its data. The importance of guarding against system vulnerabilities cannot be ignored and it is therefore vital to ensure that all installed technologies are Secure by Default; built from the ground up with cybersecurity considerations at the forefront, to strengthen system security. In addition, software updates and firmware upgrades will keep the devices protected in line with the evolving threat landscape.
The importance of guarding against system vulnerabilities cannot be ignored
Forging and maintaining relationships with stakeholders is key to establishing a healthy supply chain built on mutual trust and respect. Only by following such an approach can the integrity of systems be fully guaranteed, with trusted vendors and installers working together to ensure that ethical practices are followed, and cybersecurity principles are adhered to. Due diligence should be carried out to make sure that all stakeholders involved in the manufacture, supply and installation of security software and systems understand the importance of keeping security best practice at the forefront of everything they do.
Addressing the ongoing challenge
Retailers must be able to rely on technologies that support their operational requirements and address associated risks, while at the same time, supporting IT security policies. By following procedures around the cybersecurity of IoT devices, and realising the importance of implementing high quality products and services through relationships with trusted vendors and partners, retailers will benefit from connected physical security systems that deliver on the promise of better protection of the business and customer, to effectively mitigate the mounting cyber security threat.
It seems that only a few days pass between cyber security stories of concern to the public such as personal data leaks and DIY home camera hacks. With this in mind and the need for increased connectivity, the industry is in need for guidance in cyber security. 2020 is set to be a year of change for the physical security industry. Here are the top four predictions to stay head of market trends in the year ahead.
1. There will be more clarity for installers about industry-standard for cyber security
The professional security industry will next year see the launch of a new set of cybersecurity guidelines
Through the work being conducted by the BSIA Cyber Security Product Assurance Group (CySPAG), the professional security industry will next year see the launch of a new set of cybersecurity guidelines. This will provide the industry with the guidance and clarity that is currently missing.
A key area of clarification is the chain of responsibility. It is not just the responsibility of the manufacturer to keep everything secure from a cyber-perspective. The whole supply chain is responsible - once a product leaves the lab where they’re manufactured, conditions change. Those who maintain, install and operate the product have a shared responsibility to ensure that a product or system remains cyber secure.
As the sector develops and more cyber-enabled products become available to the market, this cyber security approach will become more important, and a key differentiator to the DIY market, which can only be a good thing.
2. Cloud and 4G connectivity are giving end-customers better physical security
The percentage of panels connected to cloud services is now increasing every year
Manufactures have been producing cloud-ready products for several years. Initially, not all installers had been taking advantage of benefits of cloud-connected panels, however the percentage of panels connected to cloud services is now increasing every year.
Trust and education have improved, meaning that installers and end-users have realised that connectivity is positive, enabling consumers to check on their properties remotely and allow installer to remotely support their customers.
However, one area of constraint has been the dependency on customers networks which may, or may not, offer the level of performance that a robust and resilient security system demands.
With the introduction of mobile data connectivity to connected products over the past few years, and as connectivity becomes more widespread across physical security products there will also be a greater shift toward mobile technologies such as 4G, either as a back up to a router connection or for complete network independence.
3. Connectivity is changing the way installers work
Installers are a vital part of the chain of when a new alarm system is fitted into a property
Installers are a vital part of the chain of when a new alarm system is fitted into a property, providing both installation and maintenance services. Traditionally maintenance activities have always been delivered on-site.
With the increased ease of connectivity for security systems and the advancements in how these systems are used, installers are provided further opportunity to enhance customer service around the delivery of maintenance.
It is no longer a requirement to have a customer wait until an engineer can attend a property to remedy a fault, as many can now be addressed within minutes from any location in the world.
This ability allows installation businesses to focus their engineers on more critical tasks while delivering an overall higher level of customer service. Indeed, some installation businesses are moving to a model of having dedicated remote support engineers in addition to the road-based team.
4. Manufacturers are ready for IP-only alarms, ahead of the 2025 analog switch off
The PSTN switch off being conducted by BT and other service providers is due to be completed in 2025
The PSTN switch off being conducted by BT and other service providers is due to be completed in 2025 as part of the move to Next Generation Networks, ending the use of analog phone lines and moves communications technology into an all IP-only space.
Although some service providers have indicated that there may be some type of initial PSTN simulation, those providers that are doing this are also making it clear that this is only a temporary solution. The switch off will be a huge change for the security industry.
Where heritage, analog alarm systems are in use, installers will need to plan to reconfigure existing systems to use the temporary PSTN simulation functions (where available) or upgrade systems to an all IP solution.
Although 2025 feels a long way off, installers and end-users need to start planning now and taking the necessary action. In our sector, manufacturers are ready for IP-only alarms through the provision of cloud-based solutions and the use of techniques such as SIA IP for ARC monitoring.
Security’s intersection with consumer electronics is on view at CES 2020, the world’s largest technology event, Jan. 7-10 in Las Vegas. The giant show features more than 170,000 attendees, 4,500 exhibitors and 1,100 industry thought-leaders featured on the CES stage.
A range of technologies will be on display, from artificial intelligence (AI) to 5G, vehicle technology to AR/VR (augmented and virtual reality), robotics to home automation. Security plays a prominent role, too.The impact of this event for the smart home could be about delivering home analytics and enhancing privacy"
Smart home market on the forefront
The smart home market is a major focus. “For the smart home market at CES this year, we expect to see numerous announcements regarding home awareness,” says Blake Kozak, Senior Principal Analyst at IHS Markit. “This will include brands offering up additional analytics for consumer security cameras with a focus on edge-based solutions.”
“The impact of this [event] for the smart home could be about delivering home analytics and enhancing privacy through cloudless architectures and new electronic door lock approaches,” he adds. An example of cloud analytics is the Resideo Home app, introduced in December, which will make whole-home monitoring possible for four critical networks of the home – water, air, energy and security. Resideo promises a “simplified and integrated smart home experience.”
Video is also prominent at the show. “For cameras, we can expect to see more cameras focused on the outdoor space and possibly new form factors for video doorbells,” says Kozak. Familiar security industry brands exhibiting at CES 2020 include ADT, Ring, August Home and Yale (both part of ASSA ABLOY), Bosch and Alarm.com.
Focus on Cybersecurity
In 2020, companies will continue to focus on solutions for protecting consumer data"
Cybersecurity is an aspect of many of the devices on display at CES. “Device security and data privacy play a key role in the adoption of connected devices,” says Elizabeth Parks, President, Parks Associates.
“Consumer security concerns for smart home products will continue to be a barrier to adoption in the U.S. and Europe, and these concerns can actually intensify with device adoption-71% of U.S. smart home households are concerned about cybersecurity. In 2020, companies will continue to focus on solutions for protecting consumer data. One big area of interest is protection on the network router, providing whole home solutions, which are very appealing to consumers.”
“At CES we will see the traditional players introducing new DIY (do-it-yourself) products, as well as new players announcing new product features, services, and partnerships,” Parks adds.
Smart access control
Smart locks will be among the security products at CES 2020. For example, PassiveBolt, a lock company, will show the Shepherd Lock, a touch-enabled smart lock with enhanced security through sensors and AI. The add-on lock converts existing locksets into touch-activated devices. Another lock manufacturer is Kwikset, whose door locks and door hardware include Wi-Fi-enabled smart locks, Bluetooth-enabled smart locks, keyless and keyway-less locks and connected home technology.
Video doorbells, including industry-innovator Ring, have been a hit in the consumer market. At CES, Ring will expand the mission to make neighborhoods safer by creating a “Ring of Security” around homes and communities with a suite of home security products and services. The “Neighbors by Ring” app enables affordable, complete, proactive home and neighborhood security.
Homeguard offers a range of affordable CCTV solutions for home and small business
DIY CCTV demonstrations
DIY security systems are another market. Homeguard is a leading DIY consumer brand offering a range of affordable CCTV solutions for home and small business, including wired and wireless CCTV kits, smart cameras, home alarm systems and wire-free HD CCTV kits.
Swann Communications is also at the forefront of surveillance and monitoring with new products developments including wire-free HD cameras and doorbells, professional CCTV video surveillance systems, and 1080p full HD systems with “True Detect” heat and motion sensing.
AVTECH, and subsidiary YesGo Tech, will demonstrate a compact Wi-Fi home security set, a series of special cameras with face recognition, thermal detection and license plate recognition, customized central management software and a university ID tag that is compatible with access control, OEM and ODM opportunities.
Security and automation solutions
D-Link’s home networking, security and automation solutions will help consumers connect, view, share, entertain, work and play. SECO-LARM, manufacturer of a Room Occupancy Monitor that shows whether a room is in use, has a line of keypads and proximity readers with built-in Bluetooth for convenient access.
Another smart home security solutions provider, Climax Technology, integrates wireless security, home automation, energy management, home emergency monitoring and live visual monitoring.
Personal safety mobile application
Manufacturers are positioning outdoor cameras as deterrents to theft before a burglary happens"
WaryMe designs and develops a personal safety mobile application to improve a user’s security in public places, schools, transports and companies by addressing major risks such as terrorism attacks, intrusion, fire and even industrial accidents. An all-in-one mobile application integrates alerting, crisis management and mass notification features.
“Market players are looking to expand beyond established smart home devices like smart thermostats and networked cameras to products like smart water leak detectors, smart pet feeders, and smart air purifiers,” says Elizabeth Parks. “Manufacturers are positioning outdoor cameras as deterrents to theft before a burglary happens. This trend is part of a broader security marketing effort to extend the perimeter of home security beyond traditional home access points.”
“Familiarity with smart home devices lags behind familiarity with smart entertainment products; it even lags that of smart speakers, which are quite new in the market,” adds Parks. “In 2020, we will see players working to advance the visibility and marketing around device integration, and specifically focus on use case scenarios around safety, security, and convenience, which have always been the primary drivers of adoption of these types of products.”
Most customers interface with their financial institutions using automated teller machines (ATMs), which have security issues. However, there are solutions available to combat all current security threats, and the cost of protection is coming down. The ATM industry is therefore in a position to minimize losses, while ensuring consumers continue to get the vital cash they need to lead their daily lives. It is important for the ATM industry to constantly innovate to meet new security challenges. So what innovations are we going to see in the next five years?
Contactless technology will be a great help against ATM skimming, in which criminals steal personal information at ATM machines. Contactless is already being used in some European countries, and the number is increasing. Not having to insert a card into the ATM removes the opportunity to trap cards and also gets around the problem of “foreign” devices installed to read cards. So contactless technology, which some saw as the end of cash, can help make ATMs and cash more secure.
Data capture form to appear here!
Not having to insert a card into the ATM removes the opportunity to trap cards
Biometrics are certain to be used increasingly to bolster ATM security. Finger, palm, vein, iris and facial recognition all have potential in this respect. Any of these may in the future be used with or without cards, PINs and one-time codes. Speed of operation in relation to biometrics could ultimately govern their use at ATMs. There may also be privacy issues that need to be addressed.
The ATM vestibule environment must add security with proper security and surveillance equipment. ATM vestibules, or lobbies, are installed for many good reasons. For one, more convenient, 24/7 locations equals better customer retention for a bank, offering comfort and convenience. 24/7 access to ATMs, night drops, coin counters, online banking kiosks, and other self-service solutions are very much in demand. Second, ATM vestibules protect customers from inclement weather and provide a more comfortable banking environment (however, vagrancy can be an issue; therefore ATM vestibules should require card access). Security and surveillance solutions can’t just be for show.
ATMs and crime
A new crime wave is hitting automated teller machines (ATMs); the common banking appliances are being rigged to spit out their entire cash supplies into a criminal’s waiting hands.
The common banking appliances are being rigged to spit out their entire cash supplies into a criminal’s waiting hands
The crime is called “ATM jackpotting” and has targeted banking machines located in grocery shops, pharmacies and other locations in Taiwan, Europe, Latin America and the United States. Rough estimates place the total amount of global losses at up to $60 million.
The protection of ATMs
ATMs in supermarkets and pharmacies tend to be targeted because they may not be as well-protected, and store personnel likely would not know who is authorized to work on the ATM. In contrast, anyone approaching an ATM at a bank location would be more likely to be challenged.
ATM jackpotting originated back in 2010 when Barnaby Jack, a New Zealand hacker and computer expert, demonstrated how he could exploit two ATMs and make them dispense cash on the stage at the Black Hat computer security conference in Las Vegas. Since then, malware has been created and made available on the “Dark Web” that can instruct an ATM to dispense all its cash on demand.
ATM jackpotting is a combination of a physical crime and a cyberattack
ATM jackpotting is a combination of a physical crime and a cyberattack. Typically, a criminal with a fake ID enters a grocery shop or pharmacy posing as an ATM technician, then uses a crowbar to open the top of the ATM – the “top hat” – to gain access to the personal computer that operates the machine.
Once he or she has access to the PC, they remove the hard drive, disable any anti-virus software, install a malware program, replace the hard drive and then reboot the computer. The whole operation takes about 30 seconds. The malware then enables the thief to remotely control the ATM and direct it to dispense all its cash on command.
If a legitimate customer approaches the machine in the meantime, it can operate as usual until activated otherwise by the malware.
Catch up on part one and part two of our banking security mini series.
It is an exciting time at German intelligent video company MOBOTIX, which has launched a next-generation platform that builds on their legacy of video at the edge while opening up the system to third-party partners that can build even more capabilities.
MOBOTIX unveiled the new M7 platform and M73 camera at the MOBOTIX Global Partner Conference in Mainz, Germany, in October. MOBOTIX M7 is a powerful, decentralized and secure modular IoT-video system based on deep learning modules. The feedback has been “overwhelming,” says MOBOTIX CEO Thomas Lausten. The new technology will also be featured in the United States at the 2020 MOBOTIX Partner Summit in Hollywood, Fla., in January.
A different video surveillance
"What you see is a different way of doing video surveillance,” says Lausten. “Our focus on the edge is the difference between us and other companies.”
The new MOBOTIX 7 open solution provides an “edge platform” that can be used for a variety of applications, which are provided as “apps” that leverage the platform’s hardware for specific uses, from object detection to face detection to people counting. The new M75 high-end camera incorporates the new platform.
The MOBOTIX application programming interface (API) makes it possible for hundreds more apps to be developed over time
Currently there are 19 apps available to empower various applications, and availability of the MOBOTIX application programming interface (API) makes it possible for hundreds more apps to be developed over time. If a MOBOTIX partner creates a new app for a specific project, “now he can use it not just for one project but can put it in the app store and sell it all over the world,” says MOBOTIX CTO Hartmut Sprave.
Field Programmable Gate Array
The new MOBOTIX platform uses Field Programmable Gate Array (FPGA) integrated circuits that provide flexibility and versatility to be adapted to a variety of needs, from deep learning, to higher resolution, or to use with a variety of sensors, such as color, black-and-white or night vision cameras, temperature sensors or microphones. “We can literally include any sensor requested by the market,” says Lausten.
The new camera can also be used for age analysis, crowd management or traffic analysis. It can even be used for fire or biohazard detection, incorporating thermal sensors and deep learning.
MOBOTIX have added to their legacy of video with a next generation platform
MOBOTIX developed its new platform in conjunction with Konica Minolta, which owns a majority share of the German manufacturer. The combined knowledge of the two companies created the new platform, with most of the engineering done in Germany. Konica Minolta provided an object detection algorithm, for example, and deep learning capabilities that are being used with the cameras. The two companies are also developing the business together. “They are rolling out our technology on their website throughout the world,” says Lausten. “We are basically part of a global development organization.”
MOBOTIX developed its new platform in conjunction with Konica Minolta
The new platform is also completely compatible with legacy MOBOTIX systems: “We have added what we need to what we have,” says Lausten.
Cybersecurity is a top priority for MOBOTIX. “With our camera, everything is under our control, every single line of code, and we do all the penetration testing and everything is safe,” says Sprave. In fact, MOBOTIX won the French "Trophée de la Sécurité 2019" Gold Award in the cybersecurity category for the MOBOTIX Cactus Concept, which refers to the fact that all the modules in the MOBOTIX system have “digital thorns” that protect them from unauthorized access. End-to-end encryption is used with no blind spots.
Driven by cybersecurity
Stronger cybersecurity and a focus on edge devices makes MOBOTIX inherently more cybersecure than a system of networked low-cost cameras, each of which could present a possible cyber-vulnerability.
Stronger cybersecurity and a focus on edge devices makes MOBOTIX inherently more cybersecure
The flexibility of the MOBOTIX platform expands its utility beyond security to include broader business functions. For example, the same camera that can detect criminals with face recognition can track where people are moving in a retail store, and even analyze age or demographics of customers to track buying patterns.
“Cameras are required to think and process at the edge, and that is where we see a lot of focus going, driven by cybersecurity,” Lausten says.
Lausten sees opportunity for even faster growth in the U.S. market, where they already have 30 or 40 partners. In the near term, there will be large opportunities provided by the U.S. trend toward “Chinese skepticism,” and cybersecurity concerns that have plagued the lower-cost Chinese imports. MOBOTIX products are proudly “Made in Germany.”
Allot Ltd., globally renowned provider of innovative network intelligence and security-as-a-service solutions for communication service providers and enterprises, has announced that Altice Portugal’s MEO, the country’s largest fixed broadband and mobile service provider, has chosen Allot Secure, a unified Security-as-a-Service (SECaaS) solution to protect the company’s mobile users against a broad range of cyber threats and to provide parental control both on and off-network.
Allot NetworkSecure security platform
Allot Secure solution is a first-of-its-kind multi-layered platform that integrates network-based and endpoint security
The Allot Secure solution is a first-of-its-kind multi-layered platform that integrates network-based and endpoint security. The Allot Secure solution to be implemented by MEO includes the Allot NetworkSecure mass-market network security platform, coupled with endpoint security provided by Allot EndpointSecure.
The combined solution enables rapid mass-market user onboarding for cyber security that will protect MEO users anytime and on any network. Subscribers to the Allot cyber security solution will pay a monthly fee which is shared between Altice MEO and Allot.
Protection against cyber security threats
Enabled by the unified Allot Secure solution, Altice MEO will offer its customers a security service to protect them against emerging cyber security threats, including malware, phishing, ransomware and crypto-mining. Traditional security add-on solutions offered by operators never gained much traction because they rely on customers to install the protection themselves.
Allot unified network-based and endpoint cyber security delivers effortless, device-independent end-user security, making it easy for operators like Altice MEO to deliver these security services directly to customers. Allot has reported that other telecom customers have achieved double-digit penetration rates with Allot Secure.
Network and data security
NetworkSecure, part of the Allot Secure solution suite, is a globally renowned company in the growing network-based, mass-market cyber security category, protecting more than 23M subscribers globally. Coupled with Allot consumer marketing services, the NetworkSecure solution has been proven to achieve penetration rates up to 50%.
“Our millions of mobile users are in need of a proven and hassle-free security solution,” said Tiago Silva Lopes, Director Consumer Products at Altice Portugal/MEO. “With this in mind, we selected Allot to offer a mobile service that cannot be bypassed and removes the burden from our customers by protecting them wherever they are. This solution also enables parents to be worry-free about how their children are using their devices.”
Unified Allot Secure solution
“Altice MEO required a mature, unified solution that combined network and endpoint cyber security for their customers,” said Hagay Katz, VP Strategic Accounts, Cyber Security at Allot. “Our unified Allot Secure solution is a perfect fit. With our revenue sharing partnership, MEO can maximize their ARPU while strengthening their brand and increasing loyalty.”
BI-City Tokyo is located in Nur-Sultan (Astana), the capital city of Kazakhstan. It is a high-end residential complex of BI Group – a renowned construction holding company in the Kazakhstan real estate market. At present, three apartment buildings with public areas and more than 400 apartment units have been completed. Aiming to create modern high-end intelligent buildings and residential areas, the BI Group wanted to upgrade the existing analog video intercom system of BI-City Tokyo.
Replacing analog intercom system
The original analog intercom system in this community is outdated and cannot meet the diverse security requirements of high-end residential areas. First, the original analog intercom does not support retaining images and leaving messages. Second, this system only supports access cards to open doors, which is inconvenient for residents in case they forgot their card. Third, the original system cannot add IP cameras to monitor public areas such as children's playground, fitness areas, etc. Fourth, the cold winter temperature in Nur-Sultan requires high-performance equipment capable of operating in extreme environments.
Faced with the abovementioned challenges, BI Group was also looking for a trustworthy brand that can provide not only modern smart system but also technical support and reliable after-sales service. Meeting all the above requirements, Dahua smart residential solution was chosen to be the security solution provider of BI-City Tokyo.
Dahua Smart Residential Security Solution
The complete solution deployed more than 300 pieces of Dahua equipment, including IP cameras
The complete solution deployed more than 300 pieces of Dahua equipment, including Indoor Monitor, Apartment Outdoor Station, IP Camera, Access ANPR Camera, Video Recorder, etc. The solution supports two-way audio intercom, real-time video and messaging feature. In addition, a variety of door opening methods were also implemented: door opening via remote calling, door opening using access card, and remote door opening via APP. Additionally, all the equipment can be visualized and integrated in the Dahua DSS platform for centralized management, operation and maintenance.
Moreover, the temperature in Nur-Sultan can reach up to negative 40 degrees in winter season. This requires high-performance outdoor devices featuring dust and water resistance, and explosion-roof capability. In response to this pressing challenge, Dahua apartment outdoor station VTO1210C-X-S1 and access ANPR camera ITC237-PW1B-IRZ that support wide working temperature were installed at the entrance of the apartment building for a more effective visitor and vehicle management.
ANPR and IP cameras installed
When a visitor arrives at the entrance of the apartment building and dials a resident’s room number through the Dahua apartment outdoor station, the camera installed at the entrance will synchronize the video with the visitor’s image captured in the resident’s indoor monitor. Once the visitor’s identity is confirmed, the resident just needs to press the button on the indoor monitor to open the door remotely. With Dahua app, users can even answer calls and open doors remotely when they are out for work or traveling.
As for vehicles, Dahua access ANPR camera ITC237-PW1B-IRZ is designed for extreme temperature environments (temperature range of -40°C to +60°C). With built-in intelligent video analytics, the camera has the ability to detect and recognize moving vehicle's plate number within low speed.
Vehicle tracking and identification
For both approaching and departing vehicles, the access ANPR camera takes a snapshot of the number plate and vehicle overview picture, as well as records corresponding surveillance videos. By setting a whitelist, the camera can automatically control the barrier or gate to open if a plate number recorded in the whitelist has been recognized.
The public areas including children's playground, fitness areas, as well as the lobby are covered by 2MP IR Mini Dome Network Camera IPC-HDBW4231E-ASE, 2MP and 3MP IR Mini-Bullet Network Camera. The Starlight Ultra-low Light Technology of IPC-HDBW4231E-ASE offers industry-leading light sensitivity, capturing color details under low light condition up to 0.002lux. The camera uses a set of optical features to balance light throughout the scene, resulting in clear images in dark environments.
Integrated management platform
Dahua smart residential solution provides an integrated management platform for the personnel of BI-City Tokyo
Dahua smart residential solution provides an integrated management platform for the management personnel of BI-City Tokyo. It assists in the remote and visual management of the property and improves the services and facilities they offer. Security guard at the entrance is not needed anymore to manage entering and exiting vehicles, which saves labor costs, reduces the waiting time of vehicles and improves traffic efficiency.
In addition, the all-round monitoring of the public areas within BI-City Tokyo greatly improves the safety level of the entire community. The video intercom system of the building provides a variety of convenient door opening methods, enhancing the resident’s living experience.
IP video intercom solution
“We adopted analog solution in the first phase. From the second phase, we replaced all of analog system with Dahua’s IP video intercom solution. We hope that Dahua will help us complete the solution planning of the three, four, five, and six phases,” said Arman Lesbekov, General Manager of BI Group.
Dahua Technology is an internationally renowned video surveillance and security solutions provider with more than 6000 professionals in their R&D team, dedicated to providing cutting-edge products in technologies like AI, IoT, Cloud services, video, cyber security, and software reliability with high quality and performance.
Video surveillance systems expert
Since 2014, Dahua has ranked second in the global video surveillance equipment market according to an IHS report, and in 2017 Dahua ranked third in the A&S International "Security 50". The company believes in investing and building strong R&D capabilities for new technology and innovation.
HID Global, globally renowned provider of trusted identity solutions, has announced that the government of Argentina has selected its HID goID citizen identity technology to power the country’s digital version of its mandatory National Identity Document for its Mi Argentina app.
The collaborative effort between HID, Argentina’s Ministry of Interior, Public Works and Housing through the National Registry of Persons (Renaper), and the Ministry of Modernization makes Argentina the first country in the world to offer a true national identity credential within a mobile app to its citizens. Currently, there are 47 million DNI cards in circulation and recent legislation has accorded full legal equivalence to the smartphone version of the card.
Mi Argentina app
The Mi Argentina app, which houses the National Identity Document, was developed by the Ministry of Modernization and allows citizens who download the app on their mobile devices to request appointments, receive health information and access credentials, such as their drivers’ license. Powered by HID goID technology, citizens can also access their National Identity Document on a mobile device on the app while offline.
The Government of Argentina is leading the way in bringing the convenience and security of mobile identity to its citizens"
“The Government of Argentina is leading the way in bringing the convenience and security of mobile identity to its citizens,” said José D’Amico, director of Renaper, adding “This innovative application is not only easy to get, but we also believe this could be the first step in digitiszng identity across the government in Argentina and potentially other countries in years to come.”
Enhanced security of citizens’ mobile identity
Citizens with the ‘Mi Argentina’ app can initiate their request for a mobile ID by visiting a Renaper office, where their identity is verified and authenticated. Once approved, they receive an email with a code to activate their National Identity Document. In the event a smartphone is lost or stolen, credentials can be immediately revoked, safeguarding the citizen from potential identity theft.
The mobile ID is securely stored on the citizen’s smartphone, meaning it can still be accessed if the cell phone has no data plan or when connection to a network or Wi-Fi is not available. Storage on the phone brings additional security for the mobile ID ecosystem, as a channel back to the central database is never required.
Superior identity solutions
Renaper issues all citizens a National Identity Document at birth and requires two mandatory renewals: between the ages of 5 and 8, and at the age of 14. Adults are required to renew it every 15 years.
Argentina’s implementation of our technology provides its citizens with innovative ID access"
“HID Global is committed to providing identity solutions that meet the evolving standards of the 21st century,” said Jessica Westerouen van Meeteren, VP & Managing Director, Citizen Identity with HID Global. “The government of Argentina’s implementation of our technology provides its citizens with innovative ID access and the ease of a completely mobile experience from registration to issuance.”
Enhancing Border Security
The government of Argentina previously partnered with HID to upgrade the country’s ICAO electronic passport to a newer generation that was more cost efficient, improved security and enhanced data reading at border control checkpoints. The successful partnership was a key factor in the government’s decision to collaborate with HID Global and deploy the HID goID mobile identity solution.
The HID goID technology mobile ID ecosystem powers a more secure and connected world based on field-proven identity technology. It enables the issuance, lifecycle management and verification of mobile identities, and is a customizable solution that delivers many more functions than physical identity documents.
Airports, power plants, and data centers house mission-critical assets essential to everyday life. Without adequate physical security, these operations are at risk of intrusion and sabotage. The shutdown of any one of these critical infrastructure facilities would affect hundreds of thousands of people.
Securing these entities from a physical breach starts by protecting the perimeter. While critical infrastructure sites pose their challenges for perimeter intrusion detection systems, new technologies, and solution integrations are addressing these pain points and enabling better detection, deterrence, and real-time response in the case of a threat.
Trending technologies amplifying perimeter security
Here are six trending technologies amplifying perimeter security for critical infrastructure:
First-class thermal cameras - FLIR thermal cameras continue to remain the industry standard for 24-hour perimeter monitoring and are seeing strong adoption throughout the critical infrastructure sector. Greater thermal resolution, longer detection ranges, sophisticated edge analytics, and ONVIF compliance continue to distinguish premium choice FLIR thermal cameras from low-end options.
Radiometric thermal cameras for business intelligence - Thanks to the emergence of artificial intelligence (AI) and machine learning technologies, critical infrastructure customers are looking for a return on investment beyond the traditional functionality of their security cameras. Electrical substations, for example, are deploying thermal cameras for intrusion detection and predictive maintenance. These sites are installing radiometric thermal cameras, integrated with temperature trending software, to identify issues with assets before a component malfunctions, overheats, or fails. Being able to prevent even one electrical fire can save the customer thousands if not millions of dollars in damages, liabilities, and insurance claims, well worth the cost of the solution.
Radar for redundancy - Critical infrastructure facilities are deploying radar solutions to expand coverage beyond the fence line. Providing continuous coverage, a radar conducts a full 360-degree scan of a property every one to two seconds. Radio waves are undeterred by rain, fog, or other adverse weather conditions that hinder standard surveillance cameras, making them an ideal solution for rugged environments. Users are also increasingly pairing radar with thermal cameras to ensure redundancy and reduce false positives. If both the radar and thermal camera are alerted to the same event, remote operators can see it is likely a true alarm.
Cyber-hardened features - Because network cameras and sensors are now standard for enterprise-class deployments, the need for perimeter security has extended beyond physical security to edge devices. In this digital age, it is imperative that cybersecurity precautions are put in place to safeguard the network and devices from cyber breaches. FLIR has focused its research and development in cybersecurity. Today, all new lines of FLIR cameras are built with cyber-hardened features. Standard cybersecure protocols for FLIR cameras include running penetration tests, eliminating backdoor accounts, removing default passwords, and enforcing end-to-end encryption through secured TLS connections.
4K and UHD video - While thermal and radar sensors improve detection, other devices are needed for threat assessment and identification. The emergence of HD, Ultra HD, and 4K cameras offers end users a heightened level of detail, optimal for evidence capture and investigation procedures. Critical infrastructure customers are beginning to upgrade their visible cameras for higher resolution models, and for this reason, are opting for the latest FLIR Quasar and Ariel cameras. These cameras are attractive options, as they offer low predictable bit rate, improved wide dynamic range, and enhanced image stabilization features that enable crisp video quality, ideal for video analytics and suspect identification.
Drones - For critical infrastructure sites like oil and gas refineries, dispatching security personnel to respond to an intrusion alert isn’t always easy, as these sites are often either remote or difficult to access. In order to improve response times, critical infrastructure sites are integrating unmanned aerial vehicles (UAV), or drones, with their overall security system. Upon a verified alarm, the drone is dispatched to the area of interest to provide additional surveillance. By equipping a drone with both an optical and thermal payload, operators can quickly get eyes and ears on the scene to assess the threat.
We live in an era of Big Data. Surrounded by a flood of information, more companies are looking for ways to analyze that information (data) and systematically extract intelligence that can help them operate more efficiently and profitably. The data obsession has extended to the physical security industry, too, where large amounts of data have historically been a little-used byproduct of our access control and even video systems. But the picture is changing. We asked this week's Expert Panel Roundtable: What impact are data analytics having on the security market?
Utilities are an important element of critical infrastructure and, as such, must be protected to ensure that the daily lives of millions of people continue without disruption. Protecting utilities presents a unique range of challenges, whether one considers the electrical grid or telecommunications networks, the local water supply or oil and gas lines. Security technologies contribute to protecting these diverse components, but it’s not an easy job. We asked this week’s Expert Panel Roundtable: What are the security challenges of protecting utilities?
The new year is several weeks old, so it is safe to say that many of our New Year resolutions have fallen by the wayside. Despite the limited success of our personal resolutions, the new year is a great time to take stock, look ahead, and plan to make 2020 the best year yet. Thinking about our industry as a whole, we asked this week’s Expert Panel Roundtable: What should be the security industry’s “New Year’s resolution?”