Claroty, the pioneer in operational technology (OT) security, announces new enhancements to the Claroty platform, making it the industry’s first OT security solution to offer remote incident management as a fully integrated capability that spans the entire incident lifecycle.
The platform now enables cybersecurity teams to detect, investigate, and respond to security incidents on OT networks across the broadest attack surface area securely and seamlessly from any location.
Standard operating environment
IT and OT networks were already becoming more interconnected due to digital transformation, and the COVID-19-induced shift to remote work has accelerated their convergence even more. These combined forces have created an acutely expanded attack surface and volume of alerts for cybersecurity teams to manage.
IT and OT networks were already becoming more interconnected due to digital transformation
According to Gartner, “For those organizations whose cybersecurity operations capabilities are tuned to monitor events from their standard operating environment, the abrupt shift to a predominantly remote operating model could see events of cybersecurity interest being missed by the cybersecurity operations team. This will in large part be a result of the relocation of workers to new premises or to a remote working mode that suddenly expands the scope and complexity of the operating environment.”
Variable work environment
“Arming cybersecurity teams with the ability to detect, investigate, and respond to not only asset-based attacks, but also to identity-based attacks, is at the heart of the new enhancements to The Claroty Platform,” said Grant Geyer, Chief Product Officer of Claroty.
“Our customers can now further evolve their OT security posture, strategy, and workflows for a variable work environment, while enduring adversarial activity and whatever else they might encounter on the network.” With its newly enhanced Secure Remote Access (SRA) 3.1 and Continuous Threat Detection (CTD) 4.2 components, The Claroty Platform now spans all three stages of the incident lifecycle.
Remote user activity
This reinforces the importance of quick detection and identification of unauthorized activities
Detection: More than half of OT and IT security professionals say their organizations are now more of a target for cybercriminals since the pandemic began, according to Claroty’s recent survey report. This reinforces the importance of quick detection and identification of unauthorized activities.
The Claroty Platform gives teams an early advantage with the ability to identify and differentiate authorized remote user activity from unauthorized ones that could impact process integrity. When users receive an alert from CTD, Claroty’s Wisdom of the Crowd capability utilizes information from similar events across Claroty’s customer base to provide context into the potential impact of the alert, enabling users to respond more effectively and efficiently.
Demanding quicker identification
Investigation: The increase in both teleworking and malicious activity demands quicker identification in a remote setting. Claroty’s enhanced platform arms SOC teams with full visibility into remote user activity, insight into how indicators detected on the network have manifested in other areas, the ability to investigate incidents from any location, and greater context around the business criticality and process values of assets involved in such incidents.
This minimizes the need for onsite staff while optimizing investigations with enriched assets, including both live SRA sessions including full-length video recordings, as well as threat alerts with reputational context from the Claroty community.
Expediting remedial activities
62% of IT and OT teams have found it more challenging to collaborate
Response: Even as IT and OT networks have become more interconnected since the pandemic began, 62% of IT and OT teams have found it more challenging to collaborate. The Claroty Platform bridges this gap with its integrated interface and the ability to disconnect potentially harmful OT remote sessions, minimizing the need for onsite staff and expediting remedial activities.
Integrations with ServiceNow and Swimlane enable teams to manage all IT and OT alerts from a single access point within the respective platforms. This allows organizations to adapt their OT incident response function and workflows for a remote or hybrid workforce.
Greater operational resilience
Collectively, these features allow teams to adapt their monitoring, inspection, and response management from on- or off-site premises without compromising efficiency or effectiveness. The result for the business is reduced exposure to risk and greater operational resilience.
“Receiving vulnerability alerts in real-time is a must-have for our multinational mining, metals, and petroleum operations,” said Thomas Leen, VP Cybersecurity of BHP. “The Claroty Platform allows us to quickly identify which of our assets have led to vulnerabilities and prioritize the actions we need to take in order to reduce and eliminate potential risks to the business.”
W Series, the international single-seater motor racing series for female drivers only, is delighted to announce a new cyber protection and security partnership with Acronis, a globally renowned provider of cyber protection solutions.
Global Cyber Security Partner
The multi-year agreement sees Acronis become W Series’ new Global Cyber Protection and Security Partner, providing bespoke technology solutions for W Series’ on-track racing program, which will resume in 2021 and the W Series Esports League which launched in June 2020. Plans are already in place for a bigger and better on-track W Series season in 2021, including at least two races on the Formula 1 calendar, in Austin, Texas, USA, and in Mexico City, Mexico.
Acronis will implement video and brand analytics of W Series’ on-track and virtual races
Acronis will develop and maintain a secure data management system, improving W Series’ ability to store, analyze and share content with partners. Enhanced by their award-winning artificial intelligence technology, Acronis will implement video and brand analytics of W Series’ on-track and virtual races, thereby accelerating the generation of content through predefined access and filters.
Cyber protection solutions
Acronis’ range of cyber protection solutions are developed upon a five-pronged principle that aims to deliver Safety, Accessibility, Privacy, Authenticity, and Security (SAPAS) to organizations and users.
This design methodology ensures that Acronis solutions deliver not only the highest caliber of safety and security to data, applications, and systems, but also a guarantee that data is tamper-free and easily accessible for smooth day-to-day operations.
Acronis Cyber Protect
One of Acronis’ top products that W Series will be using is the Acronis Cyber Protect, which provides fast and reliable backup, AI-powered anti-malware and anti-virus, and comprehensive endpoint management in a single solution. This integrated approach to cyber protection eliminates complexity and makes it simple for users to manage and monitor data across an entire network.
Some of this technology will be delivered by Teknov8, a global provider of cyber security solutions that will support Acronis’ partnership with W Series as the Official #CyberFit Delivery Partner.
Catherine Bond Muir (Chief Executive Officer, W Series) said, “Acronis’ innovative and award-winning cyber protection solutions are used by many of the major automotive companies and sporting organizations around the world."
Acronis – W Series multi-year partnership
She said, “Therefore, today’s announcement of a multi-year partnership against the backdrop of the ongoing global health crisis and the devastating economic impact that it has had, is a significant endorsement of W Series and our mission.”
Acronis’ support will be vital as we prepare to resume our on-track racing program in 2021"
Catherine adds, “It has become clear in our discussions with Acronis that they are as committed to improving equality and diversity in motorsport as we are, and their bespoke data management system will improve the speed and accuracy with which we can share our content, thereby helping to spread our message further and faster.”
She further stated, “Acronis’ support will be vital as we prepare to resume our on-track racing program in 2021 with a schedule which is bigger and better than ever before. The W Series Esports League has also kept our drivers sharp and our fans entertained, and Acronis’ commitment to that brand-new platform reflects our own.”
Enhancing cyber security in work from home environment
Serguei Beloussov (Founder and Executive Officer, Acronis) said, “Ever since the COVID-19 pandemic hit, cyber-attacks have increased five-fold. Cybercriminals are ruthlessly targeting a workforce that has largely migrated to working from home on less secure networks.”
Seguei adds, “Acronis Cyber Protect is perfectly designed to combat this threat, as it allows for system administrators to remotely manage and protect even devices that are not on the same network, so home users can keep both their professional and personal data safe and secure.”
He further stated, “We are honored to have been chosen to help the W Series team get #CyberFit, and we look forward to a long and fruitful partnership with the team.”
New interface expands functionality, increases compliance in highly regulated markets and simplifies administration and deployment
LenelS2 announced an interface between the OnGuard® physical access control system and the DMP XR550 and XR550E intrusion detection systems. The interface expands functionality, increases compliance in highly regulated markets and greatly simplifies the administration and deployment experience. LenelS2, a pioneer in advanced security systems and services, is a part of Carrier Global Corporation, a global provider of healthy, safe and sustainable building and cold chain solutions.
“The DMP interface expands the OnGuard system’s built-in, real-time intrusion detection capabilities, providing end users with an outstanding option for monitoring and controlling alarms,” said Ryan Kaltenbaugh, vice president, Vertical Market Solutions, LenelS2. “Having a native interface with DMP also helps OnGuard system users better meet the stringent requirements and policies in highly regulated vertical markets, including the U.S. federal government.”
Leveraging the new interface
The OnGuard platform can now centrally manage and link cardholders with users for both systems minimizing manual and redundant input of user profile information. Additionally, the interface provides command and control of the DMP-monitored areas, zones and devices within the DMP panels. OnGuard users will now be able to easily arm and disarm the system as well as quickly see all alarm events within the OnGuard interface.
“At DMP it’s all about our customers and the integrity of our products. This interface with the OnGuard system provides our joint customers with an improved experience,” said Mark Hillenburg, vice president, Marketing at DMP. “From a simplified setup and programming process to enhanced management capabilities, this new interface is a game changer, and we are thrilled with the advancement.”
The interface was developed by the LenelS2 Advanced Services team and covers the DMP XR550 and XR550E intrusion detection systems, the flagship in DMP’s line of products.
Renowned risk management company, SmartWater Technology Limited (The SmartWater Group), has teamed up with Vantage England & Wales to help protect its agricultural customers from rural crime.
As a result of the partnership, SmartWater Technology, a division of The SmartWater Group, will supply forensic marking liquid for Vantage’s Trimble agricultural portfolio, including advanced navigation and machine control systems designed specifically for farming use.
Each Trimble product comes with a bottle of SmartTrace liquid with a unique forensic code. All the user needs to do is to apply this to their asset using the syringe provided and register the individual code on the national database.
Also provided with the SmartTrace liquid are deterrent stickers that can be applied to each of the Trimble brand products. If in the event a stolen item is recovered it can instantly be tracked back to its owners via the database, which is accessible to the police.
Gary Higgins, Chief Operations Officer (COO) of SmartWater Technology division, stated “We are delighted to be working with and supporting Vantage England and Wales with this industry first venture. Valuable assets will now be forensically marked, making them uniquely identifiable and therefore less attractive to thieves.”
SmartWater forensic solution
We chose SmartWater as it is used in many industries including banking, retail and construction"
Gary adds, “With hundreds of criminal convictions to date and a 100% conviction rate in court, criminals are aware of the power of SmartWater to categorically link them to their crimes.”
Mark Griffiths, National Sales Manager at Vantage England & Wales Ltd, said “We at Vantage needed a deterrent to protect our customers’ equipment, we chose SmartWater as it is used in many industries including banking, retail and construction. Being able to apply a product meeting specification for these industries and bringing it to UK agriculture made complete sense and has been well received by our customers.”
Compliance with HO Forensic Science Code of Practice
Mark adds, “Our product association with SmartWater will not only deter thieves, but it gives our customers confidence that we can support them throughout the process should the worst happen.”
SmartWater forensic solution is currently the only system that is compliant with the HO Forensic Science Regulators Code of Practice, which means it is admissible in Court as evidence.
Rural crime in England hit an eight-year peak last year, rising by 9% on the previous year. Costing businesses around £46m in losses, the rise was partially driven by organized gangs targeting expensive vehicles, such tractors and quad bikes.
The threat landscape we operate in today is changing all the time. Around the world, pressures on law enforcement bodies remain incredibly high as they face the challenge of rising international threat levels and a backdrop of intense political, social and economic uncertainty.
It is a challenge that demands a considered, proactive and dynamic response. It’s clear that new technologies, such as Artificial Intelligence (AI), can dramatically improve the effectiveness of today’s physical and cyber security systems and help us to better defend against a wide-spectrum of threats.
Finding the balance
Specifically speaking, for physical security systems to be effective, they must have the full support of the public. Airport-style environments where security checkpoint processes are implemented are both time consuming and obstructive, and feels, at times, they are in no one’s best interest. Oppressive, fortress-like environments are likely to quickly lose the backing of the public, who want to be able to go about their daily lives without being delayed or obstructed by cumbersome security checkpoints and procedures.
For physical security systems to be effective, they must have the full support of the public
However, after a large-scale security threat or attack occurs, it is often these more overt systems that we gravitate towards, often fueled by a proven track record of both deterrence and detection. It’s the antithesis of ‘out of site, out of mind’ security. Having these large, bulky overt security systems offer reassurance to people and create a greater sense of security.
But what if we could instill this sense of security without monstrous overt systems? What if today’s physical security systems could allow for seamless people flow while creating safe environments, all done in a covert manner without interrupting peoples’ way of life? This is exactly what can be achieved with the some of the new physical security applications that incorporate AI.
Security solutions with AI: how, what, where?
Today, security solutions driven by AI technologies are being developed and can be covertly deployed across a range of physical environments to protect our global citizenry. These new AI-driven technologies are taking multiple different forms, depending on the locations they are designed to protect.
Video management surveillance systems (commonly referred to as VMS systems) are being enhanced by AI/computer vision technology to identify objects. These enhanced VMS systems can be deployed both inside and outside of buildings to identify and flag forbidden objects, such as visible guns, knives or aggressive people, in a wide range of public spaces, such as schools, hospitals, sport stadiums, event venues and transportation hubs. Recognized threat objects in hand or suspicious behaviours can be identified and flagged instantaneously for onsite security to further investigate.
In addition, targeted magnetic and radar sensor technologies, concealed in everyday objects like planter boxes or inside walls, can now scan individuals and bags entering a building for concealed threat objects. Using AI/machine learning, these two sensor solutions combined can identify metal content on body and bag and match the item to a catalog of threat items, such as guns, rifles, knives and bombs with metal shrapnel. Without this advanced multi-sensor solution, it becomes nearly impossible to discover a weapon on a person's body before it appears in an assailant’s hands. This multi-sensor solution allows for a touchless, unobtrusive access to a building, but allows for immediate notification to onsite security when a concealed threat is detected. The hidden technology thus empowers security staff to intercept threats before they evolve into a wider scale attack, while also maintaining the privacy and civil liberties of the public, unless, of course, they are carrying a concealed weapon or pose a physical threat.
AI-powered solutions proactively help onsite security to effectively safeguard the public
Unlike many large, fixed detection security systems, AI-powered solutions proactively help onsite security to effectively safeguard the public without causing mass obstruction and disruption.
Soft target hardening
Hardening a facility against physical attacks and threats can be expensive, as well as maintaining and running large fixed detection equipment. It may also result in the threat shifting to ‘softer’, less secure targets, for example schools, music venues and places of worship, all locations we’ve see active attacks in the past decade.
Around the world, we have seen the devastation to communities and the aftermath impact of these attacks. In the USA, for example, in February 2018, a 19-year-old gunman walked into Marjory Stoneman Douglas High School in Florida, and opened fire, killing 17 students and faculty members. And in the UK in May 2017, a suicide bomber attacked a concert venue in Manchester, tragically killed 22 people.
It is a global priority to make these soft target public gathering places more secure. But in doing so we cannot turn them into fortresses. The security industry, public sector and national and local government must collaborate to deploy intelligent systems with technology at their core to not only protect lives, but also preserve a way of life.
Integrated systems and behavioral detection
One of the biggest advantages of using AI technology is that it’s possible to integrate this intelligent software into building smarter, safer communities and cities. Essentially, this means developing a layered system that connects multiple sensors for the detection of visible and invisible threats.
Integrated systems mean that threats can be detected and tracked, with onsite and law enforcement notified faster, and possibly before an assault begins to take place. In many ways, it’s the equivalent of a neighborhood watch program made far more intelligent through the use of AI. Using technology in this way means that thousands of people can be screened seamlessly and quickly, without invading their civil liberties or privacy.
It’s not only knives, guns and explosives that intelligent systems can detect. They can also be trained to detect behavior and potential invisible biological threats, such as viral threats currently facing our world today. This does not mean profiling individuals. Instead, using AI that is deployed on existing CCTV or thermal camera systems, it looks for indicators that may identify a physical altercation and disturbance, an elevated body temperature, indicative of viral fever, or lack of a face mask for health safety compliance.
When integrated, these solutions can provide onsite security with up-to-the-minute information to allow greater protection of the properties they serve. By using these intelligent, non-intrusive technologies, today’s security personnel are now more capable of detecting a wide range of threats.
This is the future of public safety and security, and we should expect to see these new technologies becoming more common over the coming years, as cities around the world strive to create smart, safer communities.
The human element
While technology can make a significant impact to existing security systems, it would be wrong to position it as the end-all, be all to preventing future attacks. Technology is only part of the solution. Well trained security personnel are also required; individuals who know how to use new technologies and the data they provide, and then make informed decisions about how to engage a potential bad actor or threat.
Not only will a properly trained security staff member help to prevent an attack from happening, but the extra insight provides by these intelligent systems can potentially interrupt an attacker in planning and walk through stages, or even before a weapon is drawn. This alone has many benefits beyond just preventing an attack. It means that authorities can help these individuals, some of whom may be suffering from mental health issues, to get the help they need from professional healthcare workers. By security personnel working with local authorities and healthcare professionals, potential attackers can get the support they need, from de-radicalisation programmes to specialized counseling, helping them return to being a healthy, productive member of society.
These intelligent systems can potentially interrupt an attacker in planning
AI for safer communities
AI’s ability to detect visible or invisible threats or behavioral anomalies will prove enormously valuable to many sectors across our global economy. Perhaps none more so, though, than to institutes of education, where we have seen many violent attacks over the course of the last few years. Specifically, the application of AI for detecting odd behavioral activity could be used to identify potential active shooter attacks, or even students who may be depressed and prone to committing suicide. Both tragedies we see weekly around the world.
One thing is clear, cross-sector collaboration and the application of integrated, intelligent AI technology that puts data and ultimate control into a human’s hands can be key to making our communities safer places to live.
As the media often reports, the world of cybersecurity can be seen like the ‘Wild West’. There’s now a wide range of Internet of Things (IoT) devices connected to the web, making this a hot topic. Among these devices are security cameras. IoT devices are computers that use software that makes them vulnerable. As the famous cybersecurity evangelist Mikko Hypponen says, "If a device is smart, it's vulnerable!"
Hypponen is right. On a daily basis, new vulnerabilities are found in software, regardless of the manufacturer. In 2019, more than 12,000 vulnerabilities worldwide were made public and reported as a CVE (Common Vulnerability and Exposure) in the National Vulnerability Database (NVD). Unfortunately, vulnerabilities are a given. What really matters is how a company deals with and resolves vulnerabilities.
Awareness of cybersecurity vulnerabilities is vitally important
Awareness of cybersecurity vulnerabilities is vitally important to protect you, your business and the Internet, but it’s also important to understand that a vulnerability is not synonymous with “backdoor”, and is not necessarily indicative of “cheap quality.”
But there are companies out there that are embedding safeguards into their development processes to reduce the risks. You could see them as ‘Sheriffs’, taking steps to make this Wild West a little safer.
Why Hikvision chooses ‘Secure-by-Design’
Security cameras, like all other IoT devices, are vulnerable to cyberattacks. Fortunately, manufacturers of IoT devices can significantly reduce these vulnerabilities during the production of devices, using a process called ‘Secure-by-Design’. Implementation of Secure-by-Design requires a commitment on the part of the manufacturer’s management team and a serious investment in resources and technology, which can result in a longer production process and a higher cost of the IoT device. Cost is often the reason why some IoT device manufacturers do not use Secure-by-Design (and are indeed cheaper).
Hikvision is a producer of IoT devices that takes security and privacy very seriously and has implemented Secure-by-Design in its production process. Management supports this process and has even set up a dedicated internal cybersecurity structure charged with product cybersecurity. This group is also the central point of contact for all other cybersecurity matters. The Hikvision Security Development Life Cycle (HSDLC) is an essential part of Hikvision's cybersecurity program. Cybersecurity checks take place at every stage of product development — from concept to delivery.
Cybersecurity checks take place at every stage of product development
For example, product testing takes place during the verification phase, the company also regularly invites well-known security companies and public testing platforms to conduct penetrating testing. Does this mean that all Hikvision products are immune to hacking? No, that guarantee cannot be given, but the HSDLC is a testament to a manufacturer that makes every effort to produce products that are as cyber secure as possible.
Source code transparcency center
In addition to the Secure-by-Design process, Hikvision opened a Source Code Transparency Center (SCTC) lab in California in 2018, being the industry’s first-of-its-kind lab to open such a center. At this center, U.S., Canadian government and law enforcement agencies can view and evaluate the source code of Hikvision IoT devices (IP cameras and network video recorders). It’s important to emphasize that no product is 100 percent secure. Hikvision has a Vulnerability Management Program in place when a vulnerability is discovered in a product.
To date, vulnerabilities that have been reported to Hikvision and/or made publicly known, have been patched in the latest Hikvision firmware, and are readily available on the Hikvision website. In addition, Hikvision is a CVE CNA, and has committed to continuing to work with third-party white-hat hackers and security researchers, to find, patch and publicly release updates to products in a timely manner. These vulnerabilities are collected in the National Vulnerability Database (NVD) and are public. Hikvision recommends that customers who are interested in purchasing security cameras inquire about a manufacturer’s cybersecurity practices and if they have an established Vulnerability Management Program.
Cybersecurity questions to consider
The cybersecurity of IoT devices is a topic that needs to be addressed in a serious way and it should play an essential role in the product development process, beginning at the concept phase of an IoT product. This requires time, investment and knowledge. Consider the following questions:
Do I trust the manufacturer of a low-cost security camera?
Does this manufacturer have a dedicated cybersecurity organization?
How does this manufacturer handle vulnerabilities?
These are the questions that everyone should ask themselves when making a purchase, be it a camera or any other IoT product. There is no absolute 100% guarantee of security, but Hikvision has industry-leading practices to ensure the cybersecurity for its cameras. Cooperation, with its customers, installers, distributers and partners, and full transparency are key elements to successfully secure IoT devices. When you read cybersecurity news, we invite you to look beyond the headlines, and really get to know the companies that produce the IoT devices. Before you buy a security camera or any IoT device, check out the manufacturer’s cybersecurity practices, look for a company with a robust vulnerability management program, a company that aligns itself with Secure-by-Design and Privacy-by-Design and a company that employs cybersecurity professionals who are ready and eager to answer your questions. Remember, there are Sheriffs out there, as well as bandits.
IP cameras for video surveillance has been a trending topic amongst enterprises across the world due to rising concerns for security and safety. IP CCTV cameras are revolutionizing security measures, and technology has evolved to allow for a more diverse security monitoring system through high resolution, larger digital storage options and compatibility for integrated analytical software.
According to Global CCTV Market Forecast 2022, analysts expect the market for global CCTV to grow at a CAGR of around 11% during 2018-2022.
Clearly, a successful hack of an enterprise security camera system could lead to a range of implications. Amongst the main ones is unauthorized access to video and audio streams of data, as well as to the archive, violation of confidentiality, HIPPA, PII and potential leaks of personal and corporate information, possible copying, unauthorized distribution and duplication of such data.
“Most Enterprise video surveillance systems are vulnerable to hackers. According to our studies, more than half of companies and organizations, both large and small, do not take sufficient precautions when it comes to preventing their security cameras from being hacked. Be it ignorance or just careless approach to security of their network in general, the results of hacking can be disastrous,” says Chris Ciabarra, the CTO and co-founder of Athena Security.
With the increasing number of surveillance cameras installed in homes, offices and public places, hacking incidents related to these devices happen more and more often.
The ease of hacking surveillance cameras
It’s not a secret that surveillance cameras, like many other Internet of things (IoT) devices, are full of vulnerabilities that can be exploited by hackers.
A hacker can find hundreds of potentially vulnerable IoT devices to hack into
Cameras, just like all other devices connected to the Internet, have IP addresses that are easy to find using Shodan, a search engine for Internet-connected devices. With this simple tool, a hacker can find hundreds of potentially vulnerable IoT devices to hack into, including cameras, especially when most companies use default passwords.
Below are basic recommendations on how to protect your camera network, and what actions you should take to minimize the chance of hacking.
Change the default username and password
You should start by changing the default password and username of your camera network. Even though this may seem obvious, not everyone does it, practically leaving the door for hackers wide open.
Use a strong password that is hard to guess. When setting up the password use numbers, symbols, both uppercase and lowercase letters. Do not use simple and commonly used passwords, such as the ones in SplashData's list of 100 worst passwords of the year.
Do not use the same password you are already using for other online accounts. According to a recent survey on data privacy conducted in May 2019, 13% of respondents with at least one online account say they use the same password for all their accounts. Using a password manager to generate a strong random password may be a good idea.
Update your camera firmware regularly
Keeping cameras firmware up-to-date is very important as it allows you to prevent hackers from exploiting vulnerabilities and bugs that are already patched by manufacturers in a new firmware update.
Despite the fact that most modern cameras will automatically download and install firmware updates, some require the user to check for updates and install them.
Set up two-factor authentication
Set up the two-factor authentication if your cameras support it. With two-factor authentication on, the camera manufacturer will send you a randomly generated passcode via text message or phone call, as an addition to username and password, during each log in to the account. Two-factor authentication prevents hackers from accessing the camera system even if they were able to crack username and password.
Not all surveillance camera systems support two-factor authentication, though.
Prevent cameras from sending information to third parties
Companies that use surveillance cameras very often do not put enough effort into protecting their cameras and the data they transmit, despite the fact that this footage is of great importance to many people.
The firmware of most cameras from different manufacturers is programmed in a way to keep a connection with the manufacturer’s server without knowledge of the end-user. Most users, both private and corporate, are not aware of this and therefore do not take any steps to protect themselves from this potential vulnerability, which could result in footage leak to a third party or a successful hacker attack.
To prevent your camera network from transmitting, the following steps should be taken.
Step 1: Statically assign an IP address
Statically assign IP address for each camera, subnet mask and leave gateway blank or 127.0.0.1, if this is allowed in gateway fields to be entered. If the firmware does not allow blank or 127 subnets, just point gateway to an unused dedicated IP address.
This way, cameras will not be able to send the information off the local company network.
Step 2: Assign DNS servers
Assign DNS servers that are local to cameras and force only your domain to be present with zero forwarding DNS servers.
This way, if a camera tries to do name resolution, it will come up blank. Not being able to find the IP address of the main server (mother ship), cameras won’t be able to connect to it.
To stay safe you can order your own DNS servers, locked down to your addresses only.
Block your camera network’s access to the Internet
Blocking your camera network’s access to the Internet is a good way to make sure hackers won’t be able to get access to the footage and other confidential data. Any dual-homed system touching your camera network should be blocked from Internet access. This way all systems in the same subnet won’t have access to the Internet from that box.
Always use DNS because firewall rules tend to be easy to hack, while DNS that is internal is not expected and stops systems from resolving names you do not wish to be translated, like talking back to the mothership of a bad program.
Monitor your system for traffic spikes
One of the tricky things about hacker attacks is that there are no warnings. In most cases hackers would penetrate your system without any signs or symptoms of an attack, and it isn’t until you face consequences (like leaked footage or hackers manipulating cameras) when you realize something is wrong. It may be days or even months between the hacker attack and the time you realize the system has been compromised.
Monitoring dual-homed systems for bandwidth spikes could be a good way to spot a hack resulting in the leakage of confidential data like images or video. There are a number of traffic monitoring tools available to private and corporate users that can manage and sniff the network or just monitor them.
Facial blur in archived footage
Blurring people’s faces when archiving in surveillance camera video streams is a great tool, allowing you to comply with privacy laws and make the footage useless to hackers even if they manage to successfully hack your system.
These recommendations will allow you to lower the risk of hackers breaking into your security camera network, detect the hack if it has occurred already, and to protect yourself from possible consequences if camera footage was stolen.
Within days, a rule will take effect that bans from U.S. government contracts any companies that “use” video products from Chinese companies Hikvision and Dahua. The Federal Acquisition Regulation (FAR) rule implements the “blacklist” (or “Part B”) provision of the National Defense Authorization Act (NDAA), which is understood in the security industry as prohibiting dealers and integrators that do business with the federal government from selling Chinese-made video products to any of their customers (even for non-government projects).
The rule, which is officially still interim, states: “On or after August 13, 2020, [federal] agencies are prohibited from entering into a contract, or extending or renewing a contract, with an entity that uses any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.”
Within days, a rule will take effect that bans U.S. government contracts any companies that “use” video products from Chinese companies Hikvision and DahuaFederal agencies issuing the rule are the Department of Defense (DoD), the General Services Administration (GSA) and the National Aeronautics and Space Administration (NASA). GSA provides centralized procurement for the federal government.
Because the COVID-13 crisis delayed issuance of the rule, the usual 60 days will not be allowed for public comment before the rule is implemented. However, public comments are welcome and will be addressed in subsequent rulemaking.
“Telecommunications equipment” refers to equipment or services provided by Huawei Technology or ZTE Corp, both Chinese telecommunications giants. The rule also specifies that it applies to “certain video surveillance products or telecommunications equipment and services produced or provided by Hytera Communications Corp., Hangzhou Hikvision Digital Technology Company, or Dahua Technology Company (or any subsidiary or affiliate of those entities).” Hytera is a Chinese manufacturer of radio systems. Hikvision and Dahua are major international manufacturers of video surveillance equipment.
Limits and prohibitions
The rule states: “This prohibition applies to the use of … equipment or services, regardless of whether that use is in performance of work under a Federal contract.” In the industry, this clause is taken to mean that integrators that “use” any of the covered equipment are prohibited from selling to the government. “Use” presumably covers an integrator deploying the equipment in their own facilities and/or selling it to other customers. The rule also prohibits “service … related to item maintenance,” which in the case of a security integrator would include providing service contracts on previously installed systems.
Security Industry Association (SIA)
The Security Industry Association (SIA) comments: “Due to applicability [of the rule] to uses by entities with federal contracts even unrelated to their federal work, this broad interpretation is expected to have widespread impact on the contracting community across many sectors, as covered video surveillance equipment is some of the most commonly used in the commercial sector in the United States.”
Security integrators that do business with the federal government have largely anticipated the new rule and already switched their Chinese camera lines for NDAA-compliant competitors. However, as SIA points out, extensive common uses of the Chinese equipment in various commercial sectors raises additional concerns.
Easing compliance burdens
The interim rule adopts a “reasonable inquiry” standard when an offeror (government contractor) represents whether it uses covered equipment. “A reasonable As SIA points out, extensive common uses of the Chinese equipment in various commercial sectors raises additional concerns. inquiry is an inquiry designed to uncover any information in the entity’s possession about the identity of the producer or provider of covered telecommunications equipment or services used by the entity. A reasonable inquiry need not include an internal or third-party audit.” SIA notes that this provision may be aimed at easing the compliance burden by suggesting that contractors only need to inquire based on what information they already possess.
The new rule covers Paragraph (a)(1)(B), which has informally been referred to as the “blacklist” provision of the NDAA, the John S. McCain National Defense Authorization Act for fiscal year 2019. However, the “Chinese ban” provision [Paragraph (a)(1)(A)] already went into effect a year after the law was signed by President Trump (August 13, 2018). “Part A” covers use of Chinese-made products in fulfilling government contracts.
A growing threat
Seeking to justify the new restrictions, the FAR rule states: “Foreign intelligence actors are employing innovative combinations of traditional spying, economic espionage, and supply chain and cyber operations to gain access to critical infrastructure and steal sensitive information and industrial secrets. The exploitation of “Telecommunications equipment” refers to equipment or services provided by Huawei Technology or ZTE Corp, both Chinese telecommunications giantskey supply chains by foreign adversaries represents a complex and growing threat to strategically important U.S. economic sectors and critical infrastructure.”
SIA has urged a delay in implementing the “Part B” provision, stating: “The federal government estimates that it will cost contractors well over $80 billion to fully implement this prohibition on the use of certain Chinese telecommunications and video surveillance equipment, yet endless delays in publishing the rule now mean that federal suppliers have just weeks to understand and comply with the new rule, which raises as many questions as it answers.”
SIA continues: “Federal suppliers across a wide range of industries have increasingly concluded that Part B is unworkable without clarification of the scope and meaning of key terms in the provision, which the rule does not do enough to define. For example, Part B bans agencies from contracting with a provider that “uses” any covered equipment or service. This term is not clearly defined in law or regulation, yet contractors must certify compliance beginning Aug. 13, 2020.”
The Part B rule, which only applies to prime contractors, enables agency heads to grant a one-time waiver on a case-by-case basis, expiring before Aug. 13, 2022.
The global pandemic caused by the novel coronavirus is changing work environments to an unprecedented degree. More employees than ever are being asked to work remotely from home. Along with the new work practices comes a variety of security challenges.
Without the proper precautions, working from home could become a cybersecurity nightmare, says Purdue University professor Marcus Rogers. “Criminals will use the crisis to scam people for money, account information and more,” he says. “With more people working from home, people need to make sure they are practicing good cybersecurity hygiene, just like they would at work. There is also a big risk that infrastructures will become overwhelmed, resulting in communication outages, both internet and cell.”
Concerns about the coronavirus have increased the business world’s dependence on teleworking. According to Cisco Systems, WebEx meeting traffic connecting Chinese users to global workplaces has increased by a factor of 22 since the outbreak began. Traffic in other countries is up 400% or more, and specialist video conferencing businesses have seen a near doubling in share value (as the rest of the stock market shrinks).
Basic email security has remained unchanged for 30 years
Email is a core element of business communications, yet basic email security has remained unchanged for 30 years. Many smaller businesses are likely to still be using outdated Simple Mail Transfer Protocol (SMTP) when sending and receiving email. “The default state of all email services is unencrypted, unsecure and open to attack, putting crucial information at risk,” says Paul Holland, CEO of secure email systems provider Beyond Encryption.
“With remote working a likely outcome for many of us in the coming weeks, the security and reliability of our electronic communication will be a high priority,” says Holland. The company’s Mailock system allows employees to work from any device at home or in the office without concerns about data compromise or cybersecurity issues.
Acting quickly and effectively
As the virus spreads, businesses and organizations will need to act quickly to establish relevant communication with their employees, partners and customers surrounding key coronavirus messages, says Heinan Landa, CEO and Founder of IT services firm Optimal Networks. Employers should also enact proper security training to make sure everyone is up to speed with what’s happening and can report any suspicious online activity.
Reviewing and updating telework policies to allow people to work from home will also provide flexibility for medical care for employees and their families as needed.
Scammers, phishing, and fraud
An additional factor in the confusing environment created by the coronavirus is growth in phishing emails and creation of domains for fraud. Phishing is an attempt to fraudulently obtain sensitive information such as passwords or credit card information by disguising oneself as a trusted entity. Landa says homebound workers should understand that phishing can come from a text, a phone call, or an email. “Be wary of any form of communication that requires you to click on a link, download an attachment, or provide any kind of personal information,” says Landa.
Homebound workers should understand that phishing can come from a text, a phone call, or an email
Email scammers often try to elicit a sense of fear and urgency in their victims – emotions that are more common in the climate of a global pandemic. Attackers may disseminate malicious links and PDFs that claim to contain information on how to protect oneself from the spread of the disease, says Landa.
Ron Culler, Senior Director of Technology and Solutions at ADT Cybersecurity, offers some cyber and home security tips for remote workers and their employers:
When working from home, workers should treat their home security just as they would if working from the office. This includes arming their home security system and leveraging smart home devices such as outdoor and doorbell cameras and motion detectors. More than 88% of burglaries happen in residential areas.
When possible, it’s best to use work laptops instead of personal equipment, which may not have adequate antivirus software and monitoring systems in place. Workers should adhere to corporate-approved protocols, hardware and software, from firewalls to VPNs.
Keep data on corporate systems and channels, whether it’s over email or in the cloud. The cyber-protections that employees depended on in the office might not carry over to an at-home work environment.
Schedule more video conferences to keep communication flowing in a controlled, private environment.
Avoid public WiFi networks, which are not secure and run the risk of remote eavesdropping and hacking by third parties.
In addition to work-from-home strategies, companies should consider ways to ensure business cyber-resilience and continuity, says Tim Rawlins, Director and Senior Adviser for risk mitigation firm NCC Group. “Given that cyber-resilience always relies on people, process and technology, you really need to consider these three elements,” he says. “And your plan will need to be adaptable as the situation can change very quickly.”
Employees and their employers
Self-isolation and enforced quarantine can impact both office staff and business travelers
Self-isolation and enforced quarantine can impact both office staff and business travelers, and the situation can change rapidly as the virus spreads, says Rawlins.
Employees should be cautious about being overseen or overheard outside of work environments when working on sensitive matters. The physical security of a laptop or other equipment is paramount. “It’s also important to look at how material is going to be backed up if it’s not connected to the office network while working offline,” says Rawlins.
It’s also a good time to test the internal contact plan or “call tree” to ensure messages get through to everyone at the right time, he adds.
HID Global is introducing a new “flagship” line of access control readers as successors to the iCLASS line. The new HID Signo readers will support 15 different credentialing formats and communicate using the latest NFC (near field communication), BLE (Bluetooth Low Energy) and OSDP (Open Supervised Device Protocol) standards. HID Global says the new readers will simplify integration to more secure and mobile credentials.
HID Global has invested in a “future-proof” approach that both accommodates a variety of current market needs and can adapt to embrace new technologies as they come onto the market. The new line incorporates “all the hardware you need,” combining the capabilities of older generations of readers into a single product.
Simplifying the choice of readers
The new reader line seeks to simplify the choice of readers in a time when a variety of trends is complicating the access control market, from cloud systems to mobile access to identity management.
“We are simplifying the way we bring our products to market, and baking it all into our readers,” says Harm Radstaak, HID Global Vice President and Managing Director. “If an installer takes a reader out of the box and mounts it on the wall, it just works.”
We are simplifying the way we bring our products to market"
In designing the product, HID sought feedback from channel partners, installers, consultants and end users on how the new readers would function. In addition, the company sought advice from architects on the design of the product. Aesthetics and industrial design elements were a priority because they ideally reflect the quality and “promise” of how the product will perform.
Cybersecurity is another emphasis. The readers store cryptographic keys and process cryptographic operations on certified EAL6+ secure element hardware, and custom authentication keys can be used for organizations who prefer that level of control. EAL6+ certification is a designation of the Evaluation Assurance Level of an IT product or system (the highest score is EAL7). Signo also includes a velocity checking feature designed to mitigate and thwart brute force attacks.
“The new Signo line is a continuation of the journey we have been on,” says Radstaak. “It is the natural succession of what we have been doing for years, and it underlines our position in the market.” By natively supporting mobile credentials, the new product line reinforces HID’s commitment to mobile systems, which the company first brought to market in 2014. Signo readers also include Enhanced Contactless polling to support mobile credentials in Apple Wallet.
Embracing the OSDP standard, which was created in 2008, also addresses the growing customer need for bi-directional, secure communications. There is built-in support for OSDP Secure Channel as well as legacy Wiegand communication for organizations seeking to transition.
Signo incorporates support for most credential technologies globally, including Seos, credentials with HID’s Secure Identity Object, and a variety of 125kHz legacy technologies such as Indala and Prox.
The flexibility and openness of Signo is a response to the acceleration of new technologies entering the access control market. “If you look at new technologies in general, our market has been slow in adopting them,” says Radstaak. “However, with new entrants in the market, new technologies, new device manufacturers and artificial intelligence (AI), I believe the market is adopting new technologies much faster than before. Users are much savvier.”
Administrators will be able to remotely configure and diagnose readers
Radstaak says he expects market adoption of the new readers will be fast. “Customers have been waiting for this platform,” he says. “This has been a tremendous investment for HID Global, and it underlines our position in the market with its open platform, simplicity and future-proofing. We are prepared for whatever comes next technology-wise.”
With Signo readers, administrators will be able to remotely configure and diagnose readers as well as monitor status through a centrally managed and connected reader ecosystem.
As a member of the FiRA Consortium, HID Global has advocated bringing new technology to market based on the “fine ranging” capabilities of ultra-wideband (UWB) technology, which has applications in detection of the precise location or presence of a connected device or object. It’s the kind of technology that Signo platform’s “future-proofing” approach is geared to accommodate. “As the capability unfolds, we will be there to adapt,” says Radstaak.
Stuart Codack, Information Security Manager and Steve Roberts, Head of IT at West Midlands Trains (WMT), gave an inside look into working with SureCloud’s cyber security team.
As an operator of essential services and part of the critical national infrastructure, West Midlands Trains (WMT) are constantly reviewing the service that they provide and the supporting processes to ensure that they are giving customers the very best service. WMT will routinely carry over 200,000 passengers over any of the 1300 services per day, operating from London to Liverpool and predominately in the West Midlands area.
Aligning to business objectives
While providing the best service possible, the business is responsible for making upgrades
While providing the best service possible, the business is responsible for making upgrades, as part of their commitment to the Department for Transport and agreed set of objectives defined within the organization’s committed obligations.
These could range from large projects to developing stations, such as Wolverhampton, upgrading and enhancing the trains’ capacity, or providing more technical solutions to allow customers to purchase tickets and view train services online.
Key cyber security challenges
Understanding the emerging and constantly evolving threats to the rail is critical to ensure that WMT provide an efficient and responsive technical solution for the services operated. They operate within a number of frameworks, most significantly the Network Information Systems (Directive) provided to Operators of Essential Services (OES), and also feed in elements of both ISO27001 and NIST.
The Department for Transport, in conjunction with the National Cyber Security Center, enctheages a mature cyber security posture, and closely monitor and assess assurance levels. This approach challenges WMT constantly and places high demands on the enterprise to deliver and maintain a strong cyber security posture.
Understanding where any actual or potential weaknesses are helps in directly applying restheces to protect systems and maintain confidentiality, integrity and availability. Often overlooked, recognizing where WMT have achieved success has also helped to justify continued and future spending to senior management, by assuring them that a proactive cyber security strategy is worth the investment.
SureCloud cloud-based platform
Chosen for their professionalism during the tender stage, SureCloud comfortably convinced the decision makers of their technical capability, flexibility and willing attitude to join the business on their jtheney, as opposed to other vendors providing the essentials with hidden costs introduced as additional extras.
The SureCloud platform provided WMT with clear visibility of testing outcomes
Another key benefit that helped SureCloud stand out from the rest was the technology-enabled services approach, which utilizes SureCloud’s platform to underpin the service delivery. The cloud-based platform has provided a forum for WMT, in which work streams can be identified and allocated to third-party vendors. The business allows remediation work to be assigned and worked on concurrently.
The SureCloud platform provided WMT with clear visibility of testing outcomes and helped to establish the evidence and patterns of work that supports the various questions across the frameworks that call for continual service improvement, while demonstrating a proactive response to aspects of ISMS has been invaluable.
Benefits of the Cyber security-as-a-Service package
Support was measured against the requirements of the organization and was provided on-demand and willingly offered up throughout all stages of the agreement, with no signs of wavering support on completion of any of the work packages.
The penetration testing has provided a great deal of insight and visibility into areas that needed improvement while assuring other areas where the business had demonstrated some good practices. The results were well presented via the platform with the context that allowed the team to define the risk, and if any action would be needed to mitigate or reduce those risks. The level of expertise was fantastic, with identified areas supported by impacts and potential solutions.
Effective cyber security program
Overall, West Midlands Trains are very satisfied with their investment in the SureCloud tech-enabled services, and have already recommended SureCloud to a number of partners based on the work conducted. West Midlands Trains are passionate about managing an effective cyber security program and the business will continue to work with SureCloud in the future.
Allot Communications Ltd., a global provider of innovative network intelligence and security-as-a-service (SECaaS) solutions for communication service providers (CSPs) and enterprises, has announced that a Tier-1 telecom operator in APAC has selected Allot HomeSecure to provide consumers with zero touch clientless cyber security and parental control services, to protect the CPEs/routers and devices in their homes.
The HomeSecure solution will be deployed in CPEs provided to consumers by the operator, and in the operator’s cloud-native environment. The services are expected to be made available to millions of the operator’s fixed broadband customers. The operator has ordered an enterprise-wide perpetual license from Allot.
According to the Microsoft Security endpoint threat report 2019, the malware encounter rate in APAC was 1.6 times higher than the global average. In light of these conditions, Allot HomeSecure gives telecom providers in APAC a unique opportunity to deliver zero-touch, fully automated services that protect their customers while generating supplemental revenues.
Security for home IoT and smart home devices
Allot HomeSecure provides security for home IoT devices and smart appliances
Allot HomeSecure provides security for home IoT, smart appliances, and the devices connected to the home network. It integrates into the existing home router with the addition of a thin software client that provides home network visibility, cyber security and parental controls without the need for any configuration by the consumer.
Allot HomeSecure uses AI to identify and profile connected home devices and to detect and act upon anomalous device behavior. HomeSecure has the option to be managed from an easy-to-use app for every household that gives consumers control over their network security and parental controls.
“Our customer in APAC sees anti-malware protection for all home-connected devices and parental controls as basic requirements for any offering they provide to their millions of fixed broadband customers. HomeSecure gives them a single zero-touch clientless solution that satisfies both of these demands,” said Ran Fridman, EVP Global Sales at Allot.
Interface Security Systems, a pioneering managed services provider that delivers managed network, business security and business intelligence solutions to distributed enterprises, recently provided Thrive Restaurant Group, one of Applebee’s largest franchisees in the US, with scalable network, communications and security services.
Business security systems platform
The new solutions include a next-generation secure SD-WAN architecture with network upgrades, 4G/LTE wireless capability, unified communications as service (UCaaS) with cloud-based VoIP and a secure and standardized business security systems platform.
As a significant update to Thrive’s outdated legacy systems, the new Interface solution unclogs productivity bottlenecks and gives the flexibility the restaurant chain needs to address changing customer preferences.
Managing multiple network and voice providers
We needed a partner we could count on to manage our network, voice, and security for all locations"
With 81 restaurants across the United States, Thrive found itself struggling with challenges common to many geographically distributed businesses, including managing multiple network and voice providers, dealing with outdated CCTV hardware, and a lack of accountability from vendors.
“With 81 restaurants across ten states, we needed a partner we could count on to manage our network, voice, and security for all locations,” explains Brian Houchin, Director of IT for Thrive Restaurant Group.
Troubleshooting technical issues
When it came to managing vendors, Thrive simply had too many. Troubleshooting technical issues was challenging as it was difficult to pin accountability on a specific vendor. In addition, tracking invoices, service credits and administering multiple vendors was an inefficient and time-consuming exercise every month.
Outdated hardware and changing regulations also posed a challenge. Unreliable CCTV equipment left the restaurants, employees and customers vulnerable to security risks on-premises. Constantly evolving Payment Card Industry (PCI) compliance rules meant Brian Houchin had to devote hours of his limited bandwidth to keep up with the latest changes and updates, so that Thrive could avoid major penalties and security threats.
With the COVID-19 pandemic significantly disrupting Thrive’s business, restaurant staff found it challenging to handle sudden spikes in call volumes, as they had to work with a legacy phone system that was not scalable. The lack of 4G wireless coverage, outside of the restaurant premises made curbside pickup and take-out services impossible to manage.
Secure, scalable network and communications
Thrive turned to Interface to implement a secure, scalable network and communications backbone that would unclog the productivity bottlenecks and give the flexibility the restaurant chain needed to cater to changing customer needs.
Interface implemented a next-generation secure SD-WAN architecture with network upgrades to guarantee seamless connectivity between all of Thrive’s locations. To deliver a better guest experience for customers calling in with their orders and enabling curbside pickup and payment, Interface rolled out a 4G/LTE wireless network that also doubled up as a backup when the primary network failed.
UCaas with cloud-based VoIP implemented
With managed network services from Interface, Brian and Thrive never have to worry about PCI compliance
With managed network services from Interface, Brian and Thrive never have to worry about PCI compliance. Interface also implemented unified communications as service (UCaaS) with cloud-based VoIP and auto-attendant features for Thrive’s locations to seamlessly route high volumes of customer calls to their dedicated order center.
“We wanted to take the call-in experience out of the individual restaurants and put it into the hands of professionals who weren’t in a hurry to get off the phone,” explains Brian Houchin, adding “The VoIP service from Interface lets us take additional orders, dramatically improving our customer experience and increasing revenue.”
Deploying secure video surveillance platform
To solve the limitations of Thrive’s legacy CCTV infrastructure, Interface delivered a secure video surveillance platform with easy remote viewing from any location and simplified access management to boost restaurant security.
Thrive’s partnership with Interface has allowed the restaurant group to focus more on their growth strategy and long-term plans. By consolidating their SD-WAN, UCaaS, CCTV and 4G/LTE services with Interface, Thrive gets real accountability without having to deal with the vendor run-around.
Perhaps the greatest advantage is Thrive’s ability to aggressively expand, confident that Interface’s 24/7 managed services will always be ready to support their growth. “We’ve had a chance to test out multiple vendors for network, communications and business security and Interface definitely has provided us the best experience,” concludes Houchin.
G4S is the globally renowned integrated security company with operations in approximately 85 countries. At the core of the business is G4S Integrated Security, which combines expertise, security professionals, technology and data analytics.
G4S Integrated security
G4S delivers integrated security around the world with the last six months having brought significant change for the company. The sale of the conventional cash business has enhanced strategic, commercial and operational focus and strengthened the company’s financial position. G4S is transforming, with an intensified focus on integrated security solutions strategy. They are winning business faster and growing stronger than ever before.
Through the launch of the global G4S Academy, the organization is offering an opportunity to share knowledge and work more collaboratively with customers. Sector specific solutions and a global approach to risk and investment in technology are delivering clear benefits to customers and differentiating G4S’s offering in the security market. Below are some examples of G4S Integrated Security delivered to customers around the world.
In the United States, one of G4S Americas’ Security and Risk Operations Center helps prepare for, monitor and respond to threats from one central location. The Security and Risk Operations Center, based in Florida, provides integrated security solutions by seamlessly combining monitoring capabilities, data analytics, enterprise risk intelligence and global response services.
Through actionable data and valuable insights, G4S experts are able to identify threats early and respond quickly. Their technology enabled intelligence-gathering and data analytics enable customers to know immediately when incidents occur. They also allow the organization to support customers by optimizing spend, mitigating risk and enhancing their security programs.
G4S Europe & Middle East
The diverse team of highly-trained security professionals has adapted to the changing security climate
At a Critical National Infrastructure site in southwest England, G4S’s connected security professionals use technology and data to assess threats, manage incidents, and keep a large workforce safe.
The diverse team of highly-trained security professionals has adapted to the changing security climate and conduct automated fever screening, as people enter their site. Specially trained security professionals use the best technology, including G4S’s proprietary software RISK360, on this complex, long-term project.
G4S RISK360 proprietary software
G4S RISK360 proprietary software allows the team to manage incidents, instantly share information, and detect patterns and trends. The training of connected security professionals is tailored to the site. They are setting the gold standard on securing critical infrastructure.
In 2019, the Singapore Government asked the industry to prioritize technology over manpower through ‘Outcome Based Contracting’. G4S won an important contract to secure 62 schools using the Threat, Vulnerability, and Risk Assessment (TVRA) Solution.
Threat, Vulnerability, and Risk Assessment Solution
TVRA risk-based solution combines access control, biometric time and attendance with patrol and response
The TVRA (Threat, Vulnerability, and Risk Assessment) risk-based solution combines access control, visitor management systems, biometric time and attendance with patrol and response, incident reporting, and remote CCTV monitoring.
G4S security professionals and Security Risk Operations Center are in control of the situation, at all times, using cutting edge technology and data analytics. These are just some of the ways by which G4S is securing the world.
In South Africa, G4S security integration of risk consulting, security professionals and technology, for a global FMCG brand, is underpinned by the organization’s data analytics. G4S security professionals protect valuable goods that are delivered all over the country.
From the G4S Security and Risk Operations Center near Johannesburg, experts use G4S RISK360 proprietary software to enable secure and reliable deliveries. The security software provides critical data and analysis that is then used to monitor and deploy resources to the highest risk areas. This data is continually shared with the customer, laying the foundation for a partnership that is building a more secure future.
Video storage has been a challenge since the days of VCRs and videotape. Storing images is a central need for any video systems, especially one that is focused on the forensic and investigative aspects of video. Today, digital video is stored on hard drives and even in the cloud. Increasingly, video is considered “data” that drives a variety of video analytics and even artificial intelligence (AI) applications. We asked this week’s Expert Panel Roundtable: What are the new trends and opportunities in video storage?
Protecting the oil and gas market is key to a thriving economy. The list of security challenges for oil and gas requires the best technology solutions our industry has to offer, from physical barriers to video systems to cybersecurity. We asked this week’s Expert Panel Roundtable: What are the security challenges of the oil and gas market?
We are all more aware than ever of the need for cybersecurity. The Internet of Things is a scary place when you think about all the potential for various cyber-attacks that can disrupt system operation and negatively impact a customer’s business. Because most physical security systems today are IP-based, the two formerly separate disciplines are more intertwined than ever. We asked this week’s Expert Panel Roundtable: How can cybersecurity challenges impact the physical security of a company (and vice versa)?