Intrusion detection

OPTEX will showcase a range of newly released outdoor sensors and visual verification solutions as well as preview its new high mount, outdoor PIRs – the QX Infinity (QXI) series for the EMEA region at Sicurezza as part of its Italian distributor’s stand, HESA. For the first time in Europe, the new high mount (2.2m-2.7m) outdoor sensor, the QXI series will be presented at Sicurezza. The family of outdoor PIRs and Dual-tech sensors provide a 120° wide and 12m detection area. The new Quad technology provides very reliable detection performance within a compact and sleek design. It also features OPTEX’s sensing analytics, the Super Multi-Dimensional Analysis (SMDA) reduces noise created by the environment. Launched earlier this year, the wide range of 180° outdoor intrusion sensors, the WX family that includes the WX Infinity (WXI) and the WX Shield (WXS) series will be showcased at the event. Intrusion alarm systems Italy is a very important market for us which is why we launched our App-based visual verification solution here first Both provide low-mount, pet tolerant detection up to 12m, wired and wireless models and feature two independent 90° detection zones, meaning the detection area, the sensibility and masking can be set independently on the left and the right zones. The WXS additionally provides a flexible mount option (0.8-1.2 or 2m), and dual-technology models. HESA’s stand will also include live demonstrations for OPTEX’s App-based visual verification solutions and enhanced short range LiDAR series. The REDSCAN RLS-2020 series is now Grade 3 meaning it can be added to graded intrusion alarm systems, giving installers the opportunity to enhance the site security by adding virtual walls and ceilings. With the latest firmware version, the RLS-2020S model features an extended detection range to 30m radius and 95°. Visual verification solution Mark Cosgrave, Western Europe Divisional Manager at OPTEX EMEA is pleased to be returning to Sicurezza: “2017 proved to be a fantastic show and we are excited to have a dedicated area on HESA’s stand. Italy is a very important market for us which is why we launched our App-based visual verification solution here first and will preview the new QXI here as well. I am looking forward to hearing the feedback from the market at the show.”

Today’s market wants access management systems that are easy to set up and use. They must be easily scalable and able to integrate with other security solutions like video and intrusion systems. And access management systems need to be highly resilient and always available. With the introduction of the Access Management System 2.0, Bosch has addressed all these needs. Access Management System 2.0 The entire customer journey is designed to be as effortless and as simple as possible. Specifying the system is easy: the software is offered in three pre-configured software bundles for different sized organizations: Lite (max. 144 doors and 200,000 cards) Plus (max. 512 doors and 200,000 cards) Professional (max. 10,000 doors and 200,000 cards) Easy configuration The graphical user interface (GUI) is simple and easy to understand Configuration is easy - Existing floor maps can be imported into the system and icons are dragged and dropped on the map to represent controllers, doors and building objects. Onboarding of users is straightforward: for example, enrolment and assignment of access profiles are all implemented in one dialog manager. Operation is also easy - The graphical user interface (GUI) is simple and easy to understand. The dark color-scheme of the GUI reduces eye-strain and fatigue, so operators stay fresh and alert. In addition, the colors of the Access Management System 2.0 GUI are aligned with the colors of the Bosch Video Management Systems (BVMS) GUI, so operators enjoy the benefits of an integrated solution, which is easier to operate than two distinct systems. Future-proof and highly scalable system Users can start small and add extra capacity whenever necessary. The Access Management System 2.0 can be expanded to 10,000 doors and 200,000 cardholders. No hardware needs replacing when expanding; users just require software upgrades and possibly additional controllers, readers and cards. Henceforth, increasing system size is not only easy but also pretty cost-efficient. And since it is regularly updated with the latest data security enhancements, it is a future-proof investment that is ideal for office and government buildings, retail environments, educational institutes and more. Master Access Controller (MAC) For maximized resilience and high availability, the Access Management System 2.0 includes the Master Access Controller (MAC) as an additional layer of resilience between the server and the access controllers. If the server fails in the Access Management System 2.0, the MAC takes over and ensures that the controllers still communicate with each other and share necessary information from the card readers. Thus, even functionalities, which include various controllers such as anti-passback and guard tour, can still be performed. Anti-passback functionality The anti-passback functionality prevents a card holder passing back their card to another person The anti-passback functionality prevents a card holder passing back their card to another person and thereby enabling their unauthorized entry. Guard tour is a safety functionality offered to security guards, which uses access readers as checkpoints along a defined route. Access management systems are required to be seamless with high-tech functionality. They can seamlessly integrate with other video and intrusion systems. And these access management systems need to be highly resilient and online at all times. The Access Management System 2.0 is Bosch Building Technologies’ answer to all these requirements. High level of safety with threat level management Up to 15 configurable threat levels such as lockdown, controlled lockdown or evacuation mean that safety measures can be initiated quickly in critical situations such as fire or terrorist attack. The threat level state is activated by one of three triggers: operator workstation, emergency button, or specially configured “emergency” cards that are presented to a reader. The different threat levels can make all doors open, all doors blocked, or a mix of some open and some blocked. Individual doors can also have their own security profile and allow only certain cardholders access. High data security and privacy protection To protect against cybercrime and loss of personal data, the database as well as the communication between server and access controllers is encrypted at all stages, e.g. through support of the secure Open Supervised Device Protocol (OSDP) v2 protocol.  Access Management System 2.0 also has trusted digital certificates for mutual authentication between server and client to prevent tampering by unauthorized clients and uses secure design principles such as “secure-by-default” and “principle of least privilege”. Seamless integration with third-party video systems Access Management System 2.0 is a flexible access management system for medium- to large-sized organizations The Access Management System 2.0 is a flexible access management system for medium- to large-sized organizations. It is easy to set up, operate and expand.  Access Management System 2.0 can grow with the needs of the customer and can be integrated with video systems such as the BVMS (version 9.0 and higher) and third party systems such as Milestone’s XProtect. It will as of the second quarter 2020 be able to integrate with the B-/G- Series intrusion system from Bosch and other third party systems. With this integration capability, the Access Management System will serve as the solid platform to mix and match various security systems, depending on the customer’s individual needs. Enhancing safety of security guards Overall, the Bosch Access Management System 2.0 makes access management simple, scalable and always available. Any deviation of sequence or timing causes an alarm in the Access Management System 2.0. Colleagues or first responders can be notified at once improving the safety of security guards. In the extremely rare event that the Access Management System 2.0 server and the MAC fail, cardholders can still enter and leave areas with their badges because the database is stored directly on the Access Management Controllers. Thanks to this offline capability, it is furthermore possible to save millions of events even during down times.

Boon Edam Inc., a global provider of security entrances and architectural revolving doors, announced they are demonstrating an integrated optical turnstile solution in booth #703 at the ISC East exhibition in New York City. ISC East is the largest security trade show in the Northeast region of the US, bringing together 7,000 security and public safety professionals with over 300 leading security brands for the 2-day event. Boon Edam is also the official turnstile sponsor of the show, which runs from November 20-21. Access control technologies are critical for granting or denying entry to secure areas within a building. However, these solutions must be integrated with security entrances to address the risk of intrusion from tailgating. Industry’s slimmest optical turnstile The Circlelock portals enable true multi-factor authentication and provides valuable metrics to predict the risk of infiltration Boon Edam will be displaying the industry’s slimmest optical turnstile, the Lifeline Speedlane Swing, with a custom, integrated pedestal that incorporates the MorphoWave™ touchless fingerprint technology from IDEMIA. This solution enables high throughput with the enhanced security of rapid biometric identification. Boon Edam entry experts will also be on-hand to discuss the entire range of security entrance solutions available, including the Tourlock 180 security revolving door and Circlelock mantrap portals. A popular choice among the Fortune 500, these solutions enable industries to comply with regulations by preventing tailgating and piggybacking without manned supervision. The Circlelock portals also enable true multi-factor authentication and provides valuable metrics to predict the risk of infiltration. For the 12th year in a row, Boon Edam is the official turnstile sponsor of ISC East. The company will display 5 lanes of the Lifeline Speedlane Open at the show’s main entrance. Security entrances The Open turnstile is part of the sleek and modern Lifeline Series of optical turnstiles launched in 2015, which has helped propel Boon Edam to the market-leading position for security entrances, according to “Pedestrian Entrance Control Equipment” by IHS Markit® for the 2014-2016 period.

ISC Security Events and the Security Industry Association (SIA) are pleased to announce that security and public safety leaders Deanne Criswell and Angela Stubblefield will headline the 2019 SIA Education@ISC East Keynote Series. These keynote sessions are open to all attendees at ISC East – the Northeast’s largest security trade show – taking place Nov. 20-21 at the Jacob K. Javits Convention Center in New York City. Criswell will share her insights on emergency preparedness, crisis management and disaster response In the Day 1 keynote Leveraging Technology to Improve Decision Making: A New Direction in Emergency Management and Disaster Preparedness, Criswell – commissioner of the New York City Emergency Management Department – will highlight how the department is leveraging technology to make informed, data-driven decisions and discuss the department’s strategic vision and the importance of public-private partnerships. Criswell will share her firsthand experiences and insights on emergency preparedness, crisis management and disaster response, including lessons learned and best practices to take back to your business and organization. FAA Perspectives on Addressing Risks In the Day 2 keynote UAS Security: FAA Perspectives on Addressing Risks Posed by Errant or Malicious UAS, Stubblefield – who has served as the deputy associate administrator for security and hazardous materials safety at the Federal Aviation Administration (FAA) since 2013 and will assume the role of FAA chief of staff on Nov. 4 – will discuss the FAA’s holistic approach to aerial drone security, working across the full spectrum of risk mitigation from prevention to deterrence, detection and response. Stubblefield will highlight how the FAA is working with security partners to consider how to set requirements for the aircraft, airspace and airman in order to help reduce security risks, how intent can be difficult to determine and how different tools help to differentiate the clueless and careless from the criminal, which require different response capabilities. sessions on access control, drones “ISC East is thrilled to welcome Deanne Criswell and Angela Stubblefield as our 2019 keynote speakers; their demonstrated expertise and success in emergency preparedness, planning, operations and response, threat analysis and response, national security and critical infrastructure policy and more will provide valuable insights to our attendees,” said Will Wise, group vice president, security portfolio at Reed Exhibitions. “These keynote sessions will share essential knowledge to help security and public safety professionals stay up to date on the emerging risks and response strategies in our evolving connected world.” In addition to the Keynote Series, ISC East attendees will have access to over 25 free education sessions and four paid workshop offerings through the 2019 SIA Education@ISC East program. SIA Education@ISC East will offer all-new content on the most current business trends, technologies and developments in the security and public safety industry. Workshop on OSDP, cyber security terminology and strategy Free sessions covering topics like video analytics in access control, drone security policy and securing public venues They will offer free sessions covering topics like video analytics in access control, drone security policy, securing public venues, cyber-physical-operational convergence and preventing hostile vehicle attacks – and paid workshops on the SIA Open Supervised Device Protocol (OSDP), cybersecurity terminology and strategy, active shooter response and video surveillance installation and configuration. “Each year at ISC East, in addition to learning about a wide array of cutting-edge technologies on the show floor, conference attendees have the opportunity to unlock top-quality education and hear from the industry’s leading luminaries through the ISC East Keynote Series,” said Dr. Elli Voorhees, director of education and training at SIA. ISC East She adds, “These keynote presentations from Deanne Criswell, an esteemed emergency management expert, and Angela Stubblefield, a respected leader in national security, safety and crisis response, combined with dozens of other engaging SIA Education@ISC sessions will deliver a high-impact content program for ISC East 2019.” At ISC East, over 7,500 security and public safety professionals will convene in New York to meet experts from over 300 major security brands. With opportunities to engage with the industry’s top innovators, special events and cutting-edge education encompassing everything from video surveillance and access control to smart home technologies, the Internet of Things and drones and robotics, ISC East 2019 will provide a comprehensive security industry event experience and help attendees find the products and solutions that will benefit their organizations and clients.

Insider threat programs started with counter-espionage cases in the government. Today, insider threat programs have become a more common practice in all industries, as companies understand the risks associated with not having one. To build a program, you must first understand what an insider threat is. An insider threat is an employee, contractor, visitor or other insider who have been granted physical or logical access to a company that can cause extensive damage. Damage ranges from emotional or physical injury, to personnel, financial and reputational loss to data loss/manipulation or destruction of assets. Financial and confidential information While malicious insiders only make up 22% of the threats, they have the most impact on an organization Most threats are derived from the accidental insider. For example, it’s the person who is working on a competitive sales pitch on an airplane and is plugging in financial and confidential information. They are working hard, yet their company’s information is exposed to everyone around them. Another type of insider, the compromised insider, is the person who accidentally downloaded malware when clicking on a fake, urgent email, exposing their information. Malicious insiders cause the greatest concerns. These are the rogue employees who may feel threatened. They may turn violent or take action to damage the company. Or you have the criminal actor employees who are truly malicious and have been hired or bribed by another company to gather intel. Their goal is to gather data and assets to cause damage for a specific purpose. While malicious insiders only make up 22% of the threats, they have the most impact on an organization. They can cause brand and financial damage, along with physical and mental damage. Insider threat program Once you determine you need an insider threat program, you need to build a business case and support it with requirements. Depending on your industry, you can start with regulatory requirements such as HIPAA, NERC CIP, PCI, etc. Talk to your regulator and get their input. Everyone needs to be onboard, understand the intricacies of enacting a program Next, get a top to bottom risk assessment to learn your organization’s risks. A risk assessment will help you prioritize your risks and provide recommendations about what you need to include in your program. Begin by meeting with senior leadership, including your CEO to discuss expectations. Creating an insider threat program will change the company culture, and the CEO must understand the gravity of his/her decision before moving forward. Everyone needs to be onboard, understand the intricacies of enacting a program and support it before its implemented. Determining the level of monitoring The size and complexity of your company will determine the type of program needed. One size does not fit all. It will determine what technologies are required and how much personnel is needed to execute the program. The company must determine what level of monitoring is needed to meet their goals. After the leadership team decides, form a steering committee that includes someone from legal, HR and IT. Other departments can join as necessary. This team sets up the structure, lays out the plan, determines the budget and what type of technologies are needed. For small companies, the best value is education. Educate your employees about the program, build the culture and promote awareness. Teach employees about the behaviors you are looking for and how to report them. Behavioral analysis software Every company is different and you need to determine what will gain employee support The steering committee will need to decide what is out of scope. Every company is different and you need to determine what will gain employee support. The tools put in place cannot monitor employee productivity (web surfing). That is out of scope and will disrupt the company culture. What technology does your organization need to detect insider threats? Organizations need software solutions that monitor, aggregate and analyze data to identify potential threats. Behavioral analysis software looks at patterns of behavior and identifies anomalies. Use business intelligence/data analytics solutions to solve this challenge. This solution learns the normal behavior of people and notifies security staff when behavior changes. This is done by setting a set risk score. Once the score crosses a determined threshold, an alert is triggered. Case and incident management tools Predictive analytics technology reviews behaviors and identifies sensitive areas of companies (pharmacies, server rooms) or files (HR, finance, development). If it sees anomalous behavior, it can predict behaviours. It can determine if someone is going to take data. It helps companies take steps to get ahead of bad behavior. If an employee sends hostile emails, they are picked up and an alert is triggered User sentiment detection software can work in real time. If an employee sends hostile emails, they are picked up and an alert is triggered. The SOC and HR are notified and security dispatched. Depending on how a company has this process set-up, it could potentially save lives. Now that your organization has all this data, how do you pull it together? Case and incident management tools can pool data points and create threat dashboards. Cyber detection system with access control An integrated security system is recommended to be successful. It will eliminate bubbles and share data to see real-time patterns. If HR, security and compliance departments are doing investigations, they can consolidate systems into the same tool to have better data aggregation. Companies can link their IT/cyber detection system with access control. Deploying a true, integrated, open system provides a better insider threat program. Big companies should invest in trained counterintelligence investigators to operate the program. They can help identify the sensitive areas, identify who the people are that have the most access to them, or are in a position to do the greatest amount of harm to the company and who to put mitigation plans around to protect them. They also run the investigations. Potential risky behavior Using the right technology along with thorough processes will result in a successful program You need to detect which individuals are interacting with information systems that pose the greatest potential risk. You need to rapidly and thoroughly understand the user’s potential risky behavior and the context around it. Context is important. You need to decide what to investigate and make it clear to employees. Otherwise you will create a negative culture at your company. Develop a security-aware culture. Involve the crowd. Get an app so if someone sees something they can say something. IT should not run the insider threat program. IT is the most privileged department in an organization. If something goes wrong with an IT person, they have the most ability to do harm and cover their tracks. They need to be an important partner, but don’t let them have ownership and don’t let their administrators have access. Educating your employees and creating a positive culture around an insider threat program takes time and patience. Using the right technology along with thorough processes will result in a successful program. It’s okay to start small and build.

The cyber security threat is constant and real. Entire businesses, large enterprises and even whole cities have been vulnerable to these attacks. Growing threat of cyber attacks The threat is not trivial. Recently, two cities in Florida hit by ransom ware attacks – Rivera Beach and Lake City – opted to capitulate and pay ransom totaling more than $1.1 million to hackers. The attacks had disrupted communications for first responders and crippled online payment and traffic-ticketing systems. It was reminiscent of the $4 billion global WannaCry attacks on financial and healthcare companies. A full two years after the WannaCry attack, many of the hundreds of thousands of computers affected remain infected.  And hackers are continuously devising new techniques, adapting the latest technology innovations including machine learning and artificial intelligence to devise more destructive forms of attack. Indeed, AI promises to become the next major weapon in the cyber arms race. For enterprises, there is no choice but to recognize the threat and adopt effective countermeasures Enterprise security For enterprises, there is no choice but to recognize the threat and adopt effective countermeasures. Not surprisingly, as the number, scale and sophistication of cyber-attacks has grown, so has the significance of the Chief Information Security Officer, or CISO, who owns the responsibility of sounding the alarm to the C-suite and the board – and recommending the best defense strategies. Consider it a grim irony of the digital economy. As companies have migrated to the cloud to gain scale and efficiency and integrated new channels and touch points to make it easier for their customers and suppliers to do business with them, they have also created more potential points of entry for cyber-attacks. IoT Increases Threat of cyber-attacks Amplifying that vulnerability is the trend of allowing employees to bring their own laptops, smartphones and other digital devices to the office or use to work remotely. And thanks to the Internet of Things, as more devices connect to enterprise systems – from thermostats to cars –  the threat surface or targets of intrusion are multiplying exponentially. According to the McAfee Labs 2019 Threats Predictions Report, hackers will increasingly turn to AI to help them evade detection and automate their target selection. Companies will have no choice but to begin adopting AI defenses to counter these cybercriminals.  Importance of cyber security This escalation in the cyber arms race reflects the sheer volume of data and transactions in modern life. In businesses like financial services and healthcare it is not humanly possible to examine every transaction for anomalies that might signal cyber snooping. Even when oddities are glimpsed, simply flagging potential problems can create so-called threat fatigue from endless false alarms. What’s more, attacks like those from Trickbots are specifically designed to go undetected by end users. The fact is, even if throwing more people at the problem were a solution, there aren’t enough skilled cyber security workers in the world. By some estimates, as many as 10 million cyber security jobs now go unfilled.  AI is being used to conduct predictive analysis at a scale beyond human means Deploying AI As a result, AI is being deployed on multiple cyber-defense fronts. So far, it is mainly being used to conduct predictive analysis at a scale beyond human means. AI programs can sift through petabytes of data, identifying anomalies and even helping an organization recognize and diagnose intrusions before they turn into catastrophic attacks. AI can also be used to continually monitor and allocate levels of access to a network’s multitude of legitimate users – whether employees, customers, partners or suppliers – to ensure that all parties have the access they need, but only the access they need. Countering cyber security threats To harden defenses, some AI programs can be configured to perform simulated war games To harden defenses, some AI programs can be configured to perform simulated war games. Because cyber attackers have stealth on their side, organizations might need dozens of experts to counter only a handful of attackers. AI can help even the odds, scoping out the potential permutations of vulnerabilities.  As CISOs – and the CIOs they typically report to – advise C-suites and boards on their growing cybersecurity risk, they can also help those leaders recognize an enduring truth: AI programs cannot replace experienced cybersecurity professionals. But the technology can make staff smarter, more vigilant and more nimbly responsive. AI-based cyber security tools Financial and healthcare companies are leading this charge because of the sheer volume and variety of transactions they handle and because of the value and sensitivity of the data. Organizations like the U.S. Department of Defense and the space agency NASA, as well as governments around the world are also implementing AI-based tools to address the cyber threat. For businesses of all types, the threat stretches from the back office to the supply chain to the store front. That is why recognizing and countering that threat must involve everyone from the CISO to the CEO to the Chairman of the Board. The AI arms race is underway in security. To delay joining it is to risk letting your enterprise become one of the grim statistics.

We live in an information and data-led world, and cybersecurity must remain top-of-mind for any organization looking to both protect business operation critical assets. Businesses without proper cyber measures allow themselves to be at risk from a huge list of threats - from cybercriminals conducting targeted spear-phishing campaigns - like the 2018 Moscow World Cup vacation rental scam, to nation-state actors looking to collect intelligence for decision makers - no organization is safe from innovative cyber threats. Security solutions enterprises Organizations can then set the groundwork necessary to stop malicious activity and keep their business’ data safe The evolving threat space means organizations need to ensure they have the most innovative prevention and detection frameworks in order to withstand adversaries using complex and persistent threats. When implementing new security solutions enterprises must start by assuming that there is already a bad actor within their IT environment. With this mindset, organizations can then set the groundwork necessary to stop malicious activity and keep their business’ data safe. As there is no one silver bullet that truly stops all cyberattacks, organizations must adopt a multipronged approach to be widely adopted to stop adversaries. This must include tracking, analyzing and pinpointing the motivation of cyber actors to stay one step ahead through global intelligence gathering and proactive threat hunting. In addition, deploying new technologies leveraging the power of the cloud give a holistic view of the continuously evolving threat landscape and thereby secure data more efficiently. Traditional security approach In today’s landscape, the propagation of advanced exploits and easily accessible tools has led to the blurring of tactics between statecraft and tradecraft. Traditional security approaches are no longer viable when it comes to dealing with the latest trends in complex threats. To make defending against these threats even more complicated, adversaries are constantly adapting their tactics, techniques and procedures (TTPs), making use of the best intelligence and tools. CrowdStrike’s latest Global Threat Report tracked the speed of the most notable adversaries including Russian, Chinese, North Korean and Iranian groups. As the adversaries’ TTPs evolve into sophisticated attack vectors defenders need to recognize we are amidst an extreme cyber arms race, where any of the above can become the next creator of a devastating attack. Russian efficiency is particularly high; they can spread through an enterprise network in 18 minutes 48 seconds on average, following the initial cyber-intrusion. Sophisticated cyber weapons Actors tend to use a simple trial and error technique where they test the organization's network So, reacting to threats in real-time is a priority. Bad actors are extremely vigilant and committed to breaking down an organization’s defenses, and speed is essential to finding the threats before they spread. Actors tend to use a simple trial and error technique where they test the organization's network, arm themselves with more sophisticated cyber weapons, and attack again until they find a vulnerability. This has highlighted the need for tools that provide teams with full visibility over the entire technology stack in real-time in order to meet these threats head-on. Traditional solutions are scan-based, which means they don’t scale well and can’t give the security teams context around suspicious activity happening on the network. They lack full visibility when a comprehensive approach is needed. Businesses without proper cyber measures allow themselves to be at risk from a huge list of threats - like the 2018 Moscow World Cup vacation rental scam Malicious Behavior Through leveraging the power of the cloud and crowdsourcing data from multiple use cases, security teams can tap into a wealth of intelligence collated from across a vast community. This also includes incorporating threat graph data. Threat graphs log and map out each activity and how they relate to one another, helping organizations to stay ahead of threats and gain visibility into unknowns. Threat graph data in conjunction with incorporating proactive threat hunting into your security stack creates a formidable 360-degree security package. Managed threat hunting teams are security specialists working behind the scenes facing some of the most sophisticated cyber adversaries through hands on keyboard activity. Threat hunters perform quickly to pinpoint anomalies or malicious behavior on your network and can prioritize threats for SOC teams for faster remediation. In-Depth knowledge Security teams need to beat the clock and condense their responseIt is key for security teams to have an in-depth knowledge of the threat climate and key trends being deployed by adversaries. The TTPs used by adversaries leave are vital clues on how organizations can best defend themselves from real-life threats. Intrusion ‘breakout time’ is a key metric tracked at CrowdStrike. This is the time it takes for an intruder to begin moving laterally outside of the initial breach and head to other parts of the network to do damage. Last year, the global average was four hours and 37 minutes. Security teams need to beat the clock and condense their response and ejection of attackers before real damage is done. Next-Generation solutions When managing an incident clients need to be put at ease by investigations moving quickly and efficiently to source the root of the issue. Teams need to offer insight and suggest a strategy. This can be achieved by following the simple rule of 1-10-60, where organizations should detect malicious intrusions in under a minute, understand the context and scope of the intrusion in ten minutes, and initiate remediation activities in less than an hour. The most efficient security teams working for modern organizations try to adhere to this rule. As the threat landscape continues to evolve in both complexity and scale, adequate budget and resources behind security teams and solutions will be determining factors as how quickly a business can respond to a cyberattack. To avoid becoming headline news, businesses need to arm themselves with next-generation solutions. Behavioral analytics The solution can then know when to remove an adversary before a breakout occurs Behavioral analytics and machine learning capabilities identify known and unknown threats by analyzing unusual behavior within the network. These have the ability to provide an essential first line of defense, giving security teams a clear overview of their environment. With this at hand, the solution can then know when to remove an adversary before a breakout occurs. Attackers hide in the shadows of a network’s environment, making the vast volume and variety of threats organizations face difficult to track manually. The automation of responses and detection in real-time is a lifeline that organization cannot live without as adversaries enhance and alter their strategies. Adversaries continue to develop new ways to disrupt organizations, with cybersecurity industry attempting to keep pace, developing new and innovative products to help organizations protect themselves. These technologies empower security teams, automating processes and equipping security teams with the knowledge to respond quickly. Organizations can set themselves up for success by integrating the 1-10-60 rule into their security measures, giving them an effective strategy against the most malicious adversaries.

Gallagher Security, a division of Gallagher Group, a privately-owned New Zealand company, is a global presence in integrated access control, intruder alarm and perimeter security solutions. Gallagher entered the global security industry in the 1990s with the purchase of security access control business Cardax. In the last several decades, the company has leveraged its experience in electric fence technology to develop a variety of innovative solutions used to protect some of the world's most high-consequence assets and locations. Solving business problems Among Gallagher’s recent innovations is the Security Health Check, a software utility that enables customers to run an automated check on their Gallagher Command Centre security system. To get an update on the company, we interviewed Richard Huison, Gallagher’s Regional Manager for the U.K. and Europe, who says he has a passion for technology and solving business problems. Huison says working in the industry for more than 20 years has shown him you can never stop evolving and adapting. Q: What are Gallagher's points of differentiation versus competitors? Huison: Gallagher’s strengths are in solving business problems outside of the normal access control and intrusion detection solutions. Enforcing company policy through compliance and competency is what really matters to business continuity. Using Gallagher Command Centre to oversee the security, health and safety and compliance brings true business value to the client who benefits from reduced costs and risk to the success of their growth and strategy. Q: What is the biggest challenge for customers in the security market, and how does Gallagher help to meet that challenge? Huison: A great solution fit is key. Where most fail is choosing a solution that does not meet the needs of the client in 10 to even 20 years’ time. As businesses evolve and grow, so must the security solution. In a recent conversation, a client had to replace a 300-door access control system that was no longer supported. ‘Why Gallagher?’ they asked. The answer: ‘If you had chosen Gallagher 10 years ago, we would not be having this conversation.’ Ensuing the system you choose is legacy-compliant is king. Gallagher’s brand is well known for protecting Critical National Infrastructure Q: Please describe Gallagher's geographic presence in the UK and Europe. Huison: Gallagher’s brand is well known for protecting Critical National Infrastructure. They choose to adopt our solutions because we meet the highest levels of resilience against cyber-attacks. Our ability to modernize legacy systems ensures the maximum return on investment with minimal disruption to business continuity. Gallagher solutions cover a broad mix of verticals, with strengths in high security, education and large corporate entities. Our Channel Partner network is continually growing so more clients can benefit from the diverse and powerful Gallagher Command Centre software. Q: Describe how Gallagher is typically integrated into larger systems. Huison: Our systems offer the flexibility of being standalone or globally networked via our Multi-Server environment. Most integration happens logically where data is pushing into our Command Centre database. The single point of truth allows for minimal data errors and efficiencies around manual input. The total cost of ownership is greatly reduced in allowing the system to work for the client and not the other way round. Over and above this, Integration into other solutions brings that rich data back to one software front end. Q: What is Gallagher's biggest challenge and how will the company seek to meet that challenge? Huison: Our biggest and continual opportunity is being a relentless innovator. We are not short of ideas and how we are bucking the trends with our solutions. Broadcasting these messages is not always easy in the digital age. This is why Gallagher is investing heavily in more shows, publications and specific vertical conferences globally. Q: What is the market's biggest misconception about Gallagher? Huison: Our brand is known for perimeter solutions with our monitored Pulse Fence. What many forget is we have a very powerful access control and integrated intrusion detection solution that meets Government standards around the world. We are unique in that all three can be controlled via one software platform that is cyber-resilient and infinitely configurable to suit many verticals. Q: What is your message to the security market? Huison: Many see Gallagher as only suitable for large and complex sites. I openly challenge our audience, speak to us and you may find we can provide an Enterprise Level solution that is delivered on budget and provide an outstanding return on investment for the client. Our pedigree of 80 years shows we never stop innovating and building that trusted advisor status with many lifelong clients.

Honeywell Commercial Security is among the companies working to develop security systems that are more proactive than reactive. “Our biggest opportunity moving forward is the ability to have security solutions that do a better job of detecting and predicting threats,” says Tim Baker, Global Marketing Director, Honeywell Commercial Security. Greater use of analytics and intelligence can reduce human error and simplify processes by providing a more unified view for greater situational awareness. Artificial intelligence and deep learning "We’re reaching a maturity level in terms of algorithms and hardware to drive new capabilities in a cost-effective way,” he says. Baker sees a continuing interest in artificial intelligence (AI) and deep learning in the physical security market, used in video analytics and also for intrusion and access control. "We have challenged ourselves to move from reactive solutions to develop a set of proactive solutions that determine potential security threats before they happen,” he says. An overarching theme is the need to focus operator attention on “what matters” rather than requiring operators to keep track of the growing number of sensors in newer systems. A remaining hurdle is to streamline the deployment of analytics systems, which can require expensive customization during the commissioning phase.  Credential-enabled access control reader The reader can support any card format and also enables “frictionless” access control That’s where Honeywell is investing and focusing its attention, seeking when possible to “pre-teach” algorithms based on data gleaned from a large installed base. Fortunately, there will be plenty of data from a growing variety of sites to build from. Honeywell offers a full ecosystem built around enterprise security needs and a second ecosystem built around the needs of small- and medium-sized businesses (SMBs).  In the enterprise space, the trend is toward smarter edge devices, such as Honeywell’s OmniAssure Touch, a cellphone credential-enabled access control reader. The reader can support any card format and also enables “frictionless” access control. A user can gain access by touching the reader, with no need to take his or her smart phone (which has the credential) out of their pocket. The reader is fully backwards compatible, which is a Honeywell hallmark. Honeywell’s OmniAssure Touch can support any card format and also enables “frictionless” access control. Designed to be cloud-enabled On the enterprise software side, Honeywell has invested in further development of their Pro-Watch access control system and MAXPRO VMS (video management system), tying them together into a single security console, along with intrusion and other systems such as human resources (HR) data. For the SMB market, Honeywell is building and expanding their MAXPRO Cloud system. As existing hardware has evolved to be cloud-enabled, the company has also been introducing new control products that are designed from the ground up to be cloud-enabled. Honeywell’s biggest vertical markets include banking, healthcare, gaming, energy infrastructure and airports The new MAXPRO Intrusion system, which can be configured over the cloud, will be introduced in the first quarter. MAXPRO Access, to be introduced in late November, can be deployed using an embedded web interface, a cloud interface, or as an on-premise solution. On the NVR side, an embedded NVR works alongside Honeywell’s new 30 Series video cameras, providing secure and encrypted end-to-end connection. Networked security system A challenge for Honeywell is to keep up with broader trends happening in the industry, whether geopolitical (e.g., relations between China and the United States) or regulatory such as General Data Protection Regulation (GDPR). Baker acknowledges an industry-wide increase in awareness about cybersecurity, driven largely by the enterprise market. IT departments are getting more involved in the purchasing decision; indeed, the chief information officer (CIO) is often the ultimate decision-maker. In response, Honeywell is emphasizing “cybersecurity by design” from the beginning to the end of a project. Also, they are using white-hat hackers to test products before they are released into a live environment. “We are doing everything we can to make sure products are cybersecure,” says Baker. Honeywell’s biggest vertical markets include banking, pharmaceutical, healthcare, gaming, energy infrastructure and airports. NDAA-compliant video cameras Compliance is a common thread throughout the verticals. Honeywell sells to the government mostly in the access control and intrusion space and built around their Vindicator networked security system. (They also introduced the line of NDAA-compliant video cameras, made in Taiwan, at the recent GSX show.)

In addition to providing the Northeast’s largest security trade show, ISC East will include free conference sessions and keynote speeches right on the show floor and several paid workshops. The Nov. 20-21 event at New York’s Javits Center will also include vendor solution sessions from Axis Communications, Hikvision and NAPCO. Wide variety of paid workshops An advantage of the International Security Conference & Exposition in New York is that much of the programming is complimentary to registered attendees, and location of the sessions on the show floor means attendees don’t have to leave the exhibition to take in a session. The paid workshops include technology sessions about cyber terminology for physical security integratorsThe paid workshops include an Active Shooter Workshop and technology sessions about cyber terminology for physical security integrators; and basic installation and configuration of video surveillance solutions. An OSDP (Open Supervised Device Protocol) Boot Camp Short Course will also be offered. As a smaller show, the topics of ISC East conference sessions are broader and of more general interest, rather than organized into focused “tracks” as at ISC West. Attendance at sessions can provide continuing education (CE) credits with organizations that partner with ISC East – one credit for each hour-long session. Attendees can use their Certificate of Attendance from any session to self-report their education hours to relevant industry bodies: ALOA (AEU education credits), ASIS (CPE continuing professional education credits) and NICET (CPD Continuing Professional Development points). An advantage of the International Security Conference & Exposition in New York is that much of the programming is complimentary to registered attendees Keynote sessions at the Main Stage The Main Stage will be the venue for keynote sessions delivered by Deanne Criswell, Commissioner, New York City Emergency Management (on Day 1 – Nov. 20); and Angela Stubblefield, Chief of Staff at the Federal Aviation Administration (FAA) (on Day 2 – Nov. 21). The two SIA Education@ISC East educational theaters on the show floor will be booked up both days with a variety of interesting topics. A new session covers penetration testing for physical security, presented by Michael Glasser of Glasser Security Group. A session on LiDAR (Light Detection and Ranging) sensors will be presented by Frank Bertini, UAV and Robotics Business Manager, Velodyne LiDAR. Another popular topic is Safe Cities, and FLIR will present a session on moving from secured to smart cities with intelligent, connected systems. New addition is Active Shooter Workshop  The Active Shooter Workshop is a new addition to the ISC East program. It has been a popular session at ISC West for three years now. At ISC East, presenters of the workshop will be David LaRose, System Director Public Health, Lee Health; and Ben Scaglione, Director of Healthcare and Security Programming, Lowers and Associates. At the end of the workshop, an additional hour of programming will be the “Stop the Bleed/Save a Life” session presented by Jerry Wilkins, Co-Owner of Active Risk Survival. The Main Stage will be the venue for keynote sessions delivered by Deanne Criswell, Commissioner, New York City Emergency Management, and Angela Stubblefield, Chief of Staff at the Federal Aviation Administration Woman in Security event A Women in Security Forum breakfast event will be held on Nov. 21 (Thursday). It’s the second annual event and this year will focus on diversity and inclusiveness in the workplace of the future. Valerie Anderson, President of Boon Edam, will lead a discussion on “Diversity 2.0: Next Steps for Creating an Empowered Workforce”Moderator Valerie Anderson, President of Boon Edam, will lead a discussion on “Diversity 2.0: Next Steps for Creating an Empowered Workforce.” Panelists are Lisa Terry of Allied Universal, Andrew Lanning of Integrated Security Technologies, Elaine Palome of Axis Communications and Dawne Hanks of Milestone. The Women in Security event is likely to attract up to 100 attendees. SIA’s Women in Security is an active organization, with monthly meetings and a newsletter that recognizes prominent women in the security industry. “It’s really a group for both men and women,” says Mary Beth Shaughnessy, Event Director, ISC Events at Reed Exhibitions. “There are many programmes, recruiting efforts, and professional and networking opportunities. They are a robust group of people who are active in making a difference. It’s important to support women in the security industry, which is 95% male, and to develop a new generation of women to be a part of the industry’s future.” The keynote addresses at ISC East will also highlight two high-profile women.

An Oxford University facility has enhanced its security with the help of world technology pioneer in integrated access control, intruder alarms management and perimeter protection. Saïd Business School, the University of Oxford’s center of learning for undergraduate and graduate students in business, management and finance, has replaced its former system with an integrated Gallagher Security access control solution to protect it against theft and create a safe environment for visiting dignitaries. Saïd Business School is located right next to a train station – a heavy transit route into Oxford. While this location is convenient for students and staff, proximity to the station was making it easy for organized thieves to target the school and use the train to get in and out quickly. As hosts to international heads of state, royalty and others with strict personal security requirements, the school also saw a clear need to upgrade its security system to achieve a higher level of security. Safe from unauthorized intruders T-series were  installed on doors throughout the building and new access cards were issued to all Saïd Business School wanted a system which could meet its need for complete control, yet maintain an open and welcoming feel on campus. “We needed to ensure only current employees and students had access to the school, and that those people were only accessing the areas relevant to them,” says Martin Boyt, Estates Operations Manager at Saïd Business School. “We also needed it to be easy and efficient to manage cardholder permissions, with the flexibility to adapt as the school grows.” Gallagher T-series readers were installed on doors throughout the building and new access cards were issued to all employees and students. Gallagher Command Center is used to manage access control groups and set privileges to enable varying levels of access to different parts of the building. Students and staff can now easily move around the school and access the rooms and resources they need on a day-to-day basis, with confidence they’re safe from unauthorized intruders. Certified security installer Access control has been integrated with the student and staff induction process, meaning access control cards are not issued until induction has been completed. The school also uses the new system to issue event and conference visitors with temporary cards that have restricted access suited to the purpose of their visit. Boyt says protecting their people is of paramount importance. “Schools can be vulnerable to vandalism, theft and, increasingly, violence and terrorism by individuals or groups, so security is a top priority. We want our students and staff to have peace of mind that they are studying and working in a safe and secure place.” Partnering with Gallagher Security and a Gallagher certified security installer streamlined the process of installing the new system. Boyt says working with someone who understood their needs made all the difference. Building integrated security system Saïd Business School is using its learnings to improve security at its other university facilities“Translating the needs of our staff and faculty into workstreams and access control groups was a complex undertaking, and having trusted advisors on hand helped us get it right the first time.” Built-in reporting tools enable the estate managers to carefully monitor the system to keep the site secure. “We can run reports to check on occupancy levels and usage of certain areas, helping to reallocate rooms quickly and efficiently,” says Boyt. Saïd Business School is an active member of the Tertiary Education Security Network (TESN), organized by Gallagher. The aim of the group is to bring Gallagher customers together to build relationships and share knowledge. Boyt says: “We have found this group to be extremely useful as we continue our journey of building an integrated security system that meets our needs. We have learned a lot about campus security by attending TESN events and working closely with Gallagher and our security installer.” Learnings to improve security Saïd Business School is using its learnings to improve security at its other university facilities. “We want to integrate the CCTV cameras at our Park End Street events venue with Gallagher Command Center to improve our monitoring capability,” says Boyt. “We will also insist the Gallagher system and CCTV integration is installed on future projects, including the redevelopment of Osney Power Station which is set to become a world-leading center for executive education.”

Delta Scientific, the prominent manufacturer of counter-terrorist vehicle control systems used in the United States and internationally, announced that, on Monday, October 7, at approximately 7 am, a Delta MP5000 portable barrier stopped a stolen Dodge Ram pick-up truck at an entrance gate of the Naval Air Station - Corpus Christi. The stolen car was chased by the local police onto the base. The barrier then impacted the rear of the vehicle, disabling it. Simultaneously, the Air Station announced that an unauthorized person was on base and the facility immediately would go under lockdown with all gates secured to all traffic. Having taken flight after the truck was stopped by the barrier, the intruder was quickly apprehended within the hour and taken into custody by the Bureau of Alcohol, Tobacco, Firearms and Explosives. "This is the second attempted intrusion into the Naval Air Station - Corpus Christi in eight months," explained Greg Hamm, Delta vice president of sales and marketing. Control vehicle access "On February 14, a Delta MP5000 portable barrier stopped a stolen Ford Edge crossover SUV at the North Gate. The trespasser had driven across the base to escape but crashed into the Delta unit and erupted into flames. The driver was shot and killed." Delta's totally self-contained MP5000 mobile deployable vehicle crash barriers now carry an ASTM rating as high as M50, able to stop and disable a 15,000 lb (66.7 kN) G.V.W. vehicle moving at 50 mph (80.4 kph). They tow into position to control vehicle access within 15 minutes. No excavation or sub-surface preparation is required. Once positioned, the mobile barricades will unpack themselves by using hydraulics to raise and lower the barriers off their wheels. DC-powered pumps will then raise or lower the barriers. Once the event is over, procedures are reversed and the barriers are towed away.

AASA, The School Superintendents Association, has formed a new partnership with Armor At Hand™, a company that manufacturers Smart Shields™ connected to the internet and are capable of protecting users from handguns and high-powered rifles. The Shields serve as a first layer of protection in the event of an intrusion and serve as an alarm to alert those connected to the system a potential threat is occurring. Armor At Hand manufactures the world’s first lightweight, mobile Smart Shields with internet connectivity and U.S. National Institute of Justice (NIJ) level 3 equivalent test rating, giving it the ability to stop high-powered rifle rounds. Schools, workplaces, places of worship and other venues now have access to the Smart Shield. AASA members can receive a special offer to receive a Smart Shield from Armor At Hand. Immediate protection at first encounter "Armor At Hand’s partnership with AASA speaks to both organisations’ commitment to providing resources to assist school districts before, during and after a crisis,” said Chad Ahrens, founder and CEO, Armor At Hand. “With access to more than 12,000 school districts, the AASA partnership enables us to reach the people that the Smart Shields are designed to protect.” The Shields hide discreetly in plain sight, yet, provide immediate protection at first encounter. Once one of the shields is moved, all the shields in the area are alerted and will light up and buzz while autonomously sending an alert to authorities of a potential threat. Armor At Hand Smart Shield uses ArcGIS by Esri to map real-time danger areas and safe zones while simultaneously offering route guidance to safety for those in harm’s way. Activation movement amount and timeframes are setup at installation to meet the needs of each site. Emerging technology in security “AASA is proud to be partnering with Armor At Hand,” said Daniel A. Domenech, executive director, AASA. “Threats of violence at our schools has continued to be an issue that must be addressed. AASA is committed to keeping students, teachers and schools around the country safe. Launching this partnership with Armor At Hand is indicative of our commitment to doing that by using emerging technology in security.” AASA is the premiere membership organization representing public school district superintendents across the country and the world. The primary goal of AASA is to advocate for highest quality public education for all students, as well as to develop and support school system leaders.

For one installer, Hikvision’s range of Turbo HD PIR-equipped cameras has had a dramatic impact on his business, allowing him to more efficiently monitor and secure construction sites and other valuable locations during vulnerable out of hours periods. Paul Hookings, Managing Director of Hampshire-based security installation firm Forward Securities, had a problem. His company had built a solid reputation for, amongst a variety of other services, securing building sites, notably the important materials and equipment left overnight and unattended in the site compound. Building site compounds, Hookings explains, can include any number of super-valuable and enticing materials for potential thieves. “Diesel, copper, tools, cabling, right down to bricks, breeze blocks, agricultural fuel, road diesel, even the metal gates,” he says. “Thousands and thousands of pounds worth of stuff is stored there overnight.” Forward Securities would use traditional PIRs – passive infrared detectors – to raise an alert Intrusion detection To monitor these compounds for intruders, Forward Securities would use traditional PIRs – passive infrared detectors – to raise an alert when the compound perimeter was breached. The problem had to do with the PIRs, Hookings explains. “On critical sites like these, where there’s a lot of activity during working hours, people are able to move those PIRs in the daytime when they’re off,” he says. “And come night-time, they’re then able to return and rob the place without being picked up by the detectors, and then move the PIR back to where it was previously. Then it’s down to the security company, who end up scratching their heads, thinking: why didn’t that go off?” Passive infrared detectors As a result, Hookings was on the lookout for a solution, something which would counter that potential for tampering and provide a more effective deterrent to potential thieves. Then he noticed that Hikvision had released a new range of Turbo HD PIR cameras. “These are lovely little products,” Hookings said. “When Hikvision brought them out, I binned our separate PIRs. With a PIR camera, during the armed period, if someone moves into its field of view, there’s an alarm. If someone covers it up, it goes into alarm. If someone moves it into another direction, it goes into alarm. So I’ve binned the products we were using previously and now I exclusively use Hikvision.” Turbo HD PIR cameras The Turbo HD PIR camera range uses advanced video surveillance technologies to improve alarm accuracy and prevent intrusions. Video verification of alarms means a rapid response from a manned guarding service can be achieved. The camera’s built-in PIR detector captures infrared light given off by human bodies and distinguishes it from other visual ‘noise’. It can be ‘double knocked’ with Hikvision’s Turbo HD K series DVR’s motion detection to reduce false alarms caused by moving targets without human body IR emission. This way, filtering false alarms reduces storage space and costs, and it also means more efficient post-event footage search. Supplemental lighting The camera also produces a flashing white strobe light that serves as a warning signal to stop intruders The camera also produces a flashing white strobe light that serves as a warning signal to stop intruders. And the white light serves as supplemental lighting, enabling the camera to capture clear images of suspects as evidence when the alarm is triggered, even in extremely dark environments – such as the construction site compounds. “When we have an alarm triggered on one of our sites, we basically get a guaranteed guarding response,” Hookings says. “Because the combination of PIR detection and video serves as proof that the assailants are there. It’s a confirmed signal going to the monitoring station, and as a result we always get people apprehended.” PIRL bullet cameras The model Forward Securities prefers to use is the DS-2CE12H0T-PIRL, a 5MP bullet PIR bullet camera referred to as the ‘PIRL’. They offer 2560 x 1944 pixel resolution, smart infrared illumination up to 20m, and Hikvision’s own ‘up the coax’ technology, which allows cameras to be controlled over a coaxial cable from the DVR and also to transmit the alarm signal to DVR. They’re also IP67-rated for external use, so they’re tough and suitable for the sorts of environments, like construction sites, where they’re most needed. As an example of how he uses the Hikvision PIRL cameras, Hookings points to the example of one specific construction site currently being protected by Forward Securities. Hikvision 4K cameras and hybrid DVRs We use six PIRL cameras, as well as additional 4K Hikvision cameras running analytics and thermal cameras" “We’re securing the main compound, along with any remote sites,” he says. “We use six PIRL cameras, as well as additional 4K Hikvision cameras running analytics and thermal cameras, and they all sit on the same server, recording to a Hikvision Hybrid DVR, with alarms and images sent to our monitoring station.” Other site setups can include an audio warning system, particularly for very high value equipment. “That’s another place we’d use a PIRL,” Hookings says. “If someone, out of hours, walks up or even climbs the fence of the compound, the monitoring station is alerted to that by the PIRL camera, and they can immediately broadcast an audio warning, real time and live. That’s transmitted through the Hikvision DVR, to an amplifier and speakers.” Crime prevention and effective video surveillance “If the intruders persist despite the warning, we then get a guarding response. It’s not just big construction sites where the Turbo HD PIR cameras are effective, I do use them on other high value projects as well.” “Ultimately, the Turbo HD PIRL cameras are incredibly effective,” Hookings says. “They pick up suspicious activity, including thefts and attempted thefts, three to four times a week across all of our sites. That means they’re actively helping to prevent the thefts of materials worth hundreds of thousands, sometimes millions of pounds.”

Along with the integration of security and other systems in an enterprise environment comes a need to centralize monitoring and control of the unified network. A control room is at the center of managing integrated systems, providing the focal point to collect information from a variety of sensors, analyze the data, and then respond appropriately. The technologies that drive these functions are changing and evolving, thus increasing the efficiency and efficacy of systems. We asked this week’s Expert Panel Roundtable: What’s new in command-and-control systems, and what is the impact?

The high cost of thermal imaging cameras historically made their use more likely in specialized law enforcement and military applications. However, lower pricing of thermal imaging technologies has opened up a new and expanding market for thermal cameras in the mainstream. We asked this week’s Expert Panel Roundtable: What are the new opportunities for thermal cameras in mainstream physical security?

The definition of a standard is “an authoritative principle or rule that usually implies a model or pattern for guidance, by comparison with which the quantity, excellence, correctness, etc., of other things may be determined.” In technology markets, such as physical security, standards are agreed-upon language, specifications or processes that are used across the board by multiple stakeholders to enable easier interconnectivity and smoother operation of systems. We asked this week’s Expert Panel Roundtable: How are standards shaping change in the physical security market?