HID Global, globally renowned provider of trusted identity solutions, has announced that it has expanded its digital certificate family to offer an Extended Validation (EV) Code Signing (EV CS) certificate that protects software from tampering and forgery. Customers who download software that has been digitally signed with the IdenTrust TrustID EV CS certificates can identify the source and launch its applications or other code without receiving an ‘Unknown Publisher’ warning from t...
Tamworth-based trade association, DHF (Door & Hardware Federation), has, this week, launched its CSCS-approved card partner scheme in collaboration with the Automatic Door Suppliers Association (ADSA). The DHF CSCS card provision is for those who work with industrial doors, domestic garage doors, automated gates & traffic barriers and metal or timber doors. CSCS cards for construction workers “While not a legislative requirement, CSCS cards are supported by the government and pro...
Fugue, the company delivering autonomous cloud infrastructure security and compliance, has announced the release of the Fugue Best Practices Framework to help cloud engineering and security teams identify and remediate dangerous cloud resource misconfigurations that aren’t addressed by common compliance frameworks. Users can deploy the Fugue Best Practices Framework within minutes to improve the security posture of their Amazon Web Service (AWS) cloud environments. Cloud misconfiguration...
ExtraHop, global provider of cloud-native network detection and response solutions, has announced that it has joined the Microsoft Intelligent Security Association (MISA), which brings together an elite group of security-related companies partnering with Microsoft to defend against threats facing hybrid enterprises today. ExtraHop also announced a new integration between the ExtraHop Reveal(x) platform and Microsoft Azure Sentinel enabling faster threat investigation and remediation. ExtraHop...
Device Authority, a pioneer in Identity and Access Management (IAM) for the Internet of Things (IoT), announced it has been accepted into the Venafi Machine Identity Protection Development Fund. For decades, code signing has been used to verify the integrity of software, and nearly every organization relies on it to confirm their code has not been corrupted with malware. Code signing keys and certificates are used in a wide range of products, including firmware, operating systems, cellphone appl...
The task of protecting shared spaces, such as offices and schools, has become increasingly complex, particularly with ever-rising political tensions and the difficulties of assessing threats for schools, workplaces and law enforcement. Given the randomness of when and where a violent person may strike, those who manage facilities need an emergency plan, as well as robust training, detection and awareness. To gain more insights into dealing with such threats, we interviewed John Torres, Presiden...
Teijin Aramid has announced its participation at Milipol Paris 2019, global event for homeland security and safety, which takes place at the Villepinte Exhibition Center in Paris, France. From November 19 to 22, at booth 5N122, globally renowned manufacturer of premium aramids will show how their para-aramids Twaron and Technora, meta-aramid Teijinconex and ultra-high molecular weight polyethylene (UHMWPE) Endumax can add value to highly efficient protective equipment for police, justice, border patrol, military and armed forces. Personal protection and body armor equipment Teijin Aramid will showcase a wide range of materials providing personal protection in many ways. It’s products Twaron, Teijinconex, and Endumax offer outstanding capabilities bringing added value to body armor equipment, such as uniforms and turnout gear, protective vests, helmets, and inserts. Twaron and Endumax can help protect against bullets, fragments, as well as stabbing with sharp objects. Both offer a high strength, excellent energy absorption and a high modulus of elasticity, enabling superior protection against a wide range of violent treats. What’s more, both provide long-term stability and impact resistance. Resistance against heat, chemicals Furthermore Teijin’s aramids Twaron, Technora and Teijinconex can offer inherent resistance against heat, flame and chemicals. They neither burn or melt, meaning they both add value to military and police turnout gear.
AlgoSec, the provider of business-driven network security management solutions, has introduced extended support for Cisco ACI SDN deployments, and enhanced application visibility and network auto-discovery features in the new version of its core Network Security Management Suite. The new AlgoSec A30 release delivers new automation capabilities that enable seamless, zero-touch security management across SDN, cloud and on-premise networks. This gives enterprises the most comprehensive visibility and control over security across their entire hybrid environment. AlgoSec security management Features Key new features in AlgoSec security management suite version A30 include: Extended support for Cisco ACI AlgoSec security management A30 delivers full end-to-end automation of security change management processes for Cisco ACI environments – from planning, risk and compliance checks, to deployment directly onto the device – with zero touch, in a fully automated and secured workflow. Security and IT teams can create new contracts and filters directly on Cisco APIC. Enhanced business-driven application visibility and network auto-discovery AlgoSec security management A30 features the new AppViz add-on, which enhances application visibility and network auto-discovery to dramatically accelerate identification and mapping of the network attributes and rules that support business-critical applications. This speeds up organizations’ ability to make changes to their applications across any heterogeneous on-premise and cloud platform, and to troubleshoot network and change management issues across the entire enterprise environment – ensuring continuous security and compliance. Automatically push network-wide policy changes with AppChange AlgoSec’s new AppChange add-on is available in A30, which automatically updates network security policy changes on all relevant devices across the entire hybrid enterprise network, realizing significant time savings for IT and security teams and eliminating manual errors. Security zone enhancements AlgoSec security management A30 enables teams to easily visualize network security zones, and to select risk profiles for each zone to support decision-making for both application owners and security managers. This makes application provisioning and deployment easier, and accelerates planning and implementing network micro-segmentation strategies to enhance security network-wide. SDN and cloud environment “Organizations need to be able to make changes to their core applications quickly to stay competitive, and security teams have to deliver those changes at the speed of business, without impacting security or compliance. This is especially critical as companies implement digital transformation initiatives and migrate their business applications to SDN and cloud environments,” said Eran Shiff, AlgoSec VP Product. “The new features in AlgoSec A30 version make it even easier for security and IT teams to quickly plan, assess and automatically make changes across their entire environment, to maximize business agility, while ensuring security and compliance is never compromised.” The AlgoSec Security Management Suite version A30 is generally available.
Genetec Inc., a technology provider of unified security, public safety, operations, and business intelligence, announced Genetec ClearID™, a self-service physical identity and access management (PIAM) system that standardises and enforces security policies to help make organizations more efficient, compliant and secure. Available in North America in September 2019, and globally in early 2020, ClearID will be showcased at the Global Security Exchange (GSX) in Chicago, in booth #1533. From corporate offices and university campuses to highly regulated multinationals in the oil, gas, mining, and petrochemical industries, ClearID removes the day-to-day complexities of managing individual cardholders and access rights. Guided by an organization's existing policies, ClearID automates workflows and self-service capabilities to enable a more fluid, efficient working environment for everyone – without compromising security. ClearID can be deployed more easily than on-premises solution that requires complicated integrations" By automating access rights management, ClearID reduces bottlenecks related to managing employee and visitor access requests. Cumbersome and time-consuming paperwork related to granting people access to facilities or specific work areas can be streamlined with automated workflows allowing employees to make on-demand requests in the online portal. This means that managing day-to-day access needs, meeting compliance conditions, and ensuring policy updates become a more automated process. Enhancing user experience "As a cloud-based service that's built to work natively with Genetec Synergis™ access control security software, ClearID can be deployed faster and more easily than an on-premises solution that typically requires complicated integrations and customizations," says Jonathan Doyon, Genetec Product Group Director for ClearID. "With less infrastructure, customers save both money and time by not having to maintain additional physical systems." A self-service physical identity and access management system, ClearID enables employees to login to an online portal and make access requests directly to the area owner or supervisor. Employees control their own access requests which ClearID automatically approves, denies, or routes on to an operator to review, based on corporate policies and automated workflows. "The seamless movement of people throughout an organization is integral to its efficiency and operations", continued Mr. Doyon. "Genetec ClearID is a smarter way to manage employee, visitor and contractor access rights – greatly enhancing the user experience, eliminating unnecessary overhead from administrators and helping standardize and codify security policies to make organizations more efficient, compliant, and secure." Simplify manual processes ClearID will simplify the auditing process by providing area owners with an instant view of who has access to their areas The initial release of ClearID will help improve visitors' experiences by providing a smoother, automated process that begins as soon as a meeting is arranged. Using a web portal, the employee (host) creates a profile for the visitor including the meeting details. The visitor, in turn, receives a confirmation email with a QR code that can be used to sign in once on site, print a badge, and automatically advise the host of their arrival. Another key functionality supports organizations in industries where they need to comply with strict access requirements. ClearID will simplify the auditing process by providing area owners with an instant view of who has access to their areas. This will allow them to quickly revoke the people who shouldn't be there as well as simplify manual processes that are time and resource intense and prone to human error. In future releases of ClearID, contractor management features will ensure that when access requests are initiated, approvals or denials are made prior to the contractor's arrival based on the necessary qualifications, tests and steps of identity authentication required to grant access. This will support additional compliance with standards, and minimize costs associated with contractor wait times.
OutSystems, provider of low-code application development platform, announced that it is the first low-code vendor to achieve two new cloud security certifications – ISO 27017 and ISO 27018. As organizations develop, run and share a higher percentage of their applications on the cloud, stakeholders across the business are trusting platform providers to ensure their cloud-based environments are secure. These certifications demonstrate the high level of commitment OutSystems has to ensuring the privacy and protection of its customers’ data in the cloud. Stringent controls to protect customers’ data We’ve built 200 points of security into our platform and taken steps to validate our cloud security practices" “OutSystems customers deserve to know that the data and information they entrust us with is being protected using the most stringent controls in the industry,” said Jose Casinha, OutSystems Chief Security Officer. “We take our role as caretakers of information seriously. That’s why we’ve built 200 points of security into our platform and taken steps to validate our cloud security practices through the most rigorous certification processes.” Adding the two new certifications extends the OutSystems record of achieving the highest levels of compliance for the protection of customers’ mission-critical assets. The company’s SOC 2 Level II certification combined with the achievement of ISO 27001 and ISO 22301 certifications establishes OutSystems as meeting the five Trust Services Principles –providing Security, Availability, Processing Integrity, Confidentiality, and Privacy. Protection of information in cloud services Complimenting this, ISO 27018 outlines requirements for the protection and privacy of user data in the cloudISO 27017 and ISO 27018 builds on the principles of the ISO 27001 standard, which provides a checklist of controls for a company’s establishment, operation and maintenance of an information security management system. ISO 27017 focuses on the protection of the information in cloud services. It extends to cloud computing providers’ controls in earlier compliance standards that govern information management and sharing by IT vendors. Complimenting this, ISO 27018 outlines requirements for the protection and privacy of user data in the cloud. It provides a code of practice for protecting personally identifiable information (PII) in the cloud, which was adopted by the International Organization for Standardization (ISO).
It seems like every day there is another school or public shooting incident in the US. It dominates the news and has become a point of stress and fear for many Americans. According to the US Department of Justice Federal Bureau of Investigation, in 2018 alone, there were 27 incidents across 16 states resulting in 213 casualties. There is a great deal the security industry can do to prevent such violent incidents and preserve life. Protection Layers In general, protection should be built in layers focusing on the outer perimeter, the building perimeter (entry points) and interior spaces. Electronic access control can provide preventive measures to reduce access in these layers Electronic access control can provide preventive measures to reduce access in these layers. In fact, the National Training School’s Electronic Access Control 14-hour online course has been recently updated with active shooter preparedness in mind. Building security In commercial buildings, this entails having different levels of access throughout the building to prevent individuals from going where they shouldn’t. All visitors should be directed to a single monitored entry point, preferably an area that restricts access to the rest of the building. Security access can be restricted to certain times of day to prevent employee access to the building when they should not be there. Temporary badging should provide limited and timed access that automatically disables when no longer needed. Implementing electronic access control When implementing electronic access control or any security system, installers need to work with the owner and authorities to develop policies and procedures for building lockdowns and evacuations. They can then work to create secure paths of exit. Even in public access buildings, many of the same requirements could be applied and buildings could use alarms to engage added security in the event of a shooter. Life safety systems When designing systems, installers will need to work with the local Authority Having Jurisdiction (AHJ) to ensure that they do not create additional life safety concerns, especially as it relates to fire. Imagine having the ability to limit a shooter’s access to other parts of a building and restrict how they move When creating secure exit paths, installers will likely need to provide egress access to all doors to allow emergency exit. Also, most AHJs will require a Knox Box, or something similar, to provide keyed access for emergency responders. When designing access control systems to be secure, always remember code states, ‘No Special Knowledge Required.’ - NFPA 101, 18.104.22.168.3 [‘18] -IBC 1010.1.9 [‘18] Limiting shooter access Imagine having the ability to limit a shooter’s access to other parts of a building and restrict how they move. This could give individuals what could be lifesaving extra moments. As an industry, we should keep these ideas in mind as we tackle security scenarios for job proposals and design. ESA’s National Training School has updated its online Electronic Access Control course — a 14-hour course, followed by a two-hour examination, providing broad training and information to successfully design and install electronic access control systems.
Cook Security Group (CSG) successfully unveiled its privately branded video surveillance solution, Piko VMS, during their 2019 Technology & Innovation Summit in Portland Oregon. Health monitoring Cook named Razberi Technologies as their hardware partner to provide the intelligent appliance and health monitoring component to the new VMS brand. “While we still have strong relationships with our traditional video partners, we wanted to provide an open cloud-enabled platform to deliver seamless integrations of multiple technologies. This is beyond just video, as we have already integrated with dozens of apps such as analytics, alarm, access control, retail, HR, IoT...the list goes on. All designed to bring our customers efficiencies and give them the technology they’ve been waiting for” states Brian Cook, CEO of Cook Security Group. Three together creates an industry changing solution for our Financial & Commercial Customers" Secure, simple, and open “We are excited because Piko is secure, simple, and open. Secure because all traffic is encrypted including video and outbound only. Simple because Piko is extremely user-friendly, needs no enterprise requirements or complexity, and offers adaptive scaling. Open because Piko offers endless APIs and ways to integrate. Those three together creates an industry changing solution for our Financial & Commercial Customers.“ adds CTO Levi Daily. Integration with Mobile Interface Piko also includes a wide variety of video analytics and integrations, providing customized notifications, proactive machine learning, and 24/7 health monitoring. “Customers come to us with ideas or pain points and we develop then implement. They drive our solutions and Piko makes it easy” Brian adds. Piko fully integrates with Cook’s secure mobile & online interface, Cook Command Center, and includes 10GB’s of Cook’s Case Management module offering seamless secure sharing with law enforcement or other institutions. Razberi chosen as hardware partner Piko and the ServerSwitchIQ provide everything our customers are asking for" Cook chose Razberi Technologies as their hardware partner, loading Piko on Razberi’s robust ServerSwitchIQ, complete with an integrated server & managed PoE switch. “We chose Razberi based on their solid reputation in the marketplace” states Daniel Smallwood, Cook’s VP of Technology. “They provide CameraDefense built in to combat cyber threats, anti-virus, proactive machine learning, and UL, CE, FCC, & RoHS Certifications.” “They are IP camera agnostic and completely scalable in terms of storage, PoE ports, etc. Piko and the ServerSwitchIQ provide everything our customers are asking for and at roughly half the price of a traditional DVR.” Smallwood adds. Expertise in video surveillance “Razberi’s partnership with Cook is exciting,” said Joe Vitalone, CMO of Razberi Technologies. “Razberi believes it should be easy for anyone to deploy, manage, and cybersecure their enterprise video surveillance system. Cook’s reputation in the financial industry will make it possible for Razberi’s expertise in video surveillance and cybersecurity to continue to provide solutions to financial institutions on a larger scale.”
Global and domestic threats have highlighted the need for tighter security across all verticals. One of the technologies that has redefined situational awareness and intrusion detection is thermal imaging. Once a technology exclusively manufactured for the military operations, thermal cameras today are deployed across hundreds of security applications and continue to see strong demand in existing and emerging commercial markets. With thermal technology, security personnel can see in complete darkness as well as in light fog, smoke and rain Technology Overview And Early Adoption What distinguishes thermal cameras from optical sensors is their ability to produce images based on infrared energy, or heat, rather than light. By measuring the heat signatures of all objects and capturing minute differences between them, thermal cameras produce clear, sharp video despite unfavorable environmental conditions. With thermal technology, security personnel can see in complete darkness as well as in light fog, smoke and rain. Originally a military developed, commercially qualified technology, the first thermal cameras for military and aircraft use appeared in the 1950s. By the 1960s, the technology had been declassified and the first thermal camera for commercial use was introduced. However, it wasn’t until the late 1990s - when FLIR Systems introduced a camera with an uncooled thermal detector - when the technology began to see substantial adoption beyond government defense deployments. Installations At Critical Infrastructure Sites In the 2000s, industrial companies were some of the first adopters of thermal, using the technology for predictive maintenance to monitor overheating and machine malfunctions. In the years following the September 11 terrorist attacks in 2001, there was an increase in thermal camera installations across critical infrastructure sites. Stricter security requirements drove the deployment of thermal cameras for perimeter protection, especially in the nuclear power sector. Thermal cameras produce clear video in daylight, low light or no light scenarios and their sharp images result in higher performing analytics In 2010, the U.S. Nuclear Regulatory Committee released its 73.55 policy, which states nuclear facilities must “provide continuous surveillance, observation and monitoring” as a means to enhance threat detection and deterrence efforts onsite. Because thermal cameras produce clear video in daylight, low light or no light scenarios and because their sharp images result in higher performing analytics, thermal cameras quickly became the preferred option for nuclear facilities. Likewise, following the 2013 sniper attack on PG&E Corporation’s Metcalf transmission substation, the Federal Energy Regulation Commission introduced the Critical Infrastructure Protection Standard 014 (CIP-014). The policy requires utilities to identify threats to mission critical assets and implement a security system to mitigate those risks. This statute also led to more thermal installations in the utility sector as thermal cameras’ long-range capabilities are ideal for detection of approaching targets beyond the fence line. The demand from both industrial and critical infrastructure entities, as well as other factors, helped drive volume production and price reduction for thermal, making the technology more accessible to the commercial security marketplace. Commercial Applications In recent years, the increasing affordability of thermal cameras along with the introduction of new thermal offerings has opened the door to new commercial applications for the technology. In the past, thermal cameras were designed for applications with enormous perimeters, where the camera needed to detect a human from 700 meters away. Locations like car dealerships, marinas and construction supply facilities can be protected by precise target detection, thermal analytic cameras providing an early warning to security personnel Today, there are thermal cameras specifically designed for short- to mid-range applications. Developed for small to medium enterprises, these thermal cameras ensure property size and security funds are no longer barriers to adoption. Lumber yards, recreation fields and sports arenas are some of the commercial applications now able to implement thermal cameras for 24-hour monitoring and intrusion detection. Affordable thermal cameras with onboard analytics have become attractive options for commercial businesses Innovation And Advancements Innovation and advancements in the core technology have also spurred growth in thermal camera deployment, providing faster image processing, higher resolution, greater video analytic capabilities and better camera performance. In particular, affordable thermal cameras with onboard analytics have become attractive options for commercial businesses that need outdoor, wide area protection. Car dealerships, marinas and construction supply locations all store valuable merchandise and materials outside. Without protection, these assets are vulnerable to vandalism and theft. However, by providing precise target detection, thermal analytic cameras provide an early warning to security personnel so that they can intervene before a crime is committed. By helping to deter just one incident, the thermal solution delivers a clear ROI. New Market Opportunities Not only are there more thermal cameras in use today than ever before, but there are also more thermal sensors being integrated with other multi-sensor systems, driving the adoption of thermal in new markets. For large perimeter surveillance applications, thermal is repeatedly being integrated with radar and drones to expand situational awareness beyond the point of fixed cameras. Users get immediate, accurate alerts of approaching targets and evidentiary class video for target assessment In the commercial market, thermal imagers are combined with optical sensors, analytics and LED illuminators into one solution that integrates with central monitoring station platforms. By bringing these technologies together, users get immediate, accurate alerts of approaching targets and evidentiary class video for target assessment. The result is a lower number of false positives, reducing the total cost of ownership for the solution. These multi-sensor solutions also feature two-way audio capabilities, which enable remote security officers to act as “virtual guards” and speak to intruders in real-time to dissuade them from illegal activity. The introduction of solutions that integrate all these state-of-the-art technologies under one unit reduces the amount of capital and infrastructure needed for deployment. Consequently, more small businesses and alarm monitoring companies can implement advanced perimeter security technologies like thermal sensors, some for the very first time. Thermal cameras have gone from military defense devices to widespread commercial security cameras Multi-Sensor Thermal Solutions Multi-sensor solutions featuring thermal are quickly gaining traction and opening the door to new business opportunities for the security channel. One of the primary reasons for the strong market interest in these systems is they enable integrators to increase their recurring monthly revenue (RMR). With intense price competition and eroding margins on CCTV equipment, integrators have to rely on RMR to grow their businesses. Offering remote video monitoring services and virtual guarding technologies is one of the best ways to do so. Additionally, there is a clear demand for it. Central stations are continually looking for new technologies to offer their customers and businesses are interested in economical alternatives to physical guards. In conclusion, thermal cameras have gone from military defense devices to widespread commercial security cameras that are a substantial segment of the outdoor security protection market. From nuclear power plants to construction locations, thermal technology is being implemented to secure sites around the globe.
The oil and gas market is driven by a number of technology trends, political issues, waves of supply and demand, and regulations. At times, it seems like the market is in a constant state of ebb and flow, with business affected by traditional drivers, such as government mandates and operational efficiencies, and other non-traditional markers, like challenging weather conditions (consider the 2017 hurricane season as an example). Additionally, the global economy continues to grow, propelling increased energy demand. But like nearly every other market today, the oil and gas market is on the brink of a sea change. According to Deloitte’s 2018 outlook on oil and gas, “the digital revolution is here.” The sheer volume of information and data generated by digital devices, such as those associated with the Internet of Things, will allow producers to leverage rich data and combine it to deliver smart, efficient solutions. The rise of digital technologies is unleashing new ideas across the oil and gas industry and even though we are in the beginning stage of being able to harness the power of these types of technologies, innovative ideas are emerging — all designed to support the core business, reduce internal investments, deliver products faster, boost efficiencies, and enhance safety. Maximized Operations And Increased ROI This ongoing growth propels energy producers to embark on extensive exploration and production activities to meet increased demand This is welcome news because there are a number of challenges facing the oil and gas industry, from improving reserve replacement and ensuring workplace safety to reducing operating costs and limiting downtime. All of these objectives must be achieved while maximizing operations and increasing overall return on investment. Never has it been more crucial for critical infrastructure organizations to demonstrate a focus on safety, security, and collaboration. Here's why: Growth and demand According to the U.S. Energy Information Administration, world energy consumption will grow by 56 percent between 2010 and 2040. This ongoing growth propels energy producers to embark on extensive exploration and production activities to meet increased demand. As energy-centric organizations look to emerging markets or remote regions to source production, safety becomes even more mission-critical to their success. Compliance Continuous demand is only one challenge; compliance with industry and government regulations is another significant hurdle that must be maintained or there is risk of production shutdowns. For example, the Department of Homeland Security’s Chemical Facility Anti-Terrorism Standards (CFATS) impose comprehensive federal regulations for high-risk chemical facilities, requiring organizations to conduct vulnerability assessments. This is just one of many regulatory procedures sites must follow to conform to environmental protections, safety precautions, and safe handling of hazardous materials. As energy-centric organizations look to emerging markets or remote regions to source production, safety becomes even more mission-critical to their success Threat Protection, Mitigation, And Collaboration In addition to meeting the requirements of regulatory procedures, mitigating risk in this industry propels leaders to develop stringent strategies to ensure robust protection of people, property, and assets, effective and efficient response to incidents when they occur, and procedures and protocols to ensure business continuity in emergency situations. Energy providers require comprehensive safety planning and technology systems that can augment the capabilities of on-site and remote personnel. In recent years, video solutions have become the standard for monitoring facilities, assets, and employees, and now these organizations require enterprise-class solutions that can help gather intelligent data that allows for enhanced security and safety efforts but also focus on processes that enhance operational efficiencies. Cyber-attacks are becoming increasingly more complex and sophisticated in the oil and gas market IT security is also a concern. Cyber-attacks are becoming increasingly more complex and sophisticated in the oil and gas market. An IT breach can cause operational havoc, risk to the public, and damage to an organization’s brand. Adopting a continuous improvement approach to a security strategy safeguards and helps protect valuable company information and reduces the likelihood of an incident. Also, collaboration between IT and physical security leaders and the correlation of both departments' data makes it much easier to identify a potential breach before havoc ensues. The Digital Age With the rise of the digital revolution and the demand for data to improve insight, oil and gas producers and businesses need to find new ways to capture data, correlate it as needed, and then leverage it to make the most informed decisions. Software platforms are being used in a wide variety of applications to provide a single pane-of-glass view that allows operators to gain critical insight into operations. By collecting intelligence from digital sensors, such as video surveillance cameras, open-source Web intelligence, building systems, crowdsourcing, weather sensors, mobile devices, and more, operators can detect potential risks and manage and respond to situations more efficiently. Furthermore, information can be shared easily with multiple agencies, employees, citizens, and first responders — especially valuable in the event of a safety incident where rapid response is paramount. By creating a single enterprise-wide view across disparate systems and technologies, organizations experience improved response times, lowered operational costs, and increased employee safety. Cyber, traditional security, digital devices, and situational awareness technologies combine to deliver an integrated, automated, and adaptive architecture to efficiently mitigate advanced threats in real time or forensically Traditional Command Centers Intelligent solutions, such as those derived from the idea of artificial intelligence, help organizations make sense of vast amounts of data. These integrated applications, such as advanced video analytics and facial recognition, can automatically pinpoint potential breaches and significant events, and send alerts to the appropriate personnel, departments, and agencies. These solutions can be powerful in unifying disparate command center technologies within the oil and gas industry, fusing critical data input from emergency calls and responder activity to enhance situational awareness. With traditional command centers relying mostly on call and radio updates, visibility can be limited, but new digital platforms enable operators to oversee a situation and engage with and direct the response force. Overall, these types of automated functions deliver a simplified and modernized operating environment. The Future Is The Intelligent SOC Oil and gas facilities can implement a proactive approach to safety and better mitigate threats and protect assets All of these digital solutions are designed to take center stage within the Intelligent Security Operations Center (ISOC). To combat advanced, multi-stage threats, oil and gas facilities are transforming the traditional SOC into the next-generation unified ISOC with an integrated platform for detection, investigation, communication, and response. Cyber, traditional security, digital devices, and situational awareness technologies combine to deliver an integrated, automated, and adaptive architecture to efficiently mitigate advanced threats in real time or forensically. Energy providers operate in challenging, fast-moving environments in which opportunities, requirements, and regulations can vary widely, change quickly, and evolve significantly over time. As the idea of the digital age continues to transform this market, new technologies will be more widely used to improve business operations from exploration and extraction to transportation and distribution. With the right technology, strategic partnerships, and enhanced situational awareness, oil and gas facilities can implement a proactive approach to safety and better mitigate threats and protect assets, while continuing to focus on achieving business goals that will sustain supply and demand for years to come.
According to the reports of not-for-profit organization Gun Violence Archive, the year 2018 has seen 323 mass shooting incidents as of November 28 in the United States. This number is 346 for the year 2017 and 382 for 2016 (more statistics are available here), with “mass shooting” defined as cases where four or more people are shot or killed in the same time period and location. While definitions of mass shooting vary with organizations in the US, the count of over 300 incidents per year, or about once per day on average, is simply alarming. It raises public safety concerns, ignites debates and protests, which in turn lead to public unrest and potentially more violence, and increases costs for governments from the regional to federal level. Most importantly, the loss of lives demands not only improvement in post-incident handling and investigation, but also new prevention technologies. Gunshot Detection Solutions AI weapon detection offers a more efficient alternative to prevent active shooting There are several gunshot detection solutions in the security market, commonly used by law enforcement agencies to detect and locate gun fires. These systems function based on acoustic recordings and analyses and often in combination with signals detected by sensors of the optical flash and shockwave when a gun is fired. However, gunshot detection by nature dictates that the law enforcement can only react to a shooting incident that has occurred. With fast action, law enforcement can prevent the incident from escalating, but lives that are lost cannot be recovered. With the development of artificial intelligence in object recognition, AI weapon detection offers a more efficient alternative to prevent active shooting: AI can visually detect guns based on their shapes before they are fired. The AI is trained to recognize firearms in different shapes, sizes, colors, and at different angles in videos, so that the AI weapon detector can be deployed with existing cameras systems, analyze the video feeds, and instantly notify security staff when a gun is spotted. Comparison of the advantages for law enforcement and public security agencies Legacy gunshot detection using sensors AI weapon detection Reactive measure: detect after guns have been fired Proactive measure: detect before guns are fired Time to action: within 1 second Time to action: within 1 second Unable to provide visual data about shooter(s) Can provide data about shooter(s) based on the camera recording: clothing, luggage (backpack, handbag, etc.), facial features, vehicle Unable to track the location of the shooter(s) before and after shooting because of the lack of sound Can track the shooter(s) using AI Person & Vehicle Tracking, AI Face Recognition, and AI License Plate Recognition False detection caused by similar sound such as fireworks and cars backfiring Minimal to no false detection, as AI can distinguish different types of handguns and rifles from normal objects (umbrella, cellphone, etc.) Require physical deployment of gunshot detection sensors Can be used with existing camera systems, do not require special hardware Complicated to deploy, require highly trained professional Easy to deploy as an add-on to existing video surveillance system - Can integrate with gun-shot detection to create a “double knock” audio and video active shooter alert system Gun-Shot Detection Advantages In addition to advantages for law enforcement and public security agencies, this type of visual-based pre-incident detector has three-fold advantages for the public: Save lives by spotting the shooter before the shooting event. Minimize the chaos entailing an incident: panic and chaos caused by a shooting incident often adds to injury, as people run, fall, trample on others… With an AI weapon detector, when a gun is spotted, the system sends an alert to security staff, who can quickly control the situation in an organized manner and apprehend the intending shooter. Can be added as a SaaS (Security as a Service) component to small business and home surveillance systems, e.g., intrusion detection alerts (home invasion incidents with firearms number over 2500 per year nationwide). For a complete active shooter detection system, video-based AI detector can operate in conjunction with gunshot detectors for enhanced security. Traditional X-ray based weapon detection or metal detection entrance systems are complicated and expensive; with AI video technology, active shooter detection system can be cost-effective, and after all, what price tag can one put on a life? Written by Paul Sun and Mai Truong, IronYun
Hikvision and Dahua have been added to a U.S. government list of entities “reasonably believed to be involved, or to pose significant risk of being or becoming involved, in activities contrary to the national security or foreign policy interests of the United States.” In effect, inclusion on the list restricts the export of equipment to the two companies because of their alleged involvement in “human rights violations and abuses” related to a Chinese government campaign of repression, mass arbitrary detention, and high-technology surveillance against minority groups. Equipment from the two companies is used to provide video surveillance capabilities in the Xinjiang Uighur Autonomous Region (XUAR) of China. The minority groups targeted are Uighurs, Kazakhs and other Muslim minorities. Equipment from the two companies is used to provide video surveillance capabilities in the Xinjiang Uighur Autonomous Region (XUAR) of China The decision to add Hikvision and Dahua, among 26 other “entities,” to the list was made by the United States End-User Review Committee (ERC), composed of representatives of the Departments of Commerce, State, Defense, Energy and (where appropriate) Treasury. A majority vote of the panel is required to add an entity to the list, and a unanimous vote is required to remove or modify an entity. The 26 other entities include the Chinese government’s bureau in XUAR, 18 subordinate municipal and county public security bureaus and one other subordinate institute. Specific licenses (government approval) are required for any transaction in which items are exported, reexported, or transferred (in country) to any of the entities on the list; or in which the entities act as purchaser, consignee or end user. Loosely speaking, inclusion on the list prevents Hikvision and/or Dahua from buying any component parts from U.S. manufacturers. Indirectly and more broadly speaking, the measure affords a new downside to the Dahua and Hikvision brands in the U.S. market. Anyone concerned about human rights abuses might hesitate to buy from the two companies, although the entity list does nothing to prohibit sales of the company’s products. Dahua and Hikvision statements In a company statement, Dahua has “express[ed] strong protest to such decision, which lacks any factual basis, and call[ed] on the U.S. government to reconsider on it.”’ Indirectly and more broadly speaking, the measure affords a new downside to the Dahua and Hikvision brands in the U.S. marketThe Dahua statement continues: “As a global business entity, Dahua adheres to the business code of conduct, and follows market rules as well as international rules. Dahua is actively working to ensure our investment and business operations around the world comply with all applicable laws and regulations. Regarding the decision of U.S. government, we have actively taken various measures, and we will continue providing outstanding products and services to our customers.” Hikvision has released the following statement: “Hikvision strongly opposes [the] decision by the U.S. Government and it will hamper efforts by global companies to improve human rights around the world. Hikvision, as the security industry’s global leader, respects human rights and takes our responsibility to protect people in the U.S. and the world seriously. Anyone concerned about human rights abuses might hesitate to buy from the two companies "Hikvision has been engaging with Administration officials over the past 12 months to clarify misunderstandings about the company and address their concerns. In January 2019, Hikvision retained human rights expert and former U.S. Ambassador Pierre-Richard Prosper to advise the company on human rights compliance. Punishing Hikvision, despite these engagements, will deter global companies from communicating with the U.S. Government, hurt Hikvision’s U.S. businesses partners and negatively impact the U.S. economy.” “The U.S. Government and Department of Commerce cannot and will not tolerate the brutal suppression of ethnic minorities within China,” said Secretary of Commerce Wilbur Ross in making the announcement. “This action will ensure that our technologies, fostered in an environment of individual liberty and free enterprise, are not used to repress defenseless minority populations.”
From New York to California, city and state governments throughout the United States are second-guessing the use of facial recognition technologies by police departments and other government entities. San Francisco was among the first major cities to issue a ban on ‘secret surveillance’ tools such as facial recognition. Now backlash against public use of facial recognition appears to be gathering steam, and some technology trials have faced additional scrutiny. Oakland, California, has joined San Francisco in banning use of facial recognition. Oakland’s diverse population has led to concerns about facial recognition systems that are prone to misidentify people of color. Limiting the use of facial recognition technology The policy would limit use of live facial recognition to situations of credible terrorism threatsNearby Berkeley, California, is considering its own prohibition of facial recognition systems by city government. Somerville, Massachusetts, has banned city departments from buying or using facial-recognition technology for any purpose. A Detroit civilian oversight board and the Board of Police Commissioners are reviewing a formal policy that would require other evidence to be used along with biometric search results to confirm a suspect’s identity. The policy would also limit use of live facial recognition to situations of credible terrorism threats. At the state level, Massachusetts and Michigan are considering moratoriums on use of facial recognition, and a bill in California would forbid police use of facial recognition in body cameras. There is a law in Illinois that requires companies to get consent from customers before collecting biometric information. Installing cameras and facial recognition system Lockport Schools in western New York state have recently drawn attention to their planned use of facial recognition. The school system plans to install dozens of surveillance cameras and a facial recognition system using $1.4 million of a state grant. The Aegis system (by SN Technologies in Canada) creates an ‘early warning system’ that informs staff if it detects individuals who are not allowed in the schools. The school system plans to install dozens of surveillance cameras and a facial recognition system The system will screen every door and also use object recognition to detect 10 types of guns. An initial implementation of the program this summer is meant to troubleshoot the system, train officials on its use, and discuss procedures with law enforcement in the event of an alert. Full implementation is planned in the fall. Abuse of facial recognition system However, New York State Education Department has asked Lockport Schools to delay use of facial recognition technology on students pending further evaluation, and a bill introduced in the New York State Assembly would halt use of the technology for a year for further study. The city of Orlando and Orlando Police Department are testing facial recognition technology to address public safety Abuse has also been a concern. A report from Georgetown Law’s Center on Privacy and Technology details widespread abuse of the New York Police Department’s facial recognition system, including image alteration and use of non-suspect images. The charges raise questions about the propriety of how expanding technical capabilities of facial recognition systems are implemented. Testing facial recognition for public safety The city of Orlando, Florida, and Orlando Police Department are testing facial recognition technology to address public safety, partnering with Amazon Web Services. One pilot ended in June 2018, and the most recent ended on July 18, 2019. Orlando has no immediate plants regarding future pilots. Light bulb-sized cameras were affixed to traffic signal poles along the city’s palm-tree-lined avenues. If a camera ‘sees’ someone, it sends a live video feed to Amazon’s facial ‘Rekognition’ system, cross-referencing the face against persons of interest. Only images of Orlando police officer volunteers were used for the test. Recently Congress has become attentive to privacy concerns and, now, the Senate is considering a bill that would limit businesses from collecting and tracking facial recognition data without consent.
Workforce management systems gather and analyze information and anomalies from security officers in the field. The information ranges from direct observations entered via mobile or desktop apps by officers on duty to reports from cleaning staff, the maintenance department, and CCTV operators. Taken together, the information yields business intelligence and data analytics at no additional cost. Trackforce is a provider of workforce management solutions specific to the security industry and its unique operational requirements. From tracking guard tours to managing incidents and officers remotely, the platform improves officer accountability, optimizes operations, and delivers actionable insights via a live dashboard to reduce vulnerabilities and enhance efficiencies. The platform is customizable and scales to each client’s business. Platform to control and identify risks “Corporate security teams deal with issues related to operational risk, facility security levels and design basis threats, and must contend with manmade, naturally occurring, and technological events,” says Guirchaume Abitbol, CEO and founder of Trackforce. “We provide them a platform that enables them to control and identify risks, deliver their service, and maintain security best practices.” Trackforce uses live monitoring to ensure quality control and to upgrade situational awareness, delivers real-time incident notifications Trackforce serves large security guard companies and global organizations in diverse vertical market sectors and is expanding in facilities management. More than 200,000 professionals at over 20,000 customer sites in 45 countries use the platform. Trackforce uses live monitoring to ensure quality control and to upgrade situational awareness, delivers real-time incident notifications, and generates data-rich analysis and key performance indicators (KPIs) that enhance monitoring and reporting. Reduces corporate risk Better management of corporate risk is a benefit of security workforce management. The Trackforce platform reduces corporate risk in four areas by: Managing multiple sites, located anywhere, with various threat levels, cultural differences, operating procedures, and regulations. Supporting a security budget and investment in new solutions by providing data necessary for budget approval. Keeping management informed about outsourced security services partners with relevant data, analytics, and transparency. Providing real-time data on risks and incidents so operations can be quickly optimized to ensure top-level security services. Identifying potential threats and risks The platform rapidly and accurately collates data (implied data or trends) based on user-selected parameters. Data- and intelligence-rich reports become available to managers from any location via a dashboard. All necessary information is displayed on a single screen in an uncluttered format.The ability to analyze current and historical data in real time empowers security managers to track patterns Reports can be downloaded and shared with stakeholders. The ability to analyze current and historical data in real time empowers security managers to track patterns, identify potential threats and risks, and implement preventative actions and strategies. Using data intelligence as benchmark Security teams will use data intelligence as a performance benchmark for resources required to accomplish site goals. They will also use this information to pilot and rationalize resource needs for impending contracts based on historical, descriptive (what happened), diagnostic (why did it happen), predictive (what will happen) and/or prescriptive data (how can we can make it happen). “For example, when a large company incurs incremental computer equipment theft, a supervisor can use the platform to review historical reports and identify patterns and anomalies,” says Abitbol. “The supervisor could then identify and proactively implement targeted strategies to mitigate the theft, such as modifying security routes, increasing patrols, or adjusting asset management protocols.” Enhanced control of security resources The Trackforce platform has been designed to serve clients at multiple regional and national locations and is available in many languages. The Command Center allows a security supervisor based at a central location to easily manage officers on multiple sites. The Command Center provides greater oversight and enhanced control of security resources The Command Center provides greater oversight and enhanced control of security resources. Management can compare locations and evaluate security with a customizable reporting dashboard for each site. The uniform platform uses the same reporting templates and processes for each secured and managed location, thus ensuring consistency and accurate benchmarking. Trackforce’s workforce management solution has low cost and presents a low barrier to entry, with systems that can be implemented in a short time.
There are over 55,000 electrical substations in the United States. These substations, along with power plants and transmission lines, provide power for millions of people. It is imperative that these locations remain secure from intrusion and sabotage. If just a handful of these substations were rendered inoperable, the U.S. could face a serious blackout. The 2013 sniper attack on PG&E Corporation’s Metcalf transmission substation, which knocked out several transformers and totalled over $15 million in damages, was a catalyst for the Federal Energy Regulation Commission (FERC) establishing new security standards for utilities. One of the most notable policies introduced was the Critical Infrastructure Protection Standard 014 (CIP-014). This statute requires utilities to identify ‘mission critical’ facilities and assets, conduct a security inspection to identify threat, and implement a security system to address those risks. Replacing traditional fencing systems VTI Security has been servicing security needs in the commercial, utility, and oil and gas sectors for over 35 yearsIn response to security incidents such as Metcalf and other FERC activities, a large electrical utility with hundreds of substations across the country looked to expand security beyond its fence line. The end user wanted to enhance and possibly replace traditional fence protection systems – including fiber optics, microwave barriers, and video analytics – as these systems all proved to be costly, as well as time and labor intensive. In the end, the utility company relied on VTI Security, an industry-leading integrator, for a recommendation. Based in Burnsville, Minnesota, VTI Security has been servicing security needs in the commercial, utility, and oil and gas sectors for over 35 years. To determine the best system for its end user, VTI reviewed six different technologies, including some with multiple vendors. VTI also tested systems in field deployments and conducted cost analysis. The integrator concluded that SpotterRF’s product was superior to all others and selected it as its sole radar standard for perimeter solutions. SpotterRF perimeter protection solution “Our findings were that SpotterRF not only provided the most comprehensive detection in a substation environment, but SpotterRF was also by far the most cost-effective total solution based on the ability to mount equipment on existing structures,” said Jerry Klapak, Senior Account Manager for VTI Security. SpotterRF provides perimeter protection through its patented Compact Surveillance Radar (CSR) systems SpotterRF, based in Orem, Utah, provides perimeter protection through its patented Compact Surveillance Radar (CSR) systems, which provide up to 300 acres of radar tracking power in a hand held, four-pound device. The CSRs enable security monitors to never be blind, providing 100 percent coverage, 24 hours a day, in all weather conditions. They are designed to detect threats up to 3300 feet beyond the fence line and provide early warnings to staff before situations escalate. PT-Series thermal camera While radar casts a wide circle to detect the presence of potential intruders, the FLIR thermal camera provides visual verification along specific perimeters. Upon selecting a radar system, VTI needed a video manufacturer to supply cameras to deploy with the radar. In 2015, the integrator approached FLIR Systems for a solution and selected PT-Series thermal camera for the project. “The ability for FLIR's products to perform beyond published performance specifications was a surprise we don’t often see,” said Klapak. “Each product exceeded published performance metrics on our field testing and actual deployments.” Features thermal and visible-light imaging SpotterRF radars, combined with FLIR PT-Series cameras, deliver maximum coverage and perimeter protectionThe PT-Series is a pan/tilt camera that features both thermal and visible-light imaging. The pan/tilt mechanism gives end users precise pointing control, fully programmable scan patterns, and both radar slew-to-cue and slew-to-alarm functions. With the radar and thermal technologies selected, VTI worked to ensure seamless integration and performance between the two systems. “We worked with each company’s support and development teams, as well as the VMS manufacturer, to ensure the technologies not only worked with one another, but also met the client’s needs for bandwidth consumption and VMS interface and display,” said Klapak. Together, SpotterRF C20 and C40 radars, combined with FLIR PT-Series cameras, deliver maximum coverage and perimeter protection. Cost-effective solution for substations "The FLIR PT-Series, when deployed with SpotterRF, can cover a wide area of substation footprint. It is a cost-effective solution for substations needing to monitor the perimeter as well as inside the yard," said Michael Chaffee, Director of Business Development at FLIR Systems. “The speed at which the FLIR PT-Series slews to the cue of the SpotterRF detection is impressive." A number of environmental factors affected performance, including weather" When someone walks into the field of view of SpotterRF’s C20 or C40 radar, the radio waves bounce off the person and back to the radar, which then calculates the precise GPS location of the target, as well as its size. The radars then tell the FLIR PT-Series camera to zoom to that location. The camera automatically stays on and tracks the target. Because the radars control the cameras, the cameras only move upon detection, which significantly extends the shelf life of the cameras, allowing them to last for years without replacement. Locates person in a 15 or 100-acre space This FLIR and SpotterRF solution addresses an important pain point for the perimeter security and intrusion detection market. “In the past, utilities tried to use video analytics to find targets. Because these systems were outdoors, a number of environmental factors affected performance, including weather, lighting and moving trees,” said Logan Harris, CEO of SpotterRF. “However, by combining our radar with FLIR’s pan tilt thermal cameras, you’re able to solve this problem.” He added, “Together, SpotterRF’s radar technology and FLIR’s thermal imaging are able to locate a person in a 15 or 100-acre space, see hundreds of yards beyond the fence line, cue the camera, and alert the personnel, all without the help of an operator.” Activates security lighting based on motion One surprising benefit was the ability to use both the thermal cameras and radars for additional security and production uses"In the past, only military organizations could access this level of advanced technology. Now, the FLIR and SpotterRF solution makes this security capability accessible and affordable for critical infrastructure, power distribution and commercial applications. "Our client is very pleased with the ability of the technologies to provide security for their critical sites," said Klapak. "One surprising benefit was the ability to use both the thermal cameras and radars for additional security and production uses. They now use the radars to activate security lighting based on motion within and outside the fences. This provides not only a green approach to security by lowering energy costs but also improves customer relations by reducing light pollution in residential neighborhoods.” The entire team was also impressed by the solution’s minimal installation time. Unlike installing fiber optic cables on fence lines, which requires months for digging trenches, the FLIR PT camera and SpotterRF radar can be mounted easily on control shacks or lattice poles within a week. Four times faster installation of systems “The deployment occurred four times faster than it was anticipated,” said Harris. “VTI installed the systems at 25-30 sites in just three months.” VTI began installation in 2016, with plans to roll out the solution in a phased approach as part of a multi-year plan. Approximately 50-75 sites will deploy the camera and radar solution. On average, each substation has two FLIR PT-Series cameras and four SpotterRF radars. Some of VTI’s other clients are also expected to deploy the same solution at 10-20 sites over the next few years, based on the success VTI has proven in the utility environment.
Crossword Cybersecurity plc, has announced that Stevenage Borough Council, Peterborough City Council and East Hertfordshire District Council (‘the Councils’), will use Rizikon Assurance to manage compliance with the GDPR (General Data Protection Regulation) with their suppliers and for wider information governance. GDPR compliance GDPR makes many requirements of organizations, including taking adequate steps to ensure data is both encrypted and anonymized, so that in the event of a breach, the data cannot be exploited. Infringements under GDPR can lead to fines of €20 million, or 4% of annual global turnover for an organization. Data breaches can be accidental, through the loss of a laptop for example, or as a result of an intentional breach or cyber-attack With a combined residential population of over 430,000, the Councils have a duty to ensure that the personal information of all residents is adequately protected against the risk of data breach, either by the Councils themselves or the third-party suppliers and agencies with which they work. Data breaches can be accidental, through the loss of a laptop for example, or as a result of an intentional breach or cyber-attack. GDPR risk exposure Using Rizikon Assurance, the Councils will improve the process and accuracy of securing third party assurance. This will support compliance with GDPR, and establish a way to manage on-going assurance checks when needed at regular intervals. Additionally, the Councils will be in a position to identify GDPR risk exposure across their supplier portfolio, so that remedial action can be taken to improve the protection of citizen data. Jake Holloway, Director responsible for Rizikon Assurance, commented, “The role of every public service organization is to serve its citizens, often holding personal information about them on many sensitive topics such as health, benefits and education. With that comes the responsibility of ensuring that information is protected, especially when it needs to be shared with partner organizations.” Rizikon Assurance Jake adds, “Rizikon Assurance will help any organization dramatically improve the speed and reliability of its third-party assurance processes, covering areas such as GDPR, health & safety, the Modern Slavery Act and any other requirements that they may have. It moves third party assurance from a siloed and reactive activity, to a connected, proactive continuous process that delivers a complete view of third-party risk.”
Manufacturer ROCKWOOL International A.S. has chosen Nedap’s Global Client Programme to secure its offices and factories worldwide. AEOS, the physical security platform by Nedap, installed during the program, enables ROCKWOOL to establish a truly global security policy and unified work processes. An advanced project rollout, the Global Client Programme is developed for large multinationals and offers several benefits, including standardization across sites, shorter implementation times and cost efficiencies. Standardizing Company’s Security Measures The Global Client Programme connects all of ROCKWOOL’s factories and office premises, and standardises the company’s security measuresROCKWOOL has 28 factories across the world. The Global Client Programme connects all of these factories and ROCKWOOL’s office premises, and standardizes the company’s security measures throughout the world. Fokko van der Zee, managing director at Nedap Security Management, says: “The implementation of a standardized security solution across the world is a complex process. It involves a large project spanning many years and involving many stakeholders, and demands a high level of project management. In the absence of a structured program with defined guidelines, a global security rollout is likely to be a stressful execution. That’s why we set up our carefully designed Global Client Programme.” ROCKWOOL Digital Service Lead, Matthew Thorne, agrees: “We’ve worked with Nedap over the past few years and recently became a member of their Global Client Programme. Now we’re equipped with the people and tools we needed to standardize our physical security solution. The Global Client Programme also minimizes risk and guarantees compliance. It really meets our needs in every possible way.” Central Security Platform Saves Money The program helps achieve cost savings by avoiding initial setup costs per site and having one central security platform instead of severalThe Global Client Programme is designed to ensure monitoring and control during every step of the rollout process. Timon Padberg, responsible for business development at Nedap Security Management, explains: “The repetitive nature of local site deployments allows us to work with models and templates, such as standard proposal and calculation documents. We can therefore produce a scalable process that ensures uniformity and a consistently high quality of implementation across each site.” By using the Global Client Programme, ROCKWOOL is aiming for uniformity and alignment across all sites. The program also helps achieve cost savings by avoiding initial setup costs per site and having one central security platform instead of several. Moreover, there are significant savings on operational and maintenance costs due to shared services and economies of scale.
Premier League football club Everton FC has deployed SureCloud’s GDPR suite to manage and monitor its data and GDPR compliance, enabling the club to work towards GDPR compliance, optimize internal processes and position it strategically for the future. The solution replaced Everton FC’s manual data mapping and processing methods. Manual Data Mapping And Processing Everton FC’s databases are extensive, containing details on over 32,000 season ticket holders and over 600,000 registered fans, with details on around 360 employees, players, agents, suppliers, and individuals associated with the club’s community charity and partner school. Much of this information is sensitive. This data and all of the processes associated with it were being manually managed and tracked in a series of Excel spreadsheets. With multiple requests and queries to respond to every day, the club’s Data Protection Officer was struggling to record and manage smaller ad hoc queries, incidents, and tasks. With GDPR due to place much tighter restrictions on how the club processed, managed and shared its data – as well as on the reporting of any incidents that did occur – the club needed a more comprehensive and reliable tool in place before 25th May 2018. SureCloud Platform The club approached its long-standing IT support provider NCC to find a solution. NCC recommended the SureCloud GDPR Suite, delivered on the SureCloud platform. After SureCloud had successfully demonstrated the ability to provide full visibility for management and automation of GDPR processes across the organization, Everton FC selected its cloud-based suite of solutions. Two dashboards were created according to Everton FC’s specific needs Two dashboards were created according to Everton FC’s specific needs: one to show all data mapping and transfers, including where data is being held and who it is being shared with; and one showing incidents and requests, including a subject request register and incident tracker path. This gives an immediate overview of which requests are still outstanding, such as a request for an individual’s personal information to be erased from the database. SureCloud GDPR Suite The five applications Everton FC chose to deploy from the SureCloud GDPR Suite were: GDPR Program Tracker - to enable the club to map all its disparate data and workflows using intelligent risk-based questions GDPR Management – to provide all mandatory GDPR business-as-usual processes Information Asset Management - to record and maintain the club’s entire data inventory Compliance Management for GDPR - to help Everton FC speed up their process of attaining compliance and on-going real-time risk remediation Incident Management for GDPR – to meet the GDPR requirement to log, track and notify the ICO of any data breaches, should an incident arise Ian Garratt, Data Protection Officer at Everton FC said: “The penalties for not achieving GDPR compliance are severe – up to 4% of our revenues, or €20 million. It was imperative that we got a solution in place that could not only help us achieve GDPR compliance but would also make it quick and easy for us to demonstrate that compliance at any point, on request. SureCloud’s GDPR Suite fit the bill.” Centralized Data Management Now, all of Everton FC’s disparate data are mapped, risk-assessed and tracked in a single centralized system “We are now tracking and recording every single data request in a centralized way. With NCC’s support, SureCloud’s solution has brought a comprehensive clarity to our data processing that was impossible to achieve with manual spreadsheets. The system is so intuitive; it has helped us streamline multiple processes and undertake impact assessments that we couldn’t handle before.” Now, all of Everton FC’s disparate data are mapped, risk-assessed and tracked in a single centralized system. All changes and requests are automatically tracked so that activity records and data audits can be produced at the click of a button. Should an incident like a suspected data breach occur, it is identified and reported immediately and automatically. The club’s data protection team can select which asset has been affected and immediately determine the severity of the incident and whether it needs to be reported to the ICO. Should it need to be escalated, the report is available instantly. Data Processing, Documentation And Risk Management Ian Garratt added: “The SureCloud GDPR Suite isn’t just a compliance tool; it’s a comprehensive management tool. We now have a continuous, real-time status of where we are and what we need to be doing in terms of data processing, documentation and risk management. It would have simply been impossible to achieve this manually. SureCloud has not only helped us to work towards GDPR compliance they have optimized our internal processes and positioned us strategically for the future.” In addition to deploying five applications within the GDPR suite, SureCloud is currently adapting its Incident Assessment tool to meet Everton FC’s specific requirements.
To succeed in business, one must be brilliant at one thing. In many cases it’s a skill, such as art, coding, engineering or design. Or that one brilliant attribute can also be a personality trait or a business process. No business will be successful unless it is at least adequate, and preferably superb, in product development, sales, and customer engagement - not to mention finance, planning, marketing and recruiting. Too many VMS producers are trying to do all these things themselves when they should be doubling up on what they are best at and leveraging the rest. It is a new mindset. Instead of obsessing about which ‘me-too’ product to supply, software producers could make their first priority finding complementary and compatible partners. Developing A Partnership Ecosystem One partner might see the opportunity to sell a solution. Another partner might know a better way to distribute a product. A third partner might provide the vertical expertise to get the customer a perfectly tailored solution. By leveraging partners and developing a partner ecosystem, a company will tend to have more unique offerings and the ability to execute faster in an ever-changing world. All this additional partner horsepower is still no guarantee a company will succeed but partnerships will also give a company a feedback channel. Many stand-alone companies plod along, never quite failing, but never getting better either. Partners are less likely to tolerate business limbo. They will be quick to utilize great products, and less wedded to the concept if it doesn’t prove out. Because the partners are in close contact with the market, they are the first responders to changing or developing needs. This is why a company should listen very closely to their partners: They are the feet on the street and the ears to the beat! Open Platform Matters Producing software takes time, and producing great software takes even longer All of this is not possible, however, if a company produces closed platform software. This is software whose functions can only be changed by the original developers. Producing software takes time, and producing great software takes even longer. This means low agility. The partners might identify great opportunities, but before the closed platform software producer can react, the opportunities might be gone - or worse, be grabbed by competitors. The slow reaction capabilities of closed platform providers will frustrate partners and may lead to the worst of all complications in a partnership: distrust. Add-On Modules and Intrinsic Scripting When the products are based on an open platform, however, they are adaptable. Then the partners have the ability to change the solution through the open software architecture. Not by changing the basic code (that would be open source) but by add-on modules and intrinsic scripting abilities. Total Integrated Solution Open platform means that the partner can easily extend and enhance the software into a total integrated solution Open platform means that the partner can easily extend and enhance the software into a total integrated solution to fulfill the customer’s needs with the minimum of effort. This gives agility, and agility means fast go-to-market abilities. Just what is needed in this fast-moving world. There are some important things to note here. The ways to extend and enhance the software have to be easy and well documented. The partners must have access to training and knowledge sharing. (It does not help to have a system for extending the capabilities of the software if the partners have to guess at the process and the documentation is rudimentary.) Open Access Is Key It is important that the business philosophy is based on openness, giving the partners full access to all relevant information. And openness is a two-way street: By being open for your partners, you also have to be open about their business. A partner might be able to develop a highly sophisticated solution but be unable to market the solution. By building a catalog of partner solutions easily accessible to customers, openness extends to ensure open access to the partners. Openness is not something a business can just tack on to their approach. It has to be in the DNA of the business from the start. In a Harvard Business Review article entitled ‘Predators and Prey: A new ecology of competition,’ JF Moore says: “A business ecosystem, like its biological counterpart, gradually moves from a random collection of elements to a more structured community.” Structured Business Ecosystem Milestone has seen this progression within the company's ecosystem Milestone has seen this progression within the company's ecosystem. They introduced training and certification requirements as part of the partnership success structure, ensuring knowledge is shared and also used in a way that is most mutually beneficial for all involved. Moore also writes: “Every business ecosystem develops in four distinct stages: birth, expansion, leadership and self-renewal.” At present, Milestone and its partners are entering into the ‘leadership’ stage, where video enabling is creating opportunities beyond those offered by a traditional video surveillance system, and into areas that provide additional business benefits to our customers. Video Enabling “A leader must emerge in the ecosystem,” Moore says, “to initiate a process of rapid, ongoing improvement that draws the entire community toward a grander future.” This is the role Milestone has played in leading the industry towards the video enabling phase and redefining the industry’s expectations of what a surveillance system is capable of. In the article, Moore underlines that “executives whose horizons are bounded by the traditional industry perspectives will find themselves missing the real challenges and opportunities that face their companies.” Getting Connected Connectors are those people with a wide range of contacts across different social circles In his book The Tipping Point, Malcolm Gladwell describes what he calls ‘The Law of the Few,’ which says: "The success of any kind of social epidemic is heavily dependent on the involvement of people with a particular and rare set of social gifts." This is based on the 80/20 principal, “which is the idea that in any situation roughly 80 percent of the 'work' will be done by 20 percent of the participants." He goes on to identify three types of people with these gifts: Salesmen, who are skilled in persuasion and negotiation; Mavens, who collect and disseminate useful information; and Connectors. Connectors are those people with a wide range of contacts across different social circles who can make introductions and create links between otherwise disparate individuals. Milestone, Key Connector In Physical Security Industry In the wider scheme of things, Milestone effectively acts as a ‘Connector’ in the business ecosystem and in the overall physical security industry. Milestone brings together companies who are brilliant in their respective fields and make it easy for them to work together to create a valuable solution for the customer. The company provides the environment for that to occur and work closely with them to ensure that the end result is useful and effective. At Milestone, partners realized that significant investments in education and training was required to create the demand for the company's products and solutions that the conservative physical security industry required. The value of partnership was learnt and the ‘open’ approach adopted, which was a central part of the thinking behind our software. Adopting The Scandinavian Management Model Milestone effectively acts as a ‘Connector’ in the business ecosystem and in the overall physical security industry Milestone extended this approach to the entire business model, creating the ecosystem that has been the driving force for success. And while the company embraced the best of the Scandinavian management model, its inclusiveness and encouragement of creativity, they still needed to have the courage to make changes to the business, changes which would ensure the best possible position to take on whatever challenges the future might hold. Milestone Partner Ecosystem Milestone have always worked in a partner-driven business mode. The company from the start was designed to be open and partner oriented. The Milestone partner ecosystem is a fundamental part of its mindset and daily operations. It is one of the major reasons for getting the company to the position where it is today. To be in a company without the partner component would be like cutting the internet and phone cables while reverting to telex and written paper letters! The company would be developing products in the dark, not knowing the demand. Open Business World Today, Milestone's partners are delivering optimal solutions to mutual customers, building a better and open business world with video as a business enhancer. All thanks to the company's open platform and community approach. To have a flourishing partner ecosystem, one must think not as a corporation but in human terms. Because companies don’t think, humans do. In all senses of the word, there is one thing that will contribute more to the success of a partnership than anything else; 'Give before hoping to receive'.
The Security Industry Association (SIA) has expressed strong support for MI HB 5828 and HB5830, two bills designed to improve school security across the state of Michigan. Michigan Legislation In a letter to Michigan House of Representatives Committee on Appropriations Chairwoman Laura Cox and Vice-Chair Rob VerHeulen, SIA CEO Don Erickson praised the bills’ creation of a comprehensive school plan and fund to enable local districts to procure security solutions to protect students from malicious perpetrators and update building code requirements to include security measures. “Sadly, our nation’s schools have increasingly become a soft target for mass violence – at Sandy Hook Elementary, recently at Stoneman Douglas High School and in many other attacks,” said Erickson. “We support holistic approaches to improving school safety and security in response to these tragedies – recognizing there is no single action that can be taken that will, by itself, make our schools safe.” SIA is a co-founder of the Partner Alliance for Safer Schools (PASS), a consortium of school security experts Improving School Security SIA represents about 900 security and life safety solutions providers – companies that develop, manufacture and integrate technologies that help keep people and property safe from hazards. These industry leaders strive to introduce robust security solutions integrated into our nation’s K–12 public schools, private academic institutions, colleges and universities. In addition to serving member organizations working to improve security in schools and other environments, SIA is a co-founder of the Partner Alliance for Safer Schools (PASS), a consortium of school security experts that developed threat- and income-based guidelines for schools housing grades K–12 to implement appropriate, layered security measures. These guidelines are available to help guide school investments. Additionally, PASS provides integrators with risk assessments and white papers that can be used when working with schools to evaluate and establish the best security protections for their buildings. SIA believes state assistance like that in the Michigan legislation is a start to addressing key security gaps in schools and is especially critical to high-risk school districts or those with limited budgets.
Round table discussion
The definition of a standard is “an authoritative principle or rule that usually implies a model or pattern for guidance, by comparison with which the quantity, excellence, correctness, etc., of other things may be determined.” In technology markets, such as physical security, standards are agreed-upon language, specifications or processes that are used across the board by multiple stakeholders to enable easier interconnectivity and smoother operation of systems. We asked this week’s Expert Panel Roundtable: How are standards shaping change in the physical security market?
Statistically speaking, incidents of terrorism are unlikely to impact most businesses and institutions. However, the mere possibility of worst-case-scenario attacks is enough to keep security professionals awake at night. Compounding the collective anxiety is the minute-by-minute media coverage when an attack does occur. The immediacy of the shared experience of global tragedy impacts us all – including security system decision-makers. We asked this week’s Expert Panel Roundtable: How is the rise in terrorism impacting the physical security market?
The concept of how security systems can contribute to the broader business goals of a company is not new. It seems we have been talking about benefits of security systems beyond “just” security for more than a decade. Given the expanding role of technologies in the market, including video and access control, at what point is the term “security” too restrictive to accurately describe what our industry does? We asked the Expert Panel Roundtable for their responses to this premise: Is the description “security technology” too narrow given the broader application possibilities of today’s systems? Why?