Subscribe to On the Editor's Desk RSS Feed

On the Editor's Desk

by: Paul Ragusa - Wednesday, March 29, 2017

It is only March, but I think it is safe to call 2017 the “year of cybesecurity” as the industry has doubled down on its focus to secure everything IP.

This cyber mania, so to speak, is not unfounded, as the security industry is learning firsthand—from recent highly publicized DDoS attacks and increased ransom-ware attacks to more and more stories of compromised cameras and security systems—that the convergence of physical security and IT is creating a new set of challenges and security risks.

As I prepare for ISC West, I am not surprised to see that this year’s keynotes will be focusing on cybersecurtiy. I am very interested to hear what Philip Celestini, section chief, FBI Cyber Division, has to say in his keynote, “The FBI View of Cybersecurity: Threats, Trends and Protective Strategies,” on April 5 at 8:45 a.m.

I am particularly interested to hear how far the FBI has come in the past year in its war on cybercrime, as Celestini spoke on this topic at ESX 2016, providing some eye-opening statistics on the high cost of cyber attacks.

For example, at ESX last year Celesini pointed out that ransom-ware attacks went from causing $25 million in losses to $200 million in just one year in the U.S., as well as an astonishing $2 trillion in cyber crime losses worldwide. I wonder where those numbers are this year?

The next morning at 8:45, a panel discussion, “DDoS Threat Landscape & Defensive Countermeasures,” will look at how October 2016’s attack on Dyn’s DNS infrastructure was a gloomy wake-up call to the online community at-large. The panel will look at the role that IoT devices played in the attack against Dyn, as well as the attack against Krebs prior to it, as well as defensive countermeasures with a strong emphasis on preparedness ahead of these attacks.

And later in the day at 1:45 p.m., Matthew Rosenquist, cyber security strategist for the Intel Corporation, will present his keynote, “How Cyber-Attacks are Changing the Expectations of Security, Privacy, and Safety,” looking at the growing types of incidents and challenges in the industry that are driving shifts in expectations for security, privacy and safety, presenting a glimpse of the future where both risks and opportunities abound.

See you in Vegas!

Topic:
by: Paul Ragusa - Wednesday, March 22, 2017

Companies across industries are increasingly leveraging the cloud for security applications, with 42 percent of respondents in a new study commissioned by Schneider Electric indicating they currently run security applications in the cloud and almost half (45 percent) stating they are likely or extremely likely to transition security operations to the cloud in the future.

The survey, conducted by Morar Consulting, included input from more than 300 U.S. CIOs, CTOs, IT directors, security/facilities managers and operations personnel across industries including construction and trade, education, financial services, healthcare, IT/technology, manufacturing and industrial and professional and business services.

“Leveraging the cloud for security applications is becoming increasingly accepted—and required—as we move into a 24/7 digital world,” Steven Turney, security program manager, Schneider Electric, said in the announcement. “Especially for companies where security management improvements are imminent, it makes sense to consider innovation at every level of their organization to meet their security needs. As businesses are required to be more agile, the cloud helps to unify and simplify security measures so an organization’s data, people and assets are constantly protected.”

According to the findings, organizations utilize the cloud for existing applications including data storage, human resources, email and security, and are eager to continue adopting it for security operations, with 57 percent of respondents believing the cloud is secure, including IT and technology professionals having the most confidence (78 percent), followed by education (70 percent), construction (68 percent) and financial services (52 percent). However, some skeptics remain, with 18 percent of respondents indicating they do not trust the cloud.

“Nearly three-fourths of respondents said network security is an important feature for security systems in their organizations,” the study’s authors found. “While the state of security continues to advance, respondents indicate security systems aren’t where they should be in order to adopt emerging technologies (54 percent), and despite business leaders being supportive of emerging technology (95 percent), many barriers to adoption exist.

Organizational/administrative barriers such as procedures, lack of perceived value and ROI were the top barriers identified that are inhibiting organizations from achieving their security goals, according to the study.

“While integration remains an obstacle to achieving security goals, almost 80 percent feel it is important to integrate security systems with other buildings and IT systems as part of an organization’s cloud strategy,” the study found. “Currently, photo ID badging, active directory, intrusion and CCTV are the top four systems organizations integrate into their security systems. The two top non-security systems organizations currently integrate with their security systems are automation and lighting.”

To learn more about the study, you can review the full results here.

Note: SSN continues to report on this story, including an upcoming interview with Steven Turney, security program manager for Schneider Electric.

by: Paul Ragusa - Wednesday, March 15, 2017

With drone technology gaining traction within the security space, it only makes sense that the discussion includes anti-drone technology, as the issues of privacy and rules and regulations regarding flight restrictions must come into play.

At this year’s ISC West in April, for example, the show’s inaugural Unmanned Security Expo—which has its own section of the show floor with a “flying cage” featuring ground-based robots and aerial drones in action—will also include an education portion addressing topics such as anti-drone technologies and drone use in law enforcement.

Many security companies have already developed or are developing anti-drone technology, ranging from machine-gun looking devices that can block communications and knock a drone from the sky, to technology that intercepts the drone’s signal, assuming control, so to speak.

The government is getting involved, of course; the Department of Homeland Security’s Science and Technology Directorate, Program Executive Office Unmanned Aerial Systems (PEO UAS), recently sent out a “request for information for participation” or RFIP, which “seeks technology solutions that are capable of detecting, identifying, and tracking, and identifying small unmanned aerial systems (SUAS) that are perceived as threats to people or critical infrastructure to participate in the DHS S&T 2017 Technical Assessment of Counter Unmanned Aerial Systems (C-UAS) Technologies in Cities (herein called TACTIC).”

DHS S&T established the Program Executive Office for Unmanned Aerial Systems (PEO UAS) to lead DHS efforts in guiding, advising and enabling technology solutions in this area, and as part of this RFIP invites industry, academia, and other government organizations to submit applications addressing innovative technology solutions for assessment during TACTIC.

This is certainly an interesting time as we enter into the robotics as a service (RaaS) era within security. In our recent news poll, many respondents commented that they see great potential for drone and other robotic technology within security; many agreed that it is just a matter of how quickly these technologies are adopted.

 

Topic:
by: Paul Ragusa - Wednesday, March 8, 2017

Although a ton of research has been coming out recently looking at the high ceiling for smart or connected home growth over the next few years—Parks Associates says that half of homes will have a connected product by 2020—a recent study by research firm Gartner Inc. finds that only about 10 percent of households currently have connected home solutions.

Gartner found that adoption of “newer connected home solutions is still at the early adopter phase,” a conclusion based on responses from nearly 10,000 people in U.S., the U.K. and Australia during the second half of 2016. According to the study, “connected home solutions” consist of a set of devices and services that are connected to each other and to the Internet and can automatically respond to preset rules, be remotely accessed and managed by mobile apps or a browser, and send alerts or messages to the user (s).

"Although households in the developed world are beginning to embrace connected home solutions, providers must push beyond early adopter use," Amanda Sabia, principal research analyst at Gartner said in the announcement. "If they are to successfully widen the appeal of the connected home, providers will need to identify what really motivates current users to inspire additional purchases."

The survey found that home security alarm systems, the more established of connected home solutions, have nearly double the adoption rates (18 percent) of newer connected home solutions such as home monitoring (11 percent), home automation or energy management (9 percent), and health and wellness management (11 percent). Overall adoption rates were five- to six percent greater in the U.S., where they were first marketed.

However, excluding home security alarm services for which a monthly fee is generally paid, solution providers may find monetizing connected services challenging as the survey revealed that less than half of households currently pay for subscription-based home monitoring and automation/energy management solutions.

“In the U.S., where the home monitoring industry is more developed, 59 percent of households with a home monitoring solution indicate they do pay a monthly fee, thus proving they see value for these solutions,” according to Gartner. “However, charging for subscriptions for home automation/energy management and health and wellness solutions is more of a challenge since more than half of current households are already using these services free of charge.”

Using a scale of 0 to 100, respondents were asked about their feelings and preferences toward the value of devices, appliances and applications in the connected home ecosystem. Three-quarters of respondents indicated they are happy to manually set temperature and lighting controls versus only one-quarter who expressed an interest in having devices anticipate needs in the home. Furthermore, 58 percent of respondents showed a preference for separate, independent, stand-alone devices.

The study found that respondents are starting to see the value of one app for integrating their connected home devices, appliances and services as well as the importance of brand certification for their connected home devices and services. More than half of the respondents (55 percent) rated 51 or more toward the preference of one app integrating connected home devices and services, while 58 percent rated 51 or more toward the importance of hardware and services being certified by a specific brand.

"Messaging needs to be focused on the real value proposition that the complete connected home ecosystem provides, encompassing devices, service and experience," Jessica Ekholm, research director at Gartner, said in the announcement. "The emphasis needs to be on how the connected home can helps solve daily tasks rather than just being a novelty collection of devices and apps."

Ekholm will provide further analysis on consumers’ use of technology at the Gartner Tech Growth & Innovation Conference 2017 taking place June 19-21 in Huntington Beach, Calif.

Topic:
by: Paul Ragusa - Wednesday, March 8, 2017

Although a ton of research has been coming out recently looking at the high ceiling for smart or connected home growth over the next few years—Parks Associates says that half of homes will have a connected product by 2020—a recent study by research firm Gartner Inc. finds that only about 10 percent of households currently have connected home solutions.

Gartner found that adoption of “newer connected home solutions is still at the early adopter phase,” a conclusion based on responses from nearly 10,000 people in U.S., the U.K. and Australia during the second half of 2016. According to the study, “connected home solutions” consist of a set of devices and services that are connected to each other and to the Internet and can automatically respond to preset rules, be remotely accessed and managed by mobile apps or a browser, and send alerts or messages to the user (s).

"Although households in the developed world are beginning to embrace connected home solutions, providers must push beyond early adopter use," Amanda Sabia, principal research analyst at Gartner said in the announcement. "If they are to successfully widen the appeal of the connected home, providers will need to identify what really motivates current users to inspire additional purchases."

The survey found that home security alarm systems, the more established of connected home solutions, have nearly double the adoption rates (18 percent) of newer connected home solutions such as home monitoring (11 percent), home automation or energy management (9 percent), and health and wellness management (11 percent). Overall adoption rates were five- to six percent greater in the U.S., where they were first marketed.

However, excluding home security alarm services for which a monthly fee is generally paid, solution providers may find monetizing connected services challenging as the survey revealed that less than half of households currently pay for subscription-based home monitoring and automation/energy management solutions.

“In the U.S., where the home monitoring industry is more developed, 59 percent of households with a home monitoring solution indicate they do pay a monthly fee, thus proving they see value for these solutions,” according to Gartner. “However, charging for subscriptions for home automation/energy management and health and wellness solutions is more of a challenge since more than half of current households are already using these services free of charge.”

Using a scale of 0 to 100, respondents were asked about their feelings and preferences toward the value of devices, appliances and applications in the connected home ecosystem. Three-quarters of respondents indicated they are happy to manually set temperature and lighting controls versus only one-quarter who expressed an interest in having devices anticipate needs in the home. Furthermore, 58 percent of respondents showed a preference for separate, independent, stand-alone devices.

The study found that respondents are starting to see the value of one app for integrating their connected home devices, appliances and services as well as the importance of brand certification for their connected home devices and services. More than half of the respondents (55 percent) rated 51 or more toward the preference of one app integrating connected home devices and services, while 58 percent rated 51 or more toward the importance of hardware and services being certified by a specific brand.

"Messaging needs to be focused on the real value proposition that the complete connected home ecosystem provides, encompassing devices, service and experience," Jessica Ekholm, research director at Gartner, said in the announcement. "The emphasis needs to be on how the connected home can helps solve daily tasks rather than just being a novelty collection of devices and apps."

Ekholm will provide further analysis on consumers’ use of technology at the Gartner Tech Growth & Innovation Conference 2017 taking place June 19-21 in Huntington Beach, Calif.

Topic:
by: Paul Ragusa - Wednesday, March 1, 2017

As I sit here in Florida, at the beautiful Delray Beach Marriott, basking in the 80-plus degree temps and relaxing ambiance, I reflect on Security Systems News’ highly successful two-day conference that wrapped up here yesterday.

From the opening keynote, “Cheaper, Faster, Better” by Jack Wu, co-founder and CEO of Nightingale Security—who looked at the current capabilities and future potential of robotics in security (including flying a drone in California from his iPad)—and eight thought-provoking education sessions to the “20 under 40” award reception and invaluable networking, TechSec took on many of the hottest topics in the industry while looking at how integrators can best leverage today’s emerging technologies.

Over the next few weeks, you will see extensive coverage and articles from SSN staff on each session, as well as pictures of the many great panel discussions and of our “20 under 40” integrator and end-user award winners—they represent this next generation of tech-savvy security professionals who will lead the industry into the future. 

As we begin to enter the trade show season here in the industry, with ISC West, ESX and ASIS, to name just a few, we are excited to delve even deeper into the topics and trends that are driving the industry today. 

by: Paul Ragusa - Wednesday, February 22, 2017

CORK, Ireland—Johnson Controls released a “call to action” whitepaper on cybersecurity this week in an effort to help the industry to better protect all of the data that is being produced throughout smart buildings today.

“As data becomes more and more prevalent throughout the buildings where we live and work, so does the need to protect that data; it is no longer enough for a building to be smart—it must now be cybersmart,” according to the new whitepaper, “Cybersmart Buildings - Securing Your Investment in Connectivity and Automation” published jointly by Johnson Controls and Booz Allen Hamilton, a management and technology consulting and engineering firm. This whitepaper provides a roadmap for building managers, building owners, contractors and others to act to protect their information.

“Research clearly demonstrates that cybersecurity is a critical need at a critical hour for buildings around the world,” Bill Jackson, president, Johnson Controls Global Products, said in the announcement. “As building technology and data converge, we must be increasingly vigilant.”

This collaboration between two companies, with more than 200 years of combined expertise in their industries, illustrates the progress being made in raising awareness of the need for cybersecure smart buildings, coined “cybersmart buildings” in the white paper.

“Securing smart buildings and building systems more generally, is a shared responsibility requiring focus and commitment from the manufacturer, integrator, and customer,” Jason Rosselot, director of Johnson Controls’ global product security, said in the release. “Just as two industry leading companies were able to collaborate to create this whitepaper, so too can smart building stakeholders partner to follow these recommendations and create cybersmart buildings.”

Jackson added, “Defending against cyber threats today and tomorrow requires the secure design, development and deployment of building automation systems and controls.”

According to the 2016 State of Industrial Control System (ICS) Security Survey by SANS, 67 percent of participants perceived severe or high levels of threat to control systems, up from 43 percent in 2015.

“Smart buildings are now at the forefront of this battle—with tremendous complexity and integration of systems, they represent an increasingly valuable target,” according to the whitepaper. “Connectivity and automation create entry points for cyber attacks with potential safety, continuity, quality and privacy impact. But we can’t let this risk cripple innovation.”

According to the whitepaper authors, cybersecurity can be “a business enabler for smart buildings. When done well, cybersecurity is about insuring your investment and assuring your ability to reap the transformative benefits that connectivity offers,” including working “with the right partners to secure your investments when assessing and deploying smart building systems or retrofits.”

The whitepaper, which can be found here, summarizes key insights to help set an agenda for cybersmart buildings.

Topic:
by: Paul Ragusa - Wednesday, February 15, 2017

Smart-home product U.S. dollar sales grew 57 percent in 2016 compared with the prior year, according to recent findings from market research firm The NPD Group.

According to the study, security and monitoring products led the category, making up more than 60 percent of dollar share, with smart entry devices, such as smart doorbells, growing 171 percent in dollar sales and 206 percent in unit sales compared with 2015.

The market research firm said awareness levels of smart home devices have fluctuated, but cited the smart doorbell as a category that witnessed growth in both awareness and ownership; ownership of smart doorbells inched up 2 percent while awareness grew 4 percent.

According to IHS Markit, the global market size for video doorbells, which was at $78 million in 2015, is expected to experience a 28 percent CAGR over the next five years, with North America leading the way.

Video doorbells, many times, are a homeowner’s first foray into video surveillance in and around the home.

“Video doorbells are only just beginning to gain traction among residential consumers,” Anna Sliwon, analyst, residential security, IHS Markit, said in the study. “As the market continues its rapid ascension, partnering with video doorbell providers could prove lucrative for home alarm manufacturers and service providers.”

In the NPD study, networked video cameras led as the most commonly found product in smart homes. Nearly one-third of smart homes owned a networked video camera, and demand for multipacks of IP cameras grew 129 percent in dollar sales for the year.

“Network cameras have long been considered the entry point into the smart home, but growing demand for items sold in sets shows that the market is maturing,” Ben Arnold, executive director, industry analyst for The NPD Group, said in a prepared statement. “We fully expect the next two years will see a broadening appeal of smart-home devices and estimate that the category will nearly double in that time.”

Voice command is also becoming more commonplace in smart homes, with nearly half of these homes using voice commands in some manner, and one-quarter using them to control a home-automation device, with Siri being the most commonly used digital assistant, according to NPD.

John Buffone, executive director, industry analyst, NPD Connected Intelligence, said one in five Amazon Echo owners use the device to control another device in their home.

Topic:
by: Paul Ragusa - Wednesday, February 8, 2017

Allied Universal, a national facility services company and security force with more than 150,000 employees, has acquired the security services portion of Yale Enforcement Services, Inc., a Belleville, Ill.-based company that offers a full range of solutions, including uniformed security professionals, mobile patrol, physical security and life safety. Terms of the deal were not disclosed.

“What we really liked about Yale is that they do very strong business in the healthcare vertical, and that business is spread throughout multiple regions,” Allied Universal CEO Steve Jones told Security Systems News. “And we feel we have a variety of really good service offerings to offer in that vertical.”

Yale was also looking to provide ancillary services such as electronic security systems and security technology, an area “that we are highly committed to, so we feel those customers will fit very nicely into our organization,” said Jones. “Also, our service offerings that we have will not only enhance the relationship but also be something that the customers are excited about and embrace.”

Yale Enforcement's 1,800-plus employees serve a range of vertical markets including healthcare, manufacturing, industrial, warehouse/distribution, commercial real estate and retail throughout the Central, Midwestern and Southern states.

"Allied Universal sets the industry standard for professionalism and we know our security services clients will be well taken care of," Barbara Yale, president and CEO, Yale Enforcement said in a prepared statement.

On the acquisition front, the company “will continue to be inquisitive in 2017,” said Jones. “We plan on making at least one but hopefully two, sizable acquisitions in the security systems space by the end of the year as well.”

With the mega-merger in August between Allied Barton and Universal Services of America, 2016 was a very busy and successful year for the combined companies.

“We are now fully integrated, so we are completely rebranded and integrated,” said Jones. “We achieved the goal of doing that is six months and also made three other acquisitions and got some good mid-single digit organic growth, so we are pretty excited about all of that. In 2017, we project that we will end the year in 2017 somewhere between $5.2 - $5.3 billion in revenues and that is without any additional acquisitions.”

Allied Universal also announced a partnership with the Clery Center, a national, non-profit training and policy organization dedicated to creating safer campus communities, to develop video-based training tools for line campus public safety personnel. The roll-call training program for campus public safety and security professionals is scheduled to be released during National Campus Safety Awareness Month in September.

As a leading security services provider to the Higher Education sector, Allied Universal services nearly 200 colleges and universities at over 500 campus locations nationwide.

by: Paul Ragusa - Wednesday, February 1, 2017

LOUISVILLE, Colo.—Biometrics are coming of age, and 2017 has the potential to be a big year for the continued adoption of biometric technologies, according to Acuity Market Intelligence, which released its "Ten Top Trends for Biometrics and Digital Identity" for 2017 this week.

"Biometrics and digital identity are often perceived as threats to privacy and security," Maxine Most, Principal of Acuity Market intelligence said in the announcement.. "However, taken together these technologies have the potential to enhance privacy, increase personal data control, and shift power relative to the monetization of consumer data."

No. 2 on the top ten list is iris biometrics, which will have a "breakout year as smartphone availability drives consumer acceptance up and price points down,” according to Acuity.

This is not surprising. During Security Systems News’ Battle of the Biometrics session at last year's TechSec Solutions conference, our panel of expert judges chose iris technology as the top pick over other biometrics, including fingerprint and facial. This year at TechSec, which is Feb. 27-28 in Delray Beach, Fla., the reigning champion from last year's session, Blaine Frederick, VP of product management for Eyelock, returns to continue the conversation with Jeff Kohler, product line and business development director for Princeton Identity, as they look at how lower price points are increasing demand and opening up new applications across many different verticals.

Another interesting finding, and one that does not surprise us here at SSN—the creator of the Cloud+ conference—is the rise of cloud-based biometrics.

According to Most, “2017 will be a tipping point as cloud-based biometrics, secure mobile credentials, and fintech innovation coalesce into consumer-centric solutions offering previously unobtainable levels of accessibility, security, and individual control over PII (Personally Identifiable Information)."

The following is Acuity's ten top trends for biometrics and digital identity:

1. Behavioral biometrics on smartphones, and the associated privacy issues and PII concerns, become mainstream.

2. Iris biometrics "breakout" as smartphone availability drives consumer acceptance up and price points down.

3. Security impact and liability implications of PII via IoT (Internet of Things) begins to influence Enterprise Executives.

4. Cloud biometrics are recognized as critical Infrastructure for global digital payments and commerce platforms.

5. Links between digital identity, smartphones, and mobile and stationary smart devices begin to be monetized.

6. New monetization models for digital identity emerge, shifting power from commercial enterprises to consumers.

7. Secure mobile smartphone credentials drive infrastructure development with migration from tests and pilots to deployments.

8. Many fintech innovators are swallowed by BFSIs thwarting their impact on industry transformation.

9. A handful of fintech standouts, committed to disruption, emerge as potential threats to the status quo.

10. Biometrics and digital identity begin to be understood as forces for social justice, equity, privacy, and accessibility.

Topic:

Pages