Subscribe to

Blogs

SIA’s new conference AcceleRISE, inspiring the next generation security professional

 - 
Tuesday, February 12, 2019

The countdown to SIA’s new conference acceleRISE has begun with plans for security leaders to share ideas and inspire tomorrow’s up and coming young security professionals via coaching, business skill development and networking. This event is to take place August 14-16 at the Radisson Blu in downtown, Minneapolis.

Having never been to Minnesota and being the extreme foodie that I am, I did a little research and discovered a meat-centric American grill that I would totally check out — Butcher & The Boar. Glancing at their menu, offerings include:

      • Delectables to share: artisan cheeses, red wine jelly, house-made crackers and breads.
      • Tantalizing main meals: Wagyu ribeye, Filet Mignon, coffee-brined duck breast and smoked salmon salad.
      • Mind-boggling desserts: sweet potato cream brulee with orange coriander, dark chocolate ganache baked tart accented with mascarpone … the list goes on and on. I mean, you’ve got to stay properly nourished to soak up all the knowledge of this event’s keynotes, panel sessions, team-building    exercises, peer networking and workshops!

“Finding and keeping qualified talent is the number one issue facing SIA members and the industry,” CEO of SIA, Don Erickson, said in a press release. “AcceleRISE will provide young security professionals with a compelling learning experience, ignite new thinking, strengthen leadership skills, sharpen business acumen and ultimately propel attendees forward as stronger contributors to their employers’ success.”

With topics such as introducing the security industry ecosystem, project and time management, inspiring yourself to innovate and more, attendees will walk away with:

       • Insight into leadership, business and soft skills development;
       • Understanding of emerging security trends and principles of critical thinking; and
       • Insight from accomplished security professionals, offering real-life examples of security-related career paths.

“Today’s young professionals bring a unique perspective to the workplace,” Erickson told SSN. “They are creative and critical thinkers who will become stronger contributors to engineering, sales, marketing, customer service and project management teams by having access to the compelling experience offered through AcceleRISE. Designed by young professionals with input from managers, this event will complement the quality educating and training offered by employers today.”

Security Systems News is honored to be a participant in this event to continue to engage with the young security professionals of tomorrow.
 

New tech holds the key to stopping cybercrime, study finds

 - 
Tuesday, February 12, 2019

You don’t have to look too hard to find a sobering example of cybercrime, as it's as pervasive as ever these days, even on the national level with recent reports that cyber criminals have access to critical infrastructure such as our national power grids and gas lines. The good news, though, is technology may be our best weapon against these invisible criminals.

In fact, the use of big data and blockchain technologies are key to fighting cybercrime, according to a new study from Frost & Sullivan that looks at how effective machine learning is in aiding early detection of cyber anomalies, and how good blockchain is at creating a trustworthy network between endpoints.

Frost and Sullivan noted that the rise of the Internet of Things has opened up numerous points of vulnerabilities, compelling cybersecurity companies, especially startups, to develop innovative solutions to protect enterprises from emerging threats. As cybercrime becomes more sophisticated and even a method of warfare, the research firm found, technologies such as machine learning, big data, and blockchain will become prominent.

"Deploying Big Data solutions is essential for companies to expand the scope of cybersecurity solutions beyond detection and mitigation of threats,” Hiten Shah, research analyst, TechVision, said in the announcement of the findings. "This technology can proactively predict breaches before they happen, as well as uncover patterns from past incidents to support policy decisions."

The study, Envisioning the Next-Generation Cybersecurity Practices, presents an overview of cybersecurity in enterprises and analyzes the drivers and challenges to the adoption of best practices in cybersecurity. It also covers the technologies impacting the future of cybersecurity and the main purchase factors.

"Startups need to make their products integrable with existing products and solutions as well as bundle their solutions with market-leading solutions from well-established companies," noted Shah. "Such collaborations will lead to mergers and acquisitions, ultimately enabling companies to provide more advanced solutions."

Technologies that are likely to find the most application opportunities include:

•    Big Data: It enables automated risk management and predictive analytics. Its  adoption will be mostly driven by the need to identify usage and behavioral patterns to help security operations spot anomalies.
•    Machine Learning: It allows security teams to prioritize corrective actions and automate real-time analysis of multiple variables. Using the vast pools of data collected by companies, machine-learning algorithms can zero in on the root cause of the attack and fix detected anomalies in the network.
•    Blockchain: The data stored on blockchain cannot be manipulated or erased by design. The tractability of activities performed on blockchain is integral to establishing a trustworthy network between endpoints. Furthermore, the decentralized nature of blockchain greatly increases the cost of breaching blockchain-based networks, which discourages hackers.

Envisioning the Next-Generation Cybersecurity Practices is part of Frost & Sullivan’s global Information & Communication Growth Partnership Service program.

Industry awards given at ESA Leadership Summit

 - 
Tuesday, February 5, 2019

Two major security industry accolades—the Sara E. Jackson Memorial award and the Morris F. Weinstock Person of the Year award—were given out at the Electronic Security Association’s Leadership Summit, Jan. 28-31, in Austin, Texas.

ESA President Chris Mosley presented Don Childers of Security Central with the Sara E. Jackson Memorial Award during the first Main Stage session at Leadership Summit. Childers gave a heartfelt speech thanking the many people he has worked with during his years in the industry. Click here to see the video of the presentation. This award is sponsored by Resideo.

Mosley also presented Angela White, immediate past president of ESA, with the 2019 Morris F. Weinstock Person of the Year Award. White thanked the people who nominated her and the past recipients of the award, as well as everyone who she has worked with along the way to give her this opportunity. Click here to see the video of the award presentation. This award is sponsored by Interlogix.

Each year, executives from the electronic security and life safety industry gather for the ESA Leadership Summit network with each other, learn keys to success from other industries, and develop their leadership skillset.

Jillian Bateman, ESA chief development officer, told Security Systems News, “We try to be a very, very efficient leadership event—one that is strategic about the interactions we foster.”
 
In addition to interactive sessions that delved into key industry topics and issues of the day, the summit also featured the ESA’s Rising Leaders Forum and an online networking portal to help facilitate beneficial meetings, which was fully launched for the first time this year.

“It’s able to help pair folks on interests,” Bateman said. “Whether an attendee wants to meet with another attendee on, maybe, some issues that they're having with technicians that they can brainstorm and talk through, or, if they want to meet a vendor on a new product that they have, they can do that as well.”

Green strobe light acts as a beacon of safety and security

 - 
Tuesday, February 5, 2019

Being a part of the security industry day in and day out affords me some very unique conversations and learning opportunities about security projects. Take the city of Detroit, their Project Green Light and Guardian Alarm, as an example. 

For those of you who may not know or need a refresher, Project Green Light started in 2016 when the Detroit Police Department (DPD) partnered with eight gas stations installed with real-time cameras, connected directly to police headquarters. This was the beginning of a different type of partnership, one that would take the city, businesses and community on an unprecedented security journey. 

“Project Green Light is a really unique project; it is a very progressive approach to video verification of real time emergency events,” Jason Tague, director of business development, explained. “The way it operates, when a 911 call is received from a Project Green Light location the Detroit Police Department has the opportunity to verify emergency action in real time, and once verified, they are able to direct the nearest police officer or first responder to that location because of video verification.” 

Businesses invest in systems under the agreement that DPD will have access to video cameras to help better protect them, just in case. Businesses are literally “marked” as Project Green Light participants. 

“There’s a select signage package that DPD has trademarked – a logo, along with the name – and program participants have requirements to post a certain amount of signage on their place of business,” Tague said. “Also, there is a green strobe light outside of each business – a ‘beacon’ if you will – that flashes. This creates awareness in communities that it is a place that’s connected … a place that’s safe.” 

The vendor approval process is rigorous, as DPD is very selective about the vendors they partner with, putting great emphasis on standards, policies and procedures in terms of what is expected of and from a vendor. Tague believes Guardian was chosen based on their 85-year tenure in the security industry, being a well-known brand in Michigan, having a broad, established customer base and offering a full-service solution. Perhaps this is why Guardian was chosen for the community’s beloved Don Bosco Hall, a private, non-profit agency that provides services to enhance quality of life for the community’s youth and their families. 

“We were honored to be chosen to work with the community center [Don Bosco Hall],” said Tague, “because it was a complex environment and we had to be very mindful of the environment during installation.” 

During the installation, things didn’t stop moving at the hall. Children were changing activity/classrooms, even when cable was being pulled in an antiquated building. 

“It’s [pulling cable] is a very daunting task,” Tague said, “but we navigated that gauntlet quite well and were very mindful of the environment. The children took interest in what we were doing, so it was a little bit of an educational process along the way.” 

Ultimately, Tague said that it’s nice to know the playground and the outer corridor where the children go out to play offers a sense of security beyond the actual walls of the building itself. 

One of the questions I enjoy asking security professionals is “what else would you like my readers to know?” about any topic of discussion. In this case, Tague concluded with a solid piece of advice that I feel all security integrators should take to heart: keep it simple. 

“We make it easy for Project Green Light participants. Our team has been really great at explaining and helping people understand the process step-by-step, so there are no surprises and everything goes according to plan … everything.” 

So, how do you and your team keep things simple for your customers? Excited for your replies!

New privacy initiative, headed by ADT, to establish home security standards, best practices

 - 
Tuesday, January 29, 2019

Yesterday in the United States, Data Privacy Day 2019 was celebrated. On social media, tweets flew by offering tips on how to protect data against hackers. Security professionals and enthusiasts on LinkedIn discussed the topic at hand while top privacy leaders, such as the National Cyber Security Alliance Executive Director, Kelvin Coleman; Eva Velasquez, president and CEO, Identity Theft Resource Center; and CEO Larry Magid of Connect Safely, among others, convened in San Francisco for an afternoon of focused discussion about opportunities and challenges for data security moving forward. 

Yes, yesterday was quite the day for data security. However, we must recognize that securing data is a 24/7, 365 day a week operation. Google “data security breach” and incident after incident will pop up … for me, it was about 117 million in .75 seconds. Recently, Ring was outed by major news outlets for Ukraine engineers and executives at Ring having “highly privileged access” to live customer camera feeds — both doorbell cameras and in-home cameras — around the world, while a NEST camera was hijacked with a voice warning a California family that three missiles from North Korea were headed to the U.S., which, of course, was not true, but I can imagine sent the family into sheer panic. 

With breaches such as these, among the millions of other data breaches and exposed records in the United States alone, ADT in partnership with SIA, The Monitoring Association, Electronic Security Association, the Internet Society’s Online Trust Alliance and TrustArc are creating a new consumer privacy initiative.

“Alongside industry organizations and partners, we will be outlining privacy and ethics priorities for the industry, creating an external and internal advisory board, and updating our promise to customers: ‘At ADT we are dedicated to your safety, and helping take care of what you value and cherish most in your life: your loved ones, your property and your privacy,” ADT’s CEO, Jim DeVries, said in an internal company memo that went out to all 19,000 ADT employees and to SSN, exclusively. 

In the coming months, the initiative is focused on the following key objectives, the press release said. 

  • Adopting a set of industry-wide best practices that are customer-centric and drive transparency. 
  • Working with dealers, partners and other industry organizations on enhanced privacy and ethical standards for our industry. 
  • Programs focused on privacy, ethics and transparency. 

ADT is also soliciting participation from other organizations who are interested in helping to drive the objectives. 

So, how do you think this initiative will help with data security? 

Let’s discuss!

 

SIA takes lead on data privacy

 - 
Tuesday, January 29, 2019

On Data Privacy Day yesterday, the Security Industry Association (SIA) shared details on how it is helping member companies and the industry at large understand and manage the critical issue of protecting consumer data. Through the efforts of the SIA Data Privacy Advisory Board, the association has produced a number of essential resources for this critical issue.

SIA has taken a leading position on privacy issues for many years, having released its original Privacy Framework in 2010, and has become even more active recently, starting with the 2017 creation of the SIA Data Privacy Advisory Board. SIA is also working with companies such as ADT to bring greater awareness of the importance of data privacy.

Recently, SIA has also:
     • Published white papers on “Data Privacy and Security Trends for 2018” and “Big Data and Privacy for Physical Security”
     • Presented a webinar on “Privacy 101: The Importance of Protecting Customer Data”
     • Produced fact sheets, a list of references and videos on the European Union’s General Data Protection Regulation (GDPR)
     • Submitted comments to the National Institute of Standards and Technology on its Privacy Framework proposal
     • Organized a panel discussion on data privacy for an integrators’ conference

In addition, SIA is conducting a survey of its members to gauge industry opinions about data privacy and to identify future SIA activities and programs.

With the GDPR now in effect, California having passed the Consumer Privacy Act, and many members of Congress and state lawmakers considering data privacy legislation, SIA CEO Don Erickson said that the association is stressing to its members that they should get ahead of potential regulations rather than wait and react to them.

“It is vital that members of the security industry ensure that their business practices—as well as their products and services—are designed in a way that protects data and consumer privacy,” Erickson said. “One of SIA’s top priorities is helping the industry to understand that this is not just a matter of regulatory compliance, but also one of customer service and, even, business development. We are committed to providing resources and guidance that will enable them to view data privacy challenges not as a crisis but, rather, an opportunity.”

Top 6 reasons you should NOT miss TechSec 2019

 - 
Wednesday, January 23, 2019

The end of early bird registration for TechSec Solutions 2019 is quickly approaching; this means only a few short days until the special rate to attend, network and learn will be increasing. Don’t let the dates sneak up. Register and mark your calendars now for February 25-26.

This year’s theme –“Securing a Connected World” – explores exciting new technologies currently being used in real-life situations to enhance security and safety, and how security professionals can leverage these same technologies to achieve their security goals. And, if sunny Florida in February in a beautiful hotel right across from the beach (yes, walking distance!) isn’t enough of an enticement, here are the top six reasons to attend:

  1. Learn about new, currently deployed technologies and gain ideas for future projects.
  2. Visit the exhibit hall – a dedicated space to see and interact with the latest technology and company representatives from the event’s sponsors. 
  3. Attend the Mega Panel - learn from leading industry professionals from top security associations and organizations as they give their perspective and vision for the future of security.
  4. Participate in the dynamic educational program and earn credit from: ALOA – Education credits (AEU); ASIS – Continuing professional education credits (CEP); and NICET – Continuing professional development points (CPD).
  5. Network - a small, relaxed setting offers uninterrupted time for attendees to meet, greet and have conversations with speakers, manufacturers and distributors, and other security professionals to further their learning and knowledge base.
  6. Eat, drink and be merry – delicious meals are provided along with refreshments during breaks from sessions, and make a splash at the poolside reception!

Plan on networking, learning and having some fun “like a boss” at TechSec 2019!

 

What are you most looking forward to at TechSec this year?

The role of voice increasing, study finds

 - 
Wednesday, January 23, 2019

The role of voice within security is certainly growing, especially on the residential side of the equation, but as a recent study finds, consumers are embracing the power of the voice to control their phones, cars, homes and even security systems.

In fact, standalone voice assistants—or smart speakers—are one of the fastest-adopted technologies in U.S. history and have a 98 percent satisfaction rate among U.S. consumers, according to a new research report from Accenture based on a global survey of 22,500 consumers across 21 countries. Half of online consumers globally now use digital voice assistants, with emerging markets leading the way in adoption, the research firm found.
 
“Adoption and satisfaction with smart speaker technology is booming,” Robin Murdoch, co-author of the report and managing director of Accenture’s global Software and Platforms industry practice, said. “Convenience and accessible price points are helping drive increased use but maintaining this loyalty will require companies to stay relevant with consumer needs while creating and constantly renewing trust.”
 
The report, “Reshape to Relevance,” notes that smart speakers are disrupting the consumer technology and service ecosystems. Accenture found that 93 percent of consumers globally expect their home device purchases, such as smart TVs or computers, to be based on ease of integration with their standalone smart speaker.
 
The relevance of smart speakers is reflected in consumers’ expectations to use these devices for more-advanced tasks beyond routine activities like voice calling, playing music or eBooks, and accessing news, Accenture note. “They see value in voice assistants managing home security (61 percent of respondents), providing connected home automation (59 percent), paying bills and providing payment alerts (55 percent)—even making restaurant reservations (53 percent) and providing access to virtual medical advice (52 percent).
 
“However, trust is a potential impediment to greater adoption of smart speakers, with 41 percent of consumers citing privacy concerns and 40 percent citing security concerns with the technology. Forty-six percent of consumers believe they don’t have control of their data with voice assistants and 58 percent are more likely to re-evaluate their trust in this service by continually checking how their information is being used.”
 
Greg Roberts, another co-author of the report and managing director of Accenture’s North America High Tech industry practice, said, “Consumers expect their smart speakers to handle complex workloads and integrate with other products. Brands that offer advanced artificial intelligence capabilities will be well positioned for success. But to attract more customers, they will have to be transparent in how they store, use and share data. Establishing an agreed trust standard with consumers is essential.”

Accenture Research conducted an online survey of 22,500 consumers in 21 countries: Australia, Brazil, Canada, China, France, Germany, India, the Netherlands, Italy, Japan, Mexico, Poland, Portugal, Singapore, South Africa, Spain, Sweden, Switzerland, the United Arab Emirates, the United Kingdom and the United States. The sample in each country was representative of the online population. Ages of respondents ranged from 14 to over 55. The survey and related data modeling quantify consumer perceptions of digital devices, content and services, purchasing patterns, preference and trust in service providers, and the future of their connected lifestyles. The online surveys were conducted between October and November 2018.
 
 

Another step toward safer schools

 - 
Wednesday, January 16, 2019

Creating safer schools is a major dilemma facing our nation today, but thankfully it is one that some of the best minds are coming together to solve. The Partner Alliance for Safer Schools (PASS) has taken a major step by creating safety and security guidelines and standards of practice that all schools can turn to and follow, guidelines and standards that come from lessons learned from past tragedies and ones that were averted, and from experiences and expertise from leaders in security and education, and from parents and students.

The fourth edition of its Safety and Security Guidelines for K-12 Schools provides school administrators, school boards and public safety and security professionals with guidelines for implementing a layered and tiered approach to securing and enhancing the safety of school environments.

Guy Grace Jr., PASS chairman and director of security and emergency planning for Littleton Public Schools, is leading this effort. The Security Industry Association (SIA) named Grace as the 2018 recipient of the SIA Insightful Practitioner Award, an honor recognizing excellence in promoting the implementation of innovative security solutions.

Grace began providing district services to LPS in 1990 and was soon promoted to patrolman, then lead officer and security facilitator before assuming his current role. He has created and assisted with developing many security-related projects, protocols and practices used today in school safety for both LPS and other school districts.

“The safety and security challenges schools face today are more multifaceted and complex than ever before, and protecting students and staff requires a comprehensive approach to these challenges,” Grace said in the announcement of the new PASS standards. “We are proud to build on the PASS guidelines, which present the most comprehensive information available on best practices for securing school facilities, an essential component supporting all-hazards approaches to school safety.”

The fourth edition of the guidelines is completely revised under a simplified structure and greatly expanded to now cover best practices on a district-wide level that relate to safety and security and additional areas such as school transportation, cybersecurity and network infrastructure, architectural features and emergency communications.

The PASS Guidelines identify and classify best practices for securing K-12 facilities in response to urgent needs for information identified by the education community. The guidelines aim to answer two key questions – “What should we do?” and “How do we prioritize?” – and include:

•    Specific actions that can effectively raise the baseline of security;
•    Vetted security practices specific to K-12 environments;
•    Objective, reliable information on available safety and security technology;
•    Assessment of current security measures against nationwide best practices;
•    Multiple options for addressing security needs identified; and
•    How to distinguish needed and effective solutions from sales pitches on unnecessary products.

The guidelines describe approaches within five physical layers for school facilities: district-wide, the property perimeter, the parking lot perimeter, the building perimeter and the classroom/interior perimeter. Within each layer, the resource outlines key safety and security components, such as policies and procedures, people (roles and training), architectural components, communication, access control, video surveillance and detection and alarms.

“We believe this approach provides a simplified way for administrators to effectively evaluate their security infrastructure, prioritize investment and maximize security in ways that are consistent with longstanding security practices and ensure a baseline of facility security measures appropriate for school facilities,” Mark Williams, PASS vice chairman, said in the press release.

Established in 2014, PASS brings together expertise from the education community, law enforcement and the security industry to develop and support a coordinated approach that can assist school administrators in making effective use of proven security practices specific to K-12 environments, including elementary, middle and high schools.

The latest guidelines are available at no cost on the PASS website, and PASS encourages education professionals, public safety personnel and security solutions providers to take advantage of these free resources.
 

Top 3 areas shutdown is hitting security the hardest

 - 
Wednesday, January 16, 2019

Day number 26 … it’s the longest shutdown in U.S. history, and with approximately 800,000 federal employees out of work or working without pay, and three or more hours of wait time to clear security in some of America’s busiest airports—Atlanta, Houston, Miami and Washington—security-related vulnerabilities linger. Just by saying the U.S. is “shutdown” seems to give hackers, terrorists, criminals and such the impression that the whole country is weak and now is the time to strike.

Here’s some specific areas the shutdown is hitting security the hardest, and please clcik here to comment on the topic in our News Poll:

Government payment portals and remote access services: Sites such as NASA, the U.S. Department of Justice and the Court of Appeals, among others, are insecure or inaccessible, due to more than 80 expired TLS certificates used on .gov domains. What’s more, only 1 in 20 HTTPS servers implement the security feature that prevents visitors from making unencrypted HTTP connections to a server.
As more security certificates expire during the shutdown and with furloughed IT employees not renewing them, opportunities for a security hack increase.

Click the following links to see examples of expired .gov certificates as of January 16, 2019:
https://ows2.usdoj.gov/
https://rockettest.nasa.gov/

National cybersecurity: It seems “everyone” is furloughed…approximately half of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the employees who protect critical infrastructure, such as banking, water, energy and nuclear; 85 percent of the National Institute of Standards and Technology (NIST) employees and other IT professionals knowledgeable about the latest cyberattacks and how to deal with them most appropriately, according to CNBC.

Security operations, software patching and penetration testing are among the activities not getting done for government sites including but not limited to:
•    Departments of State;
•    Homeland Security;
•    Agriculture, Commerce and Housing and Urban Development;
•    Environmental Protection Agency;
•    Internal Revenue Service (IRS);
•    National Institute of Standards and Technology; and
•    National Park Service.

Weakened airport security: Not only is wait time increasing for passengers to get through security, but personal safety is quickly becoming an issue. On January 2, 2019, a Delta passenger successfully deceived TSA, sneaking a gun past agents and onto a flight headed to Tokyo from Atlanta Hartsfield-Jackson International Airport.

According to USA Today, TSA said they would “hold those responsible appropriately accountable,” as they rejected the assumption that low staffing was to blame. Either way, carelessness or low staffing, security was breached and could have led to dire consequences.

As we see the deterioration of security right before our eyes, what are you most concerned about when it comes to the partial government shutdown and security?

Let’s discuss! Looking forward to your responses.

Pages