Subscribe to RSS - Security Industry Association

Security Industry Association

Security industry goes virtual during crisis

 - 
03/25/2020

YARMOUTH, Maine—As more and more city-based governments across the U.S. order residents to “shelter in place” and “non-essential” businesses to close, it is refreshing to see security considered an “essential” business, and to see how the industry has transitioned, almost seamlessly, to the virtual world.

Leading security associations join forces

Teaming up helps deliver increased services to global security leaders
 - 
03/23/2020

ALEXANDRIA, Va. and SILVER SPRING, Md.—ASIS International and the Security Industry Association (SIA) have entered into a partnership to best aid in the COVID-19 recovery and rebuilding efforts of their diverse group of 34,000 member professionals and over 1,000 member companies.

Business continuity, cybersecurity tips and valuable resources

 - 
Wednesday, March 18, 2020

I refuse to give the coronavirus power by using it as click bait in my blog title; however, staying true to my blog, “Monitoring Matters,” I do see that education is necessary during this time of our lives. I feel that the more people understand and know what to do, the better we are prepared to handle any situation, whether that be a pandemic of any kind, a major cyberattack, etc. So, before we get started, I want to first sincerely thank you for reading my blog and I hope that you not only enjoy the content but find it helpful and useful. 

In my opinion, all the security industry associations are doing a great job at keeping their members as well as the security-related press well informed about the state of our industry at this time; offering up-to-date information about business continuity; etc. 

There’s also a whole other aspect to contend with when it comes to this time of social distancing, quarantining and working from home: cybercriminals! In my lifetime, this is the first time for such an influx of people working digitally; I can picture it now … cybercriminals rubbing their greedy little hands together, excited to attack digitally! Think about it … if you were a cybercriminal, wouldn’t you find it the best time to strike with some businesses and their employees struggling to keep “business as usual,” some even digitally working for the very first time? 

Additionally is the influx of scams already taking place, from people physically knocking on doors of seniors’ residents pretending to be Red Cross representatives offering coronavirus testing for money and/or robbing the individual(s) to unscrupulous online offerings for products to treat or cure COVID-19 (which do not exist at this time) to phishing scams via phone, text and email. 

Here are some quick “to-dos” to immediately enhance your, your business and your loved ones’ security: 

  1. Do not post pictures of the inside of your home on social media. Working from home can feel isolating and while it seems fun and entertaining to post pics of yourself working from home, things that show up in the background of pictures gives a preview of all the valuables you own to possible robbers. 
  2. Change all passwords into passphrases using a series of numbers, letters and symbols. Use a password manager or write the new passphrases onto a piece of paper and keep in a secure place, such as a locked desk drawer, file cabinet or fire-proof lockbox. 
  3. Don’t leave any accounts “open.” When you’re finished with a program or website that requires a login, be sure to physically take your mouse and click to logout. 
  4. If you receive an email, work or personal, from someone you don’t know or recognize, do not open it. Instead, send a group email or use your company’s recommended communication tool, such as Slack, to ask if anyone sent out an email regarding keywords used in the subject line of the questionable email. 
  5. Do not open your door to strangers or people you do not know, and remind senior relatives and friends to do the same. 

 

**Here are some FREE, reliable, valuable resources to have at your fingertips, specific to COVID-19, business continuity, scams, best practices, etc

Janet Fenner recipient of SIA award

 - 
02/07/2020

SILVER SPRING, Md.—The Security Industry Association (SIA) has selected Janet Fenner as the 2020 recipient of the Sandy Jones Volunteer of the Year Award, which recognizes SIA volunteers who have made tireless efforts to expand SIA’s programs and services.

SIA applauds NIST’s facial recognition performance report

Steady improvements documented to ensure public’s trust
 - 
12/23/2019

SILVER SPRING, Md.—The Security Industry Association (SIA) offered sincere gratitude to the National Institute of Standards and Technology (NIST) for its thoughtful and diligent work in producing a report evaluating the performance of current facial recognition technology

How companies can fight against cyber threats

Cyber experts identify top cyber threats for 2020 and offer strategies of defense
 - 
12/16/2019

YARMOUTH, Maine—As 2019 closes, 2020 is full of new possibilities and opportunities. While it’s a time for growth, change and newness, cyber criminals are lurking in the background ready to strike.

ISC East resurgence continues

 - 
Wednesday, December 4, 2019

ISC East 2019, held at the Jacob Javits Center in New York City Nov. 20-21, continued to build on the positive momentum and growth it has experienced over the past few years, bringing more than 7,600 security and public safety professionals — up 6 percent from 2018 — together to discuss new trends and solutions, to celebrate industry successes and leaders and better define the roadmap for security moving forward.

The 2019 event welcomed 350 leading security brands, including more than 100 new companies and brands, covering 130 security product categories. Activity on the show floor was brisk with good traffic and networking going on throughout both days and many exhibitors commenting that they were pleased with the quantity — and quality — of security professionals in attendance.

Will Wise, group vice president, Reed Exhibitions, told SSN before and during the conference that he is excited to see all of ISC and SIA’s hard work translate into continued growth of the show.
  
“We have been working hard the last 4-5 years to really infuse more innovation and continue to drive growth and momentum into ISC East,” Wise told SSN. “ISC East has been on a nice growth trajectory, especially the last few years, even making the Trade Show Executives Fastest 50 Growing Events list the last couple of years.”

He continued, “There has been a lot of good work in regard to better content, growing the exhibitor list, which this year was at approximately 350 exhibitors (up from about 280 in 2018) — a huge uptick versus 3-4 years ago. When you have better content, more exhibitors with an even more diverse number of solutions, those are all add up to a great recipe for success.”

Mary Beth Shaughnessy, event director for ISC Security Events, also noted that ISC East has been on the upswing for the past few years and continues to grow. "This year kicked into a new level of success, with expanded product offerings and content, we’ve secured the spot as the largest Northeast converged security Show. Education tracks were created to provide attendees with greater opportunity to connect and learn with their cross-functional security & public safety industry peers both on the IT and Physical security side of their organization. Attendees left the Show with the insights and knowledge needed to defend and protect against new and emerging threats.”

Wise pointed out that the show also benefitted from co-locating for the second year with Infosecurity ISACA North America, and from the increased relationship with ASIS NYC Chapter, which officially supported ISC East this year and will continue to expand the partnership next year, he said.

ISC East, in collaboration with Premier Sponsor the Security Industry Association (SIA), also featured a SIA [email protected] East program with more than 20 complimentary sessions with practical and in-depth content on converged security, cybersecurity, computer vision & AI, physical security and more.

Wise shared with SSN the Top 5 ISC East Breakout Sessions:
•    We Sneak Into High Security Buildings and Get Paid For it;
•    AI for Video Surveillance: Technology Overview and Future Directions;
•    Video Analytics: The Next Advance in Secure Access Control;
•    Implementing Converged Security, a Process - Bringing it All Together; and
•    Achieving Comprehensive Facility Security

Additionally, the SIA [email protected] East program offered two prominent female Keynote Speakers for the first time at ISC East — Deanne Criswell, commissioner of the New York City Emergency Management Department, and Angela Stubblefield, chief of staff at the Federal Aviation Administration (FAA).

“The 2019 SIA [email protected] East program was a great success, with enthusiastic attendees taking part in our education sessions, engaging keynotes and hands-on workshops covering cutting-edge topics like the drone security policy landscape, technologies driving smart cities and IoT security at the edge," said SIA CEO Don Erickson. “Additionally, industry leaders gathered at SIA’s Return on Security breakfast to learn how solutions providers find business benefits beyond security, and the SIA Women in Security Forum hosted a dynamic breakfast and discussion on achieving true diversity and inclusiveness in the security workforce.”

In addition to the busy expo floor, engaging sessions and keynotes and special events, one of the highlights for ISC East, as it is each year, is SIA Honors Night, where the who’s who of the industry gathered to celebrate SIA’s 50th anniversary and honor some of the movers and shakers in the industry.

SSN was honored to be in attendance and extends our congratulations to Honors Night award recipients:
•    George R. Lippert Memorial Award: Steve Van Till, co-founder, president and CEO, Brivo;
•    Jay Hauhn Excellence in Partnerships Award: Andrew Lanning, co-founder, Integrated Security Technologies;
•    Insightful Practitioner Award: George Anderson, director of World Trade Center security for the Port Authority of New York and New Jersey;
•    SIA Progress Award: Maureen Carlo, director of strategic alliances, North America, BCDVideo; and
•    Mission 500 Partner Innovation Award: Jeff Gardner, president and CEO, Brinks Home.

SIA also honored Sandra Jones, founder of Sandra Jones and Co. (SJ&Co), who announced her retirement after 45 years in the security industry. Jones has been a pioneering spirit in the industry, serving as a mentor to many and giving back to the industry, most prominently helping lead the Security Industry Association for nearly 40 years.

Overall, ISC East continues its resurgence as the top security show in the Northeast, providing a unique experience that you can’t find at ISC West, for example.

“One of the ways that ISC East has been able to differentiate itself from ISC West is taking on characteristics and personality of the NYC-area and overall Northeast market for security and public safety, which as we know, is a massive market with urgencies for security and safety,” Wise said. “Our attendee data shows a less than 10 percent overlap of attendees with East versus West, which is really good, as we are providing a unique audience for exhibitors.”

ISC East 2020 will take place Nov. 18-19, 2020 at its continued home base, New York City’s Jacob K. Javits Center.

 

Formjacking, a newer way of stealing personal data online

 - 
Wednesday, October 16, 2019

Cyber Security Awareness Month is in full swing; social media is buzzing with extremely helpful content and resources, mostly of which is free to help businesses and individuals gain and stay in control of their digital worlds. As the saying goes, “you learn something new every day,” or you should. Through social media related to #NCSAM, #cybersecurityawarenessmonth and #BeCyberAware, I heard about a newer way hackers are stealing data – formjacking.

I knew the term “jacking” meant stealing, but combing it with the word “form,” it could mean a variety of things, so I reached out to my friends at the Security Industry Association (SIA) for some guidance. 

“Formjacking is the injection of malicious code into a seemingly trustworthy website form that relays a copy of the field inputs to an attacker,” Joe Gittens, director of standards, SIA, explained. “In these cases, the victim’s transaction with the trust source is not interrupted; however, information from the from, which could include sensitive data, is relayed to the attacker.” 

That literally gave me chills. I can’t speak for you, but I know I have filled out at least hundreds of forms in my digital life; reflecting back over my past 20 years, there’s no telling what data I’ve shared. And, with formjacking, here’s the kicker – there are no red flags for the average online user to look for. 

“Unlike with spoofing and phishing, there are very few tell-tale signs that a form has been compromised,” Min Kyriannis, head, technology business development, Jaros, Baum & Bolles and member of SIA’s Cybersecurity Advisory Board. In fact, the only way to detect formjacking is looking at the code, “and, unless you’re trained, it’s hard to detect,” Gittens said. 

It looks like the regular, every day Joe who is going online and filling out forms has absolutely no way of knowing his data could be at risk, although end users can self-sabotage through installing browser plug-ins, Gittens said. Therefore, it’s mainly up to the company behind the online form to ensure people and their data are protected. 

“Companies need to ensure that all software, plug-ins and any third-party applications or extensions have been vetted and check for vulnerabilities,” Kyriannis advised. “These need to be continuously checked, since software is constantly being updated.” 

It amazes me how smart cybercriminals/hackers truly are, and it’s important to never underestimate them. Think about it in these terms: once a threat is recognized and identified by the “good guys,” the “bad guys” have already moved on “looking for more covert ways to harvest data,” Gittens said, in a way that’s the “easiest to hide and what’s most lucrative” for them,” added Kyriannis.

Gittens identified partner trust as key and noted that formjacking can and has affected large and mom-and-pop institutions. “Just like with other attacks, understanding exactly what type of privileges a third-party service has on your website or your browser and only allowing the most trusted services into your ecosystem can help protect you and your business. Also, be careful about what types of information you are collecting in forms in case you are attacked. If you don’t have to collect sensitive data, don’t do it – contract a trusted third party to perform the transaction for you who has better security protocols in place and can provide you and your customers with assurances. The SIA Cybersecurity Advisory Board will soon look to provide guidance on how security stakeholders can foster more trust within the device and application ecosystem.”

Kyriannis concurs that trust is key, but “people with malicious intent will always find new ways to sneak under the radar. The industry must lead in bringing awareness to their clients, customers, etc., and self-awareness is critical – for end users, that means setting up security parameters for themselves,” such as tagging credit cards to constantly monitor charges. 

Formjacking Key Takeways

  1. Any and all information shared via an online form is at risk of being stolen. 
  2. The only way to detect formjacking is to look at the code. 
  3. Ensure software, plug-ins and any third-party applications or extensions have been vetted and regularly check for vulnerabilities.
  4. Understand the exact privileges a third-party service has on your website/browser. 
  5. If you don’t have to collect sensitive data, don’t. 
  6. Set up security parameters for yourself.

SIA announces Securing New Ground 2019 speakers

 - 
10/11/2019

SILVER SPRING, Md.—Top c-level executives and security directors will headline at Securing New Ground (SNG) 2019, October 29-30 in New York City at the Grand Hyatt New York in Manhattan, with topics ranging from the humanity of security to consumer trends to managing corp

Steve Van Till to receive SIA’s 2019 Lippert Award

 - 
10/08/2019

SILVER SPRING, Md.—The Security Industry Association (SIA) selected Steve Van Till, co-founder, president and CEO of Brivo, as the 2019 recipient of the George R. Lippert Memorial Award.

Pages