Cyber security

IT services provider - adesso has been admitted into the Crown Commercial Service (CCS) Cloud-14 framework, supporting the UK’s public sector in its journey toward secure, streamlined, and efficient digital transformation. The Cloud-14 framework facilitates access to IT services for government organisations, empowering them to innovate, strengthen data security, and scale services to meet public needs more effectively. Innovative solutions adesso delivers innovative solutions that enhance the digital capabilities of public sector organisations With this recognition, adesso is positioned to deliver innovative solutions that enhance the digital capabilities of public sector organisations, ensuring faster response times, improved service delivery, and robust infrastructure to benefit citizens nationwide. Achieving this milestone required six months of rigorous preparation and collaboration, with teams across adesso with focus a on compliance, transparency, and excellence. Secure digital transformation The process highlights the company’s ability to set new standards for fostering secure digital transformation, both locally and globally.  Libero Raspa, Managing Director of adesso UK, commented: “Securing a place on the CCS Cloud-14 framework marks a pivotal moment for adesso, reflecting the collective dedication, expertise, and passion of our team. It is a testament to our commitment to empowering the UK’s public sector with tailored, innovative solutions designed to address the evolving demands of digital transformation.” Cloud-14 framework Libero Raspa added: “This achievement also underscores the growing importance of collaboration and transparency in delivering impactful digital outcomes. As we move forward, we remain focused on providing solutions that not only meet immediate operational needs, but also lay a foundation for long-term resilience, adaptability, and sustainable progress.”  adesso’s inclusion in the Cloud-14 framework marks a significant step forward in its mission to partner with government organisations in shaping a digitally resilient future. The company is committed to delivering tailored IT solutions that address evolving public sector challenges, ensuring that technology serves as a force for the public good.

Ahead of the Black Hat MEA in Riyadh from 26-28 November 2024, Cisco, the worldwide pioneer in networking and security, released insights into key cybersecurity trends that emerged between July and September 2024. The findings are based on analysis from Cisco Talos, one of the most trusted threat intelligence research teams globally, highlighting a notable increase in identity-based and ransomware attacks.  Identity-based attacks Over the three-month period, there was a noticeable rise in identity-based attacks, particularly with a focus on stealing credentials, which accounted for 25% of incident response engagements. These types of attacks have become easier to execute, often using readily available tools. Ransomware incidents also remained a significant concern, making up nearly 40% of engagements. New ransomware variants, including RansomHub, RCRU64, and DragonForce, were observed this quarter, alongside familiar variants like BlackByte and Cerber. Innovations in cybersecurity Cisco is highlighting how it powers and protects the engine of the AI process – AI-ready data centres Organisations in the education, manufacturing, and financial services verticals were most affected this quarter, accounting for over 30% of compromises. This trend aligns with what was observed in previous quarters in 2024. Cisco is participating as a Strategic Sponsor at Black Hat MEA 2024 under the theme “Innovating a New Era of Security,” showcasing its latest innovations in cybersecurity. This year, Cisco is highlighting how it powers and protects the engine of the AI revolution – AI-ready data centres and clouds – to make every application and device secure no matter how they are distributed or connected. Advanced security solutions Salman Faqeeh, Managing Director, Cisco Saudi Arabia, commented: "The mounting trends in identity-based attacks and ransomware highlight the evolving nature of cyber threats. At Cisco, we are committed to supporting our customers in strengthening their digital resilience with advanced security solutions."  He adds, "Black Hat MEA continues to be a significant platform for us to share latest threat insights and showcase our innovations that prevent identity-based attacks; detect and stop breaches; and close the exploit gap."  Cisco's commitment Additionally, Splunk, a Cisco company, will showcase its innovations at the same booth, demonstrating solutions that support the future of Security Operations Centres (SOC), as well as specialised solutions for Operational Technology (OT) environments. As part of Cisco’s program of events at Black Hat MEA, Lothar Renner, Managing Director, Cisco Security, EMEA, will deliver a keynote address on “Redefining Security in the Age of AI,” emphasising Cisco's commitment to innovation and security in an increasingly complex threat environment. Cisco will be present at booth H1-T20 at the Riyadh Exhibition & Conference Centre in Malham from 26-28 November 2024.

Beyond Encryption, a pioneer in secure digital communications, has announced a powerful new technology partnership with Mimecast, a global heavyweight in cybersecurity. The technology partnership aims to transform how businesses manage security and compliance, combining Beyond Encryption’s cutting-edge expertise in authenticated outbound comms with Mimecast’s proven track record in human risk management and robust email services.  Data protection standards Businesses are now facing increasingly complex digital threats - which means that relying on one-size-fits-all solutions is no longer sufficient. Organisations that are governed by stringent data protection and compliance standards are actively searching for better ways to protect their business, safeguard their customers, and fulfil their regulatory obligations.  Bringing together technology from two best-in-class providers to educate and protect the financial market directly addresses these escalating challenges. Identity assurance and verification tools Mimecast’s advanced protection framework gives organisations access to an innovative toolkit Embedding Mailock, Beyond Encryption’s secure and authenticated communication solution, with Mimecast’s advanced protection framework gives organisations access to an innovative toolkit of identity assurance and verification tools. This critical layer of protection mitigates the risk of email-based threats, such as misdirected messages and data breaches. This collaboration also ensures that businesses - irrespective of their internal systems and back-office infrastructure - can benefit from enhanced interoperability and a truly integrated, secure communications solution.  This exemplifies the ‘better together’ philosophy, highlighting that developing an ecosystem of specialised solutions, which connect consumers and industries is more effective than a singular approach. Proactive measures in communications "We are thrilled to announce this technology partnership within Beyond Encryption to help organisations better protect their email and collaboration tools," said Jules Martin, VP of Technology Alliances at Mimecast.  Jules Martin adds, "As cyber threats become increasingly sophisticated, it is imperative for organisations to adopt proactive measures in securing sensitive communications. At Mimecast, we believe in the ‘power of together’, and are eager to partner with organisations that share this vision. Key technology partnerships make things more secure for joint customers around the world."  Mimecast’s broad security framework "Teaming up with Mimecast is a significant milestone," said Paul Holland, CEO of Beyond Encryption, adding "By combining our proposition with Mimecast’s broad security framework, we’re complementing each other's strengths and offering a powerful joint solution to the growing threats that businesses face daily."  He continues, "This technology partnership delivers real value to organisations, making it easier to stay secure and compliant in an increasingly regulated world. When looking to solve problems for businesses, we believe it's better to work together."

The European Network for Cyber Security (ENCS) announces that IPTO (Independent Power Transmission Operator), Greece's transmission system operator, has officially joined the network as a full member. With this new partnership, IPTO will actively participate in shaping the ENCS's strategy, while benefitting from the extensive cybersecurity knowledge sharing, training, and research available to ENCS members. Reliable transmission of electricity IPTO operates and keeps Greece's high-voltage power grid, ensuring the reliable transmission of electricity IPTO operates and maintains Greece's high-voltage power grid, ensuring the reliable transmission of electricity across the country. This membership marks a significant step forward for IPTO in reinforcing its commitment to protecting the power grid against increasingly sophisticated cyber threats. Anjos Nijk, Managing Director of ENCS, comments: "We are delighted to welcome IPTO to our network. As the backbone of Greece's high-voltage power grid, IPTO plays a crucial role in maintaining the stability and security of Europe's energy infrastructure." Technical expertise and strategic insights Anjos Nijk added: "IPTO's deep technical expertise and strategic insights will significantly enhance our collective efforts to secure critical infrastructure across Europe." Nikos Raftopoulos, Director of ICT and Cybersecurity at IPTO, stated: "In today's fast-paced digital world, safeguarding the security of our power grid has become more essential than ever." Nikos Raftopoulos adds, "Through our membership with ENCS, we strengthen our own cybersecurity measures, while actively supporting Europe's collective efforts to secure the energy sector. We are excited to work alongside ENCS members to exchange knowledge, insights, and best practices."

In today’s world, almost any electronic security system holds the potential to become a gateway for cybercriminals. With physical security and cybersecurity increasingly entwined, security professionals aren’t doing their job unless they take all possible precautions to lock down unauthorised access to camera systems, access control platforms, intercoms, and other network-based security devices and solutions. Let’s explore the many steps companies should take throughout their security technologies’ lifecycle – from choosing a vendor all the way through device decommissioning – to avoid making the common mistakes that leave systems, and the networks they reside on, vulnerable to attack and sabotage. Prepurchase phase: Laying the groundwork for cybersecurity 1. Conduct a Vendor Risk Assessment IT departments often rely on the same Vendor Risk Assessment criteria they use for evaluating IT equipment manufacturers when considering the suitability of physical security vendors. While commonalities exist between how to assess these disparate solutions, there are also differences that require distinct scrutiny. For example, device endpoints within physical security systems run on custom Linux Kernels and therefore do not utilise standard Linux distributions like Red Hat, Ubuntu, or Debian. IT divisions often rely on the same Vendor Risk Assessment criteria they use for evaluating IT kit A comprehensive evaluation should examine how each security solutions manufacturer handles its software development life cycles. Ideally, vendors should adhere to a recognised framework when developing both their platform management and device-specific software. In 2021, Executive Order 14028 made it a bit easier for companies to evaluate vendors by providing guidelines for evaluating software security, the practices of the software developer, and methods to demonstrate conformance with secure practices, specifically referencing the NIST SP 800-218 Secure Software Development Framework. In short, a good vendor should have documentation that explains everything it’s doing to address cybersecurity from development, through releases and ongoing maintenance. 2. Obtain Software Update Schedules The frequency with which manufacturers update their software varies. Each company is different. If you’re their customer, it shouldn't matter whether the vendor schedules updates every six months, three months, or more often than that. What does matter is that you know what to expect and have a plan for how to deal with that reality. For example, if updates only occur every six months, under what conditions are patches released to address vulnerabilities that emerge between updates? Customers must understand how often they'll be updating the software on their devices and ensure they have the resources to make it happen. Make sure stakeholders agree, upfront, who will be performing the software updates. Will it be the integrator who installed the system, the physical security system staff, the IT team, or the end user? Keeping an entire system current is a huge challenge, but a non-negotiable responsibility. Manufacturers who don't issue frequent releases and patches put the onus on customers to handle mitigation efforts on their own. In these instances, IT departments must be prepared to employ network segmentation, firewalls, security whitelists/blacklists, and other methods to protect their systems until a patch is released. If a company's security team has typically updated firmware only when something breaks, these additional responsibilities most likely require greater collaboration with IT departments and a shift in how security systems are managed. 3. Know the Warranty Terms and Duration of Software Support Organisations should understand the warranty policies for the devices they purchase Organisations should understand the warranty policies for the devices they purchase. Even more important is knowing when a device's software support will expire. Software support should extend well beyond hardware coverage. For example, if a camera has a five-year hardware warranty, customers should reasonably expect an additional five years of software support. When that period ends, companies must plan on replacing the device – even if it still works well. Without software updates, the device lacks vulnerability support and becomes too risky to remain on the network. Manufacturers should be transparent about their warranty and software support policies, helping organisations plan for device replacements that align with cybersecurity needs. 4. Request a Software Bill of Materials (SBOM) During the pre-discovery process, customers should request a Software Bill of Materials (SBOM) that provides a detailed inventory of the software running on each device, including open-source components. By revealing what software is "under the hood," the SBOM allows IT departments to be vigilant in protecting the company's systems from exposed vulnerabilities. For example, a customer should understand how Transport Layer Security (TLS) is being handled to secure a security solution's web server if it’s an open-source component like OpenSSL. 5. Assess Vulnerability Disclosure Practices CNA manufacturers represent the gold standard in cybersecurity practices Understanding how a manufacturer handles vulnerabilities is essential. Ideally, they should be a Certified Naming Authority (CAN) and report common vulnerabilities and exposures (CVEs) to national vulnerability databases such as NIST and MITRE. Doing so automatically includes any disclosed vulnerabilities associated with their devices in vulnerability scanners' databases.  CNA manufacturers represent the gold standard in cybersecurity practices, but most security manufacturers do not reach this level. At a minimum, the vendors you choose to work with should have an email notification system in place to alert customers to new vulnerabilities. Remember – email notifications are only as reliable as the employees managing them, so investigate whether the manufacturer has a strong track record of keeping up with such communications. Ask to speak with customer references who have been using the solution for an extended period to ensure the vendor is diligent in its communications. Configuration phase: Ensuring a secure setup 1. Use Hardening Guides Once a device is purchased, configuring it securely is the next critical step. Manufacturers should publish hardening guides that detail the security controls available for their products and recommended practices for implementation. Between the features offered by the vendor and your company's own cybersecurity policies, make sure all possible encryption options are activated. Using HTTPS is vital for ensuring secure communication with devices. Many physical security devices default to HTTP to accommodate customer-specific network topologies and certificate management. Failing to implement HTTPS can leave sensitive metadata unencrypted and vulnerable to interception. 2. Consider Advanced Encryption Protocols Protocols are necessary to protect video data in transit from cameras to the VMS Some solutions offer built-in encryption protocols, like MACsec, which makes it impossible for data to be compromised as it is transmitted over the network. HTTPS is still necessary to secure the connection to the devices’ webservice, but while customers set up and configure their devices, MACsec will keep network data safe. Additionally, if you want to encrypt video streams, consider protocols such as Secure Real-Time Transport Protocol (SRTP), which secures the transmission of audio and video data over the Internet, or tunnelling methods like Secure Socket Tunnelling Protocol (SSTP), which encapsulate data packets for safe transmission between two points, even if the network is insecure. Such protocols are necessary to protect video data in transit from cameras to the Video Management System (VMS). Encryption should also extend to the VMS hard drive where video is stored. There are different methodologies to do that, but ultimately the goal is to encrypt data in transit and in storage. 3. Implement Remote Syslog In the case of a breach, each device maintains a set of logs that are useful for forensic investigations. However, if a device gets hacked, its log may not be accessible. Best practices dictate that companies should set up a remote Syslog server that maintains a copy of all device logs within a central repository. In addition to providing redundant data for investigations, a Syslog offers IT systems an efficient way to look for anomalies. Cybersecurity teams will receive immediate notification for events like unsuccessful login attempts so they can quickly figure out what's happening. Who is trying to log in? Why on that particular device? 4. Practice Healthy Password Hygiene Ideally, organisations should move towards using Active Directory or Single Sign-On (SSO) solutions One of the most basic and yet overlooked aspects of cybersecurity is the failure to manage user accounts meticulously. Many organisations use the same username and password for all security devices because it's simply too cumbersome to manage a network of devices in which each requires a separate, unique login. It's assumed that the system's primary administrators are the only ones who know the universal password. However, the system becomes vulnerable if anyone within this select group leaves the company and the password isn't changed or deleted right away.  Ideally, organisations should move towards using Active Directory or Single Sign-On (SSO) solutions. This approach ensures that employees throughout a company are each assigned a unique login credential that they use for any systems they use throughout the organisation. When they leave, their passwords and access are universally terminated along with their accounts. If SSO is not an option, regular password changes and prompt account deactivation are critical. Decommissioning phase: Securely retiring devices At some point, physical security devices will reach the end of their useful life. When that time comes, companies must take care in how they dispose of their devices. A good vendor will provide guidance on how to clear memory chipsets and restore factory defaults. Improper decommissioning can lead to severe risks. For example, if an improperly decommissioned device is sold on the secondary market or retrieved from a dumpster, an attacker could gain access to sensitive network configurations and use this information for malicious purposes. Conclusion Deploying physical security solutions involves more than just securing buildings and assets; it also requires robust measures to protect against cybersecurity threats. From assessing vendors and understanding update policies to configuring devices securely and managing decommissioning processes, each step presents potential pitfalls that, if overlooked, could expose organisations to significant risks. By incorporating the techniques discussed into their deployment protocols, organisations can ensure their physical security solutions provide comprehensive physical and digital protection.

For K12 education pioneers, embarking on a journey to upgrade security controls can present a myriad of questions about finding the best-fit solutions and overcoming funding hurdles. A majority of public-school districts today are faced with outdated infrastructure and security controls, requiring necessary upgrades. By addressing these concerns head on, schools will ensure a safer environment for both students and staff, mitigating risks posed by unforeseen physical and digital threats. Common K12 security pain points There’s no one-size-fits-all solution in school district security. School districts may have big plans to implement upgraded security systems but to set out on the right foot, pioneers must have a clear vision of their long-term strategy. When embarking on their security journey, education pioneers often wonder where to start and what exact steps are they need to be taking to identify and address weaknesses. Local K12 and government pioneers are promoting and mandating security assessments to uncover safety gaps on campuses and mitigate these risks with advanced technology solutions. Not only do assessments provide detailed, customisable roadmaps for district pioneers, but they also recommend technologies and funding opportunities to help close threat gaps. K12 school districts are mainly vulnerable to cyber-attacks due to the sensitive nature of student records  In today’s climate, schools face a growing number of physical and digital security threats. From a cybersecurity standpoint, K12 school districts are particularly vulnerable to cyber-attacks due to the sensitive nature of student records. However, only one-third of these districts have adequate staffing to address threats effectively. In addition, according to a recent survey from Johnson Controls and Forrester Consulting, security decision-makers are having trouble receiving actionable insights. Nearly two-thirds of respondents said that they struggle to receive information from all necessary systems regarding their security threats. To gain more clarity into what school districts need in terms of security tools and threat mitigation, implementing system-wide monitoring and optimisation can be invaluable. This approach enhances equipment and operational efficiency, while providing necessary resources and expertise for critical patch updates across all systems, strengthening their overall security posture. Achieving a well-rounded security program In the past few years, AI technology has emerged as a trending solution and is generating considerable attention. While the allure of implementing cutting-edge technologies is undeniable, it’s important to recognise that a robust security program hinges on solid access control. Access control technology provides administrators with the means to oversee and regulate entry into facilities, serving as the foundation for basic physical security. The technology helps administrators and staff control access to multiple areas from web-enabled devices, even during lockdowns which is crucial in emergency situations. School district pioneers should utilise available digital risk assessment tools to uncover threat areas Once basic security controls are in place, school districts must address their next set of security pain points and identify which solutions meet their specific needs. This involves identifying and prioritising the highest need and most cost-effective investments that will have the greatest impact on enhancing security measures. To accurately determine which security solutions are needed for a specific environment, school district pioneers should utilise available digital risk assessment tools to uncover threat areas and determine levels of priority. By focusing on these priority areas, districts can allocate their resources and efforts where they are needed most, ensuring maximum effectiveness in mitigating risks and vulnerabilities.  Securing funding before approaching deadlines A major challenge for school districts surrounding campus security is identifying and securing the necessary funding to implement solutions aligned with their goals. Leveraging available funding sources is critical, especially considering certain programs are approaching their deadline, like the Elementary and Secondary School Emergency Relief (ESSER) fund. Announced during the pandemic, ESSER is a funding program that has allocated nearly $190 billion in aid to U.S. public school districts to fund projects benefitting the well-being of occupants.  Notable ESSER funding deadlines to keep in mind as the clock winds down include September 30, 2024 Notable ESSER funding deadlines to keep in mind as the clock winds down include September 30, 2024, when schools must attribute all of their funds to assigned contracts. Following this date, pioneers will need to complete all ESSER spending by January 2025 unless approved for an extension into March 2025. As ESSER wanes, school districts are acutely aware of the fiscal cliff in budgets through 2025. However, many states are ramping up grant funding to close the deficit gap. Administrators should become familiar with these grant opportunities at a local and state level. Get started on security plans The time for school district pioneers to act is now. While the safety and well-being of students and staff are always top priorities, it’s crucial to acknowledge that a lack of insight into necessary security upgrades and available funding options will leave districts behind the curve. Seizing the final months of ESSER funding presents an ideal window to address security pain points and build a safer future for K12 facilities. Looking beyond ESSER, pioneers must proactively seek out and leverage other funding avenues to help ensure the continuity of their security efforts and maintain a proactive stance in safeguarding healthy and safe educational environments.

These days, business is more collaborative, adaptable and connected than ever before. In addition to offering new identities and access privileges, new applications and data also increase the attack surface available to cyber criminals, hacktivists, state actors and disgruntled insiders. These new identities need to be handled carefully. CISOs must develop an identity management strategy that is consistent across on-premises, hybrid and cloud systems. Good security is built on solid identity governance and administration (IGA) principles. From ransomware to supply chain intrusions, high-profile cybersecurity events frequently take advantage of weak identity and access management procedures. The Identity Defined Security Alliance found that 84% of organisations experienced an identity-related breach during its one-year study period. Robust IGA system Consequently, organisations need to find best-of-breed solutions for each section of the fabric Some of the most well-known cyber-attacks have not been made possible by a nation-state exploiting a remote zero-day vulnerability; rather, they have been made possible by something as basic as a hacked orphaned account. This resulted in lateral movement from an insecure platform to a high-value system, illegitimate privilege escalation or unsanctioned access to a computer system. To safeguard against such attacks, organisations must be aware of who has access to their systems and apps, and guarantee that access is revoked when it is no longer required. Here, a robust IGA system is helpful. It is not the whole picture, though; IGA is part of a larger identity fabric. A report by KuppingerCole noted that “Identity Fabrics are not necessarily based on a technology, tool or cloud service, but a paradigm for architecting IAM within enterprises.” The report pointed out that the paradigm is created using several tools and services. That’s because, contrary to marketing claims, no one vendor has a platform that provides all the needed elements. Consequently, organisations need to find best-of-breed solutions for each section of the fabric. Threats to the new corporate landscape Due to their exclusion from the corporate firewall and the security culture that comes with working on-site, remote employees and third parties are desirable targets for hackers. The transition to online office suites is another vulnerability that hackers are taking advantage of–for instance, through bogus authentication login dialogues. Additionally, hackers are using technologies like machine learning and artificial intelligence to circumvent current security tactics. A cyberattack powered by AI will imitate human behaviour and develop over time. Even publicly available information might be used by this "weaponised AI" to learn how to get past a target’s defences. CISO and the business users Attackers will finally find an entryway, but firms can protect the new perimeter–their identities It's no longer possible to secure the traditional perimeter. Attackers will eventually find an entryway, but businesses can protect the new perimeter–their identities. To defeat these threats, organisations must look again at identity and access management tools and how they are weighed against the impact on the organisation. Should you mandate multi-factor authentication (MFA) more often and earlier? Should only company-owned devices have access to networks, or should access be restricted to specific business hours or regions? Should access to sensitive information and critical systems be given just temporarily or should it be offered on a task-by-task basis? Both the CISO and the business users they assist should be asking these questions. Staying ahead of threats with identity Access control limits decrease dangers but can come with a cost. If you give your users too much access, your organisation becomes susceptible; if you give them too little, productivity suffers. But there are ways to strike a balance with security, compliance and productivity. More CISOs are turning to Zero Trust–which is based on the principle of maintaining strict access controls and not trusting anyone by default–to protect their systems from new attack types. However, Zero Trust is reliant upon having a thorough and baked-in strategy that underpins it.  Other actions that companies can take include implementing automation for identity management, such as automating workflows for approval. This would significantly lessen the administrative burden and friction that security solutions like multifactor authentication (MFA) or time-restricted access to critical systems have on business users. This might include restricting access to particular devices, capping access hours during the day or enforcing MFA based on user behaviour. Identity fabric: Putting it all together Make sure your identity architecture is scalable, secure, and provides a seamless user experience These are just two elements of the identity fabric approach. Most organisations today have implemented pieces of an identity fabric, which is basically an organisation’s identity and access management (IAM) infrastructure and typically includes a mix of modular IAM solutions for multi-cloud and/or hybrid environments. Now, organisations need to define, enhance and develop this infrastructure. They must also institute guiding principles for how it should operate, meet current and future business requirements as well as identity-related cybersecurity challenges. In doing so, businesses can move past identity platforms and adopt an identity fabric perspective. The key is to make identity governance the starting point of your identity fabric strategy, ensuring seamless interoperability within your identity ecosystem. Make sure your identity architecture is scalable, secure, and provides a seamless user experience. Aligning security with business Due to the increase in knowledge workers using the cloud and working remotely, attackers are focusing on this group. These employees are easier to compromise, give access to valuable data and offer more attack targets. Knowledge workers also lack an administrator’s level of security expertise. Therefore, as part of their security fabric strategy, enterprises require a scalable IGA system. It is easier to comply with security and access regulations and takes less time for IT teams to do normal administrative activities when they invest in IGA, a crucial tenet of identity security. CISOs and boards, though, are currently looking at more than identity management. IGA is at the centre of the debate about security and governance. Taking an identity fabric-based approach, with a foundation built on modern, cloud-based IGA, will safeguard identities, increase productivity, and make staff adherence to organisational procedures easier.

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of this problem has emerged in the consumer and political worlds, the issue cannot be ignored when it comes to the authenticity and protection of video and security data. Video surveillance data SWEAR is a company with the mission to ensure the integrity of video surveillance data by mapping video data and writing it into the blockchain, providing real-time, immutable proof of authenticity. Blockchain, which is the underlying technology that enables cryptocurrencies, is a decentralised digital ledger that securely stores records across a network of computers in a way that is transparent, immutable, and resistant to tampering. SWEAR solution The SWEAR solution is based on proactive, foundational protection that validates data at the source The SWEAR solution is based on proactive, foundational protection that validates data at the source before any opportunity for manipulation can occur. “Our technology is about proving what’s real and our goal is to ensure that security content and video surveillance data remain untampered with and reliable when needed,” says Jason Crawforth, Founder and CEO of SWEAR. Real-time authentication Security leaders need to ensure that the content they are relying on to make mission-critical decisions is authentic. Once verified, organisations can be sure that their investment in video can be trusted for critical use cases, including intelligence operations, legal investigations, and enterprise-scale security strategies. SWEAR seeks to embed trust and authenticity directly into video surveillance content at the point of creation. This ensures real-time authentication while proactively preventing tampering or manipulation before it can happen.  AI-generated content The rise of AI-generated content, such as deepfakes, introduces significant challenges As AI transforms the landscape of video surveillance by enhancing threat detection and predictive analysis, it also introduces the very real risk of manipulation through AI-generated content. This presents a significant challenge in protecting critical security data, especially in mission-critical applications. The rise of AI-generated content, such as deepfakes, introduces significant challenges when it comes to ensuring the protection of digital media like video surveillance.  Recent study findings It is a fact that digital media content is being questioned more regularly, which puts businesses, legal systems, and public trust at risk.  A recent study from the Pew Research Center found that 63 percent of Americans believe altered videos and images create significant confusion about the facts of current issues. Last month, California Governor Gavin Newsom signed three bills aimed at curbing the use of AI to create fake images or videos in political ads ahead of the 2024 election.  Footage authenticity “While most of the news cycle has centered on the use of fake content in politics, we need to think about how manipulated videos could affect security,” says Crawforth. “In video surveillance, ensuring the authenticity of footage is critical for keeping operations secure and safe around the world. That means verifying and protecting video data is a must.”  Organisations must be capable of performing thorough digital investigations, which involve retrieving and analysing video and security data from devices and networks through a chain of evidence. Digital forensic capabilities Strong digital forensic capabilities also enhance incident response, risk management, and proactive security An in-depth understanding of who has handled video data, how it was handled, and where it has been is an important step in responding to security incidents, safeguarding assets, and protecting critical infrastructure. Strong digital forensic capabilities also enhance incident response, risk management, and proactive security measures, all essential for risk management, regulatory compliance, and cost control, says Crawforth.  An unbroken chain of custody “By using tools to identify, preserve, and analyse digital evidence, organisations can ensure swift and accurate responses to security incidents,” he adds. “Using the latest tools and techniques is vital for maintaining a strong security posture." "But you must ensure your digital content isn’t manipulated.” SWEAR’s technology provides an unbroken chain of custody, ensuring that video evidence can be trusted and admissible in court and forensic applications.  Authenticating content Authenticating content also strengthens accountability and trust, protecting organisations By verifying video content is protected from tampering, manipulation, or forgery, organisations can be sure that they have reliable evidence that produces actionable results. Authenticating content also strengthens accountability and trust, protecting organisations from legal disputes or compliance violations.  Safeguarding digital content “With an increasing amount of disinformation in today’s world, we sought to develop an innovative solution to safeguard the integrity of digital content,” says Crawforth. SWEAR safeguards security content using real-time “digital DNA” encoding. It integrates directly at the video management system level, ensuring it is preserved with a secure chain of custody and maintains integrity for evidentiary purposes.  Real-time “digital DNA” encoding The digital DNA is then stored on a blockchain, creating an immutable record The solution integrates with cameras and other recording devices to map this digital DNA of the video data, all in real-time. The digital DNA is then stored on a blockchain, creating an immutable record that tracks the content’s history and integrity. Any attempt to manipulate the media can be instantly detected by comparing the current state of the media to its original, authenticated version. SWEAR is actively collaborating with video management solution providers to integrate the technology into their platforms. Video and security data benefits “We’re still in the early stages of our collaboration in this space, but it is clear that the industry recognises that we have to work together to mitigate this risk proactively before it becomes a significant issue,” says Crawforth. “The feedback we have received from the industry to date has been beyond our expectations, and we expect to have more integration partners to highlight shortly.”  “We should approach this as a collaborative effort across the industry, as ensuring the authenticity of video and security data benefits everyone involved,” says Crawforth. 

The shift from standalone systems to fully integrated solutions is one of the biggest shifts the security industry has experienced in recent years.  There is a higher demand for integrated solutions that go beyond just security at the device and software level, and manufacturers have been continuously developing improved application programming interfaces (APIs), and hybrid and cloud-connected solutions.  Artificial intelligence (AI) Also, artificial intelligence (AI) plays an important role in modern intrusion systems by helping enable automated threat detection, real-time response, and predictive analysis. AI algorithms can analyse vast amounts of data to identify patterns and anomalies that may indicate security breaches. Security solutions are being developed with a focus on AI and machine learning to provide more proactive and resilient defences against increasingly sophisticated cyber threats. Benefits of AI AI-driven security solutions can continuously learn and adapt to new threats, providing more robust protection “The practical benefits of AI in security systems include enhanced accuracy in detecting threats, reduced response times through automation, and the capability to anticipate and prevent potential vulnerabilities before they are exploited,” says Sergio Castillejos, President, of Commercial Security at Honeywell. Additionally, AI-driven security solutions can continuously learn and adapt to new threats, providing businesses with more robust and dynamic protection. Unified Intelligent Command user interface Honeywell meets the challenge of better-integrated systems with a unified Intelligent Command user interface (UI). Castillejos says Honeywell continually innovates with the latest analytics and encryption to keep up with evolving threats. Honeywell’s products integrate with many offerings for partners to construct a robust and modern system relevant to their security needs.  Advanced cloud-based security Advanced cloud-based security technologies have been developed that offer real-time monitoring, automated threat detection Advanced cloud-based security technologies have been developed that offer real-time monitoring, automated threat detection, and remote management, essential for hybrid work environments, says Castillejos. “These solutions enhance scalability, improve data analytics capabilities, and provide seamless updates reducing significant maintenance costs that help companies to respond swiftly to emerging threats and enable robust, adaptive security measures.” Physical and digital security The best security systems are a combination of physical, digital, and national security, says Castillejos. While Honeywell focuses on providing the best in physical and digital security within their solutions, protecting sensitive and/or personal information must also be within the responsibility of the organisational policy.   Cybersecurity for connected devices Some of the challenges in the next five years will likely include integrating advanced technologies Security systems can safeguard this information by being highly configurable while also notifying users of unwanted activity. Sometimes, just restricting access to sensitive areas can be enough. However, in the world of data analysis and machine learning, security systems can audit and report on users who have accessed data to ensure that the protections are in place. Some of the challenges in the next five years will likely include integrating advanced technologies such as AI and the Internet of Things (IoT) while securing cybersecurity for connected devices, notes Castillejos.  Balancing act “Additionally, there will be a growing need for skilled professionals to manage and maintain these complex, connected systems,” he says. “Balancing cost-effectiveness with the demand for resilient security solutions will also pose a significant challenge, especially for smaller businesses.” Legacy systems that are susceptible to vulnerabilities like cloning or unauthorised access present the largest challenge to overcome. “However, as technology evolves, it becomes more challenging for a customer to manage a unified security system rather than a collection of unique solutions that all operate independently,” says Castillejos. Disruptive technology But investing in the newest analytics, AI and IoT will not improve a company’s physical security systems if they do nothing with the data. “They are not a replacement for the devices that keep people and property safe,” says Castillejos. “They can enhance a user’s experience and speed up the time to respond when they are planned correctly.”  The best security systems will look at disruptive technology as another tool in the overall system. However, the focus should remain on the user experience. If the latest technology is not properly integrated or configured, it will turn into more noise that most operators will ignore. {##Poll1720586145 - Which is the most useful benefit of artificial intelligence (AI) in security systems?##}

ISC West 2024 mirrored a vibrant industry on the precipice of accelerated change. Factors such as the cloud, artificial intelligence (AI), edge computing, and biometrics are shaping the future of the security marketplace, and they were front-and-centre at the industry’s biggest U.S. show in Las Vegas.  Foot traffic was steady and impressive, including more than 29,000 security industry professionals viewing 750 exhibitors. A torrent of eager attendees crowded the lobby on the first day and could not wait for the doors to open. When they were admitted, the wealth of technological innovation and business opportunity did not disappoint. Focus on cloud systems Cloud systems were high-profile at ISC West. Camera manufacturer Axis, for example, introduced their Axis Cloud Connect at a press conference. Meanwhile, Genetec officially launched their Security Centre SaaS platform, which aims at eliminating points of friction to enable integrators to easily embrace cloud systems from quoting and ordering to provisioning and installing.  Camera manufacturer Axis, for example, introduced their Axis Cloud Connect at a press conference Cloud provider Eagle Eye Networks promoted their new “Eagle Eye 911 Camera Sharing” technology under which both non-Eagle Eye Cloud VMS customers (via Eagle Eye 911 Public Safety Camera Sharing) and Eagle Eye customers can opt to share their video feeds for use by 911 operators in case of emergency. If users opt-in, 911 operators can have access to live video as an emergency unfolds. Eagle Eye Networks provides the feature by integrating with RapidSOS call centre software. Camera locations are based on geolocation coordinates, and customers can choose if they want to participate and which cameras they want to share. Biometrics in the mainstream Biometrics were well represented at ISC West, including Alcatraz AI, which introduced an outdoor version of their biometric face recognition product. The Rock X works well despite harsh lighting. Alcatraz’s products do not have to be integrated, they communicate just like a card reader using OSDP or Wiegand protocol. “At the show, customers are excited about moving to a frictionless environment and getting rid of existing credentialing,” said Tina D’Agostin, CEO and co-founder of Alcatraz. “We are making access control frictionless, secure and private. The experience can be as passive as possible – people can just walk in.” Multiple types of authentication, and the ability to detect tailgating and stream video SAFR from Real Networks also featured biometric face recognition, emphasising feature sets, convenience, and price/performance. They offer multiple types of authentication, and the ability to detect tailgating and stream video. A new device is a small mullion mount that is “approaching the price of a card reader, factoring in the need to purchase cards,” said Brad Donaldson, Vice President and General Manager. SAFR focuses on convenience: You don’t have to take out your phone to pass through a door. Enrolment is easy by incorporating existing databases, and costs are lower than competitors, said Donaldson. The system analyses multiple points on the face, turns it into data and then encrypts it, providing a “unique signature for each person.”  Credentials in Apple Wallet and Google Wallet AMAG Technology announced the compatibility of credentials with the Apple Wallet and Google Wallet. The company is also embracing a new strategic direction under President David Sullivan. They launched a new website in January, are developing dynamic resources and a partner page, and they now integrate with 120 tech partners. AMAG Technology Financial Services now enables their channel partners to offer leasing and financing options to customers. The big new booth at ISC West reflected an effort to “market different and look different,” according to the company. The big new booth at ISC West reflected an effort to “market different and look different" The new Symmetry Control Room, a command-and-control system, is a relaunch of an earlier AMAG product with enhanced features. Suitable for large enterprise customers, the software enables a big video wall to display all the various systems and incorporates all the data into a single “pane of glass.” Operators can “draw a lasso” around cameras they want to display on the video wall and can follow action across multiple camera feeds.  Navigating megatrends A breakfast meeting for integrators, sponsored by Assa Abloy Opening Solutions, was built around the theme “Navigating Megatrends for Sustainable Growth." The megatrends are artificial intelligence, sustainability and cybersecurity. Related to cybersecurity, there are 350 common vulnerabilities and exposures (CVE) published per week, reflecting the continuing threat to cybersecurity. Physical security has a “data lake” of information from various physical security systems that can be an attractive target for cybersecurity breaches. Data sets can be exploited and/or poisoned. The security industry needs to apply “defence in depth” to the challenges of protecting data. “The threat landscape is always changing, and security technology is an iterative process,” said Antoinette King, i-PRO’s head of cyber convergence, one of the panellists. Natural language systems Natural language systems are a newer approach making an early appearance at ISC West Natural language systems are a newer approach making an early appearance at ISC West. Brivo, for example, has an early prototype of its “natural language search capabilities” that can answer questions such as “Who is in the office?” or “Where is Bob and what has he done?” Brivo also promoted its all-in-one door station device that combines a card reader and a camera (for facial authentication) and serves as a video intercom, thus eliminating the need for multiple devices at the door. Brivo is also emphasising tailgate prevention, facial authentication, and people counting using AI at the edge. Also promoting natural language systems was Verkada, which unveiled a beta version of its AI Search feature that embraces national language capabilities. With AI Search, users will soon be able to use natural language to search for people or items. For example, a search could be “person climbing over a fence” or “person making phone call” or “person wearing football jersey.” Verkada wants to be thoughtful with the rollout and make sure effective guardrails are implemented to prevent abuse and bias. The release should happen in the coming months. Multi-family applications Allegion is promoting the XE360 hardware lock platform in various formats, including cylindrical lock, mortise lock, deadbolt and exit trim. At the show, Allegion noted an enthusiasm for multi-family applications. “We have been surprised by the people who want to add electronics and to retrofit existing multi-family facilities to compete with newer facilities,” said Henry “Butch” Holland, Allegion’s Regional Director, Channel Sales East Region. Allegion works with 60 different physical access control software providers, including familiar players such as LenelS2 and Genetec Allegion also offers an “indicator” display on its locks, showing at a glance whether a door is locked or unlocked. The “indicator” might also display “occupied” or “vacant.” Allegion works with 60 different physical access control software providers, including familiar players such as LenelS2 and Genetec.  Integrator M&A trends Everon looks for acquisitions in areas where they do not currently have support for national accounts A conversation with Everon at ISC West provided insights into the accelerating trend of mergers and acquisitions among the integrator community. Everon, formerly ADT Commercial, has done six acquisitions of local integrators since they changed their name last year. In targeting companies to acquire, they look for a good company with a good reputation, and they consider how the new company’s competencies complement their own. Some M&A strategy is geographic, as Everon looks for acquisitions in areas where they do not currently have support for national accounts. They also consider density, seeking to add new acquisitions in larger markets where they don’t currently have a big market share. “A lot of investment is coming into security because it is seen by investors as recession-proof,” said Michael Kennedy, VP, Mergers and Acquisitions, for Everon. Kennedy met with 95 businesses last year for possible acquisition, and the company only finalised a handful – reflecting that Everon is selective and careful that corporate cultures are aligned. “With an acquisition, the goal is to keep every customer and every employee,” said Kennedy. Voice of the customer  ISC West provides an opportunity for manufacturers to listen to the “voice of the customer;” in person, no less. “We have every kind of problem come to the booth,” commented Heather Torrey, Honeywell’s General Manager, Commercial Security, Americas. “People are passionate, interested and very specific with their questions and comments,” she said. “We are driving a complete system, but we are flexible, helping our customers to meet their needs and not try to fit every foot into the same shoe. Sometimes meeting customer needs involves working with competitors," Torrey commented. “It truly comes back to listening to the customer, not just ‘this is what we have to offer,’” she adds. ISC West provides an opportunity for manufacturers to listen to the “voice of the customer;” in person, no less. Edge applications are everywhere at ISC West, and one company is promoting a new approach to expand functionality at the edge. Camera company i-PRO advocates the use of the “Docker” platform for app development, an option they offer on their cameras. Docker “containers” package deep-learning algorithms to make it easier to embed software into edge devices. Anyone can run Docker apps on i-PRO cameras that use the powerful Ambarella chip. A Docker “swarm” can combine multiple edge devices to work together and share resources. For example, the approach can increase computing power at the edge to increase the capabilities of instant analytics. It’s faster and provides better redundancies. A “distributed computing platform” ensures less latency than communicating analytics to a central server.  Unification of capabilities Johnson Controls (JCI) also promotes the trend of combining multiple systems into a single pane of glass. Their “Open Blue” platform, with a security version unveiled at the show, integrates various security systems into one, combining data and monitoring device health.  Basically, the system manages all resources holistically. JCI also notes a trend toward “unification of capabilities,” e.g., combining access control and video. “The scope of security is evolving from a focus on protection to a broader focus on operations,” commented Julie M. Brandt, JCI’s President, Building Solutions North America.

As a real estate development firm’s facility was nearing completion, the firm identified potential concerns with limitations in the facility’s control infrastructure. Before the building reached full occupancy, the firm engaged with Wesco Anixter’s entroCIM team for a comprehensive cybersecurity and use-case audit. As a result, the facility pivoted to a cloud-hosted instance of the entroCIM platform to deliver on the organisation’s lofty vision for a truly connected space. Solution Constant commissioning with site-specific scripting means operators know the moment The entroCIM platform helps bring their vision to life among operational technology as well; disparate technologies with unique communication protocols come together in a single interface, providing stakeholders with mission-critical actionable insight. As all commercial real estate of this type has changed in the past several years, entroCIM has changed with it, offering direct, API-based connection to detailed predictive utility data to leverage the site’s flexibility in maximising efficiency. Constant commissioning with site-specific scripting means operators know the moment a system begins to show signs of decline. Since initial deployment, the depth of actionable insight through analytics has more than doubled, with more than 130 analytical rules running continuously to give operators the upper hand in the management of occupant comfort, energy efficiency and proactive maintenance Scope Cloud-based entroCIM licence access Dashboarding and graphics Analytics and reporting Preventative maintenance Investigation API-based utility integration Commissioning Global remote access Use-case gap analysis Cybersecurity audit New construction consulting Subject matter expert support Project stakeholders C-suite IT Organisation-level engineering Site-level mechanical Site-level engineering Tenant program management Communication protocols BACnet Modbus Integrated services Automated Logic Semco Lutron Siemens Honeywell York

The office of the Additional Director General of Police (ADG) and Inspector General (IG) of Prisons oversees the management and security of all prisons in the Indian state. This includes ensuring the safety of prison facilities, implementing rehabilitation programs for inmates, and managing prison staff.  Creating a fair environment The ADG and  IG focus on improving prison conditions and ensuring legal standards are met. Their goal is to create a secure and fair environment, balancing safety with efforts to reform and rehabilitate prisoners for their eventual return to society.  Scenario The need for a robust solution became clear after issues like hidden illegal items and unmonitored inmate movements The absence of a security video surveillance system created critical security blind spots, making it difficult to monitor key areas effectively. The need for a robust solution became clear after issues like hidden illegal items and unmonitored inmate movements posed significant risks to prison security.  New security video surveillance system To comply with government regulations, the new security video surveillance system had to adhere to stringent standards established by the Bureau of Indian Standards (BIS). This included specific sections detailing the specifications for camera performance and image quality and covering safety guidelines for IT equipment. The system required STQC certification to meet high security and data privacy standards, crucial for government installations. OWASP ASVS 4.0 L2 standards Additionally, it needed to comply with OWASP ASVS 4.0 L2 standards to ensure robust cybersecurity, safeguarding against common vulnerabilities. High-resolution cameras were essential for clear image capture, and tamper-proof storage was required to securely retain footage for 30 to 90 days. The system also had to align with the National Cyber Security Policy to protect sensitive data from cyber threats. Compliance with these standards was vital for maintaining security and operational integrity within the prison.  Challenges Due to the absence of a security video surveillance system, the Prison Department faced numerous challenges such as:  Struggled to monitor blind spots in the prison yard where fights and disputes frequently occurred.  ​Detecting the smuggling of drugs and mobile phones during visitations was nearly impossible with manual checks alone.  ​Staff couldn’t always be present to monitor isolated areas like back rooms, corridors, and staircases, leading to security gaps.  ​Identifying the individuals involved in riots or brawls was difficult due to the lack of visual evidence. ​ Inmate escape attempts often went unnoticed until too late, especially during night shifts.  ​Ensuring round-the-clock monitoring of high-risk zones like solitary confinement was a constant challenge.  ​Coordinating emergency responses, such as medical help during violent outbreaks, was delayed without instant visual updates.  Matrix solution Matrix security video surveillance systems comprising Matrix Network Cameras and NVRs were installed across four prisons statewide, providing robust security for over 10,000 inmates.  Matrix PTZ Cameras were deployed in larger spaces like the prison yard, where they could pan, tilt, and zoom to follow suspicious activities or fights, providing dynamic coverage and ensuring swift responses to incidents.  Mini Dome Cameras were placed inside cells and common areas to provide constant, wide-angle surveillance, keeping tabs on inmate behaviour and reducing the chances of fights or smuggling illegal items. These cameras were also installed in cafeterias and recreation areas to monitor inmate interactions. Mini Bullet Cameras were installed in corridors and cellblock hallways to keep a close eye on inmate movement, ensuring no blind spots in these high-traffic zones. They were also installed in less-visited areas like storage rooms and staff offices to prevent unauthorised access and maintain control.  Project Bullet Cameras were mounted along the prison yard and perimeter walls, providing long-range surveillance to prevent escape attempts and monitor outdoor activity. They were also installed at entry and exit points to keep tabs on everyone going in and out, securing access to the facility.  24x7 real-time monitoring All Matrix Network Cameras were centrally monitored with Matrix 64 Channel NVRs All Matrix Network Cameras were centrally monitored with Matrix 64 Channel NVRs. This setup enabled 24x7 real-time monitoring, recording, and playback of video from different areas of the prison, ensuring complete coverage and prompt incident response.  Similarly, the prison departments in three other cities of the state were also secured with Matrix Network Cameras and NVRs.   Products offered Matrix MIDR20FL36CWS P2 (800+): 2MP IR Mini Dome Camera with 3.6 mm Fixed Lens   Matrix MIBR20FL36CWS P2 (600+): 2MP IR Mini Bullet Camera with 3.6 mm Fixed Lens   Matrix CIBR20FL36CWS P2 (800+): 2MP IR Project Bullet Camera with 3.6 mm Fixed Lens   Matrix PZCR20ML25CWP P2 (70+): 2MP IR PTZ Camera with 25x Optical Zoom  Matrix NVR6408X P2 (40+): 64 Channel NVR with 8 SATA Ports   Solution diagram Benefits They ensured round-the-clock surveillance of high-risk zones, such as solitary confinement and cell blocks The installation of the Matrix security video surveillance system effectively eliminated critical security blind spots in the prison yard, reducing the risk of fights and disturbances. They ensured round-the-clock surveillance of high-risk zones, such as solitary confinement and cell blocks, preventing inmate escapes and unauthorised movements.  Centralised monitoring Matrix security video surveillance systems enabled accurate monitoring during visitations, significantly enhancing the detection of smuggling attempts for drugs and mobile phones.  Centralised monitoring via the 64-Channel NVR allowed for quick identification and response to disturbances, ensuring timely intervention during riots or medical emergencies. Regulation safety and data privacy High-resolution camera footage provided reliable documentation of inmate interactions and incidents, supporting investigations and enhancing overall prison security management. Matrix security video surveillance system meets BIS and STQC standards, ensuring compliance with government regulations for safety and data privacy. It also complies with OWASP ASVS 4.0 L2 standards, enhancing data security and protecting against cyber threats.

Sports hold profound significance in the lives of athletes, nations, and citizens alike, fostering a sense of unity and national pride. Sporting events captivate hearts and minds, showcasing the devotion towards athletic spirit. The journey of an athlete from local competitions to global stages embodies dedication and resilience, inspiring millions worldwide. Olympics event At the pinnacle of this athletic journey lies the Olympics, a cherished event that transcends borders and cultures, uniting nations in a shared pursuit of excellence and sportsmanship. For years, anticipation has been building as Paris, affectionately known as the City of Lights and renowned as the iconic capital of France, prepares to host the Olympics 2024, promising unforgettable moments of triumph and unity.  Facial Recognition Technology FRT symbolises a commitment to safeguarding the spirit of The Olympics, preserving the joy and pride Amidst the excitement, there lies a solemn responsibility: to protect the interests of everyone involved. In response, the use of Facial Recognition Technology (FRT) offers an enhanced approach to improving security measures for identification, access control, and threat detection. It symbolises a commitment to safeguarding the spirit of The Olympics, preserving the joy and pride that this monumental event brings to millions worldwide.  The quest for enhanced security at the Olympics  Ensuring Olympic security involves addressing a spectrum of challenges, including the complexities of managing fan behaviour, cyber-attacks, and the unpredictability of civil unrest. According to the National Center for Sports Safety and Security, 73.2% of attendees consider safety and security measures when deciding whether to attend an event, and 77% prefer security measures to be visible at an event. Common cybersecurity threats Phishing attacks, credential stuffing, and password spraying are some of the common cybersecurity threats With growing technological advancement and globalisation of the world these days, the Olympic Games face increasing risks of cyber attacks.  Phishing attacks, credential stuffing, and password spraying are some of the common cybersecurity threats. Reports from the National Cyber Security Centre, United Kingdom, have established that more than 70% of sports organisations fell victim to cyber incidents in 2020, and this was mostly caused by hackers seeking financial gain.  Eradicating Security Concerns with FRT  In particular, surveillance becomes an important component of security and incident detection during the Olympics, where millions of spectators gather from all over the world. For this reason, strict perimeter measures, secure screening procedures, and vigilant security are required. Indeed, integrating FRT as an additional feature in Video Management Systems (VMS) can improve the outcomes significantly.  Physical Security Enhancement: Video Analytics Systems are one of the most effective means of evaluating threat levels at the event Video Analytics Systems are one of the most effective means of evaluating threat levels at the event, using face recognition to match the faces of the people attending the event with a universal offenders database. It allows security staff to quickly identify malicious actors and detain them. This reduces the likelihood of wrong-doers making attempts at large-scale events, thus, protecting participants and spectators, and ensuring their safety.  Monitoring Crowd Behaviour: Effective management of crowd behaviour is crucial for maintaining a safe and harmonious environment. Video Analytics Systems make it easier to look for and monitor disruptive crowd behaviours in real-time, like vandalism, alcoholism, violence, etc. Instigators of such activities are immediately identified and flagged, allowing security officials to address the problem before it escalates.  It also helps in tracking and preventing agitation since the system incites recognising people in the crowd from lists of unreliable persons, even if masks hide their faces. This capability enables security to respond quickly to emerging threats, ensuring that protests remain peaceful.  Enhanced Cybersecurity Measures: If the FRT system is centralised, any attempted intrusion by an intruder will be immediately visible FRT minimises the capability of cyber intruders attempting to penetrate the competition control information systems, media streams, and security systems and meddle with their work. If the FRT system is centralised, any attempted intrusion by an intruder will be immediately visible to security personnel. This will prevent unauthorised access and reduce not only the number of cybercrimes but also financial and reputational risks. By integrating FRS with AI, biometric and conventional security systems have made security surveillance more effective and efficient in providing real-time data analytics. With the development of generative AI, a new type of attack using spoofing and deep fakes is gaining momentum. Recognition technologies with liveness features can stand out among other defence systems.  Peace of mind for athletes and staff  FRT has the potential to profoundly impact the Olympic experience, offering athletes and staff a transformative blend of efficiency, security, and operational ease. For athletes, it means seamless access to venues, minimising distractions and administrative hurdles, allowing them to dedicate more time and focus to their training and competition. They can move through the Olympic complex with confidence, knowing their safety is assured.  Identifying and addressing potential threats The technology not only enhances a sense of safety and belongingness but also ensures that global athletic excellence Beyond efficiency, this technology empowers security personnel to manage large crowds with precision, swiftly identifying and addressing potential threats. The technology not only enhances a sense of safety and belongingness but also ensures that global athletic excellence is memorable and deeply meaningful for everyone involved.  Harmonising security and privacy with integrity  Data privacy is paramount, and the balance between safety and the subject’s right to privacy must be kept to the highest standard. Transparency about data collection, storage, and usage fosters trust and upholds individual dignity. By championing both security and privacy, advanced technology security solutions like FRT can play an important role in ensuring that every participant and spectator feels safe, respected, and inspired. The application of security measures trusted worldwide helps maintain the integrity of global events, and the Olympic games act as an anchor for setting a perfect example of unified growth and glory.  360-degree protection "The Olympic Games stand as a monumental event for millions worldwide, posing substantial challenges to security services," said Tamara Morozova, Global CEO, of RecFaces. "Integrating facial recognition software promises 360-degree protection, drastically reducing incident response times to mere seconds, and empowering security personnel with invaluable analytical insights."

Genetec Inc., a pioneering technology provider of unified security, public safety, operations, and business intelligence solutions, announced that Heathrow Airport’s multi-year investment in Genetec solutions is enabling them to continuously innovate and transform operations. The joint effort provides Heathrow with a unified view across large-scale airport operations to secure people and assets, bringing efficiency and enhancing the passenger experience while ensuring data privacy and cybersecurity compliance. Deployed Genetec Security Centre Heathrow deployed Genetec Security Centre to bring all of its IP security systems onto one unified forum London Heathrow is Europe’s busiest airport, handling approximately 80 million passengers and 14 million tons of goods annually. Over 76,000 employees work around the clock to ensure the airport’s smooth operations across its 1,227-hectare site, including maintaining passenger flow, securing the premises, and managing over 1,300 daily take-offs and landings for 89 different airlines. Heathrow initially deployed Genetec Security Centre to bring all of its IP security systems onto one unified platform. What began as a 2,000-camera deployment in 2016 has since more than quadrupled in size, incorporating everything from video and access control to LIDAR, analytics, automatic licence plate recognition (ALPR), and more. Genetec solutions Genetec solutions are used to go far beyond security. For example, Genetec solutions are used to monitor over 150 km (93 miles) of baggage belts and facilitate the daily entry and exit of over 150,000 vehicles. “We’re essentially running a small city operation that happens to be called Heathrow,” explains Danny Long, IT Product Owner for physical security products at Heathrow. “Alongside the traditional airport security functions, we’re responsible for the monitoring of roads, retail space, three train stations, a bus terminal, offices, a church, fuel stores, a high voltage electrical network, and all the other associated infrastructure that maintains passenger flow.” Software and firmware updates Genetec Security Centre supports 90 other stakeholder groups working across 110 control rooms Genetec Security Centre now supports 90 different stakeholder groups working across 110 distinct control rooms, all of whom have different needs and access rights. Customised dashboards enable individual teams and third parties, such as police, government agencies, airlines, and retailers, to focus on their specific tasks. For example, some operational staff are given the tools to monitor passenger flow and are automatically notified when security lines grow too long. Meanwhile, colleagues in IT don’t see camera feeds. Instead, they have access to system health dashboards that notify them of devices that have fallen offline or require software/firmware updates.  New requirements “The joy of working with London Heathrow is that the team is constantly striving to put our system through its paces and identify new areas where it can add value,” states Simon Barnes, Director of Business Development, Genetec, Inc. “While our software is configured to their requirements at the time, once in the field, new requirements emerge, and we have to adjust to their reality." “My job is to translate business requirements into workable solutions and Genetec provides me with the valuable tools to achieve that,” concludes Long. “Our experience with Genetec has been very positive. We’re only looking to expand in terms of the size and usage of the system.”

Technology automates tasks, streamlines processes, and improves efficiency in various fields, including physical security. But the success of today’s latest technologies depends on our ability to use them responsibly and efficiently. Optimising our industry’s use of technology requires that the industry’s workforce have the needed skills to operate the latest equipment. We asked this week’s Expert Panel Roundtable: How does technology innovation in security systems impact the skillsets needed by security operators and officers? 

Port forwarding is a networking technique that allows incoming traffic on a specific port number to be redirected to a particular device or application on a local network. Open ports on the network expose an IP video system to the internet. This makes it a potential target for malicious cyberattacks. In the physical security industry, the elimination of port forwarding is seen as a basic and manageable precaution to shore up cybersecurity. We asked this week's Expert Panel Roundtable: What are the risks of port forwarding, and how can manufacturers and/or integrators mitigate those risks? 

The Internet of Things (IoT) has revolutionised many industries, including physical security. By connecting physical devices to the internet, IoT technology offers significant enhancements to security systems. Benefits include real-time monitoring, remote access, and the utility of new devices such as temperature and humidity sensors. At the same time, IoT devices come with challenges, including greater cybersecurity vulnerability. We asked this week's Expert Panel Roundtable: How is the Internet of Things (IoT) impacting the physical security marketplace?