FM solutions provider Mitie recognised as top employer

The 2022 Top Employers have just been announced and Mitie has been recognised as one of the UK’s Top Employers for the fourth year running. Being certified as a Top Employer showcases Mitie’s “dedication to a better world of work” through excellent Human Resources (HR) policies and people practices. This includes the company’s recent (and significant) investment in its HR technology and processes.

A key highlight of Mitie’s entry was its ‘Count Me In’ learning programme aimed at promoting diversity and inclusion in the workplace, which was selected by the Top Employers Institute for use in its Best Practice Report 2022. The report showcases exemplary diversity and inclusion practises.

The Top Employers Institute programme certifies organisations based on the participation and results of its HR Best Practices Survey. The survey covers six HR domains consisting of 20 topics including People Strategy, Work Environment, Talent Acquisition, Learning, Well-Being and Diversity and Inclusion (and more).

Jasmine Hudson, Group HR director at Mitie, said: “Our people are what make our business exceptional, so we’re incredibly proud to see Mitie named as one of the UK’s Top Employers for the fourth year in succession. We’re committed to ensuring that Mitie is a great place to work and will continue to invest in how we hire, develop, reward and engage our people so that we’re a leading UK business.”

David Plink, CEO at the Top Employers Institute, commented: “Reflecting on the demanding year that has, like the year before it, impacted organisations across the world, Mitie has continued to show that it prioritises maintaining excellent people practices in the workplace. The business continues to meet the challenges of the changing world of work, while working tirelessly to make a positive impact on the lives of its workforce. We’re pleased to celebrate and applaud the organisations that have been certified as Top Employers in their respective countries this year.”

Global authority

The Top Employers Institute is the global authority on recognising excellence in people practices. The organisation helps to accelerate these practices to “enrich the world of work”. Through the Top Employers Institute Certification Programme, participating companies can be validated, certified and recognised as an employer of choice.

Established over 30 years ago, the Top Employers Institute has certified over 1,857 organisations in 123 countries/regions. These certified Top Employers positively impact the lives of over eight million employees globally.

Founded back in 1987, Mitie’s job is to look after those places where Britain works. The Group offer a range of services to central Government and defence sector customers, communities (healthcare, education and local authorities), technical services (engineering services, energy, water and real sstate services) and business services (security, cleaning and office services) to private sector clients in financial services, manufacturing, transport, retail and telecoms and, increasingly, to the public sector. 

Mitie’s Specialist Services (care and custody, landscapes and waste management) division serves both the public and private sector in these niche businesses. 

Mitie acquired Interserve’s FM business in December 2020 and now employs 75,000 members of staff. The business is a champion of the ‘Front Line Heroes’ who have kept Britain working during the COVID-19 pandemic.

*Further information is available online at www.mitie.com

Digital Security by Design programme set to prototype “step change” in computer security

UK Research and Innovation’s (UKRI) Digital Security by Design programme is working with businesses and researchers to prototype a step change that will “enhance the central hardware and software of a computer” to block the issues responsible for up to 70% of today’s security vulnerabilities. 

The growing number of data breaches and cyber attacks are exposing the widespread nature of digital vulnerabilities and it’s clear no sector of business, infrastructure or society is safe. Whether it’s delivering critical infrastructure, the processing of valuable data or the digitisation of industry, business will grow or die depending on the cyber security and resilience of computerised systems.

The Digital Security by Design programme, which is being delivered through UKRI’s Industrial Strategies Challenge Fund, is supporting a second round Demonstrator competition that will provide two or three projects with a share of up to £6 million. 

The competition is open to UK businesses to collaborate with suppliers and academics to investigate and evaluate the impact the new technologies may have on the future of digital security.

• 

This is not just another Best Practice recommendation or a new Artificial Intelligence tool to monitor the network and endpoints. This is a change which will enhance the central hardware and software of a computer and allow future products and services to protect data and keep control of operations.

An ideal consortium will be able to represent an industry sector that requires secure system operation with safety and resilience or those that manage high-value data assets in which compromise may cause serious economic or personal harm.

Through this competition, businesses have a unique opportunity to be part of a transformational change in securing functions, products and services stretching across supply chain providers.

*Competition details can be viewed online at: https://apply-for-innovation-funding.service.gov.uk/competition/865/overview

Abloy UK issues 2021 dates for free online training sessions

Abloy UK has released its Academy calendar outlining the company’s free online training courses to be delivered in 2021. The webinars are going to be presented by specialists and aim to keep practising professionals operating in the sector up-to-date with the Building Regulations and compliance standards, as well as current security and technology trends.

A suite of four courses will be held across the year on specific themes: Escape Door Systems, Electric Locking for Fire and Escape Doors, Digital Transformation in Physical Security and Digital Access Solutions. The latter is a new subject for 2021.

Pat Jefferies, commercial director at Abloy UK, told Security Matters: “Ongoing COVID restrictions mean that in-person training is very difficult. However, this shouldn’t prevent security professionals from striving for self-improvement and ensuring that they always keep up-to-date with the latest Best Practice across the sector.”

The full list of course dates is as follows:

Escape Door Systems: 1 April, 4 June, 5 August, 6 October and 2 December.

Electric Locking for Fire and Escape Doors: 4 March, 6 May, I July, 2 September and 4 November.

Digital Transformation in Physical Security: 11 March, 13 May, 8 July, 9 September and 11 November.

Digital Access Solutions: 22 April, 10 June, 12 August, 14 October and 9 December.

The Electric Locking for Fire and Escape Doors and Digital Transformation in Physical Security online courses are CPD-accredited.

*To register for one or more of the training sessions visit https://bit.ly/3asYtwS

Intersec moves to 2022 at Dubai World Trade Centre

Intersec, the ever-popular security, safety and fire protection-focused exhibition, has been rescheduled to take place in January 2022. The move has been confirmed by event organiser Messe Frankfurt Middle East.

The 23^rd Edition of the three-day event was originally set to run from 24-26 January next year at the Dubai World Trade Centre. The move to 2022 follows on from extensive consultation with key industry stakeholders.

“We’ve spoken to many of our exhibitors, industry Trade Associations, supporters and partners over the last couple of weeks and have heard first-hand the many challenges they’re facing which, inevitably, is putting pressure on their ability to participate at Intersec in January 2021,” explained Alexandria Robinson, Intersec’s show director.  

Robinson added: “Moving Intersec to its customary January dates in 2022 at the Dubai World Trade Centre will allow time for business recovery.”

Further, Robinson stated that Intersec will be very active throughout 2021 via its ongoing webinar series, while the team is now working towards creating a virtual event early next year to engage industry leaders, regulators, Government agencies and opinion formers alike. 

“We might be restricted physically, but we know there is a definitive need for critical conversations and discussions to address the challenges the industry has faced,” asserted Robinson. “By hosting these talks via a digital forum, it enables us to remain connected with the industry and nurture our existing relationships, while at the same time sharing solutions and common goals. We’ll outline further details and plans about the digital event in the coming weeks.”

Trends and opportunities

Intersec’s popular free-to-attend webinar series (there have been 11 broadcasts so far in the last four months) has kept thousands of attendees abreast of the latest industry trends and opportunities.

“We know we have a vital role to play in connecting and supporting the industry and the Intersec webinars fulfil the remit of stimulating meaningful conversations, collaborations and success stories,” added Robinson. “We will continue to run these webinars and support our stakeholders in every way possible until we meet again in person, and safely, at Intersec 2022.”

In conclusion, Robinson informed Security Matters: “One thing is absolutely certain, and that is that our community is resilient and will bounce back. It has been involved in many front line situations throughout the course of this year and it will continue to play a critical role in the months ahead. Throughout 2021 and come January 2022, we’ll have much information to share and Best Practice to learn from each other.”

Intersec in 2020 featured 1,100 exhibitors from 56 countries, duly attracting 33,872 visitors from 135 countries.

The global industry event is supported by the Dubai Civil Defence, the Dubai Police, the Security Industry Regulatory Agency (SIRA), the Dubai Police Academy, and the Dubai Municipality.

*Further information is available online at www.intersecexpo.com

CHAS makes three key appointments designed to strengthen operations

Supply chain risk management expert CHAS (the Contractors Health and Safety Assessment Scheme) has appointed Alex Minett as head of products and markets and Elaine Bailey and Peter Hepworth, both of whom become non-executive directors at the trusted Health and Safety compliance advisor.

Alex Minett brings in-depth knowledge of the SHEQ sector in the UK and internationally from a contracting and consulting perspective having established SHEQ strategies for multiple businesses (including blue chip companies) across diverse sectors.

He also has extensive knowledge of construction Best Practice and compliance having worked for 20 years in the construction sector, including on iconic projects such as the London 2012 Olympic and Paralympic Games and the Battersea Power Station where he advised on safety measures for the demolition and re-erection of the four iconic chimneys.

In addition, Minett was responsible for establishing the initial SHEQ strategy for Transport for Wales and supported the procurement team within the wider provision of the multi-billion pound franchise with pre-qualification of the bids.

Alex Minett

Further afield, Minett worked closely with the World Bank and other funders on one of the world’s largest solar farms in Benban and initiated a zero harm approach to safety at the Facebook Data Centre in Lulea. He was also responsible for embedding safe working practices for the construction and delivery of the Saudi Aramco Petroleum Polytechnic in Saudi Arabia.

Now, Minett has overall responsibility for all of the CHAS products both current and new and is closely involved in the strategic position of CHAS within the marketplace and identifying opportunities for growth.

CHAS managing director Ian McKinnon stated: “Alex is an excellent addition to the CHAS team and we’re delighted to have him on board. His insight and experience will be invaluable as we continue to expand our service offer.”

Minett himself commented: “I’m excited to be joining CHAS at a time of marked growth for the organisation. As the founder of contractor prequalification, CHAS enjoys a first class reputation and I’m looking forward to helping build on this as the business evolves and grows.”

Extensive experience

Elaine Bailey became a non-executive director at CHAS with effect from Wednesday 1 July. Bailey has worked extensively across the construction, criminal justice, Government services and housing sectors in the private, public and not for profit sectors and brings 15 years of executive Board experience to the role.

From 2014 to 2019, Bailey served as CEO of London-based Housing Association The Hyde Group where, as well as significantly improving financial and operating performance, she drove a major change programme designed to simplify, automate and improve service delivery.

Bailey also sits on the Industry Safety Steering Group chaired by Dame Judith Hackitt which is charged with scrutinising proposals and progress towards culture change within the construction industry following the tragic Grenfell Tower fire.

Elaine Bailey

Previously, Bailey held senior positions at FTSE 250 outsourcer Serco and is a trustee of Catch 22 and the Greenslade Family Foundation, as well as a Board member of the Andium Housing Association.

Speaking about Bailey’s appointment, Ian McKinnon stated: “Elaine’s successes at The Hyde Group, along with her knowledge and experience of good governance, make her an excellent addition to the CHAS Board. We also welcome Elaine’s commitment to driving cultural change within the construction industry following the Grenfell Tower tragedy through her work as part of Dame Judith Hackitt’s Steering Group.”

Bailey responded: “I’m delighted to be joining an organisation which plays a key role in improving occupational Health and Safety performance in UK workplaces. I’m looking forward to working with CHAS to continue to raise Health and Safety standards right across the UK.”

Digital transformation

Peter Hepworth formerly oversaw a portfolio of businesses while serving as executive officer of the Professional Services division at Capita plc, where his achievements included rationalising 14 separate learning businesses into one organisation and executing the digital transformations of Constructionline and Parking Eye.

He simultaneously served as CEO of AXELOS.com, a joint venture between Capita and the Cabinet Office and the publisher of global Best Practice guidance for IT, project and risk management. In fact, Hepworth was responsible for founding the operation in 2013. He grew the business internationally, expanding the product range and launching a cyber resilience portfolio while regularly liaising at ministerial level. Hepworth also transitioned AXELOS to become a Content-as-a-Service subscription model.

Previously, Hepworth served as managing director of Activision Blizzard UK where he was responsible for transitioning the business to meet the digital future. He has also held senior positions at L’Oréal, Sara Lee and BDO Stoy Hayward. His additional board experience includes having served as a non-executive director of The Fire Service College, Fera Science and eve Sleep. Hepworth is a Chartered Accountant by background.

Peter Hepworth

“We’re very happy to welcome Peter to the CHAS Board,” enthused Ian McKinnon. “He brings a wealth of experience in digital transformation which will prove invaluable as we continue to navigate the challenges and opportunities of the digital age.”

Hepworth informed Security Matters: “I’m excited to be joining the Board of CHAS as it continues its strong growth trajectory. The company has an excellent reputation with an impressive portfolio of digital products and services that can help businesses transform their risk management processes. I’m delighted to have this opportunity to support the further success of both CHAS and its extensive customer base.”

WatchGuard report finds two-thirds of malware to be encrypted

WatchGuard Technologies’ latest Internet Security Report shows that 67% of all malware in Q1 2020 was delivered via encrypted HTTPS connections and that 72% of encrypted malware was classified as zero day, so on that basis would have evaded signature-based anti-virus protection.

These findings show that, without HTTPS inspection of encrypted traffic and advanced behaviour-based threat detection and response, organisations are missing up to two-thirds of incoming threats. The report also highlights the finding that the UK was a top target for cyber criminals in Q1, earning a spot in the Top Three countries for the five most widespread network attacks.

“Some organisations are reluctant to set up HTTPS inspection due to the extra work involved, but our threat data clearly shows that a majority of malware is delivered through encrypted connections and that letting traffic go uninspected is simply no longer an option,” said Corey Nachreiner, chief technology officer at WatchGuard. “As malware continues to become more advanced and evasive, the only reliable approach towards defence is implementing a set of layered security services, including advanced threat detection methods and HTTPS inspection.”

Key findings

Other key findings from WatchGuard’s latest Internet Security Report include:

Monero cryptominers surge in popularity Five of the Top Ten domains distributing malware in Q1 (identified by WatchGuard’s DNS filtering service DNSWatch) either hosted or controlled Monero cryptominers. This sudden jump in cryptominer popularity could simply be due to its utility. Adding a cryptomining module to malware is an easy way for online criminals to generate passive income

Flawed-Ammyy and Cryxos malware variants join top lists The Cryxos trojan was third on WatchGuard’s Top Five encrypted malware list and also third on its Top Five most widespread malware detections list, primarily targeting Hong Kong. It’s delivered as an e-mail attachment disguised as an invoice and will ask the user to enter their e-mail and password which it stores. Flawed-Ammyy is a support scam where the attacker uses the Ammyy Admin support software to gain remote access to the victim’s computer

Three-year-old Adobe vulnerability appears in top network attacks An Adobe Acrobat Reader exploit that was patched in August 2017 appeared in WatchGuard’s top network attacks list for the first time in Q1 of this year. This vulnerability resurfacing several years after being discovered and resolved illustrates the importance of regularly patching and updating systems

Mapp Engage, AT&T and Bet365 targeted with spear phishing campaigns Three new domains hosting phishing campaigns appeared on WatchGuard’s Top Ten list in Q1 2020. They impersonated digital marketing and analytics product Mapp Engage, online betting platform Bet365 (this campaign was in Chinese) and an AT&T login page (this campaign is no longer active at the time of the report’s publication)

COVID-19 impact Q1 2020 was only the start of the massive changes to the cyber threat landscape brought on by the COVID-19 pandemic. Even in the first three months of 2020, WatchGuard still saw a massive rise in remote workers and attacks targeting individuals

Malware hits and network attacks decline Overall, there were 6.9% fewer malware hits and 11.6% fewer network attacks in Q1, despite a 9% increase in the number of Fireboxes contributing data. This could be attributed to fewer potential targets operating within the traditional network perimeter with worldwide work-from-home policies in full force during the COVID-19 pandemic

Anonymised data

The findings in WatchGuard’s Internet Security Reports are drawn from anonymised Firebox Feed data from active WatchGuard appliances whose owners have opted in to share data to support the Threat Lab’s research efforts. Over 44,000 appliances worldwide contribute threat intelligence data to the report. In Q1 2020, they blocked over 32,148,519 malware variants in total (730 samples per device) and more than 1,660,000 network attacks (38 attacks per device).

The complete report includes key defensive Best Practices that organisations of all sizes can use to protect themselves in today’s threat landscape and a detailed analysis of how the COVID-19 pandemic and associated shift to working from home affected the cyber security landscape.

*To view the full report visit Internet Security Report for Q1 2020

Ten-plus NSI-approved companies shortlisted for 2020 OSPAs

The National Security Inspectorate (NSI), a sponsor of the 2020 UK Outstanding Security Performance Awards (OSPAs), has congratulated the 13 NSI-approved companies shortlisted by the Judging Panel for their achievements within the security industry. The OSPAs are part of a global awards scheme currently running in eight countries and designed to recognise and reward outstanding performance.

In total, the 13 NSI-approved companies have over 50 shortlisted nominations across multiple categories including Outstanding Contract Security Company, Outstanding Security Installer/Integrator and Outstanding Security Officer.

 

The judging is a rigorous and transparent process designed to recognise exceptional company and individual performance in the private security sector.

This year, the NSI’s involvement has extended to the OSPAs Thought Leadership Summit. This takes place on the afternoon of the Awards Ceremony on Wednesday 26 February in central London. It’s a further opportunity to hear the thoughts of high-profile speakers and debate key challenges in the private security sector, such as supply chain integrity and ways in which to address the rate of improvement in false alarms.

Richard Jenkins: CEO at the NSI

Richard Jenkins, CEO at the NSI, commented: “The UK OSPAs highlight Best Practice and recognise the achievements of companies and individuals alike within the private security industry. We’re delighted to see so many NSI-approved companies recognised for their outstanding performance and in so many categories. Our congratulations go to all of the finalists whose achievements have been recognised this year. We wish them every success tomorrow. The NSI’s sponsorship of events and awards reinforces our commitment to recognising outstanding performance and raising standards across the security business sector.”

*Only limited places are now available for the Thought Leadership Summit which begins at 11.15 am. Places can be booked for only £45 +VAT including luncheon, entrance to the conference and exhibition and all refreshments. Visit https://uk.theospas.com/summit2020/

“Cloud infrastructure vulnerabilities set to increase by 50%” states Skybox Security

Cyber security management company Skybox Security has release of its 2019 Cloud Trends Report. Compiled by the team of security analysts at the Skybox Research Lab, the document analyses vulnerability trends and other risks in Cloud Infrastructure-as-a-Service (IaaS). Its analysis also concerns other technologies relevant to the use of IaaS such as containers, orchestration platforms and devops tools.

In addition to the analysis findings, the report also provides guidance on Best Practice for improving cloud security capabilities in light of these trends.

Key findings of the report include the following:

*Vulnerabilities affecting cloud IaaS solutions are likely to increase by 50% this year over the 2018 figures

*Cloud container vulnerabilities have increased by 82% thus far in 2019

*Third party cloud plugins and apps are further expanding the attack surface

*Misconfigurations are the greatest risk posed to cloud security

“Vulnerabilities within IaaS cloud solutions are naturally going to continue to climb as these services are more widely adopted,” observed Skybox Security’s CTO Ron Davidson. “Organisations would be wise not to be too distracted by this increase in vulnerability reports. The biggest cloud insecurities don’t exist within the service provider’s infrastructure itself, but rather in the way that companies implement and manage the technology. Without proper security considerations and oversight, misconfigurations and policy violations may abound. These process-related issues are hiding in plain sight within organisations and present the greatest risk.”

Amrit Williams, vice-president of products at Skybox Security, added: “Risks within cloud environments are difficult to manage in many organisations simply because the traditional tools, processes and teams are often ill-equipped to handle the volume and velocity of change in cloud environments.”

Williams continued: “Handling the security and management of disparate infrastructures is incredibly complex, so many organisations are being forced to rethink how to maximise the effectiveness of their cloud deployments while at the same time maintaining efficiency. This report highlights the need for organisations to try and unify their methodologies across their hybrid infrastructure, while still understanding that there are unique challenges with cloud.”

*Read the Skybox Security 2019 Cloud Trends Report in full

New wave of UK universities adopts SafeZone solution from CriticalArc

UK universities including the University of Greenwich, the University of South Wales, the University of East Anglia, the University of Manchester and the University of Central Lancashire are adopting CriticalArc’s SafeZone service for improved campus security.

With more than 25% of universities now using SafeZone across the UK, it has grown from being an innovative technology deployed by pioneering institutions to become a mainstream ‘must-have’ solution for the higher education sector.

SafeZone addresses key challenges for universities by enabling students and staff alike to quickly and easily reach their campus safety and security teams and by allowing first responders to respond to calls for assistance up to 50% faster.

It improves the safety, security and well-being of students and staff, both on campus and off, and raises security team preparedness for a full range of events they may face, including major incidents. SafeZone enhances student satisfaction as well as student well-being and is now helping universities to succeed globally as they work to attract and retain students with safer and more welcoming learning environments.

Through its advanced Command and Control software, SafeZone OmniGuard enhances team efficiency, with real-time situational awareness making it easier for command teams to see and co-ordinate resources to address incident ‘hotspots’. Safezone also supports heat mapping to enable patrol pattern optimisation and improves workplace Health and Safety, serving as a powerful lone worker solution.

Expanding the team

Announcing the latest wave of adoptions, CriticalArc confirms that it’s also expanding its team with the appointment of two new customer success managers. They will work closely with system users to spread Best Practice, provide support and help deliver maximum benefits from SafeZone.

Sean Edge takes on this important role for CriticalArc in the UK, while Karl Palma will be working with customers in Australia.

Darren Chalmers-Stevens, managing director for the EMEA and APAC regions at CriticalArc, stated: “With the number of SafeZone users now expanding rapidly, we’re investing not only in developing the technology and its capabilities, but also in delivering and sustaining high-level customer support for our growing network of users.”

In tandem with its success in the higher education sector, SafeZone is also being adopted increasingly in other key areas including implementations in the critical infrastructure, transport, utilities, Government and healthcare sectors, with rapidly developing markets in the US, Australia and, indeed, globally.

IDIS Global Partners Summit highlights developments in analytics and end-to-end solutions for strategic markets

The latest advances in video analytics – including improved classification, accuracy and speed – were unveiled at a Global Partners Summit of international security and video surveillance professionals hosted by IDIS in Seoul, South Korea.

The three-day event, attended by senior executives from leading security distributors from 23 countries, focused on how IDIS is responding to market trends and needs, developing end-to-end solutions (including specialist technologies for a range of vertical markets) and pushing forward with improvements to the IDIS Deep Learning Engine, the technology which powers the company’s ‘AI in the Box’ and IDIS Deep Learning Analytics solutions for end users.

Earlier this year, IDLA Version 3.0 was introduced as a service module for up to 80 channels within the IDIS Solution Suite VMS and it set new performance benchmarks by achieving an accuracy of 97%-98% while dramatically reducing false alarms. Responding to customer demand for easier, more affordable analytics for smaller applications, IDIS also launched its aforementioned DV-2116 ‘AI in the Box’ solution.

Delegates learned of future enhancements in meta-data searching by class, colour and number, plus the ability to search a specific area of interest. People counting, fall detection and the ability to search by the direction of an object’s movement were also previewed and delegates received advanced notice of a new range of AI-ready 5 MP cameras, featuring deep learning on-the-edge analytics, due for release next year.

Technology roadmap for 2020

The Global Partners Summit also previewed IDIS’ ambitious video product and technology roadmap for 2020, further building out the company’s end-to-end solutions for core vertical market sectors.

Innovations in recording and camera technology, and the growing importance of cyber security, extended warranties and the advantages of delivering lower total cost of ownership and lower total cost to serve for systems integrators and installers were among key topics discussed at the event.

IDIS works closely with its partners and hosts the annual Global Partners Summit as an opportunity to exchange market insights and steer its strategies for product development, technical support and marketing.

Partners shared Best Practice implementations and related Case Studies in core vertical markets including retail, education, logistics and distribution and hotels.

Awards for Best Practice

Joon Jun, president of the IDIS Global Business Division, recognised outstanding project implementations and presented special awards for Best Practice to Alarm Automatika from Croatia and BTCO of Chile.

This collaborative approach, focusing on long-term partnerships, is a key element in the company’s success. It’s a customer-focused model that has seen IDIS grow continuously since 1997 to become Korea’s largest in-country video surveillance manufacturer, with regional operations now expanding across 50-plus countries.

Concluding the Global Partners Summit, special partner awards were presented by YD Kim, CEO of IDIS, recognising outstanding collaboration and sales growth over the last year. These were given to Alarm Automatica of Croatia, CCTV Center from Spain, EPCOM of Mexico, JES CQTEC of Thailand and Japan’s Secure Inc.

Joon Jun

“The expertise, energy and commitment from all our partners at this year’s Global Partners Summit demonstrates yet again that collaboration is that the best route to success,” said Joon Jun. “Together, we’re giving our customers the most advanced video surveillance solutions, ease-of-use and installation, scaleability and protection against today’s cyber security risks.”