Tag Archives: Corporate Security

Critical infrastructure and Government GSOCs drive CNL Software’s IPSecurityCenter V5.7 PSIM

CNL Software, the Physical Security Information Management (PSIM) system software specialist, has announced the release of IPSecurityCenter V5.7. This latest release includes many feature enhancements that increase performance and reduce operational response times in large-scale, multi-sited and mission-critical deployments of IPSecurityCenter and will benefit those in the transportation, corporate security and public safety markets.

According to CNL, IPSecurityCenter leads the Global Security Operations Centre (GSOC) market for PSIM. This latest release improves CNL Software’s ability to manage across multiple Security Operations Centres (SOCs) and GSOCs, keeping the entire operation in harmony using enterprise wide visualisation to support the overall security mission for critical infrastructure and large-scale Government security programmes.

“We continue to invest heavily in developing the features that customers, partners and industry leaders inspire us to create,” commented Simon Knightley, CTO at CNL Software. “We listen to our customers and understand what’s important to them. Their ideas help us to innovate new ways in which to support them in making the GSOC a faster and more effective hub for all mission-critical security and life safety-related activity. They want their Control Rooms to see more, act faster and collaborate better throughout the whole organisation, which we help them to achieve using IPSecurityCenter V5.7.”

CNLPSIMV57

CNL states that the V5.7 release differentiates CNL Software from other PSIM vendors and establishes IPSecurityCenter as the first choice PSIM solution for large-scale Government security programmes, critical infrastructure and facilities protection.

Some of the main enhancements within the new release include:

*More scalable for larger deployments: Enhancements support greater control over large-scale federated solutions, driving tightly managed GSOC operations
*Faster and more responsive: Improvements include faster access to historic alarm data with fewer clicks and rapid access to video from remote locations
*Support for 64-bit video: This ensures IPSecurityCenter leverages the latest developments in video technology and multi-thread processing for faster and more scalable solutions
*General Data Protection Regulation (GDPR)-ready security platform: Enhancements ensure that IPSecurityCenter is ready for the most demanding compliance processes, with security features such as two-factor authentication included such that there are no unauthorised changes to the system
*Improved decision support: Developments include new interactive dashboards that allow operators to access key performance indicators in real-time using a customisable device that can highlight alarm, human and machine data alike

Leave a comment

Filed under Risk Xtra

Social engineering “a top cause of cyber incidents” finds Cyber Resilience Report

Research commissioned by Crises Control from the Business Continuity Institute for its annual Cyber Resilience Report 2016 confirms much of what we already suspected about the changing nature of the cyber threat and the way that cyber criminals have found new ways to defeat corporate perimeter security.

66% of respondents to the survey reported that their companies had been affected by at least one cyber security incident over the last 12 months. The costs of these incidents varied greatly, with 73% reporting total costs over the year of less than €50,000, but 6% reporting annual costs of more than €500,000.

The increased difficulty of breaching perimeter security and the increased human resources available to cyber criminals has combined to produce a new point of attack. This is focused on the weakest link in the corporate security chain, which is now human beings rather than technology.

The term ‘social engineering’ describes this attack vector, which relies heavily on human interaction and often involves tricking people into breaking normal security procedures. The BCI research shows clearly that phishing (ie obtaining sensitive data through false representation) and social engineering is now the single top cause of cyber disruption, with over 60% of companies reporting being hit by such an incident over the past 12 months.

A further 37% were hit by spear phishing (ie phishing through identity fraud).

BCICyber

The research has also confirmed that, to effectively counter this threat, companies now need behavioural threat detection provided by a cyber security network monitoring solution. These plug-in devices monitor your network for signs of suspicious insider activity and failed attempts to hack into the system.

They can also provide invaluable intelligence to be acted upon proactively to nip a successful hack or insider threat in the bud.

Traditional anti-virus monitoring software is no longer enough. The BCI research shows that 72% of companies have this software in place, but only 26% of real cyber security incidents were actually discovered through this route. Much worse, 18% of incidents came to attention through an external source such as a customer, a supplier or the impact on a public website.

Network monitoring solutions are much more effective than anti-virus software in terms of alerting companies to a cyber breach, with 63% of businesses having network monitoring software in place and 42% of cyber incidents being brought to attention through the work of the IT Department to whom such systems report.

The scale of the cyber threat can feel overwhelming at times, but educating your own employees about the nature of the threat and then putting in place the right solutions can go a long way towards mitigating the social engineering threat and significantly enhancing your corporate cyber resilience.

The message is simple… Act now before it’s too late.

Leave a comment

Filed under Risk UK News

Evidence Talks launches SPEKTOR Rapid Imager for forensic imaging “at unparalleled speeds”

A global collaboration between digital forensics specialist Evidence Talks and Australia-based Schatz Forensic will afford investigators in law enforcement, Government agencies and Corporate Security Departments the ability to create forensic images significantly faster than when using traditional techniques.

The breakthrough in forensic imaging speed in a triage tool comes as a result of integration between Evidence Talks’ SPEKTOR solution and Schatz Forensic’s next generation forensic imaging technology, named Evimetry. Evimetry is based on the peer-reviewed AFF4 forensic image file format, advanced compression and intelligent sequencing of disk access.

Dr Bradley Schatz, director of Schatz Forensic and an inventor of the AFF4 forensic image format, has a PhD in Digital Forensics, a Bachelor’s degree in Computer Science, 23 years experience in IT and 13 years in digital forensics. Schatz is a globally recognised leader in forensic research, with appointments across the leading publication venues of the field.

Andrew Sheldon MSc, Chief Technical Officer of Evidence Talks and originator of the SPEKTOR forensic platform, has 37 years of experience in IT, 23 of which have focused on forensic computing. He holds a Masters degree in the discipline from the Centre for Forensic Computing at the Royal Military College of Science, Cranfield University and is a regular speaker at industry events.

rapidimager

Sheldon commented: “During our research into methods of reducing forensic imaging times, I discovered Dr Schatz and his work on the peer reviewed and forensically sound AFF4 imaging format. Further development of this work by Schatz Forensic was so close to our desired objectives that we approached him to work collaboratively and combine the technology into the SPEKTOR product range. This has accelerated our ability to deliver outstanding performance to a market that’s demanding faster image creation in order to cope with massive increases in target media capacities.”

Exclusive licensing agreement

Now, with an exclusive licensing agreement in the triage space, Evidence Talks is embedding the necessary code across its SPEKTOR product suite. In a recent test, the SPEKTOR Rapid Imager produced a full linear image on a MacBook Air with 120 GB storage in under four minutes. That can be set against the previous timeframe using industry standard tools of some 45 minutes.

SPEKTOR Rapid Imager isn’t just fast when imaging SSD media. It’s optimised for slower systems employing rotational media with tests indicating significant reductions in imaging times.

The new system was launched at the 2016 F3 annual workshop in Gloucester on Tuesday 8 November. Evidence Talks is a founder member of F3, which is a non-profit organisation helping to provide low-cost training for digital forensic practitioners.

Commenting on the product release, Dr Bradley Schatz said: “We recognised very early in discussions with Andrew Sheldon that Evidence Talks had the vision and will to lead the forensic triage market to preserve more evidence in less time. This vision aligns perfectly with that of Schatz Forensic. The seamless integration of SPEKTOR and the Evimetry imager engine provides a dramatic increase in digital forensic triage performance which will have immediate and measurable benefits for end users.”

Leave a comment

Filed under Risk UK News, Uncategorized

VCA’s analytics energise security and operations for oil and gas sector

Video analytics is increasingly being used as a powerful tool to help remotely monitor and protect vulnerable facilities such as gas and oil pipelines. According to Michael von Hauff, CEO of Osprey Informatics, it can also assist operations managers to improve productivity for the host organisation.

Since it was established in 2012, Osprey Informatics has been on a mission to revolutionise the use of video to automate and remotely manage industrial operations. Unlike traditional video surveillance models, the company believes that visual information should not be the exclusive domain of corporate security, but rather seen as an asset that can be used throughout an organisation, with a measurable return on investment.

Indeed, it’s this philosophy that has resulted in Osprey Informatics acquiring a long list of prestigious clients, among them Husky Energy and the Pembina Pipeline Corporation.

“A recent report published by MarketsandMarkets Research estimates the oil and gas security and service market will grow from a value of USD26.34 billion in 2015 to USD33.90 billion by 2020,” said von Hauff. “Perhaps this isn’t surprising given the ever-increasing sophisticated activities of organised criminal gangs, as well as the risk of terrorist attacks which can result in major disruption to supplies and potential loss of life, as well as damage to the environment.”

VCAOspreyInformatics

Continuing this theme, von Hauff stated: “With this in mind, our clients are looking to invest in the latest video surveillance technology to ensure they can respond effectively to any threats. We have helped our clients achieve this objective by relying on VCA’s analytics solutions to play a key role.”

Event detection

VCA analytics, developed in the UK by a team of computer vision scientists, can detect movement within very small areas of a video image and provide operators with a powerful ‘exception’ reporting tool to help identify suspicious activity and, when appropriate, despatch security officers or quickly report the incident to one of the Emergency Services.

The ability to do this is significant as it’s widely acknowledged that operators can miss important events after monitoring video for more than 30 minutes or so. The possibility of this happening is increased when individual operators are tasked to view multiple screens.

Not to be confused with Video Motion Detection (VMD), which works on the basis of detecting changes in the light scales of pixels within a video image, VCA analytics is able to provide a far more reliable and accurate solution. It does so by analysing on a frame-by-frame basis the metadata related to the motion and properties of objects within a video stream. The result is a high detection rate and a dramatic reduction in the kind of false alarms that can be generated by VMD software.

Productivity, safety and security

“As part of an integrated video surveillance solution, VCA analytics can provide immediate access to images relevant to urgent operational events, allowing operators to respond quickly to production and environmental incidents as well as security threats,” added von Hauff.

“Companies operating in the oil and gas sector understand the need to protect the environment. They also take the responsibility of creating safe working conditions for employees very seriously and recognise the importance of compliance with Health and Safety policies. VCA analytics can clearly help in these areas. The same technology can be deployed to identify opportunities for improving operational efficiencies. It does this by providing accurate data on a wide range of activities, such as the movement of vehicles and personnel at facilities and remote sites.”

von Hauff cites Pembina Pipeline Corporation, which has grown into one of Canada’s largest integrated energy infrastructure companies over the last six decades, as an excellent example of one of its clients that has embraced video analytics as a way of protecting its investment in the infrastructure used to transport oil and natural gas across North America.

Using its own brand of HD IP cameras and domes with VCA analytics on board, Osprey Informatics has supplied a state-of-the-art monitoring solution that provides the Pembina Pipeline Corporation with a high level of situational awareness through the use of innovative, user-friendly technology to protect its people, assets and the environment.

Leave a comment

Filed under Risk UK News

ISC secures key operating license to provide security and crowd management solutions in Singapore

Integrated Security Consultants (ISC Group) reports that ISC Singapore has been awarded Security Agency license status, in turn enabling the company to offer its full portfolio of security and crowd management services in the country.

This important milestone is another step forward on the journey begun when the company expanded into Asia back in 2013. Since then, ISC Singapore* has been supporting DTZ Facilities and Engineering Pte with the recruitment and selection of the 24/7 full-time site security team for the SGD $1.33 billion Singapore Sports Hub, which opened earlier this year.

The new license enables ISC to offer a portfolio of services across Singapore, including event and venue security provision, crowd management, safety planning, crowd safety resources, consultancy (in such areas as venue layout and design, deployments, risk assessments and operations), event and project management, venue site crew management, security guarding and an array of corporate security solutions.

Integrated Security Consultants (ISC Group) has announced that ISC Singapore has been awarded Security Agency license status

Integrated Security Consultants (ISC Group) has announced that ISC Singapore has been awarded Security Agency license status

ISC is well known for its security and safety work with clients including Wembley National Stadium Ltd (London) and the American National Football League.

For its part, and following this latest development, ISC Singapore is now meeting with industry professionals looking to enhance their security and crowd management provision in Asia, and particularly in Singapore.

“We’re delighted to continue further developing our service provision for the events industry in Singapore,” enthused ISC Singapore’s senior director Roger Hooker. “We very much look forward to making a positive contribution, offering specialist advice as well as plenty of practical hands-on support for our clients.”

Singapore's business district

Singapore’s business district

In conclusion, Hooker told Risk UK: “This license enables us to continue to develop new partnerships in 2015. It’s an exciting marketplace in Singapore underpinned by great opportunities and a growing and vibrant events scene.”

*ISC Singapore is a subsidiary of the ISC Group which is based at Wembley National Stadium, London

Leave a comment

Filed under Risk UK News

‘Aspiring to Excellence’: Corporate Security Departments under the microscope in latest SRI study

What are the most important characteristics of an excellent Corporate Security Department? What makes an excellent security supplier? The latest report from the Security Research Initiative, which is specifically designed to address these issues, has been published today.

Both corporate security personnel and security suppliers were asked to rate various characteristics of outstanding performance. While they shared similar views overall, it’s also the case that some striking differences are readily apparent.

Findings about what makes suppliers excellent

The most highly valued characteristic is a determined focus on customer needs. Harbouring objectives that are specifically aligned with the client is also seen as crucial.

While it’s most certainly viewed as important to have innovative and adaptive senior management, it’s more important to have excellent management on the front line.

Suppliers appear to attach higher importance than clients to some criteria, for example adopting new philosophies, a focus on training and learning and having excellent and visionary leadership in place. This may suggest suppliers are trying to do too much and would benefit from a greater focus.

The survey suggests suppliers are particularly likely to agree strongly that price trumps quality. Indeed, the difference here is striking given the similarity of answers on other criteria.

Professor Martin Gill FSyI: studying Corporate Security Departments and the buyer-supplier dynamic

Professor Martin Gill FSyI: studying Corporate Security Departments and the buyer-supplier dynamic

The fact that 47% of clients and 59% of suppliers agree strongly that suppliers can only be excellent if clients fully support them suggests that clients may underestimate the crucial role they play.

There was some agreement that security is often not valued highly enough by companies, and that they accord security suppliers less status than other suppliers.

Findings on what makes clients (corporate security) excellent

Understanding threats (91%), having an effective security strategy (87%) and objectives aligned with the company (84%) are the three highest ranked characteristics for client excellence.

While both clients and suppliers believe security fares well in comparison to other business functions in terms of excellence, it’s often less effective at showing how it adds value.

Both suppliers and clients are in accord that security leaders need business skills, but only clients view security expertise as being of equal importance. Suppliers consider this much less important.

Like suppliers, clients appear to favour the carrot rather than the stick approach, suggesting excellent companies are those that focus on rewarding good performance.

There’s some evidence to suggest that clients do not fully recognise the price pressures on suppliers. For example, only one third of those clients questioned attach strong importance to paying the going rate for the job as a condition of excellence.

According to both samples, and judged against all the criteria listed, most clients do not achieve excellence.

Reputations are only temporary

Professor Martin Gill FSyI (director of Perpetuity Research and leader of the Security Research Initiative study) noted: “What is clear is that a reputation for being an outstanding performer is only temporary. There’s evidence from these findings that security undersells itself – suppliers to their clients and Corporate Security Departments to the wider business.”

Gill added: “Security is moving from being seen as a protector of assets to a facilitator of good business, and an essential one at that. However, it’s moving slowly and the sector needs to change from keeping its potential secret. The characteristics of outstanding performance need articulating. The good thing though is that, by all accounts, those working in different aspects of security are largely in agreement about what it involves. Now the strategy must be to achieve it.”

Background to the research

The research is based on an extensive review of the drivers of business excellence. Responses were received from 200 representatives of security suppliers and 289 clients based around the globe. These direct responses were supplemented by 24 in-depth interviews.

The in-depth study was undertaken by Perpetuity Research (which started life as a spin-out company from the University of Leicester) under the umbrella of the Security Research Initiative (http://perpetuityresearch.com/security-research-initiative/) which, each year, conducts a detailed study on a specific aspect of security.

To download a free copy of the full report visit: http://perpetuityresearch.com/category/publications/security-research-initiative/sri-publications/

Alternatively, send an e-mail to: prci@perpetuityresearch.com for more details or telephone: 01892 538690

Leave a comment

Filed under Risk UK News

Corps Security introduces CorpsConsult expert consultancy service

Corps Security has announced the introduction of a new business division that provides a diverse range of consulting, investigative and training services specifically designed to help customers improve risk and threat management.

CorpsConsult uses the extensive in-house expertise that Corps Security possesses. CorpsConsult is headed up by Mike Bluestone, Corps Security’s director of security consulting.

“Our experts all have recognised academic and professional security qualifications and come from a diverse range of corporate backgrounds,” asserted Bluestone. “In addition, several leading members of the team have served with distinction in the police and the military. This wide-ranging experience combines to ensure that CorpsConsult has unrivalled levels of knowledge and expertise that can be used to advise companies on the security of their people, property and assets through both human and technological means.”

Mike Bluestone, who heads up CorpsConsult, discussing strategies with a client

Mike Bluestone, who heads up CorpsConsult, discussing strategies with a client

A key element in having the right security solutions in place is an awareness of risks and threats. CorpsConsult’s consulting services provide both strategic and logistical answers to an organisation’s security requirements. These services include strategic security reviews, the development of corporate security policy and strategy documents, risk and threat assessments, security surveys and audits.

CorpsConsult prides itself on providing clear reports with easy-to-follow guidance and recommendations.

Selection of training courses

CorpsConsult’s investigative services are used by organisations looking to carry out due diligence in areas such as mergers and acquisitions and the examination of corporate fraud and financial impropriety.

Areas of potential risk can be identified through discreet checks on the backgrounds and reputations of companies and individuals. Other services include scene of crime work, personnel screening and vetting and corporate surveillance.

To complement its other activities, CorpsConsult also offers a selection of training courses delivered by its specialist experts. These courses can be designed to meet a client’s specific needs. Here, the subjects include security management, security auditing, fraud prevention, strategic security and security awareness training.

Speaking about the introduction of CorpsConsult, Corps Security’s CEO Peter Webster explained: “The importance of a clearly defined and implemented security strategy cannot be overstated. Organisations in all business sectors now realise that expert guidance is an invaluable part of this process.”

Webster continued: “Although we have offered consultancy services for many years, the formation of CorpsConsult galvanises our extensive knowledge into one complete offering. I believe it’s a valuable addition to our existing specialist security services, and we will continue to develop it to meet the ever-changing needs of our customers.’

For further information contact Corps Security on Tel) 0800 0286 303 or via e-mail: info@corpssecurity.co.uk

Leave a comment

Filed under IFSECGlobal.com News