TALL Security Print attains leading financial services supplier qualification

Runcorn-based TALL Security Print, part of The TALL Group of Companies and a provider of secure printed and electronic payment solutions, has successfully attained the Hellios Financial Services Qualification System certification. The certification is required by major banks and financial services organisations when selecting suppliers.

The Financial Services Qualification System is designed to improve the standard of suppliers through a common set of policy and risk areas including IT security, operational risks, the General Data Protection Regulation and responsible business governance, all of which are reviewed annually and updated in a bid to remain ahead of regulatory changes. 

As the regulated environment becomes more complex, the rigorous qualification system provides a standardised way in which to manage requests for compliance and assurance information.

The Financial Services Qualification System is currently used by 32 major banks, building societies and insurance companies including the Lloyds Banking Group, Metro Bank, Santander, TSB, Clydesdale Bank and The Bank of England. 

Martin Ruda, managing director of The TALL Group of Companies, said: “We are extremely proud to have successfully achieved this certification, which reinforces our commitment and demonstrates our ability to consistently provide products and services that meet the compliance and regulatory requirements of our clients.”

Ruda added: “This certification also recognises the hard work that our dedicated members of staff have undertaken during the recent COVID-19 pandemic. The business has operated throughout as a key supplier to the financial services sector.”

Steve Riley appointed in key sales role for PAC-GDX and 3XLOGIC brands

Steve Riley has been appointed in key sales role for PAC-GDX and 3XLOGIC brands. Formerly with Risco for over seven years, industry stalwart Riley has joined the organisation with an ambition to grow market share across all brands by adding value to security solutions in the form of business intelligence.

On his new role, Riley commented: “It’s a very exciting time to be joining this organisation because we have several exciting product launches planned. I see so much potential in the integration of our brands and the resulting ability to offer solutions that very few companies can provide.”

He continued: “By harnessing the secure data which is on board many security systems already out in the field, we can provide valuable insights for end users, such as tracking how, when and where people move around buildings. This is the sort of information that can really assist with everything from COVID-19 procedures to energy savings.”

Steve Riley

Riley will also be re-shaping and re-energising the organisation’s channel engagement, developing new distribution partnerships and relationships with system integrators here in the UK and across Europe.

“Some of our brands have been associated with certain market sectors to date and they have dominated those sectors,” asserted Riley, “but interoperability across our brands and calibrating the right products to suit the application means that our security installers and system integrators can target any kind of business from SMEs right the way up to enterprise-level plcs.”

Welcoming Riley to the fold, Bill Hobbs (global sales leader for all brands) enthused: “Steve has joined us on the brink of huge growth potential for the company and his energy and management skills are a welcome addition at this exciting time.”

TDSi expands logistics team to support customer needs during COVID-19 restrictions

Integrated security systems manufacturer TDSi has announced the appointment of Keith Beech to its logistics team based at the company’s headquarters in Poole. Beech’s expertise in managing the shipping and movement of TDSi’s integrated security products to partners and customers around the world is particularly important during the COVID-19 restrictions and transition to the new normal.

TDSi’s managing director John Davies commented: “We are delighted to welcome Keith to the team at TDSi. He is already a key figure in our ongoing distribution operations. Given the restrictions and social distancing rules associated with the new normal, Keith has a pivotal role to play in ensuring that our products are smoothly and reliably managed and shipped worldwide, wherever and whenever they are needed.”

Keith Beech

Reflecting upon his appointment, Beech explained: “I have joined the TDSi team at a challenging, but also highly rewarding time with a remit to support our customers and maintain logistics in a rapidly changing world. I am directly involved with all of the functions of our warehouse operations, from goods receipt through to picking, packing and distribution, while at the same time maintaining safe social distancing regulations as well as the highest levels of accuracy and quality service.”

With a distinguished career in logistics for technology businesses, including both supervisory and managerial roles, Beech has the expertise and experience to fully support TDSi’s expanding international operations.

Beech concluded: “One of the main things that drew me to this role is working with and being part of the highly talented and dedicated team at TDSi. The Poole facility encompasses many key parts of the company, including product development and business operations, which means our logistical team is a focal point in delivering TDSi’s combined expertise to the market. I am now looking forward to being part of our continued success and supporting our business partners and customers alike.”

NorthEdge Capital backs Orbis Protect’s bolt-on acquisition of Optosafe

Private equity-backed property, site and people protection specialist Orbis Protect has made its first acquisition following a strong period of growth despite the UK-wide lockdown. The business has bought Glasgow-based Optosafe, the 360-degree CCTV tower provider with which it has partnered for the last three years.

Orbis Protect employs more than 400 staff across 19 UK depots, working with clients across the private and public sectors. Its services include vacant property management and securing such properties so that they are ready for re-occupation, as well as site security for commercial offices, construction and other vulnerable sites. The business also offers a lone worker monitoring solution, supporting 35,000 workers annually with personalised alarm services.

The deal follows NorthEdge’s initial backing in 2018 and two years of strong organic growth for Orbis Protect, which has achieved consistent year-on-year organic EBITDA growth in excess of 20% since 2016. Earlier this year, the business ranked eighth in the Sunday Times’ Profit Track and, following this acquisition, is expecting to achieve in excess of £8 million EBITDA in the next financial year.

During lockdown, Orbis Protect has seen rapid grown of its decontamination services. In March, it had six team members trained to deliver specialist cleaning services, which include fogging technology to remove traces of COVID-19, with a further 60 being trained throughout lockdown to meet customer demand.

Supporting the client base

Guy Other, CEO at Orbis Protect, said: “During lockdown we have been able to adapt quickly to support our clients. This approach to spotting new opportunities for our business has been key to us continuing to report strong organic growth. NorthEdge has been supportive of our ambitions since backing the business, and its backing in terms of our first acquisition has been invaluable.”

Other added: “Over the last few years we have managed to develop a strong partnership with Optosafe on a range of client projects. The specialist insight which the team can provide makes this deal a key part of our ongoing strategy and will help us to further accelerate our growth.”

Optosafe CTO John Robertson has now joined Orbis as managing director of the Optosafe division and will continue to focus on delivering customer solutions, while at the same time driving new product development opportunities.

Robertson told Security Matters: “We know our markets well and are aware of the high demand for Optosafe’s services. It makes monitoring and security for areas like construction, infrastructure and the utilities much safer and more reliable than traditional security systems, which is key for clients who own and operate such assets. Working with Orbis Protect will allow us to accelerate our ongoing R&D work in order to develop new services for our customers.”

Details of the deal

The acquisition was funded in part thanks to financing provided by Clydesdale Yorkshire Bank. Orbis was supported on the acquisition by Deloitte (corporate finance), Browne Jacobson (legal), BDO (financial due diligence), Fairgrove Partners (commercial due diligence) and Better Basics (operational due diligence).

Kevin O’Loughlin, investment director at NorthEdge Capital, explained: “Orbis Protect has performed exceptionally well in the harshest of trading environments presented by COVID-19. The acquisition of Optosafe provides Orbis Protect with additional penetration into the high-growth CCTV towers market and underpins the exciting growth strategy which management has in place for the business.”

Ian Mansell, senior director at Clydesdale Yorkshire Bank, added: “We are delighted to have worked with the team at Orbis Protect and alongside NorthEdge Capital to deliver what is a highly strategic acquisition. To have completed this deal against such a challenging backdrop is testament to the resilient and highly sustainable performance seen across the core business, which should be further enhanced through this acquisition. We look forward to continuing to support Orbis Protect on delivering its ambitious plans for future growth.”

Security guarding specialist SSGC appoints Haines Watts to manage “rapid growth trajectory”

One of Britain’s fastest-growing specialist security businesses has appointed a leading national accountancy firm as part of its planned expansion strategy that has so far seen a substantial turnover increase to over £60 million per annum.

Robust systems and bespoke technology has enabled SSGC, a niche provider of fully-vetted security officers, to deploy hundreds of individuals to secure and marshal the COVID-19 testing programme at centres right across the UK, building on the significant growth already achieved by the company throughout 2019.

Further, the business has now appointed Haines Watts, the accountancy firm with more than 50 offices nationwide, to manage its financial affairs as it draws up its long-term expansion plan after securing contracts which have underpinned the aforementioned robust and rapid growth in turnover.

Swindon-based SSGC has demonstrated its ability to rapidly provide hundreds of guarding personnel within very tight time windows, many of them former military personnel returning to front line duties as part of the national Coronavirus effort.

Mike Lloyd, a partner at Haines Watts (left), with Guy Dungworth (a shareholder in SSGC) and David Stubbs (managing director at SSGC)

Reinforcing the front line

“Reinforcing our front line in the fight against COVID-19 has meant making some sound decisions as we rise through the ranks of security firms to be part of the top flight of specialist businesses,” said David Stubbs, managing director of SSGC, in conversation with Security Matters. “Appointing an equally top flight accountancy firm was always part of our long-term planning.”

Stubbs continued: “Growth has always been a major part of our strategy, but our ability to demonstrate a robust response to the Government’s needs during the COVID-19 lockdown suddenly accelerated those plans. We had already established a good relationship with Haines Watts, so a complete move to take advantage of a strategic finance partner that complements our own direction of travel will definitely help us when it comes to shaping our future direction.”

Mike Lloyd, partner with Haines Watts, responded: “We provide services to thousands of businesses, many of which, like SSGC, are going through a phase of significant growth in a short time. Expansion presents new and exciting challenges and secures a spot for SSGC as a major corporate player. This is a target the business was already heading towards before current events arose.”

Lloyd continued: “Accountancy services fall broadly into two distinct areas, namely compliance and planning. From the compliance side, we can make sure that SSGC meets all of the necessary legal and tax requirements. With planning, we can help optimise areas such as tax management, financial modelling and scenario forecasting in order to maximise the financial fluidity of the company under growth. We are already working with the directors on both fronts at this key time in the company’s evolution.”

Armed Forces Covenant signatory

A signatory to the Armed Forces Covenant, SSGC is an ethical business committed to supporting the military community through remobilisation projects and is also being supported by other key partners in Skipton Business Finance and Squire Patton Boggs Solicitors in delivering on the Government’s call to action.

SSGC is a Security Industry Authority Approved Contractor Scheme registered business that was formed by MBO back in 2014

David Stubbs, himself a former military policeman, concluded: “This is a very exciting time for the business as we transition into the next phase of our development. Working with Haines Watts provides seamless access to the financial services and expertise we will be leaning on this year as we execute the next phase of our growth.”

HID Global “brings trust” to online and mobile banking in face of cyber threat

As consumers embrace the convenience of online and mobile banking at both traditional and the latest all-digital financial institutions, it has become an increasingly difficult challenge to combat cyber security threats while complying with regulatory data protection mandates. Trusted identity solutions specialist HID Global has solved those challenges for several banks as part of their digital transformation initiatives.

“Our solutions protect data and transactions while delivering a seamless experience for the consumer as well as maximum flexibility for banks,” explained Brad Jarvis, vice-president and managing director of identity and access management solutions at HID Global. “This includes the option of cloud-based authentication services that remove the complexity of providing multifactor authentication to a growing and diverse user population, while also offering the convenience and efficiency of centralised regulatory compliance audits.”

Challenging issues

As a business, HID Global is helping to address some of the most challenging of mobile banking issues. For example, a retail bank in Egypt has improved compliance and reduced fraud and operational costs thanks to an HID Trusted Transactions solution. This is pre-integrated with Temenos digital front office and core banking products.

In addition, a Swiss wealth management group is using the solution, along with the HID ActivID Authentication Server, to optimise flexibility while protecting mobile banking transactions and securing corporate data, applications and systems.

Further, two banks in Eastern Europe and the UK are using the solution for quick and easy compliance with Second Payment Services Directive (ie PSD2) regulations.

Even with financial institutions returning to (almost) normal operating hours, many believe digital banking will grow in importance as part of ensuring business continuity and supporting customers who prefer not to visit their local branch during the ongoing health crisis. According to a McKinsey & Company report, the use of digital channels has grown in Europe by up to 20% during the COVID-19 pandemic.

Adoption of digital banking

“In just a couple of months, customers’ adoption of digital banking has leapt forward by a couple of years,” suggests the document. “Our most recent customer survey showed a 10% to 20% rise in digital banking use across Europe in April. Many Italian banks are striving to enable every single one of their customers to use digital banking. Such a jump in adoption opens the door for banks to turn digital channels into real sales channels, not just convenient self-service tools.”

HID Global’s complete HID Trusted Transactions offer for end users in the banking and finance sector includes the HID Authentication platform delivered either as a server or service, plus a choice of hardware tokens or the HID Approve multi-factor authentication solution with mobile push notification capabilities and the HID Risk Management Solution – Threat and Fraud Detection.

The comprehensive offer from the business delivers risk-based adaptive authentication, threat detection and transaction signing.

*Click here for more information about HID’s advanced multi-factor authentication solutions for the banking sector

96% of UK organisations experience at least one business-impacting cyber attack in past 12 months

Tenable Inc, the cyber exposure company, has published the results of a global industry study of business and security executives that reveals the majority of UK organisations (96% of those surveyed, in fact) have experienced a business-impacting cyber attack in the past 12 months.

The data is drawn from ‘The Rise of the Business-Aligned Security Executive’, a commissioned study of more than 800 global business and cyber security leaders, including 103 respondents from the UK. The survey was conducted by Forrester Consulting on behalf of Tenable.

As cyber criminals continue their relentless attacks, 63% of respondents in the UK have witnessed a dramatic increase in the number of business-impacting cyber episodes over the past two years. Unfortunately, these attacks had damaging effects, with organisations reporting loss of employee data (44%), financial loss or theft (36%) and customer attrition (34%). Some 65% of security leaders in the UK say these attacks also involved operational technology.

Business leaders want a clear picture of how at risk they are and how that risk is changing as they plan and execute business strategies. Only four out of every ten local security leaders say they can answer the fundamental question: “How secure, or at risk, are we?” with a high level of confidence, despite the prevalence of business-impacting cyber attacks.

Global respondents

Looking at global respondents, fewer than 50% of security leaders said they are framing cyber security threats within the context of a specific business risk. For example, although 96% of respondents had developed response strategies to the COVID-19 pandemic, 75% of business and security leaders admitted their response strategies were only “somewhat” aligned.

Organisations with security and business leaders who are aligned in measuring and managing cyber security as a strategic business risk deliver demonstrable results. Compared to their siloed peers, business-aligned security leaders are:

*Eight times more likely to be highly confident in their ability to report on their organisations’ level of security or risk

*90% are very or completely confident in their ability to demonstrate that cyber security investments are positively impacting business performance compared with 55% of their siloed counterparts

85% have metrics to track cyber security RoI and impact on business performance versus just 25% of their siloed peers

Business-aligned leaders

Those organisations with business-aligned cyber security leaders are also:

*Three times more likely to ensure cyber security objectives are in lock step with business priorities

*Three times more likely to have an holistic understanding of their organisation’s entire attack surface

Three times more likely to use a combination of asset criticality and vulnerability data when prioritising remediation efforts

“In the future, there will be two kinds of CISO — those who align themselves directly with the business and everyone else,” said Renaud Deraison, CTO and co-founder at Tenable. “The only way to thrive in this era of digital acceleration is to bring cyber into every business question, decision and investment. We firmly believe this particular study shows that forward-leaning organisations view cyber security strategy as essential to innovation and that, when security and the business work hand-in-glove, the results can be transformational.”

Mitie appoints Karen Thomas-Bland as programme integration director to oversee Interserve division merger

Mitie Group plc has announced that Karen Thomas-Bland will take up a newly-created role as programme integration director for Mitie’s merger with Interserve’s Facilities Management division. Thomas-Bland will now join Mitie’s executive leadership team reporting directly to CEO Phil Bentley.

The acquisition, the detail of which was announced on 25 June, is expected to close in the fourth quarter of 2020, subject to shareholder approval. Together, the combined companies will accelerate the delivery of Mitie’s long-term technology-led FM vision, creating the UK’s largest FM company with over 77,500 employees.

Thomas-Bland started her career in strategic consulting before moving to IBM. Over the past ten years, she has led numerous integration projects for large companies including Microsoft, the National Grid, Accenture and, recently, Reed Elsevier/RELX.

Karen Thomas-Bland

On the appointment, Phil Bentley stated: “I’m delighted to welcome Karen to Mitie. The integration of Interserve’s Facilities Management division is an opportunity for us to create a new company with a strong culture. Her wealth of experience will be invaluable at this transformative time. We’re determined to create a true UK FM champion to help Britain back to business in a post-COVID-19 world and Karen’s appointment is a key step forward in achieving that ambition.”

Thomas-Bland responded: “With the opportunity to bring Interserve’s Facilities Management division and Mitie together, I’m very excited to be joining at such a pivotal time. I’m looking forward to leading an integration team which will bring together the best of both Mitie and Interserve to create an unparalleled FM partner to UK business.”

Genetec unveils ‘Innovate Everyday’ webinar series for end users and integrators

Genetec, the developer of unified systems for enhanced security, operations and intelligence, has announced a new series of webinars designed to assist end users and system integrators in navigating these testing times.

The sessions outline ways in which customers from various industries are repurposing their existing physical security systems in order to solve specific pandemic-related issues. In addition, they will cover ways in which Genetec is evolving its own solutions to address critical new requirements.

The details for the upcoming webinars are as follows:

Thursday 16 July

Privacy now and after COVID-19 Amid a public health crisis, the global pandemic is raising questions about privacy. How can technology help?

Tuesday 21 July

Physical security innovations to help during the pandemic In this session, experts will discuss the new reality and how technology is being developed and deployed

Tuesday 4 August

Delivering new innovations Experts from Genetec, Quanergy and HID will discuss collaborative innovations that are supporting end users in the current environment

Tuesday 18 August

Identity as the new perimeter Experts will discuss why identity is now the backbone to infrastructure management and the enforcement of security policies

Wednesday 26 August

Machine Learning: Making sense of data Data scientists will explain the use of machine learning to improve product performance, give users greater insights into their physical security data and enable organisations to more effectively automate their processes

*For more information or to register for any of these webinars visit https://www.genetec.com/innovate-everyday

**Watch the promotional video here: https://www.youtube.com/watch?time_continue=1&v=auYzGXGbxgE&feature=emb_logo

WatchGuard report finds two-thirds of malware to be encrypted

WatchGuard Technologies’ latest Internet Security Report shows that 67% of all malware in Q1 2020 was delivered via encrypted HTTPS connections and that 72% of encrypted malware was classified as zero day, so on that basis would have evaded signature-based anti-virus protection.

These findings show that, without HTTPS inspection of encrypted traffic and advanced behaviour-based threat detection and response, organisations are missing up to two-thirds of incoming threats. The report also highlights the finding that the UK was a top target for cyber criminals in Q1, earning a spot in the Top Three countries for the five most widespread network attacks.

“Some organisations are reluctant to set up HTTPS inspection due to the extra work involved, but our threat data clearly shows that a majority of malware is delivered through encrypted connections and that letting traffic go uninspected is simply no longer an option,” said Corey Nachreiner, chief technology officer at WatchGuard. “As malware continues to become more advanced and evasive, the only reliable approach towards defence is implementing a set of layered security services, including advanced threat detection methods and HTTPS inspection.”

Key findings

Other key findings from WatchGuard’s latest Internet Security Report include:

Monero cryptominers surge in popularity Five of the Top Ten domains distributing malware in Q1 (identified by WatchGuard’s DNS filtering service DNSWatch) either hosted or controlled Monero cryptominers. This sudden jump in cryptominer popularity could simply be due to its utility. Adding a cryptomining module to malware is an easy way for online criminals to generate passive income

Flawed-Ammyy and Cryxos malware variants join top lists The Cryxos trojan was third on WatchGuard’s Top Five encrypted malware list and also third on its Top Five most widespread malware detections list, primarily targeting Hong Kong. It’s delivered as an e-mail attachment disguised as an invoice and will ask the user to enter their e-mail and password which it stores. Flawed-Ammyy is a support scam where the attacker uses the Ammyy Admin support software to gain remote access to the victim’s computer

Three-year-old Adobe vulnerability appears in top network attacks An Adobe Acrobat Reader exploit that was patched in August 2017 appeared in WatchGuard’s top network attacks list for the first time in Q1 of this year. This vulnerability resurfacing several years after being discovered and resolved illustrates the importance of regularly patching and updating systems

Mapp Engage, AT&T and Bet365 targeted with spear phishing campaigns Three new domains hosting phishing campaigns appeared on WatchGuard’s Top Ten list in Q1 2020. They impersonated digital marketing and analytics product Mapp Engage, online betting platform Bet365 (this campaign was in Chinese) and an AT&T login page (this campaign is no longer active at the time of the report’s publication)

COVID-19 impact Q1 2020 was only the start of the massive changes to the cyber threat landscape brought on by the COVID-19 pandemic. Even in the first three months of 2020, WatchGuard still saw a massive rise in remote workers and attacks targeting individuals

Malware hits and network attacks decline Overall, there were 6.9% fewer malware hits and 11.6% fewer network attacks in Q1, despite a 9% increase in the number of Fireboxes contributing data. This could be attributed to fewer potential targets operating within the traditional network perimeter with worldwide work-from-home policies in full force during the COVID-19 pandemic

Anonymised data

The findings in WatchGuard’s Internet Security Reports are drawn from anonymised Firebox Feed data from active WatchGuard appliances whose owners have opted in to share data to support the Threat Lab’s research efforts. Over 44,000 appliances worldwide contribute threat intelligence data to the report. In Q1 2020, they blocked over 32,148,519 malware variants in total (730 samples per device) and more than 1,660,000 network attacks (38 attacks per device).

The complete report includes key defensive Best Practices that organisations of all sizes can use to protect themselves in today’s threat landscape and a detailed analysis of how the COVID-19 pandemic and associated shift to working from home affected the cyber security landscape.

*To view the full report visit Internet Security Report for Q1 2020