Tag Archives: Encryption

Cyber security firm Foregenix scoops Queen’s Award for Enterprise

A cyber security firm has picked up the Queen’s Award for Enterprise. Foregenix, which celebrates its 10th Anniversary this month, received the award for its work in international trade and is believed to be the first cyber security consultancy with a determined focus on protecting the payment and finance industries to pick up the accolade.

Headquartered in the UK, Foregenix has generated around 60% of its revenue from international sales over the past four years, helped by new offices in Boston servicing North America, Frankfurt, Europe, Sydney, Australasia and São Paulo, Brazil and a new base in Singapore in 2019.

Foregenix offers a range of services including managed detection and response, digital forensics, compliance and risk. It’s one of the leading certification companies for payment systems on PCI point-to-point encryption and an authority on ATM ‘cash-out’ attacks.

The Queen’s Award for Enterprise follows on from recognition by The Sunday Times as one of the Top 100 SME exporters in 2017 and 2018.

ForegenixPaulHumpageAndrewHenwoodBenjaminHosack

Left to Right: Paul Humpage, Andrew Henwood and Benjamin Hosack of Foregenix

The Queen’s Awards have recognised the achievements of British businesses since 1965. Around 200 businesses receive the accolade each year.

Co-founder and CTO Andrew Bontoft commented: “It’s testimony to the brilliant work and dedication of our global team that we’ve received this prestigious award. We’re very proud of what the team has achieved and grateful for the recognition this award signifies. We would also like to thank our clients and suppliers for helping us to achieve this honour.”

CEO Andrew Henwood added: “Foregenix aims to protect businesses and organisations from criminals who attempt to endanger people’s livelihoods and futures for their own enrichment. It’s a cause that resonates with our customers. We offer them practical advice and solutions for baked-in security and real risk reduction.”

Advertisements

Leave a comment

Filed under Risk Xtra

Vanderbilt’s SPC solution accredited to CNPP’s NF A2P Cyber-RTC cyber security standard

Vanderbilt, the state-of-the-art security systems developer, has announced that its award-winning SPC system has been accredited to the NF A2P Cyber-RTC cyber security standard from the CNPP.

The SPC intrusion system was tested by CNPP to ensure that it meets the latest needs for cyber security. This is part of Vanderbilt’s continuous endeavour and commitment to work with approval bodies to ensure both Best-in-Class security and afford end users the confidence that their chosen security system is secure.

“By certifying our SPC intrusion ranges on the latest CNPP NFA2P at Cyber Type 2 and 3 repositories, Vanderbilt provides all of its customers with high-level security for all remote monitoring transmissions, as well as for cloud applications such as our service SPC Connect to combine user-friendliness, availability and security,” stated Hervé Houy, Vanderbilt’s Country Manager for France.

VanderbiltSPC

An IP-ready intrusion alarm system, SPC has been designed with communications and security at its core. Using the FlexC protocol to communicate with AES256-CBC encryption, the communications between SPC and other system are secure and protected. This communication also allows for flexibility using the SPC user models.

The rights and permissions of users protect the user and the system from malicious attacks. Customers can use the system with confidence whether they are on-site or using the SPC Connect to enable cloud services. Their data is secure, while communications are always protected.

Vanderbilt has been working with CNPP for many years to ensure the quality of intrusion products for the French market. This innovative step by the approval body to have a defined standard for cyber is a clear indication of the path of security systems.

“The market is saturated with cyber security standards, but the NF cyber security standard from CNPP is the first specifically developed for intrusion alarm systems,” concluded Nick Pegtol, Vanderbilt’s Country Manager for Benelux, Greece and Cyprus. “It’s a great way to benchmark and improve our SPC intrusion systems,”

*To obtain Vanderbilt’s latest product certifications visit https://vanderbiltindustries.com/compliance-documents. For more information on SPC visit https://vanderbiltindustries.com/spc

Leave a comment

Filed under Risk Xtra, Uncategorized

Milestone Systems introduces ‘Push-To-Talk’ feature in Mobile Client

In the latest update of Milestone Systems’ XProtect 2019 R1 video management software (VMS), the company has introduced two-way audio in the Mobile Client, enabling end users to speak to people on camera directly from their mobile devices.

The first XProtect release of 2019 extends the usability of the Smart Client and takes it outside the Control Room with support for both one and two-way audio in the Mobile Client. This is beneficial for ‘on-the-go’ security personnel whose tasks require them to be away from the Smart Client on occasion.

One-way audio allows end users to listen to audio captured by the microphone connected to the camera directly from their mobile phones using the Milestone Mobile application. Users can also increase their situational awareness when video isn’t available, such as in extreme darkness or when an incident happens outside of the camera’s viewing range.

milestonewebclient

Two-way audio takes the audio capability a step further with Push-to-Talk, a feature that allows users to speak through the camera-connected speaker directly from their mobile phones. This enables security personnel to use their VMS systems preventatively for things like access control, crowd warnings and intruder alerts – all available on mobile. 

The 2019 R1 version of XProtect also includes support for two-way audio in the Web Client. Two-way audio allows end users to speak through the camera-connected speaker directly from the Web Client anywhere. This transforms the VMS system into an interactive tool and allows users to respond quickly to access control requests and incident prevention without having to be present in the Control Room or on-premise.

The 2019 R1 version of XProtect takes the system’s resistance against cyber security threats a step forward by encrypting all communication between the recording server and other servers and clients connected to it. This certificate-based encryption requires that all components communicating with the recording server (including third party solutions integrated with the VMS system) follow a strict certification process, guaranteeing the system’s resistance against cyber security threats. This system design provides the end user with the best level of performance encrypted end-to-end.

Leave a comment

Filed under Risk Xtra, Uncategorized

360 Vision Technology’s ONVIF-compliant cameras on show at Security Essen 2018

CCTV design and manufacturing company 360 Vision Technology will be showing its popular range of high-performance surveillance cameras at Security Essen 2018.

Compatible with the security industry’s leading software control solutions and illustrating 360 Vision Technology’s depth of video surveillance imaging technology, those cameras on show will include analogue, HD, thermal, radar and stainless steel variants, so too models with built-in Sirius IR and White Light LED illuminators.

360 Vision Technology’s high-performance Predator and new cost-effective Invictus ‘all-in-one’ ultra low-light PTZ camera (featuring advanced SSL and 802.1 encryption protection and available in a variety of camera model/control combinations) will also be on display at MESSE Frankfurt.

360VisionTechnologyEssen2018Family

Underlining 360 Vision Technology’s emphasis on technical innovation and design, the company’s Predator Radar camera has been selected as one of just 13 entries out of 75 to reach the final round of this year’s Security Essen ‘Security Innovation Awards 2018’.

“Designed to protect against hacking and ransomware attacks, we’ll be showcasing 360 Vision camera technology including advanced SSL and 802.1 encryption protection,” explained Mark Rees, business development director at 360 Vision Technology, in conversation with Risk Xtra. “We’re also delighted to have our Predator Radar camera selected for the final round of the prestigious ‘Security Innovation Awards 2018’.”

*Visitors to Security Essen can find 360 Vision Technology in Hall 5 on Stand 5E08

Leave a comment

Filed under Risk Xtra

UK’s SMBs battling average of five cyber attacks per annum

Small and medium-sized businesses (SMBs) in the UK have faced up to an average of five cyber attacks in the last 12 months. That’s according to research commissioned by online encryption specialists Appstractor Corporation that highlights the growing threat such businesses face from online criminals.

A significant number of IT decision-makers in these SMBs believe they’re being put at greater risk of attack because their security software isn’t keeping pace with the sophisticated nature of the attacks with which they’re confronted.

According to the new independent report entitled ‘Under Attack: Assessing the Struggle of UK SMBs Against Cyber Criminals’. some businesses (19%, in fact) faced as many as ten attacks in the last year. IT bosses who took part in the research survey suggested that one of the major causes for concern for SMBs in the UK is that security and encryption software is aimed at individual consumers or large corporations and Governments, meaning that they cannot be deployed effectively in a small business environment.

SMBCyberSecurity

In fact, only 44% of IT decision-makers in SMBs believe that they’re able to properly protect themselves against cyber criminals using current software and systems when compared to the ability of large businesses to protect themselves.

A third believe that the UKs small business community – which makes up 99% of businesses, according to the Federation of Small Businesses – is being “forgotten about” and placed at a higher level of risk when compared to their larger counterparts.

When it comes to the level of threat faced by these smaller companies, Appstractor Corporation’s research found that 17% of companies faced at least one attack in the last year, 28% were attacked two or three times, 32% faced four or five attacks and 19% were attacked between six and ten times.

A small proportion of companies – 2% – said that their company had been targeted up to 20 times in the last 12 months.

Commenting on the report, Paul Rosenthal (CEO and founder of Appstractor Corporation) agreed that current solutions were not up to scratch. but also said that some SMBs were making themselves an easy target for criminals.

“It’s the case that SMBs are at a disadvantage in the cyber security arms race because software and platforms are not being effectively designed for them, so they have to shoehorn consumer or large enterprise-grade solutions into their company which don’t work in small businesses. IT managers and small business owners need to rid themselves of their current ideas that they are too small to be targeted and so don’t have to worry about security and encryption software. The reality is that small businesses are being targeted by criminals more than ever before. Techniques like automated mass targeting are putting them at a serious and present risk of attack.”

*To access the full report click here

Leave a comment

Filed under Risk Xtra

95% of UK businesses “still struggling” with mobile working as security of data continues to cause concern

Apricorn – the manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives – has unveiled new research results highlighting that 95% of organisations surveyed in the UK recognise problems with mobile and remote working. Worryingly, nearly one-in-five (18%) suggest that their mobile workers don’t care about security.

All (ie 100%) of those IT decision-makers surveyed noted that they had employees who work remotely at least some of the time, with an average of over one third (37%) of staff members who do so. With an increase in the numbers of people working remotely, this means more data moving beyond the confines of the corporate network. Organisations need to ensure that any data – be it at rest or on the move – remains secure.

While many are taking steps to ensure their data is protected, for instance by implementing security policies for mobile working and Bring Your Own Device, just under half of respondents (44%) still agree that their organisation expects their mobile workers to expose them to the risk of a breach. Roughly one third (32%) say that their organisation has already experienced a data loss or breach as a direct result of mobile working, while 30% of respondents from organisations where the General Data Protection Regulation (GDPR) applies are concerned that mobile working is an area that will most likely cause them to be non-compliant.

MobileWorkingSecurity

53% cited that one of their Top Three biggest problems with remote working is due to the complexity and management of the technology that employees need and use. Over half (54%) say that, while their organisation’s mobile workers are willing to comply with requests relating to security measures, employees lack the necessary skills or technologies required to keep data safe. Nearly one third (29%) take the radical approach of physically blocking all removable media, while a further 22% ask employees not to use removable media (although they have no technology means by which to enforce this).

“The number of organisations blocking removable media has increased compared with responses to the same question in 2017, when 18% said they were physically blocking all removable devices,” said Jon Fielding, managing director for the EMEA at Apricorn. “A unilateral ban isn’t the solution and ignores the problem altogether, while also presenting a barrier to effective working. Instead, businesses should identify corporately approved, hardware-encrypted devices that are only provided to staff with a justified business case for having such. The approved devices should then be white-listed on the IT infrastructure, blocking access to all non-approved media.”

Risk of data breaches

Despite strict security policies, mobile working can still leave organisations wide open to the risk of a data breach. Half (50%) of respondents admitted one of the three biggest problems with mobile working is that they cannot be certain their data is adequately secured. Only around half enforce and are completely confident in their encrypted data in transit (52%), in the cloud (52%) and at rest (51%).

“While the new GDPR legislation requires the ‘Pseudonymisation’ and encryption of personal data, encryption isn’t a new concept, and keeping data secure has always been imperative to any organisation handling sensitive information,” added Fielding.

In conclusion, Fielding stated: “Organisations are simply not following security Best Practice. They need to implement and enforce policies and provide employee training to ensure compliance with the GDPR. Failing to put processes in place is putting confidential data at risk. Organisations now face the prospect of being fined even before a breach has occurred.”

Leave a comment

Filed under Risk Xtra

MOBOTIX launches ‘Cactus Concept’ to set focus on cyber security for video surveillance

MOBOTIX has announced a heightened focus on cyber security by implementing the ‘Cactus Concept’. The concept aims to deliver a comprehensive approach towards protecting MOBOTIX products against the threat of cyber attacks along with education and tools to help customers and partners alike in building and maintaining secure video surveillance and access control environments.

The ‘Cactus Concept’ will raise awareness among potential and existing MOBOTIX customers of the importance of data security in network-based video security systems and how organisations can protect themselves through cost-efficient and intelligent solutions. End-to-end encryption with no blind spots is required, from the image source via the data cables and the data storage through to the VMS on the end user’s computer.

Like a cactus, whose every limb is covered in thorns, all of the modules (camera, storage, cables, VMS) in the MOBOTIX system have ‘digital thorns’ that protect them from unauthorised access.

MOBOTIXCactusConcept

“Modern video surveillance and access control technologies help protect people, places and property across the world, but they’re increasingly targeted by criminals aiming to infiltrate, take-over or disable them,” explained Thomas Lausten, CEO of MOBOTIX. “With the Internet of Things trend adding billions of IP-connected devices each year, our industry must lead the way in creating secure platforms that can reduce the risks posed by these damaging attacks.”

MOBOTIX firmly believes in its ‘Cactus Concept’ to protect every element of the design, manufacture and operation of each device along with end-to-end encryption across the entire usage and management cycle.

To ensure the highest levels of security, MOBOTIX uses the services of SySS, a highly regarded and independent third party security testing company that examines the security of both software and hardware elements. SySS customers include Basler Versicherungen, Bundeswehr, CreditPlus Bank AG, Daimler, Deutsche Bank, Deutsche Flugsicherung, Festo, Hewlett Packard, Innenministerium/LKA Niedersachsen, SAP, Schaeffler, Schufa, T-Systems and Union Investment.

Sebastian Schreiber, CEO at SySS, added: “MOBOTIX has a contract with us to provide further penetration testing of its technology elements. The initial platform testing on a current camera model revealed very positive results. We’ll now continue security testing as an ongoing process.”

Thomas Lausten concluded: “Cyber security has been and will continue to be a core focus for us. We look forward to working with our peers in the industry, as well as customers and Government agencies, in order to protect the very technologies and systems that help make society safer for us all.”

*For more information visit www.cactusconcept.com

Leave a comment

Filed under Risk UK News