Tag Archives: General Data Protection Regulation

Facit Data Systems launches new website to showcase video analytics portfolio

Since its inauguration five years ago, Facit Data Systems has grown to become one of the market’s foremost providers of video analytics and compliance software. Now, the company has launched an all-new website designed to showcase its solutions for end users.

A host of operators are maximising organisations’ CCTV investments by generating business intelligence to improve sales, staffing efficiency, customer experience, safety and compliance.

FacitDataSystemsWebsite
Facit Data Systems’ People Counter, Queue Manager and Heat Map solutions operate cost-effectively over installed CCTV cameras and are system agnostic. Identity Cloak auto redaction software launched in 2018 to help Facit Data Systems’ customers comply with strict General Data Protection Regulation guidelines for video data.

The new Facit Data Systems website reflects the business’ work with the UK’s largest brands in retail, banking, healthcare and public space, as well as its partnerships with some of the world’s most trusted specialists.

*Visit the new Facit Data Systems website

Advertisements

Leave a comment

Filed under Risk Xtra

KnowBe4 study reveals 92% of organisations’ biggest security concern is end users

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, has released the results of new research. The company’s report examines over 350 organisations globally and reveals the security weaknesses and concerns within them. On average, 81% of organisations had some degree of concern around security issues.

Cyber crime continues to evolve and become more sophisticated. Artificial Intelligence and machine learning are leveraged by many criminal organisations to help them better understand how to improve their attacks and they’re now targeting specific industry verticals, organisations and even individuals.

Increases in the frequency of ransomware, phishing and crypto-jacking attacks have been experienced by businesses of nearly every size, vertical and location.

KnowBe4

When it comes to attack vectors, data breaches are the primary concern, with credential compromise coming a close second. These two issues go hand-in-hand as the misuse of credentials remains the foremost attack tactic in data breaches. That’s according to Verizon’s 2018 Data Breach Investigations Report.

Phishing and ransomware ranked next, demonstrating that organisations are still not completely prepared to defend themselves against these relatively “old” attack vectors.

Other key findings

*92% of organisations rank end users as their primary security concern. At the same time, security awareness training along with phishing testing tops the list of security initiatives that organisations need to implement

*Organisations today have a large number of attack vectors to prevent, monitor for, detect, alert and remediate. In terms of attacks, 95% of those organisations surveyed are most concerned with data breaches

*Ensuring security is in place to meet General Data Protection Regulation (GDPR) requirements is still a challenge for 64% of organisations, despite the GDPR’s fine details having been public knowledge for quite some time

*Attackers’ use of compromised credentials is such a common tactic. 93% of organisations are aware of the problem, but still have lots of work to do to stop it

*When it comes to resources, 75% of organisations don’t have an adequate budget

“2018 was a prolific year for successful cyber attacks, with many of them caused by human error,” said Stu Sjouwerman, CEO of KnowBe4. “IT organisations are tasked with establishing and maintaining a layered security defence. The largest concern, as demonstrated again in this report, is employees making errors. Organisations must start their defence by establishing a security culture. In order to combat the escalation of social engineering, they absolutely have to ensure that users are trained and tested.”

To read the full report visit www.KnowBe4.com

Leave a comment

Filed under Risk Xtra

“Lack of strategic focus on technology at Board level” finds ICSA poll

A poll conducted by ICSA: The Governance Institute and recruitment specialist The Core Partnership reveals that just 51% of Boards of Directors understand the challenges and opportunities that data and technology present to their organisations. Some 29% of the company secretaries who took part in the survey think that their Boards do not fully understand and a further 20% could only attest to ‘maybe’.

A lack of knowledge is viewed as the main barrier that prevents Boards from engaging properly with technology at a strategic level. Some 58% of respondents consider this to be the main obstacle, with 22% alluding to another reason, 16% citing language as an impediment and 4% blaming the on-boarding process.

Some of the main issues raised are as follows:

*The speed at which technological advances move means key aspects of the technology journey may not be provided in a timely manner

*It’s hard to find time in busy agendas to focus on the technology aspects

*Most Boards are made up of people who are of a generation that do not really understand the possibilities and threats offered by technology

*There has been a focus on the General Data Protection Regulation (GDPR) and cyber security, but that focuses on risks rather than opportunities

*Challenges arising from data management are more readily understood (eg the impact of poor data quality), but the real opportunities available to organisations through the effective use of data are less well considered (and especially through the ‘lens’ of commercial strategy)

Peter Swabey

Peter Swabey

Artificial Intelligence and automation

When asked if there were particular areas in which Boards needed to improve their understanding, a quarter of respondents chose Artificial Intelligence and automation. Other areas highlighted for potential improvement were using data effectively, the GDPR, cyber security and IT governance. Some 23% of respondents stated the belief that their Boards need to hone up on all of the areas mentioned.

Peter Swabey, policy and research director at ICSA, said: “The pace of change is such that new technology is emerging quicker now than at any time previously. This can be challenging for all Boards, but particularly so for those predominantly made up of people who are not ‘digital natives’. On top of this, changes in corporate governance, data privacy requirements and regulation mean that it can be difficult for non-executive directors to maintain an adequate level of knowledge across all areas. While it’s incumbent upon directors to proactively seek to expand their knowledge, there are time limits on what’s achievable given the part-time nature of the role.”

Swabey added: “It might be suitable for some organisations to have an IT specialist sit on the Board, but this wouldn’t be appropriate for all. Moreover, having one director with responsibility for technology might allow others to obviate their responsibilities, which is clearly not an option. As one respondent quite rightly said: ‘Technology is both an opportunity and a threat – Boards need to understand how it impacts the business both operationally and strategically’. This is a responsibility that all directors must share.”

Leave a comment

Filed under Risk Xtra

Egress Software Technologies CEO responds to ICO’s Data Security Incidents Report for Q2

On Friday 16 November, the Information Commissioner’s Office (ICO) published its Data Security Incidents Report for Q2 2018. Data security incidents, which are breaches of the seventh data protection principle or personal data breaches reported under the Privacy and Electronic Communications Regulations, are a major concern for those affected and a key area of action for the ICO.

On 18 July 2018, the Independent Inquiry into Child Sexual Abuse (IICSA) was fined £200,000 for revealing the identities of abuse victims in a mass e-mail. On 9 August, Lifecycle Marketing (Mother and Baby) Ltd, also known as Emma’s Diary, was fined £140,000 for illegally collecting and selling personal information belonging to more than one million people.

On 20 September, Equifax Ltd was fined £500,000 for failing to protect the personal information of up to 15 million UK citizens during a cyber attack in 2017 and, on 28 September, BUPA Insurance Services was fined £175,000 for failing to have effective security measures in place to protect customers’ personal information.

ICOLogoWeb

Tony Pepper, CEO of Egress Software Technologies, commented: “Looking at this report, it’s no surprise that the number of data security incidents filed to the ICO has continued to increase with no signs of plateauing. Overall, there has been a 29% increase in the number of reported data security incidents, from 3,146 between April and June 2018 to 4056 from July to September 2018. This demonstrates a 490% increase compared to the same quarter in 2017.”

Pepper continued: “Similar to the statistics we observed in the ICO’s previous report, this doesn’t necessarily mean that organisations are experiencing more incidents, but it definitely does mean that more are now being reported. The increased awareness for organisations to tread carefully has been fuelled by the General Data Protection Regulation, as well as the significant data breach incidents that recognisable brands have suffered in recent times.”

In terms of the monetary penalties, fewer fines were issued between July and September compared to those issued between April and June, with £875,000 issued under the Data Protection Act in the most recent complete three-month period.

Significant growth in data incidents

Although the report doesn’t summarise the type of incidents reported, it does detail the sectors that have experienced significant growth in these incidents. These include general business, which has experienced an increase of 87%, finance with 49%, insurance and legal with 63%, media with 633% and transport and leisure with 57%, while Government, at both the central and local level, experienced a 14% increase.

“We have also seen an organisation fined for unlawfully selling personal data, while Equifax was fined the highest amount under the Data Protection Act (£500,000) for a cyber attack that exposed the personal information of up to 15 million UK citizens.”

ElizabethDenhamICO

Information Commissioner Elizabeth Denham

Pepper added: “Clearly, there’s not only an issue with external attackers illegally obtaining and hacking an organisation’s systems to obtain data, but also with internal employees – and companies as a whole – misleading the population on why their personal data is being collected and how it will be used. As a result, organisations should be vigilant when it comes to ensuring data security protection is in place, and especially so to combat internal threats.”

Pepper feels that organisations should take a user-centric approach to data security, ensuring that every employee – from C-Suite executives to the average worker – is as security savvy as they need to be. This philosophy has been highlighted in recent Egress research, which revealed that 20% of an organisation’s employees don’t know what kinds of personal information should be protected when sharing data via e-mail.

“By taking a user-centric approach and equipping staff to protect personal data through technology that supports and secures the work they do,” urged Pepper, “as well as more training and awareness of what constitutes the mishandling of personal data, organisations will be able better placed to mitigate the chances of external and internal data security incidents.”

Leave a comment

Filed under Risk Xtra

IDnow launches AI-powered ID Verification-as-a-Service platform capable of identifying seven billion-plus potential customers

IDnow, a company nominated in the 2018 FinTech50 listing of the hottest European start-up businesses, has launched the next generation of its Identity Verification-as-a-Service platform that will enable companies to verify the identities of more than seven billion potential customers online easily and securely, and in compliance with regulatory Know Your Customer (KYC) requirements across Europe and beyond.

The IDnow platform – which is already trusted by several hundred companies across Europe, including UBS, Commerzbank and Telefonica – has been significantly enhanced with biometric, computer vision and security fraud detection technologies that gives it “the most extensive ID verification capabilities in the market” able to meet more identity verification use cases than any other platform.

The IDnow platform meets the high security and fraud detection requirements of strictly regulated environments for financial services and telecommunications sectors in countries like Germany, Switzerland and other European countries and is fully compliant with all relevant regulations and directives such as the AML regulation, eIDAS, the General Data Protection Regulation and PSD2.

In addition, the platform meets the business requirements for speedy and simple workflows that reduce customer on-boarding friction for non-regulated or lightly regulated sectors such as mobility, travel, recruitment and the sharing economy.

IDnow1

Features of the solution include:

*Fully-automated ID verification process including facial recognition, Optical Character Recognition and hologram and other anti-fraud detection features

*Video-based, agent-assisted ID verification workflow to meet specific regulatory environment requirements as well as to help ‘last mile’ conversion for customers unable to complete the automated process

*Integrated Issuance of Qualified Electronic Signature certificates for E-Sign solution

The IDnow platform can be easily integrated into a company’s service application and customers can complete an identification check quickly and easily from a smart phone. For industries or countries with more stringent security regulations, the platform will continue to offer video chat-based identity verification.

IDnow2“As we do more online, digital identities are becoming the new currency, so knowing your customers has become more important than ever,” explained Rupert Spiegelberg, CEO at IDnow. “Companies need an easy, trusted and compliant way of finding out who their customers really are. We believe our platform can offer just that. In addition, with full automation and compliance, organisations can rely on one platform for international requests, helping to bridge the gap in the market. As an end user, this means no more posting of copies of passport/proof of address, no more having to be present yourself at a physical branch and, for corporate customers, lower costs and higher success in customer acquisition.”

Leave a comment

Filed under Risk Xtra

Advanced video surveillance solutions from IDIS showcased at Security Essen

The very latest advances in secure surveillance technology, engineered entirely in Korea, are being demonstrated by IDIS on Stand E10 in Hall 5 at Security Essen, which runs from 25-28 September.

The IDIS Total Solution is increasingly being preferred by major end users globally because it offers the advantages of secure, exclusively Korean design and manufacturing, as well as “outstanding performance” in all applications.

Important innovations on show at Security Essen include IDIS’ flagship DirectIP solution, a full array of IP cameras (including Full-HD and 4K models), NVRs, network accessories and monitors, new privacy masking features to support end user compliance with data protection regulations such as the General Data Protection Regulation (GDPR), the IDIS Center (which typically delivers 50% cost savings on centralised monitoring systems in comparison with server-based solutions) and “game-changing Artificial Intelligence”.

IDIS Essen Stand 1

Deep Learning Analytics

Proving to be the biggest draw for visitors this week is the latest iteration of IDIS’ Deep Learning Analytics (IDLA) technology that has opened a new door to the future of video analytics with “groundbreaking” 96% accuracy combined with a 200 ips speed allowing for the analysis of 32 channels simultaneously.

These exciting advances in video analytics make IDLA “more accurate, faster and more scalable” than competitive offerings. IDLA provides agile appearance searching, object detection and classification (for example people, cars and bicycles) intrusion detection, as well as loitering detection: all adapted to fit a 16:9 ratio.

The IDLA engine offers this “unrivalled accuracy” thanks to its advanced deep network architecture. IDLA is easy to set up and use simply by setting the region of interest and sensitivity. No calibration is needed.

Further, since IDLA doesn’t require additional processing power, end users can progress legacy hardware and cameras to transform their existing surveillance system into a powerful Artificial Intelligence solution.

Version 2.0 will be commercially available early next year. End users will be able to access both standard and advanced functionality, such as appearance search, through a single and affordable licence. Object detection and classification, intruder detection and loitering analytics are already available for users of the IDIS Solution Suite VMS.

IDIS DirectIP

Making its major exhibition debut in Germany, IDIS DirectIP is a true plug-and-play, end-to-end IP surveillance platform which offers “industry-leading” ease of use and performance. Consisting of IP cameras, NVRs, network equipment and totally cost-effective IDIS Center software, IDIS DirectIP is a complete package that’s easy to install, secure, flexible and scalable. It’s compatible with legacy systems and supports third party and ONVIF protocols for maximum installation flexibility. DirectIP provides users with Best in Class performance. Combined with the seven-year IDIS Ultimate Warranty, it’s affordable and cost-effective to run.

DirectIP Solution Suite

Visitors to Hall 5 are also learning about how IDIS Dynamic Privacy Masking is supporting users in complying with privacy legislation. IDIS Dynamic Privacy Masking securely masks areas of interest without transcoding, allowing end users to protect the privacy of selected individuals, for example bystanders, in any video footage which is being used as evidence in a Court of Law.

Together, these advances offer end users, installers, consultants and distributors new levels of system-building flexibility and security with significant cost advantages.

Joon Jun

Joon Jun

Joon Jun, president of IDIS’ Global Business Division, stated: “IDIS technology is now recognised as a trusted and premium brand. It’s being adopted by major users around the world. This success is thanks to our commitment to highly secure manufacturing – which is exclusively Korean – and innovative design which keeps us at the very forefront of the video surveillance sector.”

Leave a comment

Filed under Risk Xtra

Genetec unveils product line-up for Security Essen 2018

Genetec, the manufacturer of unified security, public safety, operations and business intelligence solutions, has announced its show line-up for Security Essen 2018. In its 21st year of delivering global innovation for physical IP security, Genetec will demonstrate Security Center (its scalable, open architecture security platform that unifies video surveillance, access control, ANPR, communications and analytics. The company will also feature its family of security infrastructure appliances and host no less than 11 industry technology partners on its stand, all of them demonstrating their technology integrations and support for Security Center.

Security

Visitors will be able to see the latest features in Security Center (v5.7), including its IP video management system (VMS) designed to scale and adapt to the evolving needs of the security market. This latest version also features enhanced privacy protection, designed to help end users comply with the General Data Protection Regulation’s (GDPR) data privacy and confidentiality mandates, along with a new reporting feature that automatically alerts system administrators to outdated camera firmware.

GenetecSecurityCenter

Genetec will demonstrate its Streamvault turnkey security infrastructure appliances, pre-installed with Security Center to offer a simplified software delivery system. In addition to video surveillance, access control and ANPR support, Streamvault also now provides certified performance with KiwiVision Privacy Protector (a core module in Security Center) that dynamically anonymises video to support GDPR compliance for public and private video surveillance environments.

Genetec will also demonstrate how customers can easily migrate their legacy access control systems to a unified Security Center platform.

Privacy and cyber security

Committed to maintaining the highest levels of privacy protection, Genetec continues to inform IT and security professionals on both cyber security and privacy practices. The company has recently launched the Genetec Trust Center, a central repository of educational materials focused on cyber security, privacy and Security-of-Security topics to help system integrators and end users mitigate risks via trusted Best Practice.

“With our growing presence in Germany, Genetec is happy to bring its many innovations to Security Essen this year,” said Nick D’Hoedt, regional manager for the Benelux and DACH at Genetec. “We will show our customers and partners alike how they can unify their security platforms into a scaleable model that offers one solution through a single interface for improved operational efficiency, adhering to the highest standards of GDPR-compliant data privacy. We’re also proud to welcome 11 of our top technology partners from our growing ecosystem of camera, access control, sensing and software vendors.”

Operations

Also on display will be Genetec Mission Control, a collaborative decision and event management software that provides organisations with new levels of situational intelligence, visualisation and complete incident management capabilities.

Genetec Partner Pavilion

As stated, Genetec will host 11 of its technology partners in individual demo pods on the stand at Security Essen. Each partner will demonstrate their hardware and software integrations with Security Center.

Featured sponsors include Bosch, Edesix, MOBOTIX, OPTEX, Panasonic, Quanergy, Siklu, Southwest Microwave, SimonsVoss, The Safe Group and Schréder. 

All show attendees are invited to visit the Genetec Stand (G30) in Hall 5 at Security Essen 2018.

Leave a comment

Filed under Risk Xtra