Tag Archives: Risk Management

BeCyberSure launches specialist EU GDPR Risk Assessment service

Information security specialist BeCyberSure has announced the launch of the “most comprehensive GDPR Risk Assessment available”. Conducted by security, risk and compliance specialists, the audit provides organisations with a definitive evaluation of their EU GDPR (General Data Protection Regulation) readiness, as well as what needs to be done to ensure compliance ahead of the 25 May 2018 deadline.

The GDPR supersedes the UK’s Data Protection Act 1998 and applies to every company that collects, processes or stores an EU citizen’s data, regardless of sector, size and geographical location. Enforcement of the GDPR is unaffected by the UK’s decision to leave the EU.

The BeCyberSure GDPR Risk Assessment is said to provide the most rigorous audit process available. The assessment is conducted on and off site by a GDPR specialist, beginning with a detailed review of company policies and governance, procedures and processes, an assessment of physical aspects (such as access to buildings and the storage of paper documents, etc.) and, if deemed necessary, an extensive digital vulnerability test. The audit also involves formal and informal (ie covert) interviews with employees as well as heads of department.

EUGDPRWeb

Carolyn Harrison, marketing director at BeCyberSure, explained that the GDPR is a company-wide issue and should not sit solely with IT.

“Our assessment begins with people, policies and processes to reveal any possible vulnerabilities that would result in non-compliance,” urged Harrison. “We then deep-dive, looking at what data the organisation is capturing, how it’s processed, what consent has been given, where it’s stored and how to dispose of all information that’s not required.” Harrison added: “The best technology in the world can be rendered useless if an open door, whether physical or digital, creates the opportunity to access to data.”

Following the audit, the host organisation is presented with a confidential Advisory Report stating what action (if any) is required to ensure GDPR compliance.

On that note, Harrison stated: “This report is invaluable in terms of benchmarking where an organisation is today, where they need to get to and the best course of action to get there. They can then choose to implement the programme of work themselves, collaborate with BeCyberSure or outsource the entire project to us.”

BeCyberSure has a senior team of GDPR auditors who have a wealth of experience with backgrounds in risk management and compliance, cyber security, policing, intelligence services and the military.

Harrison concluded: “There’s a lot of scaremongering going on about the GDPR and, while it’s true that the potential fines are eye-watering and the threat of personal liability daunting, if organisations act now, then they still have time to put the necessary safeguards in place to be GDPR-compliant. Undertaking a Risk Assessment is the first step in the due diligence process and means that organisations are not spending unnecessarily on their route to compliance.”

*For further information access www.becybersure.com

Leave a comment

Filed under Risk UK News, Uncategorized

NSI’s fourth Installer Summit proves great success for 200-plus delegates

Upwards of 200 representatives from National Security Inspectorate (NSI)-approved companies gathered to attend the NSI’s fourth national Installer Summit, held on Thursday 30 March at the Vox, the brand new state-of-the art conference centre at Resorts World on the National Exhibition Centre complex in Birmingham.

Over 50 product and business support providers filled the large exhibition hall, offering delegates the opportunity to view the very latest security technology, expand their technical knowledge and take advantage of exclusive Summit deals and offers.

NSIInstallerSummit2017Speakers

Speakers at the NSI’s 2017 Installer Summit in Birmingham

Special emphasis was placed on education this year, with ten speakers covering a range of pertinent security and fire sector-related topics over the course of the day.

Subjects in the morning plenary session included the Hatton Garden heist and lessons learned for the security sector, the Government’s perspective on cyber security (including the risks and uncertainties), an insight into Jaguar Land Rover’s award-winning corporate security strategy and the newly-launched Trailblazer Apprenticeship Standard for the security and fire business sectors.

NSIInstallerSummit2017RichardJenkinsNSICEO

The NSI’s CEO Richard Jenkins addresses the audience

In the afternoon, delegates were invited to choose from a variety of 30-minute educational sessions. These concentrated on home automation and system integration: the opportunities and risks, tips for protecting businesses against cyber attack, apprenticeships and the benefits for businesses and guidance on forging closer links with police forces.

NSI Gold-approved companies were also given an overview on the changes to the new ISO 9001:2015 Standard fromthe NSI’s expert auditors. In addition, there was a presentation about the benefits of NSI approval for automated gates and barriers, with specific emphasis on helping clients to reduce their risk and understand the business opportunities.

NSIInstallerSummit2017GraemeDow

Graeme Dow speaking at the NSI’s Installer Summit

The seven main sponsors instrumental in delivering this year’s Summit were Avigilon, BT Redcare, CSL, Fermax, RISCO Group UK, IFSEC International and Texecom. As a not-for-profit organisation, the NSI is wholly dependent on its sponsors and other exhibitors who make the event possible.

Richard Jenkins, the NSI’s CEO, stated: “We were delighted to see hundreds of delegates from NSI-approved companies attend this year’s Summit. Delegates clearly value this focused and targeted event which addressed topics specific to their needs in an effective way and in a prestigious professional environment. Like-minded industry experts are ready to share the latest developments in the sector. The feedback we’ve received so far from all participants including speakers, exhibitors and our key sponsors has been overwhelmingly positive, with many seeking to reserve their seats for next year’s event.”

NSIInstallerSummit2017ExhibitionArea

The exhibition area proved extremely popular with delegates

 

End users who choose to contract NSI-approved companies can be assured of security and fire safety services delivered to the highest standards by businesses committed to quality.  With a national network of full-time qualified auditors specialising in security and fire audits, the NSI counts the UK’s premier security and fire safety providers among its clients. The NSI provides robust auditing by experts to verify compliance with relevant British and European Standards, Codes of Practice and certification schemes developed by industry bodies and associations.

Leave a comment

Filed under Risk UK News, Uncategorized

Genetec announces technology partnership with SimonsVoss

Genetec, the provider of open architecture security and public safety solutions, has announced a technology partnership with SimonsVoss, the manufacturer of electronic locks. Through this partnership, Genetec will be able to integrate the SimonsVoss SmartIntego digital locking cylinder, the ‘Smart Handle’ and padlock wireless locks with its own Synergis solution (the IP-based access control core system in Genetec’s Security Center, the company’s unified IP security platform. This will offer a cost-effective and scaleable solution for a wide range of end user customers, including security and risk managers operating in the spheres of higher education, healthcare, retail and Government institutions.

Customers will be able to enroll SimonsVoss locks into their Synergis access control system with Version 5.6 of Security Center, which is expected to be available in early Q2 2017 through the Genetec Channel Partner Programme.

GenetecLogo

With the cost of hardwired access control installation increasing, in the main due to infrastructure complexity and compliance requirements, the ease and speed of installation of a wireless access control solution saves customers money. It also greatly enhances an organisation’s security for staff, visitors and property (both physical and intellectual).

For systems integrators, this integration will offer a greater choice of industry-standard wireless electronic locks. Overall system design and deployment will be greatly simplified, allowing Genetec-certified channel partners to leverage wireless locks and significantly reduce the installation time and labour costs typically associated with hardwired solutions.

“We’re thrilled to add the SimonsVoss brand to our expanding portfolio of supported locks,” said Derek Arcuri, product marketing manager at Genetec. “Both companies will now be able to offer end users and systems integrators alike a greater choice in access control hardware, whether for designing a new physical security system or updating an existing one.”

Bernhard Sommer, managing director at SimonsVoss, added: “The integration of our SmartIntego locks with the enterprise-class Synergis access control software from Genetec will enable a scaleable access control solution that meets today’s needs while providing an easy pathway to future upgrades.”

When Synergis and SimonsVoss locks are deployed alongside Genetec video surveillance products, end users will be able to view all of their lock events and activities seamlessly linked with live or recorded video, giving them a more complete and unified view of their organisation’s security.

Leave a comment

Filed under Risk UK News, Uncategorized

Partnership between Cortech Developments and ACT affords end users optimised security solutions

Cortech Developments’ main software product, namely Datalog 5, now offers full integration with ACTpro Enterprise software designed by access control provider ACT.

The partnership between Cortech Developments and ACT will provide end users with an added value solution that optimises security across large estates incorporating multiple sites and buildings.

Commenting on the integration, Jason Blundell (head of sales at Cortech Developments) informed Risk UK: “The ACT collaboration demonstrates how interoperable systems mitigate risk, provide sustainable cost reduction, improve efficiency and deliver greater situational awareness.”

CortechACTPartnership

ACT and Cortech Developments are achieving interoperability that provides cause and effect across an unusually wide range of building systems through data merging.

James McAlister of ACT added: “The alliance with Cortech Developments is another example of constituent parts of facility management coming together. We’re committed to wide-ranging data solutions, so working with a leading SMS provider was a logical step. ACT now offers a broader suite that can be used on complex and multiple sites.”

Both Cortech Developments and ACT operate across sectors including education, healthcare, retail, the utilities, transportation and Government with a particular focus on high-security environments and Critical National Infrastructure.

Cortech’s solutions are deployed in 27 countries, while ACT exports to over 40 nations.

Leave a comment

Filed under Risk UK News, Uncategorized

Corporate Risk Associates awarded £70,000 R&D grant for nuclear power plant research

A human factors, safety and risk consultancy that provides services to safety critical industries has been awarded an R&D grant worth almost £70,000 which will see the company make a significant contribution towards improving the safety and operations of civil nuclear power plants.

Thanks to the grant plus some internal funding, UK-based Corporate Risk Associates (CRA) will now be conducting a comprehensive research project designed to significantly enhance the industry’s understanding of potential system failures in nuclear power plants, aiding both plant safety and the uninterrupted supply of electricity.

The grant has been awarded by Innovate UK, the UK’s innovation agency which works with people, companies and partner organisations to find and drive the science and technology innovations that will grow the UK economy. The research will be completed throughout the course of this year.

Speaking about the grant, Jasbir Sidhu (CEO and founder of CRA) said: “We’re delighted to have been awarded this grant which will see CRA develop a process to generate realistic reliability estimates of SMART Control and Instrumentation (SC&I) in order to increase the safety levels within nuclear power plants.”

SC&I are intelligent control devices that employ programmable electronic components to collect and process data to enhance performance.

According to Singh, the industry uses assessments of the reliability of engineered systems to understand safety margins. The reliability of SC&I technology is difficult to substantiate due to the inclusion of software, and this leads to an assumption that it performs much worse than is indicated by operational experience.

innovateuk

Safety Integrity Levels

“Current methods adopted in the industry involve using high confidence values based on Safety Integrity Levels (SILs), as stipulated in standards such as IEC 61508/IEC 61513,” added Singh. “We firmly believe this current method doesn’t give a good indication of the ‘true’ reliability, as SIL figures are considered to be highly conservative. As such, we’re extremely passionate about this project and developing a process that can ensure future decisions are based on realistic reliability estimates.”

Singh went on to state: “It’s great that we’ve received this grant from Innovate UK in recognition of the significant impact this project will have on the nuclear, process, transportation and other high hazard industries where safety is, of course, of paramount importance. Looking ahead, this research will have a major impact on the understanding of risks from emerging and growing fields, such as Data Centres.”

The project will be led by experts at CRA, including the company’s principal consultant Ashraf El-Shanawany and consultants Francesca Brandford-Adams and Garth Rowlands, who’ll be researching the approach of Structured Expert Judgement.

Established in 2000, CRA boasts a team of 40 technical consultants. The company prides itself on managing safety, reliability and risk across the nuclear, rail, defence and process industries, where delivering a robust risk analysis is part of the licensing processes.

The company has recently been awarded work with major organisations, including the Office of Nuclear Regulation, EDF Energy and Babcock International.

Leave a comment

Filed under Risk UK News, Uncategorized

Europe is the world’s top tourist destination… but are tourists safe?

Worldwide, tourist travel is on the rise. Indeed, international tourism actually dwarfs any other type of leisure business in terms of growth. One of the global regions benefiting the most from this trend is Europe: the world’s first tourism destination.

Central to the dynamism of European tourism is accommodation: hotels, B&Bs and online-rented space, but due to a loose legislative framework for safety, which is rapidly becoming obsolete as our habits as tourists evolve, hotels might also become European tourism’s Achilles’ heel.

Of all the dangers posed to a tourist’s safety in a European hotel, fire remains the biggest. Currently, the legal basis on the matter is a 1986 EU Council Recommendation on fire safety in hotels. Since EU Recommendations are, by their very nature, non-binding legal acts, this has resulted in mainly localised and incomplete measures. Fast forward 30 years later, and it’s clear that the Recommendation has had limited effect on hotel safety in Europe: a fact acknowledged by hotel federations and consumer associations alike.

The main issue is that local self-regulation resulting from the EU Recommendation hasn’t guaranteed an even level of safety across the EU. Enforcement varies considerably from country to country, and even from city to city, including in the same region, and largely depends on the size of the hotel. All-too-often, small hotels are less well scrutinised, and somewhat more ill-equipped than bigger ones to deal with fires. Local laws frequently link the number of rooms with compliance to the Recommendation.

Global trends

An analysis of global trends in tourism shows that, as our tourist habits evolve, the risk resulting from the current situation increases: more and more travellers choose to go ‘off the map’ opting for smaller hotels rather than big chains. This new type of tourist also tends to visit exactly those countries where safety in hotels is less controlled.

Add to this the relatively unregulated development of increasingly popular online ‘homestay’ networks, such as Airbnb, and you have a flammable cocktail. The situation seems to be calling for a fast reaction.

euralarmlogo

The most recent attempt to initiate binding legislation on tourism accommodation safety arose in October 2015. A Resolution of the European Parliament called for a consistent European approach around risks related to fire. Reactions to the Resolution from various Brussels-based influencers highlighted a novel situation. All parties involved – ie consumer associations, hotel federations and Euralarm, the European Trade Association representing the electronic fire and security industry – now seem to agree that a legally binding EU Directive would be the right solution to address the issue.

Industry-led survey

Unfortunately, the initiative derailed due to a lack of reliable supporting data. The exact level of risk existing for the flows of tourists travelling to and inside Europe remains a question mark.

Outside of empirical observations, statistics on safety in tourism are notoriously hard to come by, with reputational issues hampering self-reporting. An EU Commission-initiated data collection programme launched in 2008 resulted in a blatant failure.

The focus now is on a survey led by the industry, rather than the EU. Among others, Euralarm has asserted its readiness to help with new data collection efforts. The organisation has also offered to provide support and expertise to the EU Institutions and the CEN-CENELEC European standardisation platform for the development of the relevant legislation and necessary standards needed to improve fire safety in hotels.

Progress in European legislation and standardisation is often slow unless the issue makes it to the news headlines. In 2004, after a number of tunnel fires with resulting casualties, the EU Commission was forced to publish a Directive on tunnel fire safety. Should we wait any further before adopting a Directive on tourism accommodation safety?

Time to act

Any failure to act quickly could lead to another cost for Europe. As tourism is now more globalised than ever, competition becomes fiercer, and parts of the world with more stringent and well-established regulations for safety in tourism accommodation might hold a key advantage.

In the United States for example, a Hotel and Motel Fire Safety Act has been in place since 1990. Potential future incidents resulting from poor regulation could hit Europe’s tourism industry particularly hard. Its reputation as a safe destination has already taken a blow due to recent terrorist attacks.

Tourism is one of the engines of the European economy and an important source of jobs. Eurostat reports that one-in-ten non-financial enterprises in Europe belong to the tourism industries, and that these 2.2 million enterprises employ an estimated 12 million people. That’s more than one-in-five of individuals employed across the services sector.

Leave a comment

Filed under Risk UK News, Uncategorized

Milestone Systems and Community Partners deliver high profile retail surveillance solution across Middle East and North Africa

Milestone Systems, the developer of open platform IP VMS, has delivered a flexible and scalable surveillance solution for Majid Al Futtaim’s multi-site operations across the Middle East and North Africa. The solution integrates Best-in-Class technologies from Community Partners.

As a fast-growing business, Majid Al Futtaim realised that managing large camera networks and risks across multiple sites and countries posed several challenges. First, the outdated analogue surveillance infrastructure was in need of being modernised. Second, the sheer size of the operation, with multiple sites across several countries and more than a thousand cameras at some sites, had to be addressed.

Following a comprehensive vetting process, Majid Al Futtaim chose a state-of-the-art security and video surveillance solution in order for the business to remain at the forefront of operating safe and secure retail and leisure environments.

The Milestone XProtect Corporate VMS permits Majid Al Futtaim to operate the entire surveillance solution from a single management interface in the UAE. Being able to access all the sites from one location enables the operations team to co-ordinate surveillance and management efforts across those sites. Other relevant parties can also leverage the information directly from mobile clients, in turn enabling more efficient safety operations.

milestonemenacasestudy

Top-of-the-range Axis Communications cameras and Pivot3 hyper-converged server infrastructure guarantee the host business lives up to Government regulations. iCetana’s dynamic live monitoring system helps offset the challenges of actively monitoring the large camera networks and enables a real-time assessment and response capability.

Operational costs related to the hardware, servers and cameras have been reduced from 23% to 7%. Real-time response capability helps make overall security operations more effective by immediately identifying risks. Today, there are approximately 10-12 incidents actioned per 300 cameras.

“We are honoured Majid Al Futtaim has chosen Milestone as its primary VMS and we look forward to continuing to support them now and into the future,” enthused Peter Biltsted, director for the Middle East and Africa at Milestone Systems.

“iCetana is proud to provide ongoing support to Majid Al Futtaim throughout the MENA region, and also to be part of Milestone’s Partner Community as key components of Majid Al Futtaim’s video surveillance infrastructure,” added Stephen Bose, head of business development at iCetana.

Leave a comment

Filed under Risk UK News, Uncategorized