SASIG warns cyber security profession to meet growing social media threat

The Security Awareness Special Interest Group (SASIG) is calling on cyber security professionals to strengthen procedures surrounding the use of social media. The warning about the growing threat posed by social media to the integrity of data and network security emerged during this week’s conference entitled ‘Cyber Security: The Implications of Social Media’ that was organised by SASIG in conjunction with The University of Surrey.

The audience of cyber security specialists explored the implications of the far-reaching change brought about by social media and how people interact on different platforms such as Facebook, Instagram, YouTube, Twitter, WeChat and others, highlighting the consequences of casual Internet surfing and posting.

Martin Smith MBE, founder and chairman of SASIG, informed upwards of 200 delegates that social media networks have become one of the biggest gateways for cyber criminals targeting individuals and businesses to gain access to sensitive information and data networks.

Smith stated: “Social media activity has boomed during the last decade and is now an integral part of communications for commercial and personal users. It creates many challenges for both business and personal use and can expose users to unintended risks.”

He continued: “Social media and Internet users often give up a considerable amount of personal data. However, if such information falls into cyber criminals’ hands, they can easily build a profile that gives them the capability to access sensitive personal and financial information.”

Further, Smith observed: “The new Online Safety Bill could prove to be a vital tool in the challenge to tackle the criminal gangs who target unsuspecting individuals and businesses. We strongly recommend that all organisations should take steps to strengthen their cyber security systems against attacks via social channels. Using a combination of education about threats and introducing stringent protocols can protect against misuse.”

Cyber Security Skills Festival

Career opportunities, skills and resources that protect commerce, industry and public services from cyber attacks will feature at the third annual Cyber Security Skills Festival being organised by SASIG in partnership with the UK Cyber Security Council. The event runs on Tuesday 22 February. 

Established back in 2004, SASIG is a peer networking forum for cyber security professionals who represent hundreds of organisations of all sizes here in the UK and emanate from both the public and private sectors.

SASIG boasts more than 6,000 members including Chief Information Security Officers and other decision-makers and influencers with responsibility for information security, as well as academics and Government agencies.

Annually, SASIG curates more than 150 information webinars and in-person events covering topical cyber security issues impacting business, commerce, Government agencies and other public sector organisations.

*Further information is available online at www.thesasig.com 

Comelit takes on The Italian Jog in aid of NHS Heroes

Looking to make a difference for our NHS Heroes is Comelit, with various members of the company committed to run, walk and cycle the equivalent miles from its UK offices in Luton to its Italian headquarters in Lorenzo di Rovetta, Italy. 

Comelit’s challenge, aptly named The Italian Jog, will see members of the security and fire specialist’s team hoping to raise £1,000 for NHS Charities, which is dedicated to supporting NHS staff and volunteers caring for COVID-19 patients.

Francesca Boeris, managing director at Comelit UK, told Security Matters: “When one of the team said in our briefings: “Hang on a minute, I have a great idea” I was instantly ready to support the challenge, and even more so because it’s for our NHS Heroes. This is a big pledge, but one to which we have committed so as to ensure we can make a difference to the critical work being done to protect lives at this uncertain time.”

Comelit is now looking to support workplaces scheduled to return to work, introducing touch screen access control devices with integrated IR scanners for temperature checks as well as thermal camera technology designed to help ensure the safety of returning workers and customers alike.

Boeris added: “In the words of our CEO Edoardo Barzasi, we are taking the necessary measures and offering the right resources to overcome the situation. This is not only in terms of product offerings, but also service requirements. As an industry, we are undoubtedly in this together and will continue to be so. Understanding the new normal and what is being asked of all of us to protect our workers and customers is vital.”

Comelit will be posting regularly on social media platforms with updates on the team’s progress as it travels through virtual destinations and reaches its target.

*To support The Italian Jog visit https://www.gofundme.com/f/the-italian-jog

 

Arc Monitoring appoints Jo Hastings in marketing executive’s role

Arc Monitoring, the NSI Gold-approved CCTV monitoring and Alarm Receiving Centre, has appointed Jo Hastings as the company’s new marketing executive.

Hastings brings five years’ worth of B2B marketing and design experience to Arc Monitoring, which was formed back in 1999. Having graduated with a BA Honours degree in Media Production at Plymouth Marjon, Hastings most recently worked at publishing company Reach plc.

Wayne Dietrich welcomes Jo Hastings to Arc Monitoring

Through time, Hastings has developed a variety of marketing skills and has particular strengths in advertising, design and social media. How, Hastings will be focusing on creating Arc Monitoring’s marketing strategy in line with the business’ strategic goals.

Commenting on her new role, Hastings informed Risk Xtra: “I’m really looking forward to working with such an innovative company and having a whole new industry to learn about. It’s an exciting time in my career to be taking on new challenges and working with the team at Arc Monitoring.”

Wayne Dietrich, business development manager at Arc Monitoring, added: “We’re really excited to welcome Jo to Arc Monitoring in this newly created role and look forward to her experience contributing to growing our customer base of professional installers across the UK. The position further compliments our ongoing investment in people and infrastructure to cement our position as the independent remote monitoring expert.”

Linx International Group expands team with new Group marketing manager and marketing co-ordinator

Linx International Group – the global provider of security, risk management, consultancy and training services – has announced the appointment of Group marketing manager Jerry Alfandari and marketing co-ordinator Victoria Carter.

Fluent in both English and German, Alfandari has a proven track record of managing international marketing campaigns including social and digital content strategies. He’s joined by Victoria Carter, who brings expertise in social media, public relations and video production to the team.

On his appointment, Alfandari explained: “I’m excited to be part of a team that’s working with security practitioners at all levels around the world to develop and launch new courses along with innovative training methods.”

Victoria Carter and Jerry Alfandari

Carter added: “Training and education has always been central to my own career progression, so I’m excited to be joining a company that shares my ethos and is committed to professionalism across the security sector.”

Led by director of sales and marketing Sarah Hayward-Turton, the marketing team will promote the Linx International Group brand and the work of its companies – Tavcom Training (including the CTSP Register), PerpetuityARC Training and the Linx Consultancy.

Hayward-Turton stated: “It’s an exciting time to be part of the Linx International Group. We’re bringing new talent into the organisation, as well as nurturing and developing the skills of those that have been with us for many years.”

Alfandari and Carter are based at the Linx International Group’s Training Centre in Bishops Waltham, Hampshire.

Barry Dawson joins Wilson James to head up expanded Southern Region

Security solutions provider Wilson James has amalgamated its City of London and Southern business regions to create a £65 million operational ‘powerhouse’ spearheading a targeted expansion of its specialist security services.

The move signals the company’s increasing focus on offering clients a high level range of technology, cyber and intelligence-led security solutions to complement its industry-leading security guarding offer.

Barry Dawson

The new Southern Region will be led by Barry Dawson, who joins the business with 30 years’ experience in the security industry encompassing Board level roles at VSG and Advance Security. Dawson is joined by risk management expert Gavin Wilson, tech expert Don McCann and Marc Bannister, working with Crawford Boyce to create and deliver ‘strategic journeys’ for each client in the region.

“The strategic journey is a tailored approach that allows us to offer clients a range of services including not just excellent security guarding, but also Front of House, counter-terrorism, intelligence reporting, global travel risk and social media monitoring,” commented Dawson.

Reporting directly to Dawson are Allison Fraser, Mark Jones and Shai Zach who become strategic account directors, all of them pivotal within the region to ensure Wilson James continues to lead the security sector and deliver service excellence.

Managing director Gemma Quirke observed: “This hugely experienced team means we can offer even better bespoke services to all our clients in this region. It’s an approach that will power the expansion of our security services across all of our operations.”

Criminals target UK’s youth as cases of identity fraud increase

Cifas, the UK’s leading fraud prevention service, has released new figures showing a 52% rise in young identity fraud victims in the UK. In 2015, just under 24,000 (23,959) people aged 30 and under were victims of identity fraud. This is up from 15,766 in 2014, and more than double the 11,000 victims in this age bracket in 2010.

The figures have been published on the same day as a new short film, entitled ‘Data to Go’, is launched online to raise awareness of this type of fraud. Shot in a London coffee shop in March this year, the film uses hidden cameras to capture baffled reactions from people caught in a stunt where their personal data, all found on public websites, is revealed to them live on a coffee cup.

Identity fraud happens when a fraudster pretends to be an innocent individual to buy a product or take out a loan in their name. Often, victims don’t even realise that they’ve been targeted until a bill arrives for something they didn’t buy or they experience problems with their credit rating.

To carry out this kind of fraud successfully, fraudsters usually have access to their victim’s personal information such as name, date of birth, address, their bank details and information on who they hold accounts with. Fraudsters gain such detail in a variety of ways, including through hacking and data loss, as well as using social media to put the pieces of someone’s identity together. 86% of all identity frauds in 2015 were perpetrated online.

People of all ages can be at risk of identity fraud, but with growing numbers of young people falling victim, Cifas is calling for better education around fraud and financial crime.

Fraudsters are opportunists

Simon Dukes, CEO of Cifas, said: “Fraudsters are opportunists. As banks and lenders have become more adept at detecting false identities, so the fraudsters have instead focused on stealing and using genuine people’s details. Society, Government and industry all have a role to play in preventing fraud. However, our concern is that the lack of awareness about identity fraud is making it even easier for fraudsters to obtain the information they need.”

Dukes continued: “The likes of Facebook, Twitter, LinkedIn and other online platforms are much more than just social media sites – they’re now a hunting ground for identity thieves. We’re urging people to check their privacy settings today and think twice about what information they share. Social media is fantastic, and the way we live our lives online gives us huge opportunities. Taking a few simple steps will help us to enjoy the benefits while reducing the risks. To a fraudster, the information we put online is a goldmine.”

Commander Chris Greany, the City of London Police’s national co-ordinator for economic crime, added: “We’ve known for some time that identity fraud has become the engine that drives much of today’s criminality, and so it’s vitally important that people keep their personal information safe and secure. In the fight against fraud, education is key and it’s great that Cifas and its members are taking identity fraud seriously and working together to raise awareness of how the issue is now increasingly affecting young people through the launch of this film.”

As part of the campaign, Cifas commissioned a survey with Britain Thinks to find out more about 18-24 year olds’ attitudes towards personal data and identity fraud. The survey found that young people are alarmingly unaware that they’re at risk:

• Only 34% of 18-24 year olds say they learned about online security when they were at school
• 50% of the 18-24 year olds surveyed believe they would never fall for an online scam (compared to the national average of 37%)
• Only 57% of 18-24 year olds report thinking about how secure their personal details are online (compared to 73% for the population as a whole)

They’re also less likely to install anti-virus software on their mobile phone than the national average (27% compared to 37%).

Organisations such as the City of London Police, Action Fraud, Get Safe Online, Her Majesty’s Government’s Cyber Streetwise campaign, Financial Fraud Action UK and Cifas members including Coventry Building Society, BT and Secure Trust Bank are all supporting the campaign and sharing the new film across their social media networks.

Cifas is also appealing to youth organisations, schools and universities to share the film so it reaches as many young people as possible.

Camlock Systems unlocks the potential of LinkedIn

Camlock Systems Ltd has launched its company page on the professional social network LinkedIn. Camlock’s followers can now obtain expert security advice, gain company insights, read market news and participate in related discussions.

Camlock Systems’ locking security experts work in partnership with customers to supply or design, develop and manufacture mechanical and electronic locking security using innovative technology.

By following Camlock Systems on LinkedIn, interested individuals have the opportunity to learn about the company’s products, markets, partnerships, career opportunities, Camlock’s team and more.

LinkedIn further enables people to engage with Camlock Systems and the business’ many security experts, either by sharing and commenting on posts or by approaching a team member directly.

Camlock’s products are widely used in the self-service industries including vending machines, gaming machines and kiosk terminals as well as infrastructure and utilities cabinets and enclosures.

Rebecca Koch, international marketing manager at Camlock Systems, commented: “LinkedIn will give our followers and ourselves the chance to get to know and inspire each other. I would like to encourage everyone who’s interested in locking security to connect with us.”

*Follow the company on LinkedIn under https://www.linkedin.com/company/camlock-systems-ltd or visit the website www.camlock.com for further information

NICE Systems launches digital policing solution to help law enforcement agencies close cases on faster timescales

NICE Investigate automates and expedites the entire digital investigation process, in turn leading to more effective evidence processing and facilitating successful prosecutions.

Police departments everywhere are investing in digital policing initiatives to better safeguard the public. Yet the exponential growth in digital data energised by an increasing number of sources, such as body-worn cameras and private and public CCTV footage, now presents the challenge of how to effectively process all of this ‘siloed’ information.

NICE Investigate, a new digital policing solution from NICE Systems, breaks down information silos and replaces lengthy, manual processes with automated workflows to expedite the entire digital investigation process. This goes well beyond the capabilities of the digital evidence management solutions in use today. NICE Investigate streamlines the collection, organisation and sharing of potential evidence such that investigators can make sense of disparate data.

“Investigators face some tough challenges,” noted Ed Davis, a former Boston Police Commissioner. “Collecting and securely sharing potential evidence is surprisingly manual and time-consuming, while analysing the disparate pieces to recreate the ‘Who, What, Where, When and Why’ of an incident is more complicated than ever. A software solution that addresses these issues and leads to higher case clearance rates would be invaluable to any police department.”

Identifying, collecting and copying digital evidence

“Today’s investigators inevitably spend too much time identifying, collecting and copying digital evidence from various sources, including video from citizens, private and public sector CCTV video, audio recordings, photos and more,” stated Chris Wooten, executive vice-president at NICE Systems. They often lack the tools needed to organise and make sense of all the different pieces of information.”

Wooten continued: “At the same time, budgets are flat and workloads are increasing. Inefficient processes threaten to delay investigations, incident resolution and prosecution. NICE has now leveraged its experience of working with thousands of police departments and its expertise in information management for emergency communications centres to develop a solution that addresses these issues.”

NICE Investigate improves investigator efficiency and effectiveness through four core capabilities:

*Compatibility with multiple evidence sources

NICE Investigate integrates data from most existing applications and sources, including CAD and RMS systems, body camera video, physical evidence like photos and documents, public and private CCTV video, in-car video, interview recordings, citizen tips, audio recordings, gunshot detection systems, automated license plate readers, social media and more. This enables police departments to collapse information silos, choose Best-in-Class systems from leading providers and protect their investment in existing systems

*Automated workflow

The solution expedites criminal case building by organising evidence into a digital case folder, using a powerful correlation engine to suggest potential evidence and enabling investigators to electronically initiate requests for evidence and evidence processing

*Content analytics and visualisation

Content analytics examines digital content from connected sources. Visual tools display the information, making important patterns and relationships easier to understand. By uncovering more relevant information and visualising it in useful ways, crimes that would otherwise go unsolved can be successfully prosecuted

*Secure collaboration and sharing

Investigators can easily and securely share evidence electronically, enabling multiple investigators within an agency or across agencies to collaborate on a case while maintaining the chain of custody and integrity of the evidence. Investigators no longer have to waste valuable time copying and transporting digital evidence for prosecutors.

Cheshire Fire and Rescue Service keeps public informed thanks to CrowdControlHQ’s social media platform

Cheshire Fire and Rescue Service is using a social media risk management and compliance platform from CrowdControlHQ to monitor and govern its corporate social media accounts including Twitter and Facebook. More than 30 users across the Cheshire Fire and Rescue Service access corporate social media accounts via the platform’s central dashboard.

There has been an increase in engagement witnessed across all accounts in the last two years which has seen the number of Twitter followers double to over 17,000.

Cheshire Fire and Rescue Service uses social media for two-way communication with residents and county stakeholders, including other Fire and Rescue Services and local Government officials businesses as well as schools in the area.

CrowdControlHQ was selected for the central management of the Fire and Rescue Service’s social media activity following research and a presentation from the company.

Caroline Jones, digital and media services manager at Cheshire Fire and Rescue, explained: “We chose CrowdControlHQ for the level of control and analytics that the company’s solution provides. We wanted a platform where we could allow multiple people to post to corporate accounts. CrowdControlHQ does that safely and securely and it gives a history of all activity, for example who has posted to what and where. Information like that is important for audit purposes.”

Management from a single point

Using CrowdControlHQ makes it possible to manage corporate social media accounts from a single point. Cheshire Fire and Rescue Service chose to have just one account for each social media channel rather than each fire station or areas of the service posting to individual accounts. This means it’s easier for the public and other stakeholders to receive updates by finding, following and commenting on corporate accounts rather than multiple social media accounts for different fire stations across the region.

Jones continued: “Social media is a great way to communicate with the public. Where there are incidents throughout the day it’s really easy, thanks to the central control in CrowdControlHQ, to publish a Tweet or post a message on Facebook and to then plan Tweets for the weekend. Recently, in just 28 days we had 437,000 impressions and posted 168 Tweets. The management team takes social media very seriously and fully supports it as a communications channel.”

Cheshire Fire and Rescue Service also promotes other Fire and Rescue Services’ campaigns and champions national safety initiatives such as the annual road safety campaign using Twitter and Facebook, with links to a web page. CrowdControlHQ is used to plan Tweets and posts in advance and then measure the success of campaigns using the analytics generated.

James Leavesley, CEO at CrowdControlHQ, commented: “We have seen a variety of social media strategies emerging across Emergency Services providers tasked to drive communications objectives. For some, the emphasis is on single channel or multi-responders while others may adopt a multi-channel or in some cases a partnership-style approach.  However, what consistently underpins all the strategies we see is the need for more brand representatives to become involved in delivering messages to the public, raising the reputation risks associated with delivering complex public engagement. Using a risk and compliance platform gives organisations the confidence that they can manage and respond to social media communications effectively, consistently and in a timely manner.”

About Cheshire Fire and Rescue Service

The Cheshire Fire and Rescue Service is led by the Chief Fire Officer and the Service Management Team.  It has 25 fire stations, four community safety centres, three community fire protection offices and a headquarters based in Winsford.

The Fire and Rescue Service responds to emergency incidents – known as Emergency Response (ER)  – across the four unitary council areas of Halton, Warrington, Cheshire East and Cheshire West and Chester.

*For more information visit: www.cheshirefire.gov.uk

About CrowdControlHQ

CrowdControlHQ is one of the UK’s leading social media risk management and compliance platforms built for enterprise. It’s web-based software used by public and commercial organisations to support employees wishing to optimise their social media engagement delivery.

CrowdControlHQ provides tiered access and specialist control features to help manage the reputation risk associated with the delivery of social media in complex, multi-user, multi-campaign and generally busy customer service environments.

It’s a venture capital-backed British business servicing over 125 clients with over 10,000 users. Clients include Experian, Serco, Welsh Water, the Greater Manchester Police and Arriva.

*Additional information is available at: www.crowdcontrolhq.com

CrowdControlHQ: “IT directors ignore social media risks at their peril”

Marc Harris (Chief Technical Officer at CrowdControlHQ) examines the issues facing IT directors from the use of social media.

Many IT directors operate their own personal Facebook and LinkedIn accounts. However, when it comes to corporate social media they pass responsibility for management of same to the Marketing Department. Are they doing so at their peril?

Let me start with the elephant in the room, namely the role of the IT director. After an extensive IT career in the media, telecommunication and technology sectors recent experience has led me to conclude that social media needs to be firmly at the top of the priority list of every IT director.

In my current role, I see at first hand the impact of reputational damage realised by both internal and external sources through the use of social media, and find it surprising how few IT directors are willing to discuss the issues or attend conferences on the subject. Perhaps they feel an unwelcome interference or ‘elbowed out’ by this new communication channel which has evolved extensively under the umbrella of marketing?

In future, the organisations succeeding in the social media space will have Marketing and IT Departments working seamlessly together to tackle the issues. The ‘DNA’ of IT makes it the most qualified department to deal with some of the risk issues that surround social media, so why isn’t it more involved?

Today, social media is being used in every aspect of business, from the Boardroom right through to the delivery of customer service. By its very nature, social media is a collective responsibility. Not surprisingly, its reliance on ‘collaboration’ has in some instances manifested itself as ‘sharing’ responsibility for posting of content… and even the sharing of passwords!

New rules now apply

I once overheard a social media officer quite gleefully boasting the fact that they had the Twitter login to hand for their company chairman. When challenged, the officer admitted that he was ‘The Chosen One’. If he was off sick that was it – no tweets or updates! Worse still, if he left the organisation he had the power to bring the place down tweet by tweet.

This is the stuff that would have kept me awake at night as an IT director, yet in a world powered by social engagement new rules seem to apply.

Marc Harris: CTO at CrowdControlHQ

Recent research also reported that a scarily large number of employees still use the dreaded Post-It note to record their login usernames and passwords, stuck to walls, desks and even the computer screen. Apparently, we’re not coping well with the need to access everything online from social media to our weekly shop and fear our mobile devices could be pinched. We’re reverting to pen and paper, it seems.

This practice can only end in tears. There have now been too many examples of ‘rogue’ tweets, no audit trail of who posted them (or why) and organisations – who, frankly, should have known better – being left rosy cheeked, so why is this practice still so rife?

Why would an employee, with their job on the line, ‘fess up’ when they know that at least 15 other people had access to the account that day?

I also believe that few IT Departments have a handle on the number of users across their ‘official’ social media accounts, let alone a log of which password protocol they are using, how they are accessing the site or posting.

Need to look both ways

We cannot just blame the employees. Even organisations with the most robust and celebrated IT protocols let themselves down when it comes to simple issues such as data storage. I suspect very few IT directors are crystal clear about where their marketing communications teams are storing their social media campaigns, let alone harbour an understanding of the conversations from the past that they may need to reference in the future or where they keep their notes about their customers linked to these campaigns.

I would hazard a guess that many IT Departments are breaking their own compliance and governance issues when it comes to social media.

Today, there’s no need to share passwords. The social media ‘savvy’ have cottoned on to tiered password access, with both the IT and Marketing Departments having an ‘on/off’ switch to give them instant control in times of crisis. If IT is involved in the installation of a Social Media Management Solution (SMMS) they can see exactly who is plugged into the system, where accountability lies and who they need to train and develop to uphold the security protocols needed in order to keep an organisation’s reputation intact.

Within the scope of most IT budgets a SMMS will be a drop in the ocean but will address these major issues. Any smart IT director will already be looking at a SMMS if there isn’t already one in place. Such a system gives control back to the organisation. All passwords are held in one place such that accounts are not owned by individuals but by the company. The right system gives an organisation the ability to moderate content at a senior level. In turn, the risk of misuse or mistakes can be eradicated.

A SMMS also takes care of the practical management issues. I fear that some organisations are taking a step backwards in terms of their technological evolution, reverting to time-wasting, ineffective manual processing of social media (eg multiple logins to different social media platforms rather than using readily available tools for automation and effectiveness).

The message is clear. IT directors ignore social media at their peril. When it comes to corporate social engagement, it’s time for them to wake up, check and challenge.