Asia Pacific Security Magazine July/Aug 2014 by MySecurity Marketplace

Print Post Approved PP255003/10110

THE REGIONS LEADING GOVERNMENT AND CORPORATE SECURITY MAGAZINE | www.asiapacificsecuritymagazine.com Jun/Jul 2014

In the shadows of the Dragon China’s booming bodyguard and security industry

The use of social media in emergencies

and missing links of flight MH370

CCTV

The commercial argument for security technologies $8.95 INC. GST

PLUS

FEATURE

INTERVIEW

Peter Lockwood The Navy’s Commodore Senior Officer West Australia

TechTime | Movers & Shakers | Women in Security and much more...

*VBH41 PTZ camera in beige or black *VBH41 PTZcamera camera silveravailable orblack blackavailable available from nationaldistributors distributors *VBH41 PTZ ininsilver or from national

• • • •

VB-M Series

VB-H Series

VB-S Series

HD Range

Full HD Range

Compact Full HD Range

VBM40 – PTZ w/ 20 X optical zoom VBM600VE – IP66 fixed dome w/ optical PTZ-R during setup VBM600D – Fixed dome w/ optical PTZ-R during setup VBM700F – Wide angle full body w/ optical zoom during setup

• • • •

VBH41 – PTZ w/ 20 X optical zoom VBH610VE – IP66 fixed dome w/ optical PTZ-R during setup VBH610D – Fixed dome w/ optical PTZ-R during setup VBH710F – Wide angle full body w/ optical zoom during setup

• • • •

VBS30D – Compact PTZ w/ 3.5 x optical zoom VBS31D – Compact PT dome VBS800D – Compact fixed dome VBS900F – Compact Full body

BECAUSE CLARITY MATTERS

The World’s smallest FULL HD PTZ (VB-S30D) & PT (VB-S31D) cameras. 1

CAPTURE EVERYTHING IN THE HIGHEST OF QUALITY Learning and listening to end users and integrators on what they want from an IP camera drives Canon’s innovation – And with over 75 years of imaging excellence our range encompass all of our expertise & knowledge in camera and lens design. When Clarity matters, choose the premium quality range you can rely on. As 2014 Asatat1 March June 2014

For more information visit canon.com.au/networkcameras call 1800 021 167 or email specialised.imaging@canon.com.au

“By 2015, 30% of all integration revenue will be spent on integrating cloud services. Further, by 2016, 20% of all integration spending will be for mobile.” 2014 GARTNER PREDICTS

Gartner Application Architecture, Development & Integration Summit 2014 21 – 22 July | Sydney, Australia | gartner.com/ap/aadi

Transform Your Applications Strategy for a Digital World

Digital Privacy Forum 2014 Securing digital data by implementing & complying with Australian policy reforms 29 - 31 JULY 2014 RADISSON BLU HOTEL SYDNEY

Don’t risk missing out on Australia’s greatest digital privacy event!

EXPERT SPEAKERS: • • • • • • • • • • • • • • •

Mark Dreyfus QC MP, Shadow Attorney-General, Attorney-General’s Department Dr Suresh Hungenahally, Chief Information Security Officer, Department of State Development, Business and Innovation (VIC) John Pane, Regional Lead - Privacy & Data Protection Asia-Pacific, Johnson & Johnson Rafael Chiang, Security Advisor, Virgin Australia Karen Phillips, Assistant Auditor-General, Information Systems Audit, Victorian Auditor-General’s Office Maria Corpuz, Manager - Information Security, Information and Technologies Services, Queensland University of Technology Dr David Williams, Group Executive, CSIRO Alec Christie, Partner, DLA Piper Olga Ganopolsky, General Counsel, Veda Anthony Wong, Vice President, Australian Computer Society (ACS) Peter Sandilands, Vice-Chair Advocacy Board, Australian Information Security Association (AISA) Guido Governatori, Senior Principle Researcher - QLD Research Laboratory, National ICT Australia (NICTA) Dr Chi Nguyen, Digital Lifecycle Manager, Macquarie University Adrian Lawrence, Partner, Baker & McKenzie James Young, Consulting Systems Engineer, Fortinet

Gold Sponsor

T | 61 2 9247 6000

Endorsed by

F | 61 2 9247 6333

• • • • •

REASONS WHY YOU SHOULD JOIN US THIS JULY

Establish a thorough understanding of the impact of new Australian Privacy Policy requirements Examine the challenges arising from changes to the new privacy reform Develop and implement the correct procedures to boost your business’s data security Avoid privacy breaches Explore essential changes of data collection and storage

Media Partners

W | akolade.com.au

Organised by

Editor's Desk

Executive Editor / Director Chris Cubbage Director / Co-founder David Matrai Marketing Manager Kathrine Pecotich Art Director Stefan Babij Correspondents Sarosh Bana Serge DeSilva-Ranasinghe Adeline Teoh

MARKETING AND ADVERTISING Kathrine Pecotich T | +61 8 6361 1786 promoteme@australiansecuritymagazine.com.au SUBSCRIPTIONS

T | +61 8 6465 4732 subscriptions@mysecurity.com.au Copyright © 2014 - My Security Media Pty Ltd 286 Alexander Drive, Dianella, WA 6059, Australia T | +61 8 6465 4732 E | info@mysecurity.com.au E: editor@australiansecuritymagazine.com.au All Material appearing in Australian Security Magazine is copyright. Reproduction in whole or part is not permitted without permission in writing from the publisher. The views of contributors are not necessarily those of the publisher. Professional advice should be sought before applying the information to particular circumstances.

CONNECT WITH US www.facebook.com/apsmagazine www.twitter.com/apsmagazine www.linkedin.com/groups/Asia-PacificSecurity-Magazine-3378566/about www.youtube.com/user/MySecurityAustralia

www.australiansecuritymagazine.com.au

www.drasticnews.com

www.chiefit.me

www.youtube.com/user/ MySecurityAustralia

www.cctvbuyersguide.com

4 | Asia Pacific Security Magazine

he world seems faced with either a Civil War or a Caliphate crossing the Syrian and Iraqi borders, and with intent to go further into the Levant – worse case on to Afghanistan once final US forces leave in 2016. The call to arms by ISIS cleverly adopts all social media platforms and is attracting fighters from around the world – including the West. Many said the ‘War on Terror’ could last for decades – they appear correct. Couple that with the contrast of maritime tensions between China and regional neighbours Japan, Vietnam and Philippines. Let’s add more to the mix with that of Russia’s nationalist rise and invasion of Ukraine, an imminent Iranian nuclear capability and North Korea’s ongoing nuclear preparedness. You may get a sense the world is playing a rather ominous game with its future. Security is back on the agenda! As touched on in the last issue, we have sought out an insight into the disappearance of Malaysia Airlines flight MH370. We had the fortune to speak with the Navy’s Commodore Peter Lockwood, Senior Officer West Australia, currently the senior-most ADF position in WA, about the importance of Australia’s west coast in the ongoing search for the wreckage in the southern Indian Ocean. We examine the circumstances around the two stolen passports used by passengers known to be on board and have an important and thought provoking critique of the crisis management and communications by Malaysian Airlines and the Malaysian Government. All articles justify why learning outcomes must be made from this incident – despite waiting until when the plane is located. The Australian Government has budgeted $89.9 million over two years as part of the contribution to the search for MH370. Funding of $27.9 million will be provided to the Department of Defence for the costs of its activities in searching. Two million dollars will also be provided to the Department of Infrastructure and Regional Development for the costs of establishing the Joint Agency Coordination Centre ( JACC). The JACC was established on 30 March for an initial period of six months. Further funding of up to $60 million will be provided to the Australian Transport Safety Bureau for the next phase of the search. The actual cost will depend on a number of factors, including the outcome of procurement processes for specialist services, the length of the search, and the extent of contributions from other countries. At the time of writing, the search is to be undertaken by private contractors and commencing in a new search area based on refined analysis of existing satellite information from the doomed Boeing 777. We have Part II for the Battle of Hearts and Minds with Australia’s connections to the war in Syria and some great articles covering the burgeoning security and bodyguard industry

protecting China’s billionaires, the Evolution of Integrated Security, use of social media in New Zealand earthquake emergencies and with war continuing to brew in our region, we have a briefing on the regional power’s increasing deployment of aircraft carriers. Some thought provoking material and so much more to touch on! Stay tuned with us as we continue to explore, educate, entertain and most importantly, engage.

Yours sincerely, Chris Cubbage CPP, RSecP, GAICD Executive Editor

OUR NETWORK Like us on Facebook and follow us on Twitter and LinkedIn. We post about new issue releases, feature interviews, events and other topical discussions. Editor’s Catchup! Hope to see you at these great events! • • • • • • •

ASIS International NSW Half Day Conference, Sydney (Speaker) New Zealand Security Association Conference, Auckland (Speaker) Security in Government 2014, Canberra BGW Technologies Channel Partner’s Forum, Whitehaven Beach, Qld Building Technology Asia, Singapore (Speaker) Canalys Channel Partner’s Forum, Shanghi, China ASIS International Asia Pacific Security Conference, Singapore (Speaker)

“By 2016, a majority of CIOs and chief information security officers (CISOs) will adopt a GRC Pace-Layered Application Strategy to bolster the risk management program.” 2014 GARTNER PREDICTS

Gartner Security & Risk Management Summit 2014 25 – 26 August | Sydney, Australia | gartner.com/ap/security

Smart Risk — Balancing Security and Opportunity

Asia Pacific Security Magazine | 5

....with Alex Webling

Director, Resilience Outcomes Australia; BSc, BA (Hons), Gdip Comms, GdipEd, RSecP

Commencing in the security industry in the mid90s and holding a number of positions such as Foundation Director of the Australian Government Computer Emergency Response Team; Founder of the Trusted Information Sharing Network – Resilience Community of Interest; Founder of the Australian Government’s Chemicals of Security Concern program; and Head of Protective Security Policy responsible for launching the revised Protective Security Policy Framework and the single information classification system for the Australian Government, Alex Webling, is now Director of his own company which is a boutique consultancy specialising in organisational resilience, longevity and information security. How did you get into the security industry? If you don’t count several years in the Army Reserve whilst at uni, I suppose my first security job was in the Federal Attorney-General’s Department as the secretary to SAC PAV. Whilst the acronym is typically arcane ((Standing Advisory Council (Commonwealth State Cooperation) Protection Against Violence)), it was the predecessor of the NCTC in the years pre 9/11. In any case, I learnt a lot there about how Australia’s domestic security apparatus works (or doesn’t). I also got to meet and work with some senior people at the Federal and State/Territory level and see how they resolved issues. How did your current position come about? In 2012, I decided I needed to leave the APS. I saw demand from organisations that needed help understanding their information security at a strategic level. There was an opportunity to work with organisational leadership teams on a holistic resilience approach that aligned with their goals. I chose to start Resilience Outcomes to deliver that vision. What are some of the challenges you think the industry is faced with? It is very difficult to bound ‘security’ in our modern society. Concepts of security become more complex as the society itself becomes more complex. In the same way as it is not possible for any one doctor to be across every aspect of medicine, it is no longer possible for any one security professional to be across every aspect of security.

6 | Asia Pacific Security Magazine

That said, if there is a way to define the industry, then the best way seems to be in terms of the people in it who share a common way of defining the world in terms of risk. I am fortunate to be surrounded by many clever people who show this ability in everything they do. Unfortunately, there are a few who don’t and they taint the view that society has of the security industry. Which is a roundabout way of saying that professionalisation is an issue that I care a lot about and why I became a member (now treasurer) of the Australasian Council of Security Professionals. Security is complex and evolving, so it is only people who are security professionals who have even a reasonable hope of identifying their peers. For this reason, I support the Registry of Australasian Security Professionals as the best way that professional standards can be maintained and improved.

We can also be certain that it will also become more brittle as a consequence. It follows that if the security industry is to remain relevant, growth will be seen in areas that help the society as a whole become less brittle. There will continue to be a need for the specialists with skills in the intricacies of security treatments, however, there will be increasing demand for experts who take a holistic view and can help organisations become more resilient. These people are rare. The problem is that most security takes a band-aid approach and does not always take the cascading dependencies into account. A lot of the conceptual underpinnings that I was trying to achieve in the development of the PSPF are embodied in this.

Where do you see the industry heading?

Apart from spending time with kids, family and our new dog, I try to get an hour or two of exercise in every day, either walking or cycling, during which time I listen to any number of podcasts ranging from Nature and BBC Click to the RN Media Report.

In many ways we are at a crossroads. Our society is a complex system and consequently subject to the laws of entropy. I think we can be certain that society will continue to become more complex.

What do you do when you’re not working?

Your security, our storage. The power of choice. Marc Cisneros Protector, Advocate, Guardian. 362,512 hours recorded, 15,643 cameras strong, 7,453 sequences stored, 2,423 businesses secured, 1,512 clients protected, 1 surveillance solution.

WD Purple™

Surveillance Storage See more of Marc’s solutions at:

wd.com/choice

Western Digital, WD and the WD logo are registered trademarks of Western Digital Technologies, Inc. in the U.S. and other countries; absolutely, WD Blue, WD Green, WD Black, WD Red and WD Purple are trademarks of Western Digital Technologies, Inc. in the U.S. and other countries. Other marks may be mentioned herein that belong to other companies. Product specifications subject to change without notice. © 2014 Western Digital Technologies, Inc. All rights reserved. 2178-800046-A00 Feb 2014

de Haan is seen as an excellent fit for Imperva Pacific. “As our latest asset, Robert extends the breadth of our experienced management team. We believe that his expertise in both channel and direct sales areas across regions and countries will have a deeply positive impact on our relationships with partners and customers,” outlines Jason Burn.

Amber Levy

Steve Simpson ES2 Australia has announced that Steve Simpson has recently joined their growing organisation as Security Principal. Steve plays a key role in strengthening the security advisory services in Western Australia, headed up by Andy Battle, Security Architect and ES2’s Enterprise Security Lead. In this new role, Simpson brings a wealth of experience and expertise and will further evolve ES2’s Governance, Risk and Compliance (GRC) services and offerings, whilst continuing to act as a trusted Security Advisor to his long list of loyal clients. Hiring Steve was aligned with ES2’s growth strategy, and its ongoing approach to attracting and retaining the ‘best’ consultants that are recognised leaders in its field. ES2’s guiding principle is to be a trusted advisor to our clients. ES2 Australia is a Perth, WA, based Service Provider specialising in Enterprise Security, Enterprise SharePoint Services and Training Delivery. ES2 is the largest Security Service Provider in the State.

RIMS the risk management society™, has announced that Amber Levy has joined the Society as its new director of membership and constituent programs. “The strength of this Society relies upon our vast network of risk professionals whose varying experiences contribute to the overall value of RIMS’ membership,” says Mary Roth, RIMS Executive Director. “Amber has a profound understanding of the member association dynamic, and has had tremendous success identifying new opportunities to engage, grow and retain members. We look forward to tapping into Amber’s expertise to enhance the member experience.” Prior to joining RIMS, Levy was the National Director, Hotel Sales Northeast Region for the Los Angeles Tourism & Convention Board. At RIMS, Levy is responsible for the expansion of RIMS membership programs including the development of membership value initiatives, educational programming and products and identifying trends, gaps and opportunities to benefit the Society’s membership of more than 11,000 risk management professionals. “Key to delivering value to any association is understanding who the members are, what their needs might be and anticipating how those needs might evolve,” says Levy. “I am extremely excited to share my experiences but, more so, learn from RIMS’ already outstanding membership and professional development teams.”

Robert de Haan Imperva, pioneering the third pillar of enterprise security with a new layer of protection designed specifically for physical and virtual data centers, has announced the appointment of Robert de Haan as Regional Sales Manager. He has business development responsibility for territories spanning Queensland, Northern Territory, New Zealand and the Pacific. He reports to Jason Burn, Area Vice President - Pacific. During his extensive career, de Haan has developed relationships across multiple industries and technologies including cloud computing, mobility, virtualisation, security and networking. He has experience in product sales, professional services, consulting, and managed services with respected corporations such as Cisco, IronPort, Clariti, JTEC, Volante, and Tektronix.

8 | Asia Pacific Security Magazine

SecurEnvoy – Steve Watts The IT company SecurEnvoy was one of the winners of the 2014 Queen’s Award for Enterprise. It is the most significant and

most prestigious business award across the commonwealth and rest of the world and this year was presented on 21 April, Queen Elizabeth II’s birthday. SecurEnvoy received the award, in the ‘International Trade’ category, for its invention of tokenless two-factor authentication. The success of SecurEnvoy is attested by the London-based company’s world-wide sales network, which now covers every continent. Queen Elizabeth herself presented the award to the company’s founders, Steve Watts and Andy Kemshall. “We feel hugely honoured to receive the 2014 Queen’s Award for Enterprise from the Queen,” comments Steve Watts, Co-Founder, and Sales and Marketing Director of SecurEnvoy. “For years we have focused on the expansion and globalisation of our sales network. It’s great that the resulting success of our products has been acknowledged and has even resulted in an award from such a prestigious body. After having already won the Queen’s Award for Innovation in 2011 and having been able to meet the Queen then, we are all the more pleased to be able to see Queen Elizabeth at the award ceremony again this year.”

Simon Howe Simon Howe, previously Sales Director Mobility Solutions at backup specialist Acronis, has been appointed Director of Sales (Australia and NZ), LogRhythm. Howe is responsible for developing a channel of security-focused partners that will deliver LogRhythm’s award-winning security intelligence platform to the ANZ market. “Increasingly, organisations are realising that breaches are inevitable. As such, they are looking for solutions that can help them substantially improve their ability to detect and respond to threats and breaches sooner. Today, LogRhythm’s Security Intelligence Platform delivers that visibility to more than 1500 organisations around the globe,” says Simon Howe. If you have an entry for Movers & Shakers please email details and photo to editor@australiansecuritymagazinecom.au

The annual SIG Conference and Exhibition, hosted by the Attorney-Generalâ&#x20AC;&#x2122;s Department, is the largest gathering of government and private sector protective security practitioners in one conference. The theme for the SIG 2014 Conference program is Mitigating the trusted insider threat. The conference program will focus on: â&#x20AC;˘

nderstanding and identifying the risk u from trusted insiders; and

â&#x20AC;˘

xamining current and emerging e policies, plans and business frameworks available to mitigate the risk.

Senator the Hon George Brandis QC, Attorney-General, will give the opening address at SIG 2014.

Feature Article

Syrian recruitment: The battle for hearts and minds In Part I of Syrian Recruitment: The battle for hearts and minds, key discourses and systems of ideas were considered that were aimed at coercing and enticing people to follow the path of jihad and martyrdom in the battlefield of Syria. These discourses were specifically outlined with an emphasis on achieving martyrdom. Here follows Part II. By Dr Robyn Torok

Risk fighters pose on their return

ighters from many nations including the West continue to travel to Syria to take part in the conflict. In late April 2014, it was estimated that there were about 11,000 foreign fighters in Syria. Not only is Australia represented, it has one of the largest sources of foreign fighters per capita from the West. Given the large number of foreign fighters, questions need to be raised about their return and what risk they may pose, and this is the focus of the article. Western Governments including Australia have been open and vocal about their concerns over the return of Syrian fighters. In fact, Syria is regarded as the latest and most concerning development in global terrorism. Of particular concern are the links to al-Qaeda and the encouragement to conduct attacks on home soil. Coupled

10 | Asia Pacific Security Magazine

with increased ideological motivation is that these individuals have developed key terrorist skill sets as well as intricate systems of networks. Making matters worse is the difficulty in profiling potential terrorists or suicide bombers with individuals subscribing to a set of discourses or beliefs rather than personality traits. In addition, a recent news report of French nationals going to Syria found that a large proportion were not from a Muslim background but were in fact disaffected youth. Of major concern here is that these individuals may find a purpose and not stop until that purpose is fulfilled. Coupled with this are concerns that in some Western nations like the UK, not enough is being done to monitor those returning from the battlefield or as some would argue the latest terrorist training ground. Current Australian fighters in Syria may pose a risk upon return. Not only do they acquire greater skills in fighting,

Asia Pacific Security Magazine | 11

Special Feature - Access Control

‘Means of attack is commonly outlined online with social media literature indicating the use of any type of crude weapon for jihad including; home-made bombs, gas bottles, 3D-printable guns, aeroplanes, cars, rifles, pistols, mobile phone detonators, and even swords, knives and martial art type attacks on single disbelievers.’ but also the development of networks and contacts that can further their jihadi agenda. It’s not just those fighting in Syria that pose a risk, but those Australian’s who are currently training in jihadi camps in Lebanon and Turkey that are linked with the fighting in Syria. While returning fighters may not pose an immediate threat upon their return, the fact that they have further radicalised views, a hardened fighting mentality, and already subscribe to war-hardened terrorist’s thinking poses a possible threat in the future. Such a threat is further increased if fighters returning on home soil are not known to agencies. Types of martyrs and their rewards Given that martyrdom is central as both a recruitment tool used in Syria, as well as a risk posed upon return, it is important to understand the types of martyrs which are all based on intent of the jihad fighter. For the Muslim martyr, the more one has ascribed to the act with ‘pure’ intent, the higher the reward is in Jannah (heaven). Intents range from a love of Allah and Islam to seeking paradise and the need for self-defence down to the lowest intent of financial reward and the need for recognition. These give rise to the three types of martyrs from the ‘pure’ to the impure intention: 1) Shaheed (martyr) in this world and the hereafter; 2) Shaheed only in the hereafter; 3) Shaheed only in this world. While a superficial view of social media would indicate that recruiters aim to focus on recognition, in depth discourses outlining the details of jihad and martyrdom are continually circulated including ‘jihad as the pinnacle of Islam’ – fighting in the path of Allah. Recruits are reinforced with the notion that ‘nothing is equivalent or comparable to it (jihad and martyrdom) from all the actions (good deeds) in Islam.’ Much is discussed on social media about a popular jihad text regarding the disbeliever (kuffar) and the Muslim who kills them for the sake of Allah. It is noted that the Muslim is greatly rewarded for killing the disbeliever and in doing so is uniting the Ummah and raising the black flags and making Allah most high. Disturbingly, discussions take place regarding the Muslim who kills a disbeliever will actually take their place in Jannah (heaven). In other words: ‘Imagine how many places in Jannah the Mujahid who does martyrdom operations will take from all the disbelievers he kills in his operation. Try to imagine that he killed hundreds of them and all this was done in a few minutes or maybe even seconds. How great is the reward he got in those few minutes’. Basically, the more disbelievers a Muslim kills during a

12 | Asia Pacific Security Magazine

martyrdom operation, the more reward for that muhjid. This is stated as encouraging jihadi fighters to carry out attacks and martyrdom operations in the West. Preparation and training for Martyr operations “And prepare for them all you can of power, including steeds of war to terrorize the enemy of Allah and your enemy” - Al-Anfal When talking about committing an operation on home soil, preparation is key. Discourses related to physical and skill set training is vital as supported by interactions on social media. Muslims are encouraged to keep fit, go to the gym, and take boxing and martial arts as well as sword or fencing classes. Training together (brothers together) is vital to not only foster a sense of belonging, but also to encourage each other and unite the cause. Time away in a secluded location on a farm or forest is seen as vital. In addition, training is recommended in firearms, rifles, and even joining a gun club. Also, skills within close fighting with knifes is vital to undertake. Any military style training is encouraged as well as gaining as much information about your enemy. Finally, money is the bread and butter for an operation; therefore money acquirement is mentioned as well. Method of lone wolf attacks and possible targets Means of attack is commonly outlined online with social media literature indicating the use of any type of crude weapon for jihad including; home-made bombs, gas bottles, 3D-printable guns, aeroplanes, cars, rifles, pistols, mobile phone detonators, and even swords, knives and martial art type attacks on single disbelievers. While bombs are mentioned in lone wolf type attacks, it is not the only source of attack that can be used in such operations. Shootings and knife attacks are just as important to the jihadi in lone wolf operations. Types of targets are usually only described in general terms such as the kuffar (non-believer), single sources have pointed to a variety of targets such as military bases, commercial buildings, car racing events and sporting events. More important than the means of attack or type of target selection is the media coverage and the associated terror aimed by any such attack. In addition, any such attack on the home soil of a Western nation gains much greater media coverage than attacks in the Middle East and these have been evident even in smaller scale attacks such as the public brutal attack on a British soldier and the subsequent ‘interview’ given by one of the killers. This concept is summed up by the following social media quote: “NOTHING HARMS THE KUFFAR MORE THAN A BOMB IN THIER OWN BACKYARD!” and “INDIVIDUAL JIHAD IS THE ANSWER!”

10% DISCOUNT

Special Feature - Access Control

for Readers

Main Conference: 20 & 21 August 2014 • Post-Conference Workshops: 22 August 2014 Venue: Amara Sanctuary Resort Sentosa, Singapore DEVELOPING A SECURE, ROBUST, FORWARD-THINKING ENTERPRISE MOBILITY STRATEGY TO CATAPULT YOUR BUSINESS FORWARD

FEATURED SPEAKERS :

Dr John Kan CIO A*Star (Agency for Science, Technology and Research)

Ted Suen Head of IT MTR Corporation

Ramesh Narayanaswamy CIO Singapore Post

FEATURING: 16+

leading enterprise mobility expert speakers

50+

senior IT executives from key organisations decision makers and key influencers

16+

hours of networking with industry professionals

big event

Researched and developed by:

Erison Hek Oktavian CIO PT Media Nusantara Citra, Tbk

Lee Siew Kit Vice President Information Technology Services SATS

Bringing to you more enterprise mobility case studies than any other dedicated event in Asia! Walk away with strategies to:

80%

Ways to Book your Seat

Satyakam Dash IT Leader & CIO (Asean) GE

• Maximise internal resources and empower your workforce through mobile technology • Expand your current mobile projects to optimise existing investments • Manage mobile and infrastructure security threats across the enterprise • Transform customer experience through a powerful mobility strategy

+65 6722 9388

enquiry@iqpc.com.sg

+65 6720 3804

www.enterprisemobilityasiasummit.com

Media Partners:

Asia Pacific Security Magazine | 13 T. +65 6722 9388 | F. +65 6720 3804 | E. enquiry@iqpc.com.sg | W. www.enterprisemobilityasiasummit.com

Feature Interview

Western Australia:

The ADF’s significant security focus As Western Australia’s north-west region is increasingly important to the nation’s economy, during the past few years the ADF has made a concerted effort to bolster the security of this vulnerable region. In early April 2014, the Navy’s Commodore Peter Lockwood, Senior Officer West Australia, currently the senior-most ADF position in WA, spoke to Serge DeSilva-Ranasinghe about the ADF’s posture in the north-west of the WA, the contingencies in place to secure the region, the frequency of ADF engagement and exercises in the area, and the importance of WA in the ongoing search for the wreckage of the downed Malaysian Airlines plane in the southern Indian Ocean. By Serge DeSilva-Ranasinghe

14 | Asia Pacific Security Magazine

Tell us about the presence of the ADF in the north-west? How large is it and how is it deployed throughout the region?

How is the ADF reassuring the region that it can respond to any situations that could threaten security and stability?

Defence maintains a presence in the north-west region under Operation RESOLUTE in support of Operation SOVEREIGN BORDERS, the whole-of-Government effort to provide security for north and north-west Australia and its offshore resources. Defence routinely provides up to seven Armidale Class Patrol Boats (ACBPs), two Major Fleet Units (MFUs), AP-3C Orion Maritime Patrol Aircraft and approximately 800 personnel to Operation RESOLUTE. Regional Force Surveillance Units are based in the north and west of Australia including Karratha (Pilbara Regiment – 600) and Darwin (NORFORCE – 600). These units conduct surveillance activity across northern Australia with up to 50 personnel routinely assigned to Operation RESOLUTE. Defence and Customs and Border Protection assets assigned to Border Protection Command (BPC) conduct offshore oil and gas infrastructure Augmented Security Patrols in both the North West Shelf and the Joint Petroleum Development Area. Patrols are informed by regular threat assessments and augmented by aerial surveillance carried out as part of routine surveillance operations. The Government, through BPC, deploys assets using an intelligence led, risk based approach. For operational security purposes, BPC does not disclose details about operational activity or the locations of BPC assets; however, patrols are conducted based on ongoing assessments of operational priorities across all maritime security threats. The ADF is prepared for contingencies in the north-west and is able to deploy additional forces to the region from its bases in Western Australia and the Northern Territory.

On a routine basis, Defence and Border Protection Command, with industry representatives, attend the biannual meetings of the Oil and Gas Security Forum led by the Department of Infrastructure and Transport. The forum provides an opportunity for discussion on the threats and risks for the north-west environment. Defence conducts an annual consultative forum meeting with the State Government of Western Australia. The scope of this forum includes consultation on planned developments in north-west Australia for the purpose of identifying areas for mutual and collaborative work. Defence is also taking steps to engage the oil and gas industry directly on security issues in the northwest: Defence’s focus is on increasing awareness of Defences’ supporting role and response options. This type of leadership engagement is designed to strengthen Defence’s relationship with industry and enhance understanding and situational awareness of north-west Australia and its security challenges. Furthermore, as part of the implementation of the ADF Posture Review, Defence created the position of Senior Officer West Australia to serve as the liaison between Defence and other stakeholders in Western Australia. The initial response to a disaster and the primary responsibility for the protection of life, property and the environment in emergencies, short of war, rests with the State and Territories. However, where civilian resources are inadequate, unavailable or cannot be mobilised in time, emergency Defence Assistance to the Civil Community arrangements enable the ADF to contribute in order to save human life, alleviate suffering and prevent or mitigate property loss. Provision

IS YOUR COMPANY CYBER-CRIME RESILIENT? OBTAIN COLLECTIVE INTELLIGENCE AT CIO LEADERS

JOIN US IN SINGAPORE The CIO Leaders Summit Singapore 2014 will highlight the emerging technologies that are leading the way and will examine current challenges that CIOâ&#x20AC;&#x2122;s are faced with. The Summit will provide senior IT professionals with a unique opportunity to learn and interact with their peers through a series of professionally led sessions hosted by both international and local experts.

11-12 NOVEMBER 2014 WWW.CIO-LEADERS.COM

FURTHER SUMMIT TOPICS INCLUDE

CLOUD

MOBILITY

VIRTUALISATION

BIG DATA

SOCIAL REVOLUTION

IT AS A SERVICE

Asia Pacific Security Magazine | 15

International

Malaysian Airlines MH370: The mystery and missing links

On March 8 2014, Malaysian Airlines MH 370, a scheduled flight from Kuala Lumpur to Beijing, disappeared. It has become the biggest mystery in the history of modern aviation. By Prince Lazar

espite a concerted international search and rescue effort, from the initial search zones in the South China Sea and Malacca Straights, to the deep waters of the Southern Indian Ocean, by early May, efforts have failed to find a shred of physical evidence. As long as physical evidence remains out of reach, the story of MH370 remains an untold story, in its entirety. The current status, as at mid-May 2014, is that search operations are now relying on sub-sea robotics and remain the most challenging sea search for an airplane ever undertaken, and will be a formidable forensic challenge once located. The events and issues surrounding the loss of flight MH370 have created concerns around the vulnerabilities of international air travel, aviation security and passenger safety. Already identified are a number of security gaps, system non-compliance, procedural failures and lapses in the process and controls of the relevant airport and flight management surrounding MH370. The ‘red flags’ during the processing of passengers boarding MH370, and it then going missing, highlights how critical systems will succumb to vulnerabilities and highlights the need for review and where relevant, revamping of security policy and control procedures. Flight controls and communication Air traffic systems rely almost entirely on on-board transponders to detect and monitor aircraft. For MH370,

16 | Asia Pacific Security Magazine

those systems appear to have been deactivated around the time the aircraft crossed from Malaysian to Vietnamese airspace responsibility. Satellite and radar data clearly showed the plane’s communications systems were disabled, one after another, and it changed course away from the intended path – and then flew on, for hours. Analysis of these movements indicate deliberate action by someone or persons on the plane, with an intention to avoid detection and sever communication. The most obvious reason for turning-off the transponders would be to make the plane invisible to commercial radar or other nearby planes. This supports speculation that the actions of someone on-board were deliberate, to avoid being tracked to where ever the plane was heading. At the very least, the incident looks set to spark calls to make it impossible for those on-board an aircraft to turn off the transponders and allow a passenger airliner to disappear. Airport security breach: Passports and identity controls The review of passports and passport control has been a long standing issue. MH370 had two passengers on-board with stolen passports, having passed multiple check points undetected or without response. With an ever growing demand to get passports via illegal and fraudulent means, matched by a significant number of international travellers

SecureASiA @Beijing

Co-Organizer

23-24 JULY 2014 Beijing, China Shangri-La Hotel

Collaborating for a Secure Connected Future Expert Speakers Include Douglas Stuart, Technical Director, Asia Pacific & Middle East Region. BAE Systems Applied Intelligence

Dr. Meng-Chow Kang, Director and Chief Information Security Officer for China and APJC Region, Cisco Systems Inc.

Greg Thompson, VP Enterprise Security Services, Scotiabank Group

Prinya Hom-anek, President & Founder, ACIS Professional Centre

Haruto Kitano, Senior Manager, Deliotte Tohmatsu Risk Services Co, Ltd.

Wim Remes, Managing Consultant IOActive

W. Hord Tipton, Executive Director, (ISC)Â˛. Former CIO, U.S. Department of the Interior

Wu Yafei, Deputy Executive Director, The Information Security Professional Committee of China Information Industry Association (CIIAISPC)

Prof. Howard A. Schmidt, Former Special Assistant to the President of the United States of America & Cybersecurity Coordinator, White House

Zuo Xiaodong, Vice President, China Information Security Institute

Gold SponSor

Silver SponSor

International

Five crisis management lessons from flight MH370 Incidents and events surrounding the disappearance of Malaysia Airlines flight MH370 have been complex and varied. How the crisis has been managed provides some very clear lessons for crisis leadership and crisis management development for other businesses and executive managers. By Tony Ridley

ntelligent Travel has been monitoring the incident and its impact from the beginning, along with providing updated analysis and advice. Here are the five top crisis management lessons from flight MH370 based on the data collected and input from Intelligent Travel’s expert crisis team. Remember, we qualify a crisis as ‘an unplanned incident or several simultaneous incidents that significantly affect a business’. Ordinarily, this event would have been coordinated by ‘incident management’ or ‘priority management’ teams as there would have been effective teams, plans and preparations for this scenario as a plausible outcome of operating an international airline. As we see this as lacking or ineffective, we qualify this event as a crisis. 1. Ownership and authority Malaysia Airlines and the Malaysian Government are not one in the same. One is the commercial provider of services and the operator of flight MH370, the other is the country’s Government and point of departure for this national/flag

18 | Asia Pacific Security Magazine

carrier. One should be the focal point for all communications and engagement with stakeholders, while the other is a stakeholder. This delineation has not been maintained, clear or preserved throughout the incident with each entity communicating over the top of each other or their views and comments causing issue for the other. The net result is that both entities have suffered due to a lack of clear ownership of the issue and defined authority on who does what and when. This issue of ownership or authority should have been quickly identified and managed throughout the course of the incident. While it may not have resolved the overwhelming negative or neutral sentiment around the handling of the incident, modifiers and better crisis leadership measures could have been implemented. It should be clear to all stakeholders, including the media, who is responsible and in charge of a crisis or significant incident such as this and that status should be maintained throughout, unless there is very good reason to alter this status and that too much be clearly and consistently communicated.

International

Asia Pacific Security Magazine | 19

International

The Indian Navy’s two operational carriers, INS Vikramaditya and INS Viraat

Asia Pacific war games briefing: March of the carriers Aircraft carriers are finding favour with Indo-Asia-Pacific countries keen on bolstering their defences in an increasingly volatile neighbourhood.

By Sarosh Bana

20 | Asia Pacific Security Magazine

ith simmering territorial disputes inflaming the Indo-Asia-Pacific, countries in this fastest growing economic region in the world are making all efforts to buttress their defences. But this military build-up is raising tensions even higher in the region and will likely provoke an otherwise avoidable arms race. There are currently 37 active aircraft carriers in the world within 12 navies. The growing appeal of the aircraft carrier as a viable capital ship of a fleet – that in the past had replaced the battleship – lies in its capacity of being a credible force multiplier. As the centerpiece of naval operations, these floating airfields are geared for sea control, enabling the navies to project their maritime and air power far beyond their areas of operations. They can also serve as powerful platforms for ISR (Intelligence, Surveillance and Reconnaissance), logistics and close air support, anti-submarine and anti-surface missions, and land assault. As many as 18 flatdecks have been or are being bought, built or are being operated by the six regional powers of China (five), Japan (four), India (four), Australia (two), South

Korea (two) and Thailand (one). In August 2013, India launched its 37,500 tonne Indigenous Aircraft Carrier, the Vikrant, while Japan launched its 19,500 tonne Izumo, modelled more as a destroyer with a flight deck that can embark helicopters. With the Vikrant, India is now part of an exclusive group of countries like the UK, the US, Italy, Spain, Russia and France that can make these floating airfields. China is building its maiden aircraft carrier at the Beijing-based China Shipbuilding Industry Corporation, which is scheduled for completion in 2018. Four such conventionally powered carriers are planned to be eventually built. Beijing at present has a lone carrier, Liaoning (exVaryag), that it bought in an unfinished form from Ukraine in 1998, and which joined the People’s Liberation Army Navy (PLAN) in 2012, after major refurbishment at the Dalian naval shipyard in northeast China. Australia decommissioned its sole aircraft carrier, HMAS Melbourne, in 1982, but is currently building two 27,800 tonne Canberra class Landing Helicopter Docks

International

Asia Pacific Security Magazine | 21

Women in Security

Learning to shine When Lyndall Milenkovic trained as a teacher at the start of her career, little did she know it would include several Olympic ceremonies, the occasional music festival and the prospect of stabbing inflatable beavers. Lyndall Milenkovic

I By Adeline Teoh Correspondent

22 | Asia Pacific Security Magazine

t’s a bright Sydney afternoon in Autumn and I’m trying to find out why self-confessed sun lover Lyndall Milenkovic decided to live in Vancouver for three months during a Canadian winter. The year was 2010, and the director of The Riskworks Network had taken a job working on emergency management for the Winter Olympics. Her role? To oversee the opening and closing ceremonies, as well as the nightly medal ceremonies and concerts, from an emergency and safety perspective. “Often the creative people want to make those events as challenging as they can,” she explains. “In Vancouver they had giant inflatable beavers that filled the roadway underneath the stadium which, in their requirements, had to be left clear at all times for emergency access. My plan was that the person in charge of each team had to have a sharp implement in their belt that they could stab it with if necessary.” Stabbing inflatable beavers is just one part of the Milenkovic risk treatment and it’s challenges like these that keep her engaged in her work. That, and the people. “It’s the integration between safety, emergency and security. I’m not a security consultant but a lot of what I do sits on the edge of that so it’s important for me to have a working understanding of what the challenges are. I like that, and I like working with them,” she says. Over her 22-year emergency management career, Milenkovic has become an event specialist. With four Olympics under her belt, starting with the Sydney 2000 Olympic Games, she has also been a part of two Commonwealth Games, the Shanghai World Expo, music festivals, Australia Day celebrations and more. A casual

observer would never guess this dynamic career began in the classroom; Milenkovic studied to be a teacher but slid into emergency management unexpectedly. “I had trained as a teacher and then I left after about six months. I did sales and three years in recruitment. Every time I took on a role, I’d get promoted to a national role – national sales manager, national recruitment training manager,” she recalls. “After I had bubs I didn’t know what I wanted to do so I went back to a recruitment company I had worked with. I had worked with the general manager previously and she said ‘why don’t you join our training department?’” Milenkovic then found herself training people in emergency procedures, including a stint doing warden training with Optus that ranged from building evacuation to handling bomb threat calls. “I’d do warden training in clubs, shopping centres and high rise buildings for other people and it grew. In 1998, I got a call from a gentleman who wanted warden training for a new building. It turned out he was the operations manager at the new Olympic Stadium and we won the contract to do the training.” Making it big With her business partner at the time, Milenkovic started to build a reputation for large-scale work; not just high rise buildings and stadiums but big events as well. “The Olympic authorities saw our work and we ended up working for SOCOG [the Sydney Organising Committee for the Olympic Games] looking at different venues and safety for

NSW Chapter Conference and Luncheon 2014 Date Time Venue

Keynote speakers include...

Cost

Session 1

Tuesday 29th July Registration open 7:45; The Four Seasons Hotel 199 George St, Sydney $365 (Members) $425 (non-members)

The Past – The Year in Review – Chris Cubbage, Executive Editor and Director, Australian Security Magazine. Chris will highlight some of the

Chris Cubbage

significant moments and stories from the last year starting with the Boston Bombing Session 2

The Present – Important Current Issues in Australia – Jenny Muldoon, Head of Security, Sydney Opera House. Jenny’s background and current position has enabled her to have an eagle eye overview of issues in our Security Community. Jenny will present the overall issues and then

Jenny Muldoon

introduce a representative from NSW Police to bring us up to date to the threats of Fraud and Identity Theft. Jenny will finish off the session with a worked example of Managing an Active Shooter as the new threat at Public Venues and Events. Session 3

The Future – Dr Keith Suter, Global Thought Leader. Dr Suter is well known from his Channel 7 appearances. At the ASIS conference he will cast

Dr Keith Suter

light on what the future may hold for The Shape of the Security Environment 2030 Session 4

Panel Discussion – facilitated by Steve Longford, Managing Director, New Intelligence. This fast paced panel discussion will be engaging our members with questions and answers from both the

For more information visit www.asisnsw.org.au/events.htm

panel facilitator and the conference participants.

www.asisnsw.org.au

Frontline

Social media and disaster information: Lessons from New Zealand

Image - Wellington, New Zealand

GeoNet is New Zealand’s Geological Hazard monitoring service, funded by the New Zealand Earthquake Commission (EQC), and designed, built and operated by GNS Science; hundreds of sensors all over the country are used to monitor earthquakes, tsunami, landslides and volcanoes. Due to New Zealand’s position across two tectonic plates we have no shortage of these events and locate, for example, more than 20,000 earthquakes a year. By Sara Page

24 | Asia Pacific Security Magazine

eoNet’s journey into social media started off slowly and a bit one-sided, Twitter and Facebook accounts were set up and posts were made via automatic RSS feeds of our recent earthquakes and news. There was a bit of interaction following the 2010 Chilean tsunami, where members of the public were asked to post feedback and photos, unfortunately the page was left to its own devices after this. Following the devastating earthquakes in Canterbury 2010/2011, GeoNet quickly became a household name, from under 400 page ‘likes’ this quickly grew to 4,000 and continued with each large earthquake, and the page ‘likes’ are now more than 40,000. It was during this that we discovered the importance of social media to get information out to large numbers of people quickly.

Shortly after the first earthquake in Christchurch, the public noticed the GeoNet Facebook page and began to ask questions and share their fears and concerns, and the page ‘likes’ quickly rose. It was around this time that I asked to take on the page and began to answer the questions and post information, pictures etc. Looking back, with what I know now, that was a crazy decision! For one person to look after a site that had thousands of followers and hundreds of comments and questions every day, it was a massive undertaking. Back at this time, GeoNet had duty officers on call who would manually locate the earthquakes and it would take around 20 minutes for the detailed event information to get posted, social media allowed us to post comments such as ‘Latest shake in ChCh will be posted shortly – looks to

RiskLogic releases additional modules for its business continuity software, BC-3 RiskLogic has released additional modules for its award-winning BC-3 Software

RiskLogic’s Manager, Technology Solutions, Anita Gover says, “BC-3 now

platform. These new modules have been designed to address the ever-increasing

delivers a more holistic approach to business continuity software which is

demand for a total resilience solution.

not offered by any other product in the Australasian market. These additional modules provide an even more powerful tool, and the future enhancements will

•

Incident Management Module: This module is delivered as part of the

build on an already user-friendly system to make it a truly mobile experience.”

standard system for all clients. It provides a real-time online working environment that can be used during an incident to collaborate and respond efficiently. The Incident Management module is integrated with an organisation’s prepared crisis management and business continuity plans •

Communications Module: This is an integrated communications module that includes two-way SMS and email notifications that is integrated with the BC-3 contacts and with the Incident Management module. This module can be provided for a minimal additional fee that is drastically reduced from the cost of other notification systems on the market.

BC-3 is well known for its usability and is now making strides in the market as an innovator of resilience solutions. Additional features will be released later in 2014, to further develop the user interface and provide more dynamic exercise management capability. Enhancements will be made to the mobile apps to also include some of the administrator functions.

Security on the move

SRI SecuRIty congReSS, 1-3 DecembeR 2014 Over three days ECU’s SRI Security Congress will bring together all areas of security professions and disciplines as part of a holistic engagement with the wider security community. Scholars of the following disciplines are encouraged to participate: strategic studies, public affairs, communication studies, international politics, criminology, business and management, information and computer science, political science, social science, psychology and cognitive science, and security studies. All submissions will be subject to a double blind peer review process and best papers will be considered for publication in selected journals. The 2014 SRI Security Congress will host 5 security based conferences over 3 days 15th Australian Information Warfare Conference 12th Australian Digital Forensics Conference

12th Australian Information Security Management Conference 7th Australian Security and Intelligence Conference 3rd Australian eHealth Informatics and Security Conference

Venue

Contact details

Key dates

Edith Cowan University 270 Joondalup Drive, Joondalup WA 6000 Tel: +61 8 6304 5176

Congress Coordinator – Emma Burke Tel: +61 8 6304 5176 E: sri@ecu.edu.au W: http://conferences.secau.org/venue.php

Paper Submission Deadline – 30 June 2014 Acceptance Notification – 15 August 2014 Camera Ready Papers – 10 October 2014 Early Bird Registration – 2 November 2014

TEACHING QUALITY ★★★★★ ★★★★★ TEACHING TEACHING QUALITY QUALITY Tel: 134 ECU (134Tel: Tel: 328) 134 134 ECU ECU★★★★★ (134 (134 328) 328) ★★★★★ GRADUATE SATISFACTION ★★★★★ ★★★★★ GRADUATE GRADUATE SATISFACTION SATISFACTION E: futurestudy@ecu.edu.au E: E: futurestudy@ecu.edu.au futurestudy@ecu.edu.au the Good universities Guide the the Good 2014 Good universities universities Guide Guide 2014 2014

reachyourpotential.com.au reachyourpotential.com.au 303LOWE ECU10745 A CRICOS IPC 00279B

ECUSRI Edith Cowan University Security Research Institute

Frontline

Chinese bodyguards: Personal protection in the land of the Dragon Being rich in China can be dangerous – unless you have a bodyguard. The security business in China is booming. by Paul Johnstone

26 | Asia Pacific Security Magazine

n a cold January morning, visitors streamed in and out of the Southern Chinese Shanxi office of Li Haicang. Nothing was out of the ordinary until a lone assassin produced a sawn off rifle and fired a bullet into Li’s body. Until that fateful moment, Li was the Chairman of a multinational company and 27th on the Forbes list of China’s richest people. Only several weeks later in February, a Chinese millionaire from the wealthy enclave on Wenzhou in Zhejiang Province, was stabbed to death by five men outside his home in a pre-planned assassination attack. Various media reports indicated that in 2004 alone, around 4,000 people were kidnapped in China. Well known actor, Wu Ruofu, was abducted whilst driving his BMW and hid in the north of Beijing by a notorious Chinese organised crime group who demanded a ransom, but police were able to track them down after several hours and freed Wu. These incidents are just several in part of a growing number of occupational hazards for China’s emerging ultrarich; assassination and kidnapping and a reason why many of China’s rich are undertaking precautionary measures which are becoming more and more necessary for the emerging class of millionaires and billionaires. With around 30 percent of China’s millionaires believed to be women and a widening wealth gap has made safety an issue for the rich, it’s easy to see that private security and in particular, Baobiao, the

Chinese word for Bodyguard, is taking off as the nation struggles with some of the side effects of its booming growth. A 2004 media report in the China Daily newspaper stated that in Guangzhou alone, the private security industry employed no fewer than 5,000 personal bodyguards. This is just a small step in the great wall of Chinese security and protection firms opening up throughout the country. There are even Chinese firms now specialising in kidnap insurance and from accounts; business is booming. Australian Jason Watson is an industry expert based in Beijing, who is leading the way in developing new training programs and services for the Chinese market. A former Australian soldier and United Nations Peace Keeper, he has been operational for the past decade in Afghanistan, Iraq and China conducting close personal protection and training specialist teams for hostile environments. He is also the China representative for the Australian Institute of Defence, Science and Technology. During his time in China, Watson has trained officers from the police, law enforcement and the growing number of corporate firms offering Bodyguards. He has also been instrumental in designing training programs for Chinese mining companies venturing into Africa. Watson states that a large number of China’s private bodyguards are retired police and or soldiers from elite units, or

Frontline

n Main conference: 12 - 13 August 2014 n Venue: Grand Millennium, Kuala Lumpur, Malaysia

ENHANCING OPERATIONAL CAPABILITIES THROUGH STRATEGY AND TECHNOLOGY BOOK YOUR PLACE TODAY TO MEET, NETWORK AND SHARE IDEAS WITH REPRESENTATIVES FROM: INDIA: Kiran Jadhav Deputy Inspector General of Police INDIAN POLICE SERVICE, GOVERNMENT OF UTTAR PRADESH, INDIA

UNITED NATIONS: Jeremy Douglas Regional Representative UNITED NATIONS OFFICE ON DRUGS AND CRIME (UNODC)

THAILAND: Pol. Gen Chatchawal Suksomjit Deputy Commissioner-General and Director of the Children Women and Family Protection and Anti-Human Trafficking Headquarters ROYAL THAI POLICE

VIETNAM: Nhat Nguyen Van Police Senior Colonel, Vice-President People’s Police Academy, Ministry of Public Security

CAMBODIA: Huot Veng Chan National Advisor for the Police, Advisor for Crime Prevention and Community Safety CAMBODIAN NATIONAL POLICE MALAYSIA: Anwer Yusoff Head of Innovation and Commercialization CYBERSECURITY MALAYSIA – A SUBSIDIARY UNDER MOSTI

HONG KONG: Peter Morgan Assistant Commissioner Service Quality and Honorary Associate & Special Advisor, Hostage Negotiation Unit HONG KONG POLICE FORCE

PHILIPPINES: Alan Purisima Chief and Director General Philippines National Police, Philippines

SINGAPORE: Elijah Kipsoi Digital Crime Officer INTERPOL GLOBAL COMPLEX FOR INNOVATION, SINGAPORE

INDONESIA: Arif Wachyunadi Assistant Operations, Chief of Police INDONESIAN POLICE FORCE

Gain insights into the strategies and technologies they have implemented to overcome operational challenges, as well as to look for new solutions to further improve their internal security operations.

ATTEND ASIA’S ONLY CONFERENCE FOCUSING ON PUBLIC-PRIVATE PARTNERSHIPS AND OPERATIONAL AND TECHNOLOGICAL TRANSNATIONAL THREATS Book online at www.publicsafetyinternalsecurity.com or call us +65 6722 9388!

Sponsors:

EXCLUSIVE MUST ATTEND WORKSHOPS! Successfully implement the right strategies and technologies with these focused sessions:  Creating Effective Strategies to Respond to Modern Terrorism Threats  Discussing Strategies for Public-Private Partnership to Safeguard Critical Infrastructure and Customer Assets  Understanding the Terrorist Attack Cycle to Combat Terrorism  Safeguarding National Cyber Spaces through Policy-Creation, InterAgency Cooperation and Technologies

Asia Pacific Security Magazine readers receive a 10% discount. Quote discount code: APSM14

Researched & developed by:

www.publicsafetyinternalsecurity.com Asia Pacific Security Magazine | 27

Frontline

On a wing and a prayer The Red Bull Air Race series is one of the world’s most exciting, most ambitious, promotional exercises, but how does the brand combine its daring reputation with the safety and security requirements of an emerging motorsport?

S By Adeline Teoh Correspondent

peed. Skill. Agility. Mental and physical toughness. And the ability to withstand forces of up to 12G. That’s what it takes to be a Red Bull Air Race pilot according to Luke Robinson, Global Head of Safety and Security for the Red Bull Air Race. What he doesn’t list, although it becomes apparent, is what is required of being in charge of safety and security of what is surely one of the most complex promotional exercises in the world. The Red Bull Air Race is a slalom style course flown by aerobatic pilots. The series takes place over a number of cities per year, with eight races in seven countries scheduled for 2014. The series began in Abu Dhabi (United Arab Emirates), followed by Rovinj (Croatia) and Putrajaya (Malaysia), with the Gdynia (Poland) race set for 26 July and Ascot (UK), Fort Worth and Las Vegas (USA) and China to come. After Red Bull has identified suitable host sites – a combination of market analysis and location scouting – Robinson and his team will meet with local authorities, blue light services and first responders to ‘get them really comfortable with the fact that something that looks zany and crazy is actually a very controlled environment that remains safe’. Location, location Brand and perception go hand-in-hand and Red Bull’s daredevil reputation can be both an asset and a drawback.

28 | Asia Pacific Security Magazine

On the plus side, Robinson can stand in front of the host city’s police, civil defence, fire and rescue, and Government authorities beside a table of Red Bull and show them a video of race highlights and excitement simply builds itself. The flipside is dispelling myths and convincing them that he can meet their safety and security requirements. “A lot of what I do is manage perceptions initially and then, after getting some context, getting to know their requirements and expectations,” he explains. “Most of the planning process is about public safety, because the perception is that a plane will fall out of the sky and crash into the crowd – how are you going to plan for that? What are you going to do if it happens? These questions happen in every one of these locations.” He is also careful to scope the work so Red Bull doesn’t take on things they are not equipped to deal with. It defers concerns about national security, for example, to the local security intelligence agency but remains in partnership with them so the race operates within a framework that’s acceptable to the organisation. The toughest part is the diversity of locations, which gives rise to differences in culture and approaches to security across the host cities. Robinson says traversing this can be tough in terms of communication as well as implementing safety standards. The UK and the USA share similarities with Australia, but places like Asia and the Middle East require a more diplomatic approach to tease out the truth behind

Frontline

‘face’, the polite but sometimes infuriating way of talking around a topic. And some countries simply do not have safety standards that meet Red Bull’s minimum requirements, so occasionally there’s education and training involved in employing locals. And let’s not forget the dynamic of public and private security personnel, which differs from place to place. “Globally there is funny dynamic between private security and law enforcement,” notes Robinson. “One of the first things I’ll try to understand is, locally, what is the expectations of private security and the expectations of policing?” Race around the world Despite the diversity of locations, the set up process for each race tends to run according to the same plan. Two weeks out from the first race day the Red Bull team descends on the host city and starts building the race infrastructure, which Robinson oversees from a work health and safety perspective. Five days out, in excess of 500 people – crew, pilots and teams – arrive ahead of the flying days, which includes a training day, a qualification day and then the race. In addition to work health and safety, Robinson’s role involves both setting up the command and control centre and overseeing asset protection. Command and control occurs on three tiers; race control (‘getting planes up to a race track and on the ground safely’), intelligence security (‘what’s happening outside the event site – a lot of it is traffic management and keeping the city flowing’) and emergency liaison (‘management of our guests in the house’). Asset protection occurs at both a physical level, for example reducing opportunities for theft or damage to the planes, which are worth around $750,000 each, but also at a brand level. In Robinson’s case, security is there to support the brand; any incident, from a work health and safety issue to an aviation incident, has the potential to damage the Red Bull name.

undercover rather than uniformed guards so the environment is less imposing, which will allow people to enjoy themselves more. It takes work, but eventually the strength of the partnership allows these concessions. This is my goal, to develop the relationship. I start as a stranger, sometimes a little bit adversarial because of people’s perception of what the event is, but I generally leave as a pretty good mate.” In more than 50 air races, there has only been one aviation incident, a pretty good record for so daring a promotional activity, though good safety and security of the event will not determine the sport’s longevity. “Fundamentally, the Red Bull Air Race is a motorsport but it’s about selling a little can,” says Robinson, who has no problem admitting his role is to support and protect the Red Bull brand. “If we don’t get that spike in sales after each event, the event hasn’t been successful according to the Red Bull board.” That’s the only thing that will continue to give it wings. Follow the race at www.redbullairrace.com Luke Robinson spoke as part of an event organised by ASIS International’s NSW Chapter. For more information visit www.asisaustralia.org.au

With more than 100,000 people expected for each event, and with a record 1.4 million people turning up in Barcelona in 2009, it isn’t a small piece.

Following the crowd The last piece in Robinson’s safety and security jigsaw puzzle is crowd safety. With more than 100,000 people expected for each event, and with a record 1.4 million people turning up in Barcelona in 2009, it isn’t a small piece. Again, protection of the brand via an emphasis on fun plays strongly here, from the ratio of private security personnel among the audience to the care of Red Bull’s two VIP areas, its Race Club and Sky Lounge, the latter being a high-end hospitality area for Government dignitaries, corporate leaders and celebrities. This is where Robinson’s negotiations skills come in. Host city authorities may want a ratio of 1:100 security personnel in the crowd, but Robinson will step in to find a happy medium. “When you have a crowd of over 100,000 people, that’s a lot of visi-vests in a public area, which affects the public’s perception of the event,” he says. “We’re negotiating the 1:100 by saying it’s not just private security but info staff as well. I always have in each area a team of six to twelve highly skilled security personnel with a bit of muscle but also a really good speaker who can then go around and deconflict issues.” Robinson adds, “And the personnel in Sky Lounge will be

Asia Pacific Security Magazine | 29

Frontline

Mailbox Roulette: To be handled with care Exploitation of the postal system and mail services for criminal or illegitimate purposes is extensive. Bombs, poisons, drugs and extortion attempts can all be delivered through the postal service, reducing the need for an offender to be physically present during an attack. By Clint Tomlinson

ail and parcel bombs in particular, saw an upsurge in popularity with terrorist groups in the 1970s, and have since experienced periods of peaks and troughs. Offenders have ranged from drug traffickers, organised crime groups, extortionists and jealous lovers to revenge seekers â&#x20AC;&#x201C; targeting a range of individuals, officials, politicians, companies and buildings.

History 1994: Detective Sergeant Geoffrey Bowen was killed when he opened a parcel delivered to the Adelaide office of the National Crime Authority (now the Australian Crime Commission). The attack was linked to the world of Italian-Australian organised crime and the marijuana trade in Australia in the 1970s and 1980s. 2001: The United States experienced a number of Anthrax attacks over several weeks beginning immediately after the September 11 attacks. The letters were mailed to several media offices and two Democratic US senators, killing five people and infecting 17 others. 2013: A parcel bomb exploded at the residence of a

30 | Asia Pacific Security Magazine

judge in Athens. The device had been placed in a folder for documents and delivered to the judge who was involved in a case against a terrorist organisation. The judge identified that the package appeared suspicious and threw it on the floor where it exploded. 2014: Six packages containing white powder were discovered in Western Australia addressed to the Premier, Treasurer and to The West Australian (the offices of the Stateâ&#x20AC;&#x2122;s daily newspaper). Tests on the powder revealed it was not hazardous and at least three of the packages contained a typed threat notifying of further attacks.

Mail security risk Organisations must be mindful of what is being delivered to their mail room. In an ever increasing digital age where online shopping is becoming more and more prevalent, personal deliveries to the work place are becoming widespread. Without appropriate procedures in place and sufficiently trained mail room staff, an organisation is accepting a greater risk to personnel safety. While mail bombings and anthrax attacks may appear

Frontline

NCT Upcoming Events The Non-Conventional Threat (NCT) series of events are IB Consultancy's flagship events, covering the non-conventional threat and supporting Homeland Security professionals and military in their fight against terrorism. The upcoming 2014 NCT events will join a series of NCT events that have been held in The Hague, Bangkok, Mumbai, Tel Aviv, Brussels and Kuala Lumpur.

ib there

CBRNe NCT Europe

Contact us: +31 71 744 0174 (EU) +65 315 814 03 (Asia) +1 212 380 1917 (USA) eventsteam@ib-consultancy.com www.ib-consultancy.com

Event Partner

2 -3 September 2014 www.cbrneeurope.com

n The worldâ&#x20AC;&#x2122;s leading CBRNe event with previous editions in The Hague, Tel Aviv, Kuala Lumpur and Bangkok n Two days of conference and trainings with high-level speakers from Europe, Caucasus and the Middle East n Attendees, delegations and speakers from over 30 countries including Germany, Poland, Ukraine, Estonia, Hungary, Croatia, and many more n NCT events are the undisputed best forum for high quality networking, meeting the people who matter n Announcement of the NCT CBRNe Awards 2014 Nominees n Taking place at the 5 star Westin Leipzig

Asia NCT CBRNe

14 -16 October 2014 www.cbrneasia.com

n The 3rd edition of Asiaâ&#x20AC;&#x2122;s #1 CBRNe event n Live demonstration of Cambodian and Vietnamese capabilities n Announcement of the NCT CBRNe Awards 2014 during the Gala dinner n 2-day conference with high-level speakers, stream sessions, and interactive workshops n No other CBRNe event welcomes more Ministers, Generals and other VIPs n Vibrant exhibition showcasing state of the art technology and equipment n Networking Cocktail Receptions and Gala Dinner n Taking place at the Koh Pich City Hall

Middle NCT CBRNe East

9 -11 December 2014 www.cbrnemiddleeast.com

n Two days of conference and trainings with high-level speakers from the Middle East, Central Asia, Europe and the US n Focussed exhibition of CBRNe equipment n NCT events are the undisputed best venues for high quality networking, meeting the people who matter n Taking place at the 5 star Royal Meridien Abu Dhabi

Sponsors & Exhibitors

Main Sponsor HomelandDefSec

Asia Pacific Security Magazine | 31

Cyber Security

Silent stalker: Who are the victims of big data? The explosion of big data and the proliferation of tools to analyse vast amounts of information leads to many questions, the primary one being; what are the ethics behind data analytics?

B By Adeline Teoh Correspondent

een comparison-shopping on the web lately? Chances are, whatever you’ve recently looked at will start to follow you around as you catch up on your favourite blogs. If you’re lucky, the ads will be quite useful; you’ve just bought a camera and now the ads are showing camera accessories you might like to purchase. Occasionally, you’ll get legacy junk that is not helpful at all; once, after hiring a car in Hawaii, I came home to an inbox full of Hawaiian car rental deals. If the prospect of your favourite search engine knowing more about you, than even you do, is a scary thought, here’s something more frightening; paired with open data from Government records and the small, seemingly inconsequential details you give freely through social networks, anyone can form a complete profile of who you are, what you do, what you like and whether or not you’re likely to buy Taylor Swift’s latest album. (Even if you pretend to your friends and colleagues that you don’t like Taylor Swift). Commercial interests Organisations use big data under the guise of being helpful, but it’s a soft form of exploitation says Katina Michael, Associate Professor in the School of Information Technology and Computer Science at the University of Wollongong. “Initially it’s about convenience, then it’s about customer care and then it’s about control. All companies start off with ‘I’m doing this to make life easier for you’, then they move

32 | Asia Pacific Security Magazine

towards the rhetoric ‘I’m doing this because I care about you’,” she explains. “Companies are there to make money. We should not forget that. There’s nothing wrong with making money but we mustn’t allow them to think ‘because I exist for profit maximisation, I can conduct predatory practices to get more money out of each individual’.” Frank Buytendijk, Research Vice-President at Gartner and author of Socrates Reloaded: The Case for Ethics in Business & Technology, says the issue centres on the individual becoming data sets and the commoditisation of that data. “If you don’t buy the product, you are the product. It’s easy to say ‘evil Facebook, they are trying to get as much data out of me as possible, that’s why they have these shitty privacy settings,’ but the reality is more complex. It has to get paid from somewhere, so obviously there’s another stakeholder – the advertisers.” But just like Michael, he adds that that doesn’t absolve them from addressing the ethics behind data analytics. “That doesn’t mean you can exploit. If you go too far with that, people will see even though it’s free it’s just not worth it and then they will walk away. If there’s no value symmetry it won’t work.” It’s this value symmetry that forms the crux of an ethical argument. The first part is really about who benefits from the data and how they benefit. At the moment there are a number of businesses making a profit and you, the data and consumer, are certainly being short-changed. Buytendijk says the ethical thing to do would be to start with transparency, where

Cyber Security

Asia Pacific Security Magazine | 33

Cyber Security

Cybercrime: Not a matter of ‘if’ but ‘when’ Cyber attacks against information security systems can be some of the most pernicious and challenging threats facing modern business. The volume of a typical organisation’s internal operations and external transactions conducted online, and the amount of data stored digitally, means all modern businesses are potential targets. Given the severe financial, operational and reputational damage that can ensue, companies, banks and financial institutions are not required to publicise that they have been victims of cybercrime, leaving few cases of crime to learn from.

Courtesy of PwC

his may explain why cybercrime is the most misunderstood economic crime. It may also explain why the level of perceived risk posed by cybercrime to organisations is low and why the controls put in place can vary widely. “Many companies don’t fully appreciate the risks of cybercrime to their business until it is too late,” says John Donker, Lead Partner Forensic Services, PwC China and Hong Kong. The 2014 PwC Global Economic Crime Survey (GEC Survey) may be instructive here. (http://pwc.to/ QTfy8w). Launched in February and based on polling of more than 5,000 executives worldwide, the survey sheds light on a number of issues pertaining to economic crime facing organisations across almost 100 countries and territories worldwide. Issues covered include the perception of cybercrime related risks and costs. Of Hong Kong and Macau-based respondents who encountered economic crime, 37 percent said they had experienced cybercrime. Only 14 percent believed that they were at risk of cybercrime in the next two years. In addition, 45 percent of Asia Pacific respondents said they had perceived the risk of cybercrime to have increased during the previous two years, and 26 percent expected to encounter it again during the next 24 months. Regional perception of the risks of cybercrime has increased during the past 24 months “Countering the cyber threat begins with an honest assessment of an organisation’s information security capabilities, including asking hard questions of their

34 | Asia Pacific Security Magazine

information security systems and strategies,” says Megan Haas, Partner, Forensic Services, PwC China and Hong Kong. “These questions include whether the organisation is making best use of precious information security budgets and looking at the problem holistically.” According to the PwC Global State of Information Security Survey 2014 (GSIS Survey; http://pwc. to/1h8ON6b), the number of detected security incidents in 2013, (defined as adverse incidents that threaten any aspect of computer security) increased by 21 percent n Asia Pacific. Of course, this could be seen as a positive development and point to organisations improving their capabilities to detect security breaches, if it were not for the fact that the number of respondents who did not know the frequency of these breaches also increased. In addition, the average reported cost of these incidents increased by 25 percent globally, while nearly a quarter of respondents reported losing data as a result of security incidents. Implications for organisations Lessons can be drawn from these surveys and from the experience and observations of PwC’s specialist information security consultants and forensic accounting and technology teams. Firstly, information security is most effectively handled when the risks are viewed as an organisational threat. Organisations should identify their most valuable data, know where it is stored, monitor who has access to it, and prioritise resources accordingly. Secondly, suppliers and business partners should be strongly encouraged to adhere to organisations’ security policies and practices.

Cyber Security

In addition, educating workforces to be aware of the threat posed by cybercrime is crucial in an age of social media scams and social engineering, where attacks can be extremely subtle or disarmingly bold. “The high-tech security breaches where hackers defeat state-of-the-art firewalls have long been glamorised by the media and the big screen,” says Ramesh Moosa, Lead Partner, Forensic Technology Solutions, PwC China and Hong Kong,. “Cybercrime is borderless. Organisations are not being attacked by computers but by people attempting to exploit human frailty as much as technical vulnerability. ” Indeed, one of the most worrying trends threatening organisations’ information security highlighted by the GSIS Survey is the threat posed by employees. Most respondents to the GSIS Survey attributed security incidents to insiders, and regarded criminal activity by employees (and former employees) as a more prevalent threat than the headlinemaking, but less frequent, external threats. This might be deliberate dishonesty on the part of the employee, but it might equally be the result of error or manipulation by external parties. (Interestingly, this concern was echoed by respondents in some key markets to PwC’s GEC Survey. For instance, Mainland China-based respondents who had encountered economic crime said that the perpetrator in almost four out of every five cases was an employee of the organisation in question). The 2014 PwC Global Economic Crime Survey and the Australian experience The growing number of reported instances of cybercrime remains a key theme of the 2014 GEC Survey in Australia, just as it was in the 2012 GEC Survey, according to Australiabased respondents. Awareness of the issue has also grown significantly with 73.4 percent stating that their perception of cybercrime risk has increased since 2012. The Survey’s findings also suggest a greater awareness of the range of cyber threats and effects, particularly on corporate reputations. In addition to cybercrime and in line with the global trend, Australia-based respondents also reported increasing procurement process fraud, often associated with bribery. This is reflected in the increasing numbers of incidents of corruption involving the bribery of employees and subsequent fraudulent overcharging by suppliers and contractors, particularly in the construction and mining industries. Offshore risks, particularly related to corruption and regulatory action, are another increasing area of focus for Australian organisations with operations offshore. While enforcement of Australian regulations around this issue is arguably not as robust as in some other economies, Australian respondents report that they are well aware of the reputational risks of getting it wrong. Many are performing detailed risk assessments and additional due diligence procedures on business partners, agents customers and employees. The two sides of technology If misuse of technology can pose serious challenges to organisations, technology can also be used to great effect in the fight against fraud, cybercrime and money

John Donker, Lead Partner Forensic Services, PwC China and Hong Kong.

laundering. Data Analytics, for instance, is widely used in many global markets to detect economic crime. Data Analytics can be used to take complex analysis normally hidden on a spreadsheet and present it in a dashboard format using charts, bars, graphs, maps, and assorted graphics. This flexible technology can be tailored to meet specific needs. Banks and financial institutions use it to monitor financial transaction trends such as credit card usage, for instance. However, the GEC Survey suggests that organisations across Asia Pacific, and in key markets of Hong Kong, Macau and Mainland China, may not be making use of this technology to detect internal economic crime as much as they could. At PwC we are building an extensive Data Analytics capability across many markets in Asia Pacific. Our experts can help clients gain much greater insights into red flags, and to monitor any suspicious transactions or patterns of behaviour. They can also draw on capabilities and support from specialist forensic technology centres in India, Hong Kong, and China and from elsewhere to support clients should the need arise. Use of Data Analytics and Suspicious Transaction Activity combined with effective risk assessments can help better prepare organisations for the inevitable breach. But if, as the GEC Survey suggests, some organisations in Asia Pacific are not taking full advantage of these technologies and are not conducting risk assessments as often as they should (or indeed at all), then they may be missing out on invaluable and cost-efficient tools in the fight against information security breaches and economic crime.

Megan Haas, Partner, Forensic Services, PwC China and Hong Kong.

Ramesh Moosa, Lead Partner, Forensic Technology Solutions, PwC China and Hong Kong

Most serious economic crimes detected via data analytics/suspicious transaction reporting Many organisations are still trying to fight today’s battles using yesterday’s tactics. “Cybercrime and the threat to information security are not strictly technology problems; they are also, process, and people problems,” says Megan. The next step for many businesses is to ensure that information security strategies better reflect and counter these different threats.

Asia Pacific Security Magazine | 35

CCTV

The commercial argument for security technologies Technology is having an enormous impact on our lives. It is changing how we work, how we socialise and how we communicate. There can be events occurring on the other side of the planet and we can watch them unfold in realtime on our tablets and Smartphones.

By Luke Percy-Dove

echnology is also having a significant impact on the security industry; in a positive way. If you keep up-to-date with market forecasts, the electronic security market is forecast to experience double digit growth until 2020 and beyond. It is as much about IP communications and systems integration today, as it is about alarm inputs and outputs. Business is learning that security technologies can bring efficiencies in areas outside of security and even generate some return on investment. This was unthinkable not so long ago. Technology versus people power A large part of a security consultantâ&#x20AC;&#x2122;s role is helping businesses overcome their security challenges, whatever they may be. A review conducted late in 2013, for a council property, had all the usual challenges that most council depots experience. They were losing vehicles, parts and equipment on a semi-regular basis and realised their current security practices had failed. When a security review is undertaken, there are generally a lot of questions; this is to not only understand what does and doesnâ&#x20AC;&#x2122;t work from a security perspective, but also to challenge convention. However, the security industry, by nature, is a pretty conservative group. During the review process, it was apparent that a couple of key issues had to be managed better than they currently were. Alarm events could not be verified quickly enough and alarm responses were too slow to influence the outcome. The client explained that the typical alarm patrol response

36 | Asia Pacific Security Magazine

would take up to 45 minutes or more, which meant that alarm verification also took that long. Until the patrol officer arrived, there was no understanding of what, if anything, had actually occurred. Has the security industry been caught napping? Patrol and alarm-response services have been popular with businesses for 80 or so years, and not much seems to have changed. Patrol officers in cars driving to and from premises, night after night diligently checking that doors and gates are locked and all is well. In the event of alarm activation, the patrol car will leave the patrol route and investigate the alarm event. If the patrol officer holds keys, they will often do an internal inspection of the premises, but for many buildings it will just be the outside of the building that is checked. The client also explained that they would on average have three or four alarm events, and the subsequent patrol attendance, each and every week. They also contract the same alarm response company to undertake regular patrols of their depot and other council buildings. What was clear was that their investment in security patrols and alarm-response services was in the tens of thousands of dollars a year, every year. Every client is different in terms of the required risk management strategies. Patrols and alarm-response for some applications may add enormous value. In this case they were proving quite futile, particularly when something like 95 percent of all alarm attendance are associated with false alarms.

CCTV CYBER DEFENSE ME 2014: ICS/SCADA FOR ENERGY & UTILITIES

CAXTON INTERACTIVE TECHNOLOGY WORKSHOP 22 - 24 September 2014 | Abu Dhabi, UAE

SECURING THE FUTURE OF THE ENERGY AND UTILITIES INDUSTRY: THREAT DETECTION IS THE KEY TO ICS/SCADA PROTECTION

For event details, please contact Grace Candelaria grace.candelaria@caxtongroup.com

+971 56 736 6007 | +971 4 884 1110

Media Partners

Tel: +971 4 884 1110

In partnership with

Fax: +971 4 884 7140

Email: caxton@caxtongroup.com

CCTV

The beginning of the end: Public Safety Initiative - Ipswich City Council The early 1990s invigorated various initiatives in public safety, from Crime Prevention Through Environmental Design (CPTED) to community partnerships, educational programs and the then, newly arrived Closed Circuit Television (CCTV) systems. By Larry Waite

38 | Asia Pacific Security Magazine

rowing community concerns throughout much of the country were raised on issues being from the lack of police presence and the amount of juveniles that were freely roaming the streets unsupervised. Youths were commonly observed loitering all hours of the day and night, frequently under the influence of alcohol or other substances. Fighting and assault were becoming all too common and many public spaces were now being construed as unsafe by communities. The lack of lighting in some areas were deemed to increase incidents of violence and a lot of public spaces with many buildings acting as gathering points for would-be and opportunistic offenders. The perception of crime was also high and affected how the community as a whole utilised public spaces and retail areas. The experience in the Queensland city of Ipswich was no different and Ipswich City Council decided to commence its own public safety program, with the assistance of various community groups, police and consultants. They would devise and provide support for a range of long term community safety issues within public spaces. The Councilâ&#x20AC;&#x2122;s vision was to instigate a strategic plan and adopt a mission and vision for the city that would enhance the living, working and recreational environment of Ipswich, in addition to providing efficient and effective client focused services to its community. Ipswich City Council had previously hired part-time

security in the Central Business District (CBD) and it was noted that since the introduction of security, there appeared to be a decrease in anti-social behaviour and crimes of opportunity. In January 1994, Ipswich City Council determined to address safety and security issues in its CBD. At the time, the business community generally agreed on common issues, mainly being the lack of both police and police response, taking on average 22 minutes. A consultant was engaged and an intensive security audit was carried out, as well as, various meetings with community groups, including police, local businesses and residents. One such meeting at the time was with a local youth group who indicated they had a fear of using the city. Their main fears were of being assaulted and robbed. They also felt that alcohol played a major role in this unacceptable behaviour. At other meetings, businesses voiced concerns that loitering youths negatively impact on their business and groups of youths appeared intimidating to older members of the community. A committee was established comprising of recognised key stakeholders, including representatives from Ipswich City Council, police, community groups and businesses. Round one of the program was to have an immediate presence in the streets, particularly of an evening with not only increased police and security patrols, but representation of community

Share. Learn. Secure.

Attend RSA® Conference Asia Pacific & Japan and experience what happens when information security professionals collaborate and share exciting innovations that help secure our businesses. Choose from 7 conference tracks and 50+ sessions. Become a part of our collective intelligence and register today.

Capitalizing on Collective Intelligence

“The Fall of Lance Armstrong and the Importance of the Truth” David Walsh Journalist and Chief Sports Writer The Sunday Times

“The Second Machine Age” Andrew McAfee Principal Research Scientist at MIT and Fellow, Harvard Law School

Arthur Coviello, Jr. Executive Vice President, EMC Corporation Executive Chairman, RSA, The Security Division of EMC

DON’T MISS OUT. REGISTER TODAY

www.rsaconference.com/2014 Supported by:

Managed by:

Held in:

Asia Pacific Security Magazine | 39

International

New Zealand Security Conference and Exhibition 2014 The Conference theme this year is “Professionalising for Profit: Your Passport to Success” The 2014 New Zealand Security Conference and Exhibition will be held at our usual venue, the Rendezvous Hotel in Auckland on 27 and 28 August. Stringent measures have been adopted to overhaul the image of the security industry through the process of licencing, monitoring and certification has resulted in a structure holding moving those within the occupation to levels of professionalism. This year the conference and exhibition will give insight into what professionalism of the security industry means from a business’ perspective, particularly how your business can adopt key strategies to take advantage of new opportunities arising out of the industry structuring. A key focus will be on the development of personnel through training, standards of certification thereby enhancing

their technical skills and knowledge whilst providing the opportunity to obtain meaningful industry recognised qualifications. The conference will provide critical information on how to professionalise the quality of your own individual performance as industry leaders, and how to provide higher levels of service offered to clients through better business practices, stringent regulations and standardised training. The conference will also provide a comprehensive review on security management trends in Europe as well as across Asia Pacific and their association to the New Zealand industry. Don’t forget that the following events also run in conjunction with the Conference:

Industry Breakfast Nick Tuffley; Chief Economist ASB Nick Tuffley was appointed as ASB’s Chief Economist in January 2007, having previously worked at Westpac and the Reserve Bank of New Zealand. Nick studied at Canterbury University, graduating with a Master of Commerce in Economics. He and the rest of the Economics team provide regular analysis of economic developments and the outlook through written publications and media comments. Their key objective is to help the bank’s clients make betterinformed business and personal finance decisions. Nick will provide ASB’’s annual Insight into the Current Economic Conditions as we begin the event over a full breakfast.

Key Note Speakers

Hilde De Clerck Hilde DE CLERCK has been the SecretaryGeneral of APEG-BVBO, the Belgian Federation of Private Security Companies, as well as of CoESS, the Confederation of European Security Services since 2001. Since 2002, she is also the Secretary-General of ASSA-I, the Aviation Security Services Association International. Hilde is a member of different national, European and international expert groups related to research and analysis of private security-related matters. She has presided several CEN (European Committee for Standardisation) project committees which developed European standards for private security services. Ms De Clerck last presented at our 2010 event and the feedback from attendees made a return visit inevitable.

June - July 2014

40 | Asia Pacific Security Magazine

VladoDamjanovski VladoDamjanovski is an author, inventor,lecturer and closed circuit television (CCTV) expert who is well known within the Australian and international CCTV industry. Through his company he provides consultancy, design & project management, system-commission, product testing, desk-top publishing and training. In 1995 Vlado published his first technical reference book - simply called ‘CCTV’. This was, and still is, one of the first and complete reference manuals on the subject of CCTV. Now in its 4th edition, and translated into four languages, Vlado’s book continues to have a 5-star rating. The 2013 edition is titled ‘CCTV - from light to pixels’.

Rob Redenbach A former member of the Australian Defence Force, Rob’s practical experience includes managing a security company in Papua New Guinea, working with the bodyguard team of Nelson Mandela, teaching his own system of self-defence to the American FBI and British special forces and providing security services to aid-workers in Iraq and Afghanistan. Rob draws from a wealth of real-life experience to captivate, motivate and educate

NZ Security

International

Awards Dinner Relax and allow our MC, Frankie Stevens to entertain you whilst enjoying great food and wine. Come and join us to celebrate the individuals who have made a difference to our industry in the past 12 months. Take your opportunity to network with keynote speakers as well as the many industry leaders attending. Exhibition A two day security Exhibition will be held alongside the Conference. The Exhibition is on Level 3 of the Rendezvous Hotel which is accessed from the main hotel reception area via escalators. The trade displays will be located in the Rendezvous Ballroom. The Exhibition provides the ideal opportunity to showcase products and services to Conference attendees and decision makers from general industry. All visitors to the Exhibition will be given a Visitors ID Badge and “Exhibition Passport” on arrival. The Passport will require them to visit all stands in order to be eligible to win some great prizes. If you have any new product launches scheduled for this year, or any plans for visits by your offshore suppliers or industry experts then we suggest that you coordinate these with the NZ Security Conference and Exhibition to get the best possible exposure to your market.

Suzanne Masefield Suzanne is the Body Language Analyst for TVNZ, Close Up, Breakfast TV, SKY TV (UK) and The Herald on Sunday and a feature writer in several magazines and co-author of #No.1 best-selling book ‘Align, Expand, Succeed’ and ‘101 Ways to Enhance Your Career’. Her body language and stress management expertise is employed by many of today’s leading companies as a speaker, trainer and analyst consultant to assist businesses maximise engagement, increase personal impact and generate core level success to help them gain the edge in today’s competitive market

NZ Security

Conference Floor Plan

Fire Exit

Booths 1-26 are 3.0 x 2.4mtrs

EXHIBITION AREA 1.2

2.7 Aisle

3.0

PIANO

Unless Otherwise Stated

4 32

Booths 27-31 are 3.0 x 1.2mtrs Unless Otherwise Stated

13 1.2

3.0

2.7 Aisle

Storage

PRE-FUNCTION ROOM

FOYER

FIRE HOSE

PRESENTATION AREA LIFT CLOAK ROOM ES CA LAT OR

For more information please contact Lucy or Catherine on phone: 09 486 0441 or email: lucy@security.org.nz or catherine@security.org.nz

BOARDROOM

FIRE EXIT

Sponsorship Opportunities NZSA Conference 2011 Sponsorship for various aspects the Security ConferenceVenue: 2014, offer a unique Rendezvous Hotel 2011 and highly valuable opportunity to expose your brand to security professionals from business and government sectors. Sponsorships range from as little as $1500 to $15,000 for the Platinum Sponsor. Gillian Stewart All sponsors will be acknowledged at Gillian will present the findings of the councilthe event and in all publicity surrounding facilitated ‘Safer Auckland CCTV Project’. it. Each sponsorship also has additional Your input into the development of the draft benefits, including free registrations to strategic action plan will be sought at the conference. This strategic action plan will the conference and related events. Please not only set the council’s policy on public contact Lucy (info@security.org.nz) for a places CCTV, but also outline the changes copy of the Sponsorship Prospectus required across all stakeholders to improve the We would like to acknowledge those approach to CCTV and deliver safer Auckland communities. who have already signed up for this year’s event.

DO NOT MEASURE OFF DRAWING. IF IN DOUBT ASK. DRAWN BY:

J. Wiley

DATE DRAWN:

Ph:

20/05/2011

09 574 6574

Email: j.wiley@displayways.co.nz

Latest News and Products

TechTime - latest news and products

The Comprehensive Surveillance Solution Canon - the choice for high quality network video solutions. With a 75 year imaging heritage and focus on innovation, Canon offers everything you need to monitor and protect your environment.

High Quality Network Cameras with HD and FULL HD resolutions Canon’s range of surveillance cameras offer a wide choice of sizes, construction, field of view and video compression formats – so you can select a model that’s tailer-made for your workload.

VB-H Camera Range The VB-H series feature 4 camera models with the following specifications: VBH41 - PTZ Camera (available in black or silver) 2.1MP FULL HD 1080P | 20 X optical zoom | Built-in Image stabilisation | Wide Angle VBH610VE - Fixed Dome Camera 2.1MP FULL HD 1080P | Remote Optical Pan/Tilt/Zoom/ Rotate during installation | 3 X optical zoom | IP66 rated | Ultra Wide Angle VBH610D Fixed Dome Camera 2.1MP FULL HD 1080P | Remote Optical Pan/Tilt/Zoom/ Rotate during installation | 3 X optical zoom | Ultra Wide Angle VBH710F - Full Body Camera 2.1MP FULL HD 1080P | Remote Optical Zoom during installation | 3 X optical zoom | Ultra Wide Angle | Strong Low light performance

VBS800D - Fixed Compact Dome Camera 2.1MP FULL HD 1080P | Manual Lens Rotation VBS900F Compact Full Body Camera 2.1MP FULL HD 1080P | Wide angle

Strong Features across the Whole Range of Cameras High Quality Image Capture & Efficient Video Recording Equipped with powerful DIGIC DV III image and DIGIC NET II network processors used in Canon’s professional cinema EOS cameras, the range of Canon network cameras are able to capture exceptionally high quality images, with vivid, accurate colour and reduced image noise. All cameras also now support Windows 8.1 and Internet Explorer 10* Strong in Low Light Environments With decades of experience in capturing accurate colour, quality imagery in low light and bright light areas and scenes where lighting conditions change dramatically has enabled Canon’s range of cameras to feature some of the strongest low light performance in each class. These range of cameras have the exceptional ability to capture low-noise colour video with little more illumination provided by a candle’s flame. An added functional benefit is that all cameras have extremely strong Wide Dynamic Range – what Canon calls, Auto Smart Shade Control. This is a new feature which can automatically change the lighting conditions of the scene or subject the camera is looking at. The cameras analyse the brightness of the scene and then select the optimal exposure and darkness compensation level to ensure that subjects remain sharp and clearly visible even in backlit conditions or dark environments.

enabling high quality recordings without driving up storage costs. Innovative keyword tagging and filtering features make it very easy to analyse data. It is available in three versions to support up to 9 cameras (RM9), 25 cameras (RM25) and 64 cameras (RM64). Additional viewer licenses are also available for networks larger than 64 cameras. Third Party Software All Canon network cameras support the ONVIF standard. Canon is also working with VMS companies globally to rapidly expand deeper integration of each model within market leading platforms. Develop your ideal solution – using your choice of software together with Canon network cameras. Extended integration or support for specific applications may also be possible with the use of Canon’s Software Developers Kit** On the right hand page you will see our current VMS partners which we are working with and their VMS platforms support the range or selected Canon cameras.*** Contact us at specialised.imaging@canon.com.au For more information visit www.canon.com.au/networkcameras *Free online firmware from Canon’s service and support website may be required. **Not for general public issue. Available on a case-by-case basis under strict NDA agreement. ***Third party VMS integration is varied and constantly changing. Some Canon cameras are supported through ONVIF and/or others through dedicated drivers. Please check specific integration before making purchase.

Advanced Intelligent Functions at the Edge Across the Canon range of cameras you will find six intelligent functions built into each camera. These include Moving Object Detection, Abandoned Object Detection, Removed Object Detection, Camera Tampering Detection, Passing Detection and Volume Detection. The cameras are sophisticated enough and powerful to do these analytics at the edge reducing the workload on your network.

VB-S Camera Range VBS30D - Compact PTZ Camera (World’s Smallest FULL HD Compact PTZ camera) | 2.1MP FULL HD 1080P | 3.5 X optical zoom VBS31D - Optical PT Compact Dome Camera 2.1MP FULL HD 1080P | Optical Pan/Tilt | 4 X Digital Zoom

46 | Asia Pacific Security Magazine

Canon RM Software Canon’s, “RM” is a quality, affordable platform for individuals and organisations wanting an easy-to-use Video Management Software. It supports H.264 compression

Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media

TechTime TechTime- -latest latestnews newsand andproducts products

Information presented in in TechTime is provided byby thethe relevant Information presented TechTime is provided relevant advertiser and areare notnot necessarily thethe views of of MyMy Security Media advertiser and necessarily views Security Media

AsiaAustralian Pacific Security SecurityMagazine Magazine| 47 | 49

TechTime - latest news and products

CASA questions the safety of drones The world of Unmanned Aerial Surveillance has come a long way. Just a few short years ago, the thought of having a remote control ‘drone’ as part of police and security accoutrements was beyond cost feasibility. Now, the South Australian Police have done just that. Not only are Government agencies, at all levels, adopting their use (from conducting surveys and inspections to responding to crime and emergencies), the public are getting their hands on them to take amateur aerial footage or to check out their neighbour’s backyard. Small units cost less than $100. Control systems will allow pilots to fly using smart devices – meaning most amateur techies will think they can be instant adopters. Naturally, already there have been operators misusing them, causing danger to not only the public and infrastructure on the ground, but to airborne commercial aircraft as well. Australia was the first country in the world to regulate Remotely Piloted Aircraft (RPA), with the first operational regulation for unmanned aircraft in 2002. In early July 2014, the Civil Aviation Safety Authority (CASA) used the Sir Richard Williams Foundation Lecture to highlight the new rules and regulations the Civil Aviation Safety Authority would have to put in place for RPA. There are very slight differences between RPA, Drones or UAVs, if any at all. The CASA working group is looking at developing a special set of regulatory provisions that will allow the use of RPA in emergency situations, in a responsive manner whilst operating safely. CASA supports the belief that RPA can provide a very valuable benefit for emergency services and have the potential to provide emergency services in the form of fire spotting, for example using Defence RPAs, the Heron, the Shadow 200 or the Scan Eagle. One of the first concerns CASA has with the RPA is how easy the public can get their hands on one. CASA acknowledges, if misused, the RPA can be very dangerous, so much so that it can destroy an Airbus’s jet engine. A near miss between a RPA and a passenger jet at Perth Airport in 2010, demonstrated why CASA is so concerned. In that incident, the RPA operator flew within 30 metres of a Pacific Blue 737-800, and was caught in the wake turbulence, causing it to spiral towards the ground. This incident could have been a lot worse than it initially appears to have been. On 2 October 2013, an Unmanned Aerial Vehicle (UAV) filmed its collision with the Sydney Harbour Bridge and was found the following

48 | Asia Pacific Security Magazine

day. CASA, naturally, took this event very seriously and initially alerted Counter-Terrorism officers. Police later determined the RPA was being used recreationally by Mr Edward Prescott, who was in Sydney as part of the support crew for the Rhianna Tour. Mr Prescott said that he did not fly that close to the bridge, intentionally. As a safety precaution, CASA advises that RPA should not be operated within 30 metres of people and away from large structures like bridges, buildings, and crowds. CASA also suggests that owners should always contact the local City or Shire Council to question what airspace is available or allowed to fly in. In the Sydney Harbour Bridge case, the airspace around the bridge was restricted for all aircraft, including light aircraft. CASA has questioned whether RPA are safe for use in the civilian world. With the capability of flying low in residential areas, as well as high into busy airspace – and with an estimated 100 RPA taking to the skies each week, CASA needs to respond quickly with laws that are designed to prevent serious injuries or crashes that may occur. At the moment, there are rules for hobbyists, who are the most common pilots, and do not need any training, or need to register their light drones. They are required to: • Fly below 400 feet; • Operate only in daylight; and • Stay well away from airports and highly populated areas. With the growing popularity of RPA, globally, they are going to develop a strong and multidiverse market. A 2013 study by Teal Group suggests that the US defence force will spend more than double RPA expenditures during the next decade – from US$5.2 Billion annually, to US$11.6 Billion, spending more than US$89 Billion all together during the next decade. CASA has also established a process to obtain an Operating Certificate to fly a RPA. The

By Will Evans and Chris Cubbage

number of certificates being issued shows the growth and demand for RPAs in Australia. In February 2012, there were 15 total Operator’s Certificates, that doubled the following year, then rose to more than 40 in 2014. One of the certification requirements is to sit a similar exam to those of an aspiring private pilot and equates to 90 percent of a pilot’s course. So, evidently, getting a certificate isn’t the simplest of tasks. The more commonly available RPA are the types that weigh less than seven kilograms. These are inexpensive and can be bought in retail or online stores. These may be flown without applying for an operating certificate. There are, however, many variants of unmanned vehicles. For example, the US Military has a ranking system to select the more appropriate UAV for the job at hand. Ranking criteria ranges from Low Altitude (Tier I) UAVs to High Altitude (Tier III or IV) variants. The diversity of drones available today, is a clear indicator of how this technology is progressing and will continue to evolve. CASA has acknowledged the use of RPA will continue to expand as technologies and performance characteristics lead to longer flight durations, covert operational capabilities, and reduced operational costs. As RPA develops and mature they will naturally serve many sectors, such as law-enforcement, security, agriculture and environmental sectors. CASA has also reasonably foreseen RPA roles which could expand to include more complex operations and eventually, possibly even carrying passengers and conceivably routine unmanned commercial cargo flights. For many entering the RPA and UAV industry, it may indeed be only a blue sky from here. About the Author Will Evans has recently joined the My Security Media team as an Aeronautics and Media Student as part of his Vocational Training.

Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media

TechTime - latest news and products

CELEBRATING 3 YEARS OF SECURITY INNOVATIONâ&#x20AC;Ś SEE YOU NEXT YEAR 8-10 July 2015 securityexpo.com.au facebook.com/secexpo @Security_Expo

SYDNEY OLYMPIC 8-10 JU

Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media

Asia Pacific Security Magazine | 49

TechTime - latest news and products

How to avoid Heartbleed or similar SSL related vulnerabilities By Albert Ching

The latest disclosure of Heartbleed, an OpenSSL encryption bug, is yet another reminder of the security threats we continue to face. The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop communications, steal data directly from the services and users, and to impersonate services and users. This bug has resided in production software for more than two years and is described as ‘catastrophic’ by leading security experts. The immediate solution is to identify affected systems, apply the fix and update the SSL certificates. Users also need to be informed to change their passwords and track misuse of the exposed information. Even if the bug is patched today, there is no guarantee that a similar type of bug does not resurface or stay hidden in software undiscovered. Such vulnerability with similar impact could arise in the future from another SSL library or application product. It also leads to questions whether Secure Socket Layer (SSL) is sufficient to protect data confidentiality and integrity of online transactions. How can enterprises manage the risk of future data leak through web services and convince their customers that their data is safe from eavesdroppers? Would it have been possible to have done something to mitigate the risk of such an event? To prevent exposure of sensitive data even if SSL encryption is broken, enterprises need a strong data protection solution such as endto-end encryption (E2EE) to protect passwords and sensitive transaction data. E2EE ensures that sensitive data stays encrypted even within the memory of vulnerable web or application servers. It offers protection to the HeartBleed type of bug as well as prevents insiders such as software developers or DBAs from leaking sensitive data accidentally or deliberately. In fact, both Monetary Authority of Singapore (MAS) and Hong Kong Monetary Authority (HKMA) have mandated financial institutions to adopt E2EE for protection of passwords as well as critical transaction data in the e-banking sites. Like many financial institutions, organisations should adopt the same best

50 | Asia Pacific Security Magazine

practices to encrypt the password and sensitive data and send the encrypted data over a communication channel in addition to the SSL protection. This can be done by using an encryption library and key data to encrypt the data at the point of entry (user desktop/ smartphone) before submission to the server side. This data remains encrypted all the way to the web server and even the application server. The data may be decrypted at the application server, however, in the case of passwords, they remain encrypted and are verified inside an HSM. HSMs are cryptographic devices using tamper resistant hardware built to meet the FIPS standards. Thus, the passwords are encrypted from the point of entry to the point of comparison. Apart from mitigating against Heartbleed type of vulnerabilities, this ensures that nobody in the intranet has access to the password in clear during transit and storage, as well as protecting against internal fraud. In summary, effective data protection requires a combination of layered security solutions and the right processes. Organisations should not wait for the next web server vulnerability and should look into implementing End to End Encryption solutions at the application layer to protect their confidential information instead of relying on SSL protection.

About the Author Albert Ching is CEO & CTO of i-Sprint Innovations, a global Identity and Access Management software company – a company which helps its clients address their application security challenges, compliance requirements and technology risk needs. Albert has been in the IT industry for more than 27 years and has held various IT executive positions in the US and Singapore for IT strategic planning, enterprise architecture, security and infrastructure planning and application development.

Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media

TechTime - latest news and products

CIOs, IT Leaders and decision makers • Big data • Communications • Cloud computing • Technology systems • Interviews with industry thought leaders plus much more.

Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media

Asia Pacific Security Magazine | 51

TechTime - latest news and products

Maintaining surveillance equipment using lowering devices By Jeremy Lee

It’s no wonder the camera surveillance industry has grown up and out. Grown up, because the technology has improved, enabling cameras to be hung at greater heights, covering larger areas. Grown out, because cameras are being used nearly everywhere. With all of this growth in the surveillance industry, one very critical area continues to be overlooked – camera maintenance. Camera systems are easier to install, and easier to replace at ground level. They’re cumbersome to trouble shoot. While camera surveillance is generally understood to be a good thing, it’s the maintenance piece of most camera installations that creates the bulk of ongoing issues, and results in lost time and money.

Technology at play In 2003, security cameras were designed with large CCDs, imagers, digital signal processors, and lenses. Nowadays, cameras are tiny, sensitive pieces of hardware. The trend, studies show, indicates that some warranty periods have been cut in a third to as much as a half by many manufacturers, especially in outdoor camera models. So while the environment for surveillance hardware hasn’t changed, the hardware has. Whether the camera technology is IP or analog, new or old, several factors decrease the mean time between failures of cameras. This includes hot and cold environments, unbalanced power loads, and vibration due to wind. The message to the surveillance industry is clear: Cameras are sensitive pieces of hardware. Other less expensive system components housed in protected environments, receive

52 | Asia Pacific Security Magazine

better maintenance. But, when the camera image cannot be viewed, it is assumed that the camera – not peripheral equipment – for example a control box, is most likely the culprit and must be examined. If there was ever a time to pull a camera down and service it, that time would be now. Lowering devices offer camera maintenance convenience A lowering devise is a solution to simplify camera maintenance. Originally conceived for use with other products, the lowering device was designed to service street lights. Companies which maintained lights in urban areas had two fee schedules; the one for the technician who serviced lights at ground level, and the one for the technician who had to go up in a lift or on a ladder to service them in the air. The cost difference was dramatic. And so was born the idea to bring lights to the ground for servicing. Usually hand cranked and purely mechanical by design; this same technology exists today. Where lights and cameras are similar is the maintenance schedule that should be maintained to yield optimal performance. Light enclosures collect dust, bugs, and other particulate matter; power leads corrode; condensation builds in the housing, and accumulates on the enclosure which dims the light and reduces its lumen yield over time. And, of course, lights need replacement. Sound familiar? Precisely. Why would a camera’s needs be any different than the average light bulb? In fact, when one considers the average camera costs twice as much as the average street light, perhaps the camera’s preventive maintenance needs should not be ignored. From an ROI standpoint, the answer is in the numbers. Camera repairs often result from poor maintenance. Cracked enclosures, foggy or distorted images, power failure, even network-related troubles, often result from poorly maintained connections and neglect of periodic cleaning schedules of leads, domes, and lenses. To quantify the cost associated with not maintaining a camera, security directors may look at the cost to their organisation to repair just one camera. While lowering devices continue to grow in popularity, on highways, in maritime applications, and critical infrastructure areas

within the power generation industry, they have been slow to take off in other areas, like corporate offices and schools. Perhaps the industry needs to see more cost taken out of them to drive home the ROI point, or maybe the aesthetics need some fine tuning, and all signs point to strides most manufacturers have made in these areas. In critical areas, however, like increasing the lifespan or maintaining camera performance, there is no better solution. About the Author Jeremy Lee is Regional Manager, South East Asia and Taiwan at Moog Inc www.moog.com.

Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media

TechTime - latest news and products With Participation Of:

The 3rd Unmanned Vehicles Israel Defense Conference 17.09.2014 | "AVENUE" AIRPORT CITY, ISRAEL Conference Chairman: Mr. Alon Unger

17.9.2014 | SAVE THE DATE T: 972-74-7031211 | F: 09-7671857 | E: info@israeldefense.co.il | W: www.israeldefense.com Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media

Asia Pacific Security Magazine | 53

TechTime - latest news and products

Technical Review: Moore’s Law applies to the WD Purple Surveillance-Class Hard Drive Line We have been fortunate to live in a time to experience Moore’s Law at work, with devices continuing to get smaller, cheaper and most importantly faster, smoother and more reliable. There continues to be major advances in technology – and data storage is one such example. Not that long ago we were seeing much larger hardware systems being required for RAID 5 Storage Arrays, suitable for video surveillance, yet already we are seeing RAID 6 arrays in small and more efficient NAS and NVRs using the very latest storage technology. The changes in the video surveillance and IP CCTV technology markets during the past decade are a clear example of Moore’s Law having an effect. With this in mind, it was a pleasure to conduct a technical review of the WD Purple Surveillance-Class Hard Drive, supplied to our office with a review kit containing the following: • ENR -1000 4 Channel NVR (With 2 x WD Purple 4TB HD installed, formatted and ready for use) • Viostar 2 Bay NAS (With 2 x WD Purple 4TB HD installed, formatted and ready for use) • Planet 8 Port POE switch • ACTi D72 Dome Camera • Axis Network Camera M1054 with 2 port POE switch • Axis Q1604 Camera We operated the NAS for 11 days and the NVR for eight days within the office, so there was reasonably limited movement within the camera’s field of view (FOV). After the trial recording period we used storage calculation tools, including CCTV Design Software to calculate an estimated storage requirement based on each of the camera’s resolution, frame rates and bitrate. In contrast to these storage calculations, the WD Purple 4TB HD used significantly less than the storage calculations estimated. Each of the cameras were set to different resolutions (1280 x 720 @ 25ips; 640 x 480 @ 12ips and 1920 x 1080 @ 30imps) and we estimated that during the review period between 500GB-700GB would be required to allow 24/7 recording – subject to scene activity. On our determination of the actual storage amount used, the WD Purple HD used less than 400GB during the 11 day period. We verified our calculations using different storage calculation tools – there is no precise number but each calculation tool landed consistently in

54 | Asia Pacific Security Magazine

a much higher range. Therefore, the WD Purple HD operated with a high indication of much greater efficacy in storage capacity than existing storage algorithms. We also observed quiet operation and low heat output. The review kit substantiated that the WD Purple has been built for integration with new or existing video surveillance systems, designed and tested to surveillance class standards compatible with leading chassis and chip-sets – quite an achievement considering there isn’t an industry standard. Having reviewed and operating the NAS and NVR devices using the

WD Purple HD, our findings support the claim of superior performance for the WD Purple purpose-built line of 3.5inch, high capacity hard drives for surveillance applications. And WD is so popular you’re probably already using one of their products – we were. A Compatibility Selector is available to assist with choosing a selection of surveillance drives at www.wd.com Technical review conducted by Chris Cubbage and Clint Tomlinson, Security Consultants, AmlecHouse.com

Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media

TechTime - latest news and products

Drones Robotics Automation Security Technology Information Communications

www.drasticnews.com

Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media

Like us on facebook! www.facebook.com/drasticnews

Asia Pacific Security Magazine | 55

TechTime - latest news and products

Genetec introduces new network security appliance to product line-up Genetec™, a leading provider of unified IP security solutions, has announced the SV-32, the latest offering in its line of turnkey network security appliances. Designed for customers that require a small size Network Video Recorder (NVR) – such as retail and banking organisations – the SV-32 will be able to support up to 32 cameras, and will offer local viewing and recording capabilities. The SV-32 network security appliance is expected to be available in late spring 2014, to Genetec channel partners and customers in the America, Australia, Europe and select countries in Asia.

56 | Asia Pacific Security Magazine

Powered by Genetec Security Center, the SV-32 will ship with pre-installed software, verified hardware configurations, and a new intuitive Installer Assistant tool. The new Installer Assistant tool, which will be included with the entire line of SV network security appliances, will further facilitate and accelerate the configuration and commissioning of customers’ surveillance systems. The tool will provide automatic discovery and enrollment of cameras and video devices on the network, while also allowing technicians to rapidly select and configure desired camera settings, recording

modes and schedules in Security Centre. “With the ability to manage video monitoring and recording locally, the SV-32 will provide customers with a simple, turnkey solution to facilitate the replacement of their DVRs and migrate to an IP system,” says Francis Lachance, Director of Product Management at Genetec. “Customers will benefit from the Security Centre platform, giving them the ability to monitor multiple sites and work with an intuitive user interface that enables operators to rapidly respond to incidents, and access to powerful search and reporting tools to help accelerate their investigations,” adds Lachance. SV-32 customers will be able to choose from a wide range of HD and megapixel cameras from industry-leading edge device partners, as well as cost-effective video encoders to leverage existing analog hardware to cut down on the cost of transitioning to a fully network-based system. For end users requiring a surveillance system that spans multiple sites, the SV-32 network security appliance can be installed in distributed locations and monitored centrally using the Genetec Federation capability. Federation allows customers to deploy the SV-32 in multiple independent sites, while extending monitoring capabilities to other locations and operators, helping to facilitate and centralise surveillance operations, as part of a single virtual system. The advanced architecture of the SV-32 will be able to synchronise cameras and all related events and alarms between sites in real-time, with no manual intervention required, while still retaining the local autonomy of individual sites of their own monitoring and configuration requirements.

Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media

TechTime - latest news and products

Raytec launches industry first network illuminators VARIO IP is the first network CCTV illuminator in the security industry. With VARIO IP, users can not only adjust their IP cameras remotely, but they can now control their lighting in the same way too, via web interface or video management system. Recently an IFSEC product award winner for Best CCTV System of the Year, VARIO IP is now available with PoE capability. Available in both Infra-Red and WhiteLight LED, it provides dedicated IP lighting for network cameras, allowing for remote set up, commissioning, operation and maintenance of your lighting scheme, from anywhere on the network 24/7. Users have full control over their lighting at all times to respond to live events in real time, using lighting to deter crime. They can also alter settings in response to operational changes for the best CCTV images and safety at all times. VARIO IP makes it much easier to operate large CCTV systems in a more secure and

LEADING INDEPENDENT SECURITY CONSULTANTS

much greener way. VARIO IP can be controlled individually or in groups by a variety of other security technologies e.g. cameras/detectors, and scheduled using a timer for activation only when needed, to reduce electrical consumption even further. An API is available for seamless VMS integration, allowing quick and easy operation of your lighting within your overall security system. VARIO IP reduces visits to site, minimises labour time and costs, whilst ensuring maximum performance from your

system at all times. VARIO IP is also the first CCTV illuminator to be fully integrated into Milestone’s XProtect video management system. For more information on VARIO IP visit www.rayteccctv.com

Secure Key ManageMent Getting a key is as easy as 1 2 3

www.amlechouse.com Amlec House Pty Ltd Independent Security, Risk and Investigation Management Consultants

Security Design, Reviews & Auditing Services Studies, Investigations & Reviews Background & Criminal History Checks Due Diligence Services Specialist Technical Services Security & Risk Awareness Workshops Cyber Security, Online Safety & OSINT Workshops

The BenefiTs are simple…

• •

Saves money – no lost keys

•

Organised layout – all keys are kept in one place

•

Ensures you always know who has which set of keys

•

Modular system gives total flexibility for expansion

Only authorized staff can access keys

The Keytracker system is the simplest and most cost effective key management system currently available. Ranging in size from single units, 5 capacity then in multiples of 5 up to a maximum of 300 keys, the Keytracker system is Ideal for Security Companies, Car & Motor Cycle Dealers, Police, Hospitals, Schools…or anywhere where lots of keys are handled by lots of staff where the chance of misplaced or lost keys is high.

1 Insert your personal colour coded access peg...

Twist to release the desired key...

3 Remove key!

Access peg cannot be removed until key is returned

For more information visit www.keytracker.com.au or call us on 1800 814 716

Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media

TechTime - latest news and products Available online! See our website for details

1 YEAR SUBSCRIPTION TO THE AUSTRALIAN SECURITY MAGAZINE

6 print issues per year for only $88.00 SUBSCRIBE TODAY... DON’T MISS AN ISSUE Yes! I wish to subscribe to the Australian Security Magazine, 6 issues (1 year). ☐ ☐

AUSTRALIA INTERNATIONAL

A$ A$

88.00

(inc GST)

1 YEAR

158.00

(inc GST)

1 YEAR

Yes! As an additional bonus I wish to receive direct to my inbox the Asia Pacific Security Magazine (emag), 6 issues (1 year).

No business or government organisation survives in a vacuum. Sharing knowledge is fundamental to the development of successful security planning and implementation. That is the role of our magazine: sharing knowledge of developments in security management for public and private sector organisations, both for internal management and for external obligations in public safety and security.

MY DETAILS

PAYMENT

Salutation: __________First Name: __________________________________________

Please find enclosed my cheque/postal order (made payable to MySecurity Media )

Surname:______________________________________________________________

for $ __________________ or debit my:

Job Title: ______________________________________________________________ Company: _____________________________________________________________ Postal Address:__________________________________________________________ Suburb: _____________________State: _________ Postcode: ____________________ Country: ______________________________________________________________ Email: ________________________________________________________________

58 | Asia Pacific Security Magazine

Card Holders Name: __________________________________________ Signature: _________________________________________________

Interested in our e-news service? Phone: +61 (8) 6465 4732 during business hours AWST (Australia Only)

Expiry Date:________________ Todays Date: ______________________

PRIORITY FAX Credit Card Details Australia +61 (8) 9467 9155

FREE POST My Security Media 286 Alexander Drive, Dianella. W.A. 6059

Email subscriptions@mysecurity.com.au

GST This document will become a TAX INVOICE for GST when payment is made. My Security Media Pty Ltd ABN 54 145 849 056 Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media

Review by Chris Cubbage

Digital Video Surveillance and Security – Second Edition By Anthony C Caputo

here is a great sense of achievement in writing a book – no less a technical book like Anthony (Tony) Caputo’s Digital Video Surveillance and Security (2010, Butterworth- Heinemann). However, the best sign of success for any book is to go to a second edition, to remain so relevant and at the forefront of an industry is something special and to be very proud of. Tony has achieved just that with his Second Edition. Since first meeting Tony in Sydney in 2011, where he was a keynote speaker and I was the conference chair of CCTV World, I took the opportunity of grabbing a copy of Digital Video Surveillance and Security. Glad am I and so should a number of our clients, because as a security and surveillance consultant, the book has spent many hours sitting open on our office desks as it gets referred to, discussed, checked, verified and did I mention, referred to again. As Tony came to finish his manuscript for the second edition, we were able to catch up for lunch in Chicago in 2013. Along with projects in the US and Middle East, Tony has since still been able to find time to contribute another two CCTV articles to us and has been a regular contributor to the Australian Security Magazine’s CCTV Feature Series. Whether you have the first edition or not, the Digital Video Surveillance and Security, Second Edition (2014, Butterworth- Heinemann) looks like the best one worth having. From the time you open the first few pages you get the sense Tony has put everything into this work – including expanding the Preface to go back to the true source of his interest in his field – including a link to the assassination of John F Kennedy. This gives a valuable insight into the author and the motivations not just behind this book but also, indeed why video surveillance technology has emerged as a major driver of the security sector in the modern world. Digital Video Surveillance and Security, Second Edition talks to the student, practitioner and fellow expert of all levels and interest. Written in the first person with the sense of Tony’s Chicago wit, this book allows simple and graphical explanations and case studies of digital video principles, equipment and hardware systems, networks and networked video systems, wireless networks and architectural designs. The basis of designs are provided in depth, including site surveys, software selection, archiving and storage, project management and system integration. A

great aspect is the troubleshooting segments to a majority of the chapters – given Tony’s expertise and experience, this is a valuable asset to have in any technical book. These aspects are further supported with Site Survey Checklist Templates and Survey Forms. And whether you are a consultant in Australia or an installer in the US, UK, Hong Kong or Singapore, the technical and applied science is the same. There are very few true experts in the field of CCTV – and frankly if you are in the CCTV and Video Surveillance System industry either as a student, installer, engineer, designer, integrator, sales or consulting – then this book should be within arms-reach and once it is, you are likely to keep it very close to you for your next CCTV and Video Surveillance Project. Author Anthony C Caputo

Have you recently published a security related book? Or have you just read a new, great security book? Please email us at editor@australiansecuritymagazine.com.au

Asia Pacific Security Magazine | 59

Regional

Fostering Innovation for Global Security Challenges 14 - 16 APRIL 2015 Sands Expo & Convention Centre Singapore www.interpol-world.com BO

RD ER

B CY

S EC

SAFE

R CU

ITY

CITIES

IT Y

WHAT TO EXPECT EXHIBITION SPACE

27,000 SQM

EXPECTED NUMBER OF EXHIBITING COMPANIES

250

450

EXPECTED NUMBER OF TRADE VISITORS

KEY DECISION-MAKERS FROM INTERPOL’S

8,000

190

MEMBER COUNTRIES Contact us TODAY at +65 6389 6614 or sales@interpol-world.com

Event Owner

60 | Asia Pacific Security Magazine

Supported By

Supporting Knowledge Partner

Held In

Managed By

CCTV

FOR SECURITY. FOR JOBS.

F-35 LIGHTNING II

FOR AUSTRALIA. Lockheed Martin’s F-35 Lightning II — the right security partner for Australia, its people, and its future. Providing thousands of high-technology jobs for Australia and billions of dollars in industry contracts over the next 30 years. SEE THE FUTURE IN ACTION AT: F35.COM/AUSTRALIA

THE F-35 LIGHTNING II TEAM NORTHROP GRUMMAN BAE SYSTEMS PRATT & WHITNEY

LOCKHEED MARTIN

AUSTRALIA Asia Pacific Security Magazine | 61