Issue 133: July/August 23

THE FUTURE OF REMOTE MONITORING

… and the convergence of solar, CCTV and AI capabilities

EDITORIAL

Publisher

Barry Bebbington +44 1708 229354 Barry@pubint.co.uk

Editor Cora Lydon +44 7834 244613 cora.lydon@securitymiddleeastonline.com

ADVERTISING

Worldwide Mike Dingle +44 1752 267330 mike@securitymiddleeastonline.com

Gareth Driscoll +44 1752 260603 gareth@securitymiddleeastonline.com

Ryan Bickerton +44 1752 265802 ryan@securitymiddleeastonline.com

Rahul Vara +44 1752 604352 rahul@securitymiddleeastonline.com

Kyle Kennedy +44 7867 641955 kyle@securitymiddleeastonline.com

Marketing Manager Paul Riglar +44 7496 377630 paul@securitymiddleeastonline.com

PUBLISHED BY Publications International Ltd +44 1708 229354 166 Front Lane, Upminster, Essex, RM14 1LN, UK

UP FRONT

Welcome to another issue of Security Middle East – as usual packed with expert advice to help you carry out your role as a top level security professional.

This issue we cover some key issues that will be impacting on your role in one way or another. First, on page 18 we’re looking at the security challenges of smart cities. The smart city boom shows no sign of slowing down – in fact, the smart cities of the near future will be responsible for generating business opportunities worth $2.46 trillion within a few years. So it’s vital they are adequately protected. Dr Ryad Soobhany of Heriot-Watt University Dubai, explores the security risks of smart cities from their interconnectivity to their communication layer.

from BeyondTrust asks whether you’re prepared for the task of managing multiple identities in the cloud? It’s easy to assume your protection is in place, but he reveals the reality is your cloud security could be lacking. On page 42 Mandiant’s Jamie Collier is encouraging cyber threat intelligence teams to take a requirementsdriven approach, while Rick Vanover from Veeam, is warning that organisations must be prepared for everything to fail when it comes to ransomware, in order to shore up their defenses (page 36).

We hope you enjoy this issue. Look out for our Intersec Saudi Arabia review in the following issue, as well as exciting news on the Security Middle East Conference.

© Publications International Ltd. 2023

at: www.securitymiddleeastmagazine.com

We are also exploring the transport sector with Genetec’s Jon Hill (page 26). He says a proactive approach to safeguarding transport is absolutely vital in both the physical and cyber realms. And more importantly, he’s explaining how to achieve that.

The insidious nature of cyber attacks means no industry is spared from these threats. On page 38 Morey Haber

cora.lydon@securitymiddleeastonline.com

smemag Security Middle East Magazine

ISSUE 133 JULY/AUGUST 2023

MONITOR

03 Up front Foreword from the Editor

06 News Monitor

The latest regional and international security news

08 Market Monitor

A roundup of the latest security products and solutions

10 Cover story: Ai Group

Find out about Ai Group, who deliver AI-based video solutions to all types of industry

FEATURES

18 Securing smart cities

Dr Ryad Soobhany of Heriot-Watt University Dubai explores how the smart cities of the future will be secured

22 3 questions to ask to optimise your security system investment

Rudie Opperman from Axis Communications has some expert advice to ensure your security system investment is sound

24 eSignature security

Carrie Peter from Impression Signatures writes about balancing user experience with security compliance when it comes to eSignatures

26 Trouble ahead for transport

Genetec’s Jon Hill looks at how to take a proactive approach to safeguarding transport in both the physical and cyber realms

30 A path to digitalisation

V. Hrytsevich, 3dEYE Inc. explores how Pure Cloud VSaaS can help bridge the challenges faced by on-premise or hardware-based video surveillance

CYBER MONITOR

34 The human element

Carey van Vlaanderen, ESET Southern Africa, considers why employee mistakes are the biggest cybersecurity threat

36 Prepare for everything to fail

When it comes to ransomware, Rick Vanover, Veeam, warns organisations must be prepared for the fallout

38 Who has access to your cloud house?

Are you prepared for managing multiple identities in the cloud? asks Morey Haber from BeyondTrust

42 Securing the future

Jamie Collier at Mandiant explores how cyber threat intelligence teams can be empowered with a requirements-driven approach

INDUSTRY MONITOR

46 Using cloud services securely

Dan Norman, from the ISF, underlines how organisations in the Middle East can confidently and securely deploy cloud services

48 Industry interview

Meshal Aljohani of Aramco, finds out more about Yacine Benamane, of Unilever, and his career

49 Video surveillance implementation

SPA member, Jonathan Keith from K Tech Consulting looks at video software and software analytics within smart city environments

50 Events

Diary dates for forthcoming security exhibitions, conferences and events

Scamdemic shows no sign of abating

INTERNATIONAL NEWS

Group-IB’s Digital Risk Trends report has concluded that the average number of scam resources per brand (the number of times a brand’s image and logo was appropriated for use in a scam campaign), has increased by 135% year-on-year in 2022 in the Middle East and Africa region. It’s a sign that the scamdemic is showing no signs of slowing down.

The most targeted sectors globally were financial, lotteries and the oil and gas sector. Sharef Hlal, Head of the GroupIB Digital Risk Protection Analytics Team (MEA), said: “Scam campaigns are not just affecting more brands each year as the impact that each individual brand faces is growing larger as well. Scammers are using a vast amount of domains and social media accounts to not only reach a greater number of potential victims, but also evade counteraction. Scams are also becoming more automated, as the ever-increasing number of new tools available to would-be cybercriminals has lowered the barrier of entry. We expect to see AI also play a greater role in scams in the future.”

71% of organisations may be unaware of breaches AI in the spotlight

INTERNATIONAL NEWS

A new report from Vectra AI has painted a worrying picture of the overwhelm security operations analysts are facing. The report reveals that 97% of analysts confess to being worried they will miss security events, while 71% say there’s a chance their organisation has already been breached and they don’t know about it yet. The survey of IT security analysts found that on average they receive 4,484 alerts a day – yet can’t cope with 67% of them:

n 39% believe it’s only a matter of time before they miss something due to the volume of ‘noise’

n 39% say the security tools they use increase their workload, not reduce it

n 41% believe security vendors are afraid of not flagging a breach, so flood analysts with pointless alerts.

INTERNATIONAL NEWS

The UN Security Council – of which the United Arab Emirates is currently a non-permanent member – has held its first discussion on artificial intelligence. Members of the council met with two experts to examine the potential risks and benefits of the technology and to discuss the need for countries to coordinate efforts to regulate the industry.

The experts attending were Jack Clark, Co-Founder of AI company Anthropic and Zeng Yo, Co-Director of the China-UK Research Center for AI Ethics and Governance. Omran Sharaf, Assistant Minister for Advanced Science and Technology at the UAE Ministry of Foreign Affairs who attended the meeting said: “It is time to be optimistic realists when it comes to AI, not just for assessing the threats this technology poses to international peace, world stability, and security, but to harness the opportunities it offers.”

He also stressed the importance of establishing some commonly-agreed upon rules to help manage the impact the tech could have.

Qatar: fastest growth in cybersecurity spending

REGIONAL NEWS

According to the Investment Promotion Agency Qatar (IPA Qatar), Qatar “has the fastest growth” in cybersecurity spending in the Middle East region. In a joint report with Microsoft and EY-Parthenon, it predicted the country would see a 12.7% increase in spending – from $1.01bn in 2022 to exceeding $1.64bn in 2026.

The report stated: “Qatar is witnessing a rapid increase in digital transformation through strategic partnerships across several sectors, including energy, financial services, tourism, and health, among others, like the collaboration between

Tawteen and Microsoft to accelerate digital transformation in the energy sector and the digitalisation of financial services supported by the Qatar Central Bank, Qatar Financial Centre, and Qatar FinTech Hub. Qatar has also successfully delivered a digitally secure FIFA World Cup in 2022 under the Supreme Committee for Delivery & Legacy’s Cybersecurity Framework.”

The report also highlighted four promising trends which it believes will help shape Qatar’s cybersecurity market: crosssectoral digital transformation; a promising age of digital government services; cloudfirst economy; and emerging technologies and growing youth.

Japan aims to stop crime before it happens

INTERNATIONAL NEWS

Japanese police are to trial a network of artificial intelligence-enhanced security cameras that could capture criminals before a crime has even been committed. The pre-crime monitoring tests will focus on machine-learning pattern recognition of three different types: behaviour detection for suspicious activity; object

In Brief

KUWAIT

As of 16 July, more than 750,000 people have registered their fingerprints with the Ministry of Interior. It is also rolling out additional biometric enrolment machines in commercial venues to help capture more fingerprints.

QATAR

Qatar has retained its top place in the Global Peace Index for the MENA region and climbed to 21st globally – up from 29th the previous year. National strategies, low crime rates and a successful FIFA World Cup 2022 helped secure its reputation for security and safety.

OMAN

As part of its Oman Vision 2040, Oman plans to develop a multi-purpose port in the Wilayat of Masirah. It will serve fisheries, tourism and transport sectors as well as having facilities for security services.

detection for guns and other weapons; and intrusion detection for protecting restricted areas.

The technology is expected to be deployed before March 2024. Initially implemented as a test, the technology will aim to observe patterns of behaviour to predict crime, though there are concerns that it may introduce hidden algorithmic biases into police work.

Security Middle East Conference to return in 2024

REGIONAL NEWS

After being declared a resounding success at its launch event, the Security Middle East Conference is set to return to the security event arena next year. The first-ever conference was held in Riyadh in May this

year and brought together hundreds of toplevel security professionals with a line-up of industry experts and security influencers who shared best practice examples, advice and case studies. We’ll be bringing you more details of next year’s Security Middle East Conference in the forthcoming issue.

BAHRAIN

Credimax has renewed a partnership with Mastercard that will see it drive digital innovation in Bahrain. As well as allowing multiple payment options it also delivers enhanced security.

KUWAIT

Kuwait is setting a precedent for cryptocurrency regulation, after it implemented a strict crypto ban. Kuwait’s Capital Markets Authority (CMA) has enforced an “absolute prohibition” on significant cryptocurrency transactions.

SAUDI ARABIA

Saudi Arabia has provided a voluntary contribution of US$1.1m to the Interpol Capabilities for Operational Relevance (I-CORE) program. The program aims to use the capabilities of technology to serve the front lines at border crossings globally.

Egress first cloud email security platform to apply adaptive security model

Egress has become the first cloud security platform to offer customers automated and tailored protection with its adaptive security model. The company will provide proactive and automated protection against inbound and outbound email threats. It will continually assess risk and automatically adjust enforcement to provide dynamic protection and response. The benefits of this approach include:

n Unparalleled inbound and outbound email security: Egress’ innovation will empower organisations to automatically adjust their email security controls in the areas that need it most.

n Increased speed to response: The dialling up or down of enforcement will occur instantaneously as an individual’s risk score rises or falls below their organisation’s threshold.

n Automation that eliminates administrative management: Correlating and analysing data in real-time provides aggregated risk scores specific to each individual. Using this intelligence, tailored security controls are automatically applied, resulting in no administrative overhead.

n Data-driven intelligence provides enhanced, accurate visibility into threat trends: Using multiple data sources unlocks a new, more accurate way to assess and manage human risk. Risk trends, threat intelligence, and actionable insights will be surfaced via the Egress Security Center, including recommendations for managing human risk within an organisation’s wider security ecosystem.

Tenable named Security Partner of the Year

Tenable has received the 2023 Global Security Partner of the Year award from Cohesity, which was presented at Cohesity’s Global Partner Summit in May. The integration between the two companies means customers are able to recover with confidence. Cohesity CyberScan, powered by Tenable, makes it easy to assess the risk of backup environments and meet stringent security and compliance requirements.

“As a 100% partner-focused company,

Cohesity believes our partners are instrumental in serving and growing our joint customers,” said Kit Beall, Chief Revenue Officer, Cohesity. “We would like to recognise our valued partners who have provided exceptional contributions to the Cohesity ecosystem, and most importantly enabled our mutual customers to achieve their business goals with Cohesity’s nextgeneration data security and management solutions in 2022.”

www.tenable.com

n Improve security awareness through real-time nudges: Once a threat has been neutralised by the platform, Egress also uses a combination of dynamic colourcoded banners and configurable prompts to help educate and train employees. As part of the adaptive security implementation, these real-time nudges are automatically tailored to each individual based on level of risk at that moment in time.

www.egress.com

OryxLabs takes gold

United Arab Emirates’ OryxLabs has been named the 2023 Gold Award Winner at The Global Cybersecurity Excellence Awards. The company’s DNS Firewall and Discovery also took gold awards for best products in separate categories. CEO Sumit Dhar said: “We are committed to creating scalable, innovative, and sophisticated cybersecurity solutions that address our clients’ complex challenges while delivering significant business value.”

www.oryxlabs.com

Axis Communications releases two new panoramic cameras

Axis Communications has announced two new ultra-compact panoramic cameras that have been designed for high quality indoor surveillance needs. They deliver 360° or 180° views at up to 30 fps. The AXIS M4327-P Panoramic Camera offers a 6 MP lens, whereas AXIS M4328-P has a 12 MP lens. Each new camera includes a deep learning processing unit to support improved processing and storage capabilities, allowing the collection and analysis of more data than before.

www.axis.com

Kissflow launches governance layer

Low-code platform provider Kissflow, has introduced a new governance layer to its platform, empowering enterprise IT teams with citizen development visibility, privacy and security. It provides a ‘digital footprint’ of all user activity within the platform, giving visibility into different processes and apps that are created by users.

“IT Governance is critical for enterprise operational transformation, but it doesn’t have to be complicated and add more workload for IT teams. We believe in the power of simple and our low-code platform is the simplest platform for business users to create applications in the market. Kissflow’s governance layer offers IT teams a centralised dashboard, providing detailed reports that allow them to effectively monitor and exercise control over how end users utilise the platform,” said Dinesh Varadharajan, CPO, Kissflow (pictured). www.kissflow.com

Perle Systems launches Native OCI Container Support in IRG Cellular Routers

Global manufacturer of secure device networking hardware, Perle Systems, has launched Native OCI Container Support, enabling customers to optimise edge computing processing capabilities by deploying lightweight applications that are tailored to suit evolving use cases.

“Perle has always been committed to providing our customers with the most advanced tools to enhance their network and IoT infrastructure,” said John Feeney, COO of Perle Systems. “Our native support for OCI Containers enhances edge computing capabilities, enabling users to run applications closer to the source, resulting in improved performance, scalability and security.”

Perle’s OCI Container support is included with the purchase of an IRG Router. Users can fully access the feature without purchasing a license or subscribing to an annual cloud-based service plan. www.perle.com

Fortinet security benefits

Fortinet has unveiled the results of an independent analysis of the cost savings and business benefits of deploying FortiGate Next-Generation firewalls and FortiGuard AI-Powered Security Services. It found a 318% return on investment over three years, payback in six months and more than $8 million in net benefits. John Maddison, CMO and EVP, Product Strategy, said: “We believe the new Forrester Total Economic Impact™ study highlights what customers have said for years: The powerful combination of FortiGate NGFWs and FortiGuard AI-Powered Security Services not only strengthens security across the entire enterprise but also delivers incredible return on investment.” www.fortinet.com

Seed Group partners with Resecurity

Seed group has announced a strategic partnership with cybersecurity company Resecurity. UAE-based Seed Group is hoping to reshape the cybersecurity landscape in the Middle East, and empower “organisations with advanced tools and techniques to proactively combat emerging threats.” It will also help US-based Resecurity to expand its presence in the region. www.seedgroup.com

The future of AI and remote solar monitoring

Artificial intelligence (AI) has undoubtedly become the most prevalent term in recent years, closely followed by video analytics. These concepts have increasingly integrated into our everyday lives, shaping our interactions with technology and enhancing various aspects of our routines.

Imagine comparing a boiling kettle that automatically turns off when the correct temperature is reached to intelligence like AI. While the kettle cannot be considered AI, it demonstrates some ‘smart’ capabilities.

It can identify when the desired temperature is reached and autonomously

disconnect power to the heating element using pre-set parameters. This simple, yet effective, task allows you to continue your day while being assured that the kettle will turn off automatically once the water has boiled, freeing you from constant monitoring.

Innovative solutions

This practical philosophy aligns with the principles we incorporate into our technology, such as ICU Solarcam and AIVI. These innovative solutions leverage AI and video analytics to streamline processes and

enhance efficiency. Just like the kettle, but much more advanced, they use intelligent algorithms to analyse data, identify specific parameters and autonomously execute appropriate actions. This enables you to focus on other important tasks, knowing that these advanced systems are intelligently managing the processes they are designed for.

Our ICU platform incorporates the power of our software and hardware, OneTouch and our Smart CamBoard on edge, to efficiently oversee and manage numerous remote CCTV systems, ranging

When it comes to the future of artificial intelligence and its use in remote solar monitoring, there are three key things you must consider, according to Mr Bulent Boyaci, Technical Director at ICU Solarcam Australia, which has recently joined Ai Group

from hundreds to potentially thousands in number. OneTouch operates as an evervigilant guardian, continuously monitoring the operational health of these systems. It considers various factors, such as power usage and data consumption projections for the upcoming days, while drawing insightful comparisons with historical data.

The realm of remote video monitoring and analytics presents us with formidable challenges that extend beyond the simplicity of placing a camera on a pole with a solar panel and battery. While this basic setup may su ce for a single system, the complexity multiplies when dealing with hundreds of installations. Questions arise: How can we ensure the continuous functionality of all these systems? How do we e ciently handle the influx of data from multiple sources?

Three vital questions that demand your attention

Is your remote CCTV system operational?

Monitoring activity in remote areas through CCTV may initially seem straightforward. However, the true challenge arises when you consider how to ensure its continuous functionality without constant monitoring.

Can the system autonomously monitor and repair itself or request service proactively?

The e cacy of any remote CCTV solution lies in its ability to self-monitor and even address potential issues without human intervention. Is your system equipped to autonomously identify problems and attempt repairs before they escalate to critical levels?

How will you e ectively monitor multiple deployed systems, including video alert data?

Deploying several CCTV systems further intensi es the need for robust monitoring. It's about ensuring their operation and

managing the influx of data from video alerts. Failure to stay on top of this vital information can render even the most advanced technology useless.

Helping hand

OneTouch rises to the occasion, skilfully managing multiple tasks to ensure optimal system performance at all times. Acting as a proactive safeguard, it promptly raises an early warning if any irregularities are detected. In the event of an issue, OneTouch endeavours to automatically rectify the problem, bringing the system back online. If, by rare chance, the self-repair proves unsuccessful, OneTouch immediately dispatches an early alert, empowering the appropriate course of action to be taken.

Our ingeniously cra ed system o ers an array of remarkable advantages that go beyond mere functionality. Among these bene ts lies the simplicity of detecting even subtle occurrences, such as a leaning pole or obstruction of a solar panel, leading to reduced charging capacity and importantly, battery management. Our system's capabilities are further enhanced through sophisticated video analytics.

The pressing question arises now: Is your system operating flawlessly? Ensuring the continuous functionality of your surveillance setup is paramount to fully harnessing the power of video analytics. By verifying the optimal performance of your CCTV system, you unlock a world of invaluable insights and security-enhancing features.

Reimagining technology

These same principles also lie with our AIVI platform by taking complex tasks and simplifying them.

We recognise a limitation in current technology: the need for human eyes to continuously monitor cameras a er an event has occurred. To overcome this, we have completely reimagined the technology to see through the chaos and proactively

identify undesirable events before they escalate. Our next-gen business process monitoring, powered by AIVI and deep machine learning, allows you to concentrate your attention where it is most crucial. With our innovative approach, you can stay ahead of potential issues and prioritise your focus where it truly matters.

Custom-designed visual AIVI solutions

Traditional rules-based monitoring systems may su ce if the world always adheres to predictable patterns. However, the reality is that the world is inherently unpredictable. Ai Group stands apart from any other solution in this regard. Rather than being constrained by a xed set of scenarios, Ai Group empowers you to de ne an unlimited number of process rules and analyse what is considered ‘normal’ within your unique business environment.

At Ai Group, we aim not to replace humans but to empower them. We understand and appreciate humans' unique strengths and limitations and design our systems accordingly. Through tailored and client-speci c focus priorities, we create distinct AI algorithms that excel at detecting and alerting events that might otherwise go unnoticed. Each system is meticulously built from scratch to meet our client's speci c speci cations and requirements, making them worldleading solutions that deliver visual AI excellence directly to you.

Our technology has evolved by necessity as our needs change. Our team of experts has real-life global experiences. It has come together over the past 13 years and has deployed thousands of solar power systems across Australia and a vast array of users from government to private constructions. We have a long proven track record and are recognised as innovators in our eld.

Consider what you are risking when choosing the right system for your project.

“By verifying the optimal performance of your CCTV system, you unlock a world of invaluable insights and security-enhancing features”

COMMAND & CONTROL SOLUTIONS: THE SECRET TO UNLOCKING THE FUTURE POTENTIAL OF SMART CITIES

How MVP Tech’s real-time C&C offerings empower smart cities to enhance quality of life

What does every smart city in the region have in common?

How do big cities like Dubai, Abu Dhabi and Riyadh help their citizens feel safe, enjoy good health and stress-free commutes, and live in a clean, sustainable environment?

The answer: TECHNOLOGY

Every smart city in the world implements the latest technologies to deliver a better quality of life to citizens. And at the heart of every city’s technology-led transformation is a robust command-and-control (C&C) solution.

MVP Tech- Convergint Middle East is a pioneer in technologies and high-end C&C systems for smart cities. Our fully customizable C&C solutions empower cities to leverage the power of technology in order to transform the lives of citizens in tangible ways.

Why Smart Cities Need MVP Tech’s C&C Solution

MVP Tech – Convergint ME has crafted transformative technology and Security solutions including C&C systems for numerous smart cities, including the iconic Dubai Smart City project. As part of this initiative, we designed and deployed robust systems that transformed Dubai into an exceptional smart city that’s on par with the best global smart cities. We also successfully addressed Dubai’s most pressing concern: to integrate multiple systems and enable seamless connectivity to a C&C centres for law enforcement, security, and traffic management purposes. Any smart city can benefit from our customized C&C offerings and take advantage of seamless information-collection and sharing across various tools and stakeholders. Our platform

enables authorities to implement seamless connectivity between city systems and leverage intelligent automation to monitor functions, optimize infrastructure, and inform civic decision-making – all of which improves urban quality of life and makes a city truly “smart”. The Dubai project validates our approach and gives us the confidence to keep leading the way with smart city solutions.

MVP Tech - Convergint Middle East Brings World-class Expertise for Smart Cities

Our team brings progressive tech expertise in physical security, IT Infrastructure, software development, and AI software engineering, which uniquely positions us to build game-changing solutions for hyper-connected, technologydriven smart cities.

MVP Tech – Convergint ME team of Technical and Civil engineers, AV Solutions Specialists, AI Software Development, Data Scientists, and security/privacy experts work together to design tailored C&C systems that perfectly align with the specific needs and goals of authorities, city planners, and developers. The unified platform ensures the efficient integration of various components, such as sensors, IoT devices, emergency services, transportation systems, and energy grids, and improves the flow of information between various stakeholders. Better and more timely information means better communication at all times, and especially during emergencies or catastrophes. We also have an inhouse civil engineering team that understands the various challenges inherent in modern smart cities and builds turnkey solutions for the most multifaceted tech integrations.

Smart Cities are the Future. And MVP Tech’s C&C Solutions Make this Future Possible

A vital capability of our smart city C&C solution is real-time monitoring and control of critical city functions like traffic management, public safety and security, environmental monitoring, waste management, energy consumption monitoring, and emergency response. The centralized platform provides a single pane of glass view into all these vital functions plus visualization tools and dashboards, allowing city authorities to see what’s happening at any given time, allocate resources as required, and initiate appropriate responses that can mitigate problems.

The system collects vast amounts of real-time data from all integrated devices and uses advanced analytics and AI to process the data and generate useful insights. These insights enable city authorities to take data-driven decisions and improve outcomes related to traffic, transportation and mobility, health, waste management, and community engagement.

MVP Tech’s C&C system also helps to make cities smarter with the help of:

• Best-in-class security measures that prevent unauthorized parties from accessing sensitive information

• Real-time maps and predictions that help authorities to anticipate and head off issues early

• AI-based video analysis that reads data by detecting vehicular mobility, faces, and other movements and flows around the city

• Centralized interface that simplifies real-time monitoring, control, connectivity, and automation

More than 68% of the world’s population will live in urban areas by 2050. To accommodate these masses, cities must be more livable, responsive, sustainable, and safe. They must be smart. MVP Tech’s command-and-control system helps to build these smart cities. Our non-intrusive, user-friendly solution seamlessly integrates various technologies and systems, allowing smart cities to manage their operational needs, improve citizens’ quality of life, and create a more livable future. To know more, contact our experts.

For more information on our solutions and technologies, contact our experts by scanning this QR code

Harnessing physical security data to transform airport operations and passenger experience

Airports worldwide are in the midst of a significant transformation. A heavy focus on quality and passenger experience, the growing interconnection of airport systems, and a move to revenue diversification are driving change in processes and technology. According to the Centre for Aviation, there were 425 major construction projects at airports worldwide, with US $450 billion in investment at the start of 2023.

However, the forces driving modernisation can pose conflicting priorities, which are difficult for airports to reconcile:

n Focusing on upgrading passengerfacing systems can mean leaving backend systems behind, limiting potential operational improvements.

n Growing to meet future needs can mean increasing staff and costs that aren’t yet aligned with revenue.

n Reducing friction in the passenger experience is challenged by changing security regulations.

Overall, the expectations of key stakeholders, including airlines, passengers, workers, government and regulatory agencies, are often at cross purposes. As management consultancy Avasant notes in its report on the evolution of airports, advances in technology now “enable integration of informational, operational and customer integration in a way which was unthinkable even a decade ago.”

The key to unlocking this integration relies on the availability of adequate data. One area where modernising infrastructure can have a significant payoff is in unifying physical security systems on an open platform like Genetec™ Security Center, which integrates data from multiple airport systems. Doing so can help airports engage in long-term business transformation to address a changing security and privacy landscape. With a unified platform, they can improve

and automate operations, and evolve KPIs to bring them in line with increasingly complex planning – all of which can ultimately improve passenger experience.

Unifying security to improve efficiency

Securing an airport environment with thousands of cameras, sensors and devices across various locations is inherently challenging. This can be difficult if security operators are bouncing between systems and being flooded with disconnected alerts.

Unifying physical security systems involves shifting from siloed, standalone systems to an open platform that brings together an airport’s video management systems (VMS), access control systems (ACS), airside and perimeter intrusion detection systems, automatic license plate recognition (ALPR) and other functions in a single interface. Once unified, the system provides a complete picture of what’s happening across the entire connected environment at any

given moment, along with the tools to respond in real-time, all from one screen. An open, unified security platform can also leverage multiple intrusion detection technologies (radar, LiDar, fence intrusion detection, video analytics, drone detection, etc.) to detect potential threats across wide areas to strengthen tarmac, aircraft, passenger and staff security. When automatically tracked on geographical maps, moving targets can be intuitively displayed and validated against ADS-B position of aircraft so airport security personnel can assess and respond to threats more quickly and instantly recognise friendly aircrafts to reduce false alarms.

Improved, automated operations

Modern physical security systems are expected to improve an airport’s ability to protect passengers, staff and property. However, it’s their ability to go far beyond security while also improving operations and passenger experience that supports deeper transformation.

Managing passenger flow from curbside to airside

As passengers arrive at or depart from the airport, data and video analytics captured by ALPR systems can help maintain the flow of vehicles at entry and exit points by alerting personnel of emerging issues. By detecting stopped vehicles in prohibited areas or counting vehicles over a set time, personnel can be dispatched to address potential issues quickly. Staff can also use ALPR to see when parking lots are crowded so they can re-direct people to overflow areas by changing digital signage as soon as the need arises.

Once passengers arrive, video analytics from VMS systems can analyse how they flow through the airport. With siloed systems, airports lack situational awareness when queues build up, reducing their ability to efficiently coordinate and communicate with teams to manage the flow. With a unified security platform, data can be ingested from various sources – cameras, sensors, ACS, analytics applications and more –and visualised on a single dashboard, customised for the user. Thresholds can be easily set and changed to alert operators

when they’re reached, so they can take action and get back on track faster.

Additionally, monitoring the total number of travellers in a retail store, or restaurant, or tracking the length of lines makes it easy to identify when additional staff is needed to avoid prolonged delays and improve the passenger experience. Airports can also use ACS systems to help them understand how many people are in particular areas to better manage occupancy and comply with regulations.

Transforming airport-specific operations

When airports are able to centralise data with their physical security system data, they can improve procedures across the entire passenger and operational experience and address specific KPIs based on airport priorities.

Data from flight information systems (FIS), airport operations databases (AODB), visual docking guidance systems (VDGS), baggage handling systems (BHS), ADS-B and more, can all be integrated with an open, unified security platform to deliver real-life use cases like these:

n Using any boarding gate for domestic or international flights: to gain flexibility without causing secure zone breaches, an airport was able to combine an AODB and gate allocation system to ingest flight information into the Genetec Synergis™ ACS and Route Management features. This allows the operations team to better manage boarding routes and create paths for correct passenger flow.

n Securing video proof of docking time to support vendor billing: by integrating data from AVDGS and gate allocation systems into Security Center, an airport was able to automatically bookmark the timestamp of aircraft parking to provide proof of docking time. This eliminates any issues with billing vendors on aircraft parking time with video evidence.

n Identifying passengers of interest as they disembark: to enable quicker action when a flight lands with a passenger of interest on board, one airport integrated flight and gate information and video analytics into Genetec Security Center. This way, airport authorities are able to identify the flight and individual as they disembark.

Airports of the future

Airports have evolved into much more than stations to transport people from one place to another. They are vital economic generators providing gateways to their cities, states, regions, and countries. They must offer passengers a full experience that includes shopping, dining and entertainment, and their operations must run like clockwork.

The need to deliver frictionless experiences in a secure and safe environment is driving transformation. Integrating data from systems across the airport using a unified, open physical security platform can help enable this shift. Airports worldwide are witnessing how the modernisation of physical security infrastructure and the integration of data can translate into reduced passenger throughput times, increased staff productivity, reduction in taxi times and emissions, improved baggage processing times, increased retail, parking revenue and more.

www.genetec.com

SECURING SMART CITIES

A significant part of a smart city’s budget is taken up by security costs. Dr Ryad Soobhany, Associate Professor in the School of Mathematical and Computer Sciences, Heriot-Watt University Dubai, looks at the security risks of smart cities

According to analysis from Frost & Sullivan, technology spending related to smart cities will reach $327 billion by 2025 – and a significant part of that cost is related to the security of smart cities.

Smart cities rely on interconnected physical infrastructure and data-driven decision-making, which is achieved by a set of cyber-physical systems (CPS) –merging of operational technology (OT) and information technology (IT). The CPS manages devices and systems that collect and analyse data using ICT components – such as Internet of Things (IoT) devices, cloud computing, artificial intelligence (AI) and 5G.

The inherent interconnectedness of smart cities however, creates an expanded attack surface, which is more attractive for cyber threat actors to exploit vulnerabilities in the system.

Smart city cyber risks

The interconnectivity of CPS can lead to security issues, where for example

a cybercriminal gains access to an IoT network, through device hijacking, that is connected to the traffic management system (TMS) of the city. In this scenario the attacker can infiltrate the TMS and deregulate the smart traffic lights system or the variable speed limit system. The vast amount of sensitive data being generated, analysed, shared and stored provides challenges and concerns about the security and privacy of the data and how to protect the data in the data processing pipeline. Moreover, any successful attack can lead to disruption of governmental services, cause financial losses or expose citizen’s data (which can lead to erosion of trust in the system). Additionally, interference with physical infrastructure can endanger the physical wellbeing of people.

Man-in-the-middle (MITM) attacks can occur by breaching, spoofing or interrupting communication between CPS. Distributed Denial of Service (DDoS) attacks and Permanent Denial of Service

SMART CITY STATS

$2.46 TRILLION

According to Frost & Sullivan, the smart cities of the near future will generate business opportunities with a market value of $2.46 trillion by 2025.

20-25% GROWTH

Frost & Sullivan research suggests that growing demand for crowd management and monitoring in smart cities will see the crowd analytics market grow by 20-25% by 2030.

(PDoS) are on the rise and in the case of PDoS can lead to sensing devices (video camera, speed sensors) being damaged beyond repair, with a huge cost for service downtime and replacement. The storage of the acquired data from various IoT devices can be targeted by ransomware attacks that can encrypt the data and demand a ransom payment for the decryption of the data. This attack can disrupt critical infrastructure operations and endanger public health & safety, if CPS rely on the data to provide services.

Overcoming interoperability issues

Smart cities usually have a combination of state-of-the-art IoT sensors/ systems (albeit not designed to be security-oriented) and legacy systems. Interoperability issues between these systems will lead to an increase in the risk of cyberattacks. Another weakness is the integration of services with the need to reconcile various security protocols and develop new ones. The use of AI by bots to make independent decisions can lead to attacks that will lead to an external actor controlling the bots, without being detected by security professionals. Any attack that threatens the privacy and sensitive data of people will lead to a loss of trust by citizens and can lead to refusal to share data and ultimately rejection of smart cities.

Since smart cities are heavily interconnected and data-driven, it is critical to have robust security protocols, regular audits and a security-aware public. The traditional security triad of Confidentiality, Integrity and Availability are very much legitimate to describe the security risks to smart cities, where the confidentiality of data will enhance the trust by the public and availability of the system is crucial for real-time data sharing (e.g. street lighting, traffic control). From the perspective of OT security, the concept of resilience and safety are important, with more focus on the integrity and availability of the system. Transparency is essential to enhance public trust and support for smart cities, which can be achieved by allowing citizens to have access to their data and a clear explanation of how their data is being used.

THE SMART CITY ECOSYSTEM

THE CORE (cloud platform, IoT data platform)

The technology platform that processes data and generates business logic to make sense of the data flow from the edge.

THE COMMUNICATION LAYER (Bluetooth, NFC, LTE, WiFi Direct)

The communication channel establishes a two-way data exchange between the core and the edge to effortlessly integrate the ecosystem components.

THE EDGE (smartphones, sensors, actuators)

The devices, as well as IoT applications like smart lighting and rubbish collection. In short, the front end of the smart city.

The holistic approach

Due to the presence of different networks and sub-systems within the smart city, only a fragmented view of the security requirements can be accessible. Therefore, a holistic approach to cybersecurity of smart cities must be adopted, which can be achieved by designing and implementing security frameworks for smart cities that can provide an overall view of the cybersecurity needs of the smart city. Some components of such a security framework can be:

n Security policy: the smart city needs a robust security policy that will provide macro and micro security processes and procedures that administrators can use.

n Privacy-by-design: protect citizens’ privacy by anonymising personal data, restrict the collection of data, encrypt data and provide citizens control over their data.

n Access control system: enforce multifactor authentication on access to local and remote devices/systems. Provide devices/users the least security privilege they require to perform their functions. Create a tighter securityoriented network design with zero trust architecture that requires authentication

for each new connection. Secure backup data repositories.

n Keep all systems up to date with security patches and perform system updates on a regular basis. Implement tighter security protocols for unsecured IoT devices/systems.

n Security education: employees of smart cities should be educated and trained to be security aware around integrated and autonomous operations. Training should be updated regularly. The citizens should be educated about their privacy and sharing their personal details.

n Incident management: Develop incident response and recovery plans with clear responsibilities and roles so that the smart city is prepared to respond to cybersecurity incidents.

The implementation of secure smart cities requires different stakeholders, such as policymakers, regulators, software/hardware manufacturers/ vendors, to collaborate and work in partnership. The security of smart cities should be aligned to the cybersecurity strategy of the government while aligning with standardised security frameworks.

www.hw.ac.uk/dubai

Unified security, unlimited possibilities.

Securing your organization requires more than video surveillance. To be successful, you need access control, intercom, analytics, and other systems too. This is why our Security Center platform excels. It delivers a cohesive operating picture through modules that were built as one system. So, whether you’re securing an airport, a parking structure, a multi-site enterprise, public transit, or an entire city, you can access all the information you need in one place.

To learn about the benefits of unifying your security operations visit genetec.com

3 questions to ask to optimise your security system investment

Over the next six years, the need for video surveillance is anticipated to increase due to thriving infrastructure development brought about by initiatives like Saudi Vision 2030. While these bring growing investment to the commercial and retail sectors, the rapid pace of urbanisation and development in the Middle East region brings increased security concerns for organisations.

Spending money on a security system requires careful consideration, as you want it to last for years and provide significant cost savings in the long run. There are a few factors to consider so you can make an informed decision, with a long-term view in mind, that will help reduce the risk of unpleasant surprises or costs.

To ensure you make the most of your investment, here are three questions that will guide you in choosing the right security system for your organisation.

1 Why are you buying network cameras?

Before you begin comparing the prices and features of different network cameras,

ask yourself why you need them. It’s always best to start with the very basics like this. Clarify the purpose of the security system and what you want the network cameras to do. Do you need to prevent theft and fraud in a retail environment? Do you want to improve production in a factory? Are you trying to ensure employee and passenger safety on public transport? These are the kinds of questions to ask during this process. Understanding what you want the network cameras to accomplish is crucial to making an informed decision and ensuring you are set up to make the most of your investment. Clarity here is vital to figuring out if the network cameras on your shortlist can do what you need them to or provide the evidence you require.

2 How will your network camera choice affect the rest of the system?

The full picture of all costs – not just the devices themselves – is important to make the most of a security system investment. Once you have shortlisted

your network cameras, consider how your choice will affect the rest of the security system. Storage is a crucial factor in this calculation. While cheaper network cameras may seem appealing, their compression technology may compromise the quality of the footage.

On the other hand, more sophisticated network cameras may have a higher initial cost but come equipped with intelligent algorithms that require less storage space, resulting in cost savings in the long run. It’s also essential to consider installation and accessory costs when evaluating the network camera’s impact on the rest of the system.

3 What happens once the system is up and running?

Purchasing a security system is not just about the initial investment, but also the operational costs. You must consider the costs required to keep the system running. Think about the electricity usage, required maintenance, and system monitoring costs. Will your chosen network cameras consume too

Rudie Opperman, Engineering and Training Manager, EMEA at Axis Communications, looks at the vital questions that can ensure your security system investment is sound

much energy, increasing your electricity bill? Do they offer any smart functionality to reduce overall costs? Is the installed system safeguarded against cyberattacks? Does your vendor of choice have a robust cyber strategy?

Increased reliance on digital technology has made cyber threats more sophisticated. This means it is vital for your company to adapt and strengthen its cybersecurity landscape on an ongoing basis. It’s critical to find partners and vendors whose systems are not compromised.

All these factors can affect the total cost of ownership incurred throughout the security system’s lifecycle. The correct security system should ultimately improve your business’s bottom line. It’s important to quantify how the security system will impact your business so you can weigh those benefits against the total costs when making your decision. Thinking this through often involves collaboration across departments, ensuring the bigger picture of the system’s impact on the whole business is considered.

A final word

Choosing the right partner for your security system investment leads to long-term success. Investing in a security system is a significant decision, but asking these questions can help you make an informed choice. Understanding the purpose of the network cameras, considering their impact on the rest of the system, estimating the running costs, predicting the impact on your business, and making the best decision for your organisation can help you optimise your investment and achieve a better ROI in the long run.

The good news is you don’t need to figure this out alone. The process of asking these questions helps you identify which partners are invested in your organisation’s long-term success. The right partner will assist you in finding a system that works in your best interest, both in terms of the total cost of ownership and a system that meets your requirements to drive long-term value.

www.axis.com

“It’s important to quantify how the security system will impact your business so you can weigh those benefits against the total costs when making your decision”

Balancing user experience and security compliance at scale

Carrie Peter, Managing Director, Impression Signatures, looks at the challenges of scaling up the use of digital signatures and meeting security compliances

One of the key challenges in embracing a digital environment is balancing how users interact with technology and each other, while ensuring total compliance. In many instances, one side of the coin is often achieved in excellence, while the other is found to be lacking. Whether it’s a bad user experience or poor compliance, the consequences can be dire. Today, businesses must focus on balancing the coin to ensure both sides’ needs are met – empowering teams to operate at scale, while minimising risk.

When organisations get this right from the start, they are effectively minimising (if not eliminating) the chances of fraud, abuse and data security violations. When digitising from the first interaction with solutions like eSignatures, paper processes are transformed, users enjoy ease of use and risks are mitigated.

Digitising workflows

eSignatures (or digital signatures) allow processes that are usually paper-based to be digitised at the onset. When a document is generated, it goes through a signature workflow configuration, and is passed through conversion services while confirming identity authentication and securing consent. With a strong audit trail, and legally compliant document archiving solutions, these signatures are nonrepudiable with digital identity certainty underpinned by a private key.

As part of this process, a digital identity must first be created. Although this may involve complexity in the backend, the user experience around the creation of this identity is not. Customers should not feel the complexity of the business’ need for identity certainty. Very

simply, the creation of a digital identity includes verification, confirmation that the user is the correct signatory, a declaration of confidentiality, a request to confirm consent and, finally, the final document to be stored and wholly compliant. The process can be simple and seamless.

Boost user experience

The goal is to maximise the value of a single interaction. With eSignatures, single-touch interactions enable multiple digital processes without creating complexity. With one touch, eSignatures offer the power to identify authorised organisation representatives, supplying a document for signature in a secure viewer with total auditability, while driving data security. When the user agrees to sign electronically, with a sound digital identity, ID verification is proven and the document is returned, executed, and carries total compliance.

Adding to the ease of use, the right eSignature solution will offer advanced integrations, being embedded

and connected with subject matter experts. The solution must integrate with: the Microsoft ecosystem; process management tools like Sybrin Onboarding, AppWorks, Oracle, Salesforce, SAP, XDS, and Striata; document management systems like Sybrin Nitro, OpenText, OnBase, and DocFusion – to name a few.

The legal obligation is compliance. When it comes to eSignatures, this is achieved through consent and agreement. Compliance and trust require that all parties are identified. The practical obligation is delivering a user experience that fosters adoption and drives efficiency. When this balance is achieved, businesses will experience a marked return on digitisation, achieving improved process and regulatory compliance, time savings through efficiencies, reduced costs, rapid implementation, and phased embedding into their own infrastructure and environment.

www.impression-signatures.com

ACCESS + POWER SIMPLIFIED.

Altronix Trove™ access and power integration solutions easily combine Altronix power distribution with the leading access brands to streamline system design and deployment. Simplify board layout and wire management, while reducing installation and labor cost- increasing profits and ROI.

®

YOUR LEADER IN ACCESS & POWER INTEGRATION

TROUBLE AHEAD FOR TRANSPORT

Jon Hill, Account Executive, Transport & Public Safety at Genetec looks at how we should be taking a proactive approach to safeguarding both cyber and physical security for transport

The transport industry has a difficult history of cyberattacks. When NotPetya was unleashed in 2017, the malicious software wreaked havoc on critical infrastructures, including those of TNTExpress and the Maersk Group. The Maersk Group alone suffered immense financial losses, estimated to be between US$200300 million. Container terminals came to a grinding halt, causing significant disruption to global supply chains.

Worryingly, all the signs point to similar trouble ahead.

ENISA, the European Union Agency for Cybersecurity, recently conducted its first analysis of the cyber threat landscape for the transport sector. It reports ransomware attacks are steadily increasing and have become the prominent threat to the sector. It also observes that those responsible are increasingly acting not just for monetary gain. State-sponsored actors, cybercriminals and politically motivated ‘hacktivists’ activity are all behind ransomware and DDoS attacks geared towards disrupting operations.

Airports, railways and transport authorities are the main targets for DDoS attacks, with aviation also at particular risk of attacks targeting passenger information and the proprietary information of OEMs. Its findings are very pertinent to the Middle East which has experienced state-sponsored cyberattacks on critical infrastructure such as utilities, oil and gas, and transport hubs.

A proactive stance is needed

The legacy of high-profile incidents, and the expansion of attack surfaces in the transport sector, highlights the critical importance of taking a proactive stance in collectively safeguarding cyber and physical security. In today’s rapidly evolving threat landscape the two cannot be separated. And waiting for attacks to occur before taking action is a recipe for failure. The transportation industry must recognise the need to be ahead of the curve, anticipating and mitigating potential risks before they materialise.

Airline, railway, maritime and logistics companies must make security a top priority. This entails the development and implementation of robust security measures across all aspects of operations. From the underlying IT infrastructure and network systems to passenger-facing applications and critical control systems, every element of the transportation ecosystem should be fortified against potential threats.

An overlooked avenue for cyber attack

When asked to consider vulnerabilities related to the improper management of physical security devices, most people understandably think about risks to people’s physical safety. For example, somebody being able to remotely stop the video feed from a camera, open or lock a door, or disrupt critical building

systems. These are certainly valid, but most cyberattacks are not intended to compromise the physical safety of people or property. Instead, these attacks target applications, files and data managed by IT. It is an open secret that hackers are successfully targeting video surveillance cameras and other IoT devices to launch cyberattacks. An attack that originates in a camera can find its way through the network to block access to critical applications, lock and hold files for ransom or steal the personal data of employees, students, program clients and residents.

For example, the Mirai botnet continues to disrupt systems and networks by attacking them through internet-connected devices, including cameras. To find vulnerable devices, the botnet had previously relied on trying to log in with factory-default usernames and passwords. This has now evolved to exploit unpatched vulnerabilities.

An analysis by Genetec concluded that too many security cameras offered this opening for attack. According to its study, nearly seven in 10 cameras had out-ofdate firmware.

This conclusion is gradually becoming realised within IT organisations because of two issues that have become clearer and more compelling. Firstly, the increasing crossover of network attacks from internet-connected security cameras and door controllers. These devices often

give attackers easy network entry and IT has limited visibility until after the fact. And secondly, the rising volume and disruption of cyberattacks inherently increases the risk level of any networkconnected device that is not adequately secured.

Cybersecurity risks in physical security systems

Many transportation companies still rely on outdated models of security cameras and door controllers, often delaying their replacement until absolutely necessary, or until the initial capital investment has been fully recovered. However, these older devices, particularly cameras, pose significant cyber risks due to their limited security capabilities. This concern has prompted many governments to plan for the upgrade of their fixed surveillance systems in the near future, recognising the need to mitigate potential vulnerabilities. Hackers are well aware that certain cameras are easy to compromise, serving as convenient entry points into connected networks.

Several factors contribute to the ease of breaching cameras:

n Outdated network design: Historically, the physical security industry did not prioritise cybersecurity, resulting in a lag in integrating advanced features and technologies. These devices were typically connected in closed network designs that did not account for the higher security demands of internet, WiFi, or cellular connections.

n Inadequate maintenance: Cybersecurity best practices, such as regularly changing passwords, are not always incorporated into physical security management. Many ageing physical security devices no longer receive firmware updates from manufacturers, leaving them susceptible to known vulnerabilities.

n Knowledge gap: The retirement or departure of employees responsible for installing and managing physical

security systems can create a knowledge gap regarding device configurations and maintenance.

n Vulnerable devices: Certain cameras manufactured by specific Chinese companies have been identified as posing a significant cyber risk. Governments worldwide are increasingly discouraging the use of products from these vendors, citing ethical concerns and potential trust and security vulnerabilities. In various countries, including the UK and North America, restrictions have been imposed on high-risk video surveillance equipment manufacturers due to questionable ethical practices and cybersecurity issues.

By proactively addressing these challenges and taking steps to identify and mitigate potential risks, transportation organisations can strengthen their cybersecurity posture and reduce the likelihood of successful cyberattacks. Upgrading outdated security devices, implementing robust maintenance practices and prioritising cybersecurity measures are critical to safeguarding the integrity and resilience of transportation systems.

Improving the cybersecurity of physical security

An integrated security team can produce an effective review of needed cybersecurity improvements across physical security devices and systems. This review should include several key areas of focus.

Improve security monitoring. Ensure all network-connected physical security devices are monitored and managed by the IT tools for network and security management. Also check for features in the video management system (VMS) and access control system (ACS) that provide alerts or data for use by IT’s network and security monitoring tools.

Strengthen protection measures. Look for ways to improve existing configurations and management practices for physical security devices, including:

n Using secure protocols for connecting the device to the agency network.

n Disabling access methods that support a low level of security protection.

n Verifying configurations of security features and alerts.

n Replacing defaults with new passwords that are changed on a regular and verified schedule.

Implement encryption. End-to-end encryption offers the most security to protect video streams and data as they travel from the physical security device to a management system for viewing. Also, ensure that encryption protects these files and data while in storage.

Enhance access defences. Strengthen the security of user and device access with a multilayer strategy that includes multifactor access authentication and defined user authorisations.

Improve update management. One management function that can be overlooked when teams are separate is installation of software updates and patches. When the teams are joined, define who has responsibility for maintaining awareness of when updates are available. Then, define who has responsibility for vetting, deploying and documenting updates on all eligible devices and systems.

The future of transport cybersecurity

The transport sector faces a persistent and growing risk of cyberattacks that can disrupt operations, compromise passenger safety and lead to substantial financial losses. A proactive approach, encompassing robust cybersecurity measures and comprehensive physical security strategies, is imperative to safeguard the transport industry against evolving threats. By prioritising cybersecurity, promoting collaboration and investing in employee education, transport organisations can fortify their defences and ensure the secure and efficient movement of people and goods. www.genetec.com

“The transport sector faces a persistent and growing risk of cyberattacks that can disrupt operations, compromise passenger safety and lead to substantial financial losses”

A room with a Vue.

IS A ROOM ON A MISSION.

Introducing the new Vue Consoles. Seeing consoles in a brand new light. Configurable. Connectable. Adjustable. Just plain more than able. And able to accommodate multi-operator solutions. Static or height adjustable. Horizontal / vertical adjustable monitor mounts offer complete ergonomic viewing. Or should we say Vue-ing? Because everything allowing a mission critical room to operate with 100% focus went into every design detail. This is productivity by design.

Begin the mission at winsted.com

winsted.com

Pure Cloud VSaaS: a path to digitalisation

V. Hrytsevich, CEO, 3dEYE Inc. explores the challenges faced by organisations with traditional on-premise or hardware-based video surveillance approaches and how Pure Cloud Video Surveillanceas-a-Service (VSaaS) architecture could address these challenges

Cloud computing has become a vital foundation for digital innovation, and Software-as-a-Service (SaaS) has become the preferred model for consuming services and information in the business world. Cloud platforms have enabled the development of new technologies in areas such as security, artificial intelligence (AI), digital infrastructure, intelligent transportation systems, data services and the Internet of Things (IoT).

Historically, organisations have used an on-premise approach to video surveillance that involves maintaining all necessary hardware, software and services locally.

This approach can be complex and time-consuming, requiring specialised technical skills and significant upfront

capital investment. The total cost of ownership of such an approach includes hardware maintenance and upgrades. Scalability is achieved by buying extra hardware, and often license upgrades or extra licensing is required. Software for a client to access such a video surveillance system is required for operators, managers and end-users. Redundancy and reliability require even more investment into hardware, networking, software and IT team resources to manage and maintain the system.

Cybersecurity and compliance are moved onto the customer’s shoulders, where the customer’s IT team is now responsible for hardening the network, regular updates of server software and operating systems, end-user client software, monitoring the network, and a multitude of other security-related tasks. To avoid critical loss of footage, duplication of storage and timely monitoring needs to be introduced. The IT team has to track hardware depreciation and change it in a timely fashion, which becomes very complex in case service uptime and video archiving cannot be interrupted. While small business customers, for the sake of lowering the total cost of ownership (TCO), can ignore security and continuity of video surveillance service, it’s usually not an option for medium, large businesses, or the public sector.

To address these challenges and leverage the benefits of fast-growing public cloud offerings, a new Cloud-based Video Surveillance-as-a-Service (VSaaS) model was introduced. The public cloud not only introduced scalable resources on demand but also allowed the outsourcing of the full

product ecosystem, including reliability, security, compliance, management and many other concerns. It’s no surprise that only three companies (AWS, Azure and Google) managed to deliver successful public cloud infrastructure. The remarkable growth of internet bandwidth throughput available to customers fueled the expansion of clouds.

It’s important to point out, however, that the VSaaS commercial delivery does not equate to a cloud-based solution architecture.

VSaaS involves the use of video surveillance equipment and technology as a subscription or consumptionbased service, with the service provider managing the systems and providing access to footage and other data over the internet. This can be a cost-effective and convenient solution for organisations that need to monitor their premises and protect their assets.

The commonly used categorisations of VSaaS systems are:

n Pure cloud (sometimes labeled as ‘hosted’ but that reference does not distinguish between a professional public cloud and a private cloud);

n Hybrid;

n Managed.

Pure cloud VSaaS means that video management, processing and analytics are done in public cloud with a direct camera-, NVR- (or other IoT device-) to -cloud connection without additional on-premise hardware such as bridges or servers. Edge backup is usually done by utilising a camera SD card or NVR to

“The public cloud not only introduced scalable resources on demand but also allowed the outsourcing of the full product ecosystem, including reliability, security, compliance, management and many other concerns”

synchronise the data with the cloud.

There is no software required on the client-side; management and monitoring are done through a web browser, with mobile apps targeting primarily the end-users.

The Pure Cloud minimises customer exposure to maintenance, allows easy adoption with existing or new installations, and provides the best TCO in comparison to other types of VSaaS architecture.

The Hybrid VSaaS (camera-to-bridge/ server-to-cloud) is a configuration where an NVR-like device or servers, usually named as bridges or connectors, are installed on-premise. Such devices connect to a cloud and send cameras’ video streams to the cloud, and cloud storage is provided. Centralised management is provided in the cloud web-based interface for such devices and cameras. Similar to an NVR, some video processing and analytics can be done on such a device.

The main benefit of such an approach is edge backup and the option to view camera streams utilising a local network connection, similar to the situation where monitors are connected to an NVR to view footage on-site. The cons of such an approach are almost the same as with classic VMS: initial hardware cost and licensing; a single point of failure of the bridge; and scalability limitations.

This model works well where there’s no need for rapid scaling, and the number of cameras per hardware piece deployed and its processing capacity is not important.

Managed VSaaS is an option to add offsite storage and remote management to an existing VMS (Video Management System).

A common trend now is for traditional

video management software providers to offer the remote managed service following the trend of cloud proliferation in the video surveillance industry. Such vendors connect clients remotely to cameras and local servers through one of the cloud providers, like AWS or MS Azure.

This model has the benefit of a mature VMS, but it also has all the issues of a classic VMS – high TCO; initial hardware cost and licensing; single point of failure unless you invest in more hardware and licenses; scalability limitations; and high network bandwidth requirements for viewers as the traffic is distributed from the local network to all viewers. All the positive cloud features which are commonplace nowadays – such as sharing, clients’ mobile apps and push notifications, public APIs and integrations, and many others – are limited and cumbersome to use.

Cloud infrastructure can furthermore be divided into private and public:

n Private cloud is a cloud infrastructure operated solely for a single organisation, whether managed internally or by a third party, and hosted either internally or externally. Every step in the private cloud project raises security issues that must be addressed to prevent serious vulnerabilities. Self-run data centres are generally capital-intensive. They have a significant physical footprint, requiring allocations of space, hardware and environmental controls. Furthermore, the computational power of a co-location or a number of data centres without the public cloud connection always bears a risk of lower redundancy, reliability, and opens the system to additional points

of cybersecurity failure. Such a solution has a lower cost for the VSaaS service provider, but ultimately, end-users bear the cost by committing to lower durability and higher risks.

n Public cloud providers like AWS offer several benefits compared to private clouds or colocation-hosted environments:

Scalability: Public cloud services are highly scalable, which means that users can easily increase or decrease their computing resources as needed. This is particularly beneficial for businesses that experience fluctuations in demand.

Cost-effectiveness: Public clouds typically operate on a pay-as-you-go model, which can be more cost-effective than investing in and maintaining your private cloud infrastructure.

Access to a wide range of services: Public cloud providers offer a wide range of services, such as storage, computing, and databases, that can be easily integrated and scaled as needed. This can save businesses time and resources when compared to building and maintaining these services in-house.

Automatic software updates: Public cloud providers are responsible for maintaining and updating the underlying infrastructure, which can save businesses from having to perform these tasks on their own.

Location Independence: Cloud providers like AWS have multiple data centres across the world. This allows businesses to easily operate globally and access data and services from anywhere.

www.3deye.me

“A common trend now is for traditional video management software providers to offer the remote managed service following the trend of cloud proliferation in the video surveillance industry”

Integration made simple, however complex

Maxxess

The human element

With almost 88% of data breaches being caused by an employee mistake, a strong human risk management programme with regular employee training and cybersecurity awareness is critical, says Carey

Ask any cybersecurity specialist about their biggest network safety concern, and it’s likely that they’ll answer: the human element. No matter how resilient or intelligent the cybersecurity solution, it can only be as effective as its weakest link, and people are always a risk. Whether it’s recycling passwords, a company laptop being stolen or lost with confidential client information, or intentionally overriding company security policies – humans are the biggest threat in the cybersecurity space. Chief Security Officers, CIOs and individuals in similar positions of responsibility spend a lot of their time worrying not about technology, but about people.

Humans make mistakes. These mistakes range from failure to properly delete data from devices to preventable errors like clicking on links in phishing emails, to misconfigured network devices and servers. Humans are also capable of negligence, unfortunately. Data leaks that arise because of human error, such as failure to update security patches or correctly configure servers with known vulnerabilities, are on the rise and now occur almost as frequently as direct security attacks. Then there’s insider threats, which are unimaginably difficult to detect. From malicious employees, or an employee whose credentials have been compromised, all of these vulnerabilities share a common root: humans.

Managing human risk from the inside

An effective programme for managing human risk involves several key components. These include providing regular training and increasing employee awareness, establishing clear policies and procedures, maintaining efficient communication channels, developing plans to respond to security incidents,

and conducting regular security assessments to identify and minimise potential risks.

Other necessary steps include implementing robust access controls, monitoring network activity, reviewing and updating security policies while fostering a culture that prioritises security. Cybersecurity awareness and training work hand-in-hand to address the human element of risk in a number of ways:

n Prevention of human error: Awareness and training can help employees understand their role in maintaining security integrity and avoid common mistakes that can lead to breaches. For example, they can learn how to create strong passwords, how to identify phishing emails and how to properly handle sensitive data.

n Early detection: Cybersecurity awareness and training can teach employees how to recognise and report suspicious activity. This can help identify security incidents early, allowing for a quicker response and minimising the impact of an attack.

n Improved incident response: Employees who have received cybersecurity training are more likely to know how to respond to security incidents by following established procedures and protocols to minimise the damage caused by an attack.

n Creating a culture of security: Cybersecurity awareness and training can help create a culture of security within the enterprise. When employees understand the importance of security and their role in maintaining it, they are more likely to take it seriously and make it a priority.

Focusing on managing human risk and security training requires strong leadership from within. Leadership

commitment is a key ingredient in achieving the organisational momentum needed to create an ongoing culture of learning and growth. With executive buyin, sustained investment is possible in the necessary training and development resources such as courses, workshops and mentorship programmes.

Balancing security training and production

With the increasing tech talent shortage in the Middle East, CIOs are scrambling to ensure that employees brush up on skills and technologies that facilitate business agility and resilience, with cybersecurity knowledge topping the list, despite competing priorities.

Training and upskilling needs to be a deliberate exercise, but small teams are often vulnerable to the delivery pressure created by the current needs of the business. This means that critical training (such as cybersecurity training) takes second place behind current projects, which results in a short-term productivity gain at the expense of long-term skills progress. Creating a balance of short-term project delivery and upskilling/training as outputs to current projects is essential.

Constant vigilance and continuous learning

By providing regular cybersecurity training and increasing employee awareness, organisations can prevent human errors, detect incidents early, improve incident response and create a deep culture of security. As cyber threats increase in complexity and frequency, investing in security skills training is a critical step towards ensuring the protection of people, assets and data from threats, both internal and external. www.eset.com

“With the increasing tech talent shortage in the Middle East, CIOs are scrambling to ensure that employees brush up on skills and technologies that facilitate business agility and resilience”

PREPARE FOR EVERYTHING TO FAIL

Ransomware attacks continue to grow in frequency. As well as being more common, ransomware is also getting more potent.

According to Veeam’s 2023 Ransomware Trends Report, 21% of companies paid the ransom but could not recover their data. The threat landscape is as volatile as it has ever been. There are more attacks taking place. They are more diverse. And they can have grave consequences for the companies they affect.

On the other hand, rather than tremble with fear at the awesome power of the cyber attacks waiting to be deployed against them, organisations must focus on what they can control – their defence. Protecting your business against cyber attacks requires following some fundamental and consistent principles –no matter what is being thrown at you.

The ransomware wild west

There is a lawless and brutal feeling about the current cyber landscape businesses operate in. It is difficult for governments to hold cybercriminals to account and businesses are often keen to minimise public attention towards an incident that has compromised them. This contributes to a situation where almost all the focus is on the victim (the business) rather than the criminal (the attacker).

Furthermore, ransomware – and most contemporary cybercrime – is almost indiscriminatory in terms of those who suffer. The fact is that every business is a target. Yes, hacktivist organisations such as Anonymous use organised cyber attacks as a means of exercising social justice and to call out businesses or governments they view as immoral, unlawful, or dangerous. But even the most philanthropic and virtuous companies can find themselves begging a cybercriminal gang to restore their data and systems while a hefty ransom is demanded of them to do so.

You often see a comparison made between cyber attacks and fishing.

Hence the term ‘phishing’ which refers to an email or text being used as bait to trick a victim into ‘biting’ – in this case clicking on the link and unwittingly downloading malware onto their device. With ransomware especially we are now seeing industrial-scale attacks being carried out which are more analogous to trawler fishing. This isn’t one guy with a rod casting out to get a bite off one or two fish. It’s AI-infused algorithms programmed to target everyone and everything – playing a blind numbers game to catch whatever it can.

This indiscriminate nature is compounded by the fact cyber attacks are generally difficult to contain. For example, cyber warfare between nation states is a threat to every organisation – not just those deemed to be in the firing line. We saw this with the NotPetya attack in 2017 – an attack on a specific utility company – which impacted multiple unrelated organisations through an entirely organic spread of the chaos. Attack types also continue to evolve. For example, the LokiLocker attack was one of the first reported strains of ransomware to include a disk wiper functionality. This means organisations are not only held to ransom by having services suspended and threats of data extortion. Now they are being threatened with losing vast swathes of data completely if they do not pay up.

Consistent principles of defence

There is some good news for businesses. No matter how scalable, spreadable, or malicious an attack is, these various evolutions can be viewed as attackers simply using bigger guns and more of them. The fundamental principles of how you prepare your defences against even the most sophisticated and powerful ransomware stay relatively the same.

First, practise impeccable digital hygiene. All employees must be trained to identify suspicious content and be warned

of the impact that malpractice using work devices can lead to. For all the might at the hands of cybercriminals, in many ways their biggest weapons are unsuspecting employees who give them the keys to the back door of an enterprise network. Given the scattergun approach now adopted by many cyber attacks, criminals are not necessarily targeting your organisation specifically. But if you prove to be an easy hit, you’ll become a victim.

With that said, all businesses must prepare for their defences to fail – no matter how robust you might think they are. Concepts such as zero trust and deploying techniques such as two-factor authentication can be useful for restricting the access an attacker has to data by taking over one individual’s workstation. Ultimately, the best way to protect data is to ensure that it has been securely backed up and is fully recoverable before an incident takes place. Follow the 3-2-1-1-0 backup rule, which states there should always be at least three copies of data, on at least two different types of media, at least one off-site and one immutable or offline, with zero unverified backups or errors.

While the headlines and constant discussion around cybersecurity and ransomware can be daunting, it’s important to remember that the fundamental actions required to protect data remain the same. Data protection and ransomware recovery strategies ensure businesses can protect all data from cyber attacks, server outages, accidental loss and deletion across physical, virtual, cloud, SaaS, and Kubernetes environments. Investing in a data protection strategy and taking advantage of a solution that enables continuous backup and Disaster Recovery (DR) can give businesses peace of mind that should the worst happen, they never need to pay the ransom.

www.veeam.com

According to Rick Vanover, Senior Director, Product Strategy, Veeam, ransomware is indiscriminatory and organisations must be prepared for the fallout

In the cloud neighbourhood, do you know who has access to your new house?

Are you prepared for managing multiple identities in the cloud? Morey Haber, Chief Security Officer, BeyondTrust, looks at how to stay safe in the cloud

For many Middle East enterprises, the cloud is the new neighbourhood for business, commerce and socialisation. Advertised as up-and-coming, it has become the prowling ground of conartists and hoodlums. One report from Proofpoint Inc. looking at the United Arab Emirates (UAE) suggests as many as 86% of the nation’s companies experienced a successful cyberattack in 2022, with 44% leading directly to financial losses. And cloud-powered remote work was cited as a major cause. Cyber criminals are now targeting people and businesses and the cloud has become their favourite crimeinfested neighbourhood.

The complicated cloud

These spates of cyber trespassing, property damage, burglary, and extortion call for swift action. The management of

digital assets and identities in the cloud have become fundamental cybersecurity best practices that need to be prioritised for management. Indeed, wherever technology resides – on premises, in the cloud or in a hybrid environment –organisations must understand their information ecosystem and document workflows that are critical to the business. You may have read many security advisories that put visibility front and centre. Having a comprehensive register of assets may appear to be obvious, but some line-of-business executives leap to the conclusion that they have such a register simply because since it existed on premise, it also exists in the cloud.

The cloud however is more complicated and such an assumption is often flawed. The personal devices of WfH (Work from Home) employees may slip under the

radar, as may the shadow IT installed on them for even basic functions like printing a piece of paper. And, because of the way cloud ecosystems work, there may be accounts and digital assets owned by the enterprise of which its own IT staff is unaware; especially in the cloud. And then there are the assets not owned by the enterprise that are nonetheless part of its technology neighbourhood like an end user’s mobile phone. To fully manage risk, SecOps teams need a way of tracking them for vulnerabilities, patch statuses, configuration errors and privileged access dependencies.

Friend or foe?

What is needed is a focus on identity and not just the assets in the cloud. This may sound counterintuitive but it is the identities in a business that will reveal

“No threat actor will pass up the opportunity to forgo jimmying a rear window in favour of waltzing through the front door if they have a copy of your keys”

the assets they utilise versus just trying to discover assets using traditional discovery tools. Cloud Security Asset Management (CSAM) tackles modern cloud attack vectors by doing just that. It takes a long, hard look at the privileged accounts used by an organisation for core business purposes to discover which assets are being utilised by the business. This analysis is then linked to assets to help foresee an attack chain that starts with a compromised account and continues with lateral movement via any account present on that asset.

You may have heard that hacking is ‘so last decade’. Credential and identity theft is the new fashion. Forrester estimates as many as 80% of incidents start with the appropriation of privileged accounts. As the region continues to consider 5G use cases, IoT use will surge from vending machines to home cameras and security systems. And in the many manufacturing pushes we are now seeing in regional economies, OT will increasingly merge with IT and leverage this same technology. Nonhuman accounts are therefore targets for cybergangs since these new IoT devices will need to operate with human owners. We are living in a perimeter-less world, where every organisation’s IT estate is, to some extent, an open house. Zero-trust principles have emerged from this reality as a potential solution and to date, the best model we have to really mitigate these risks. Security professionals know that one compromised account allows a threat actor to browse and steal sensitive information, reconfigure systems, compromise resources, drop all kinds of nefarious payloads, and even override

policies. If the stolen credentials come with high enough privileges, the threat actor can even erase all signs of their presence and delete an entire digital presence. For a business, this could be devastating and a game-over event.

So given the popularity of identity theft and account stealing and its potential for damage as well as the surge in the number of accounts (every cloud asset needs at least one privileged account at some point in its lifecycle), we should examine what options the modern SOC has in effectively managing its organisation’s identity ecosystem. How can they bring the unseen accounts to light? How can they undertake effective asset management for identities and their associated accounts?

Neighbourhood watch

A good starting point is to recognise that accounts and identities are separate but that their relationship is critical. Identities to accounts have a one-to-many relationship for humans and one-toone relationship for machine accounts where the identity is represented as an owner. Whether we are dealing with human or machine identities, we must then determine what access they have if we are to determine the risk of lateral movement between their assigned accounts. Tying identities and accounts to directory services such as Microsoft’s Azure AD is a critical step in forming a nuanced understanding of the lifecycle of the identity. Organisations must ensure full governance of the joining, moving and leaving processes of employees and ultimately this will reveal the assets they interact with for CSAM.

In depth, any process of asset discovery – whether manual or, preferably, automated – should identify any local accounts embedded in cloud assets as well as any identities that manage the services and cloud infrastructure itself. This extends to SaaS applications which presents its own challenges. All permissions should be catalogued and assessed for risk. And the highest-level accounts, such as root or administrator, should be uniquely identified in the cloud for their risk and placed under formal privileged access management with asset references.

Any house move comes with a dose of the unknowns in a new neighbourhood. While new neighbourhoods can be exciting and offer opportunities for growth and fresh experiences, we should not forget to be wary of the risks involved from crime and even environmental risks. We need to ensure the street lighting is up to code and we need to know who has copies of the door keys. We need to know what to do in case of a fire, flood or earthquake. Cloud-based asset management, including robust oversight of cloud identities and accounts, can help mitigate the risk of cloud-based attack vectors. No threat actor will pass up the opportunity to forgo jimmying a rear window in favour of waltzing through the front door if they have a copy of your keys. Compromised accounts allow adversaries to creep around for days doing what they will. To stay safe in the cloud, you must protect your keys, passwords, secrets, and which assets they can potentially access. www.beyondtrust.com

“All permissions should be catalogued and assessed for risk. And the highest-level accounts, such as root or administrator, should be uniquely identified in the cloud for their risk and placed under formal privileged access management with asset references”

SECURING THE FUTURE

Jamie Collier, Senior Threat Intelligence Advisor at Mandiant looks at how cyber threat intelligence teams can be empowered with a requirements-driven approach

The ever-evolving landscape of cyber threats poses significant challenges to organisations worldwide. As threat actors continue to become more sophisticated, it is important for cyber threat intelligence (CTI) teams to adopt innovative strategies that allow them to stay ahead of the curve. Implementing a requirements-driven approach can significantly enhance the efficiency, utility and value of an intelligence programme. By adopting this approach, intelligence functions can effectively prioritise and balance competing demands, ensuring that resources are allocated where they are most needed. Successful CTI functions give paramount importance to stakeholder

intelligence requirements, guaranteeing that the gathered information aligns with the strategic objectives of the organisation. The emphasis lies in the fact that every CTI team, irrespective of its scale or available resources, has the potential to enhance its effectiveness by adopting a requirements-driven approach.

In a recent global survey conducted by Mandiant, it was discovered that 96% of security decision-makers recognised the significance of comprehending the specific threats that could potentially target their business. However, the survey revealed that a significant majority (79%), frequently make decisions without valuable insights from adversaries.

This highlights the prevailing issue of operationalising threat intelligence, which poses a challenge for many security functions.

In response, a requirementsdriven approach to CTI emerges as a solution, introducing fundamental elements that lay the groundwork for a flourishing intelligence capability within organisations. Implementing such an approach helps overcome this challenge by operationalising threat intelligence and introducing the essential building blocks for a thriving intelligence capability. It presents an opportunity for companies to bridge the gap between knowledge and decision-making, enhancing their ability to proactively respond to threats.

The required solution

To successfully implement a requirementsdriven approach, a clear strategy is essential. While the concept may seem simple, maintaining a consistent focus on stakeholder needs requires discipline, structure and unwavering attention. Fortunately, building and sustaining this type of concept is both achievable and straightforward.

All cybersecurity functions and CTI teams face constraints in resource-limited settings. Hence, security professionals need to adopt a practical and discerning approach when embarking on new initiatives, recognising that each choice carries an opportunity cost. This approach enables them to make informed decisions, prioritise resources effectively, and improve their overall security posture. Implementing a requirements-driven approach sets

the foundation for a thriving intelligence capability within organisations, enhancing their ability to detect, respond to and mitigate cyber threats.

Requirements-driven framework

The concept of a requirements-driven approach can be compared to a cyclical or systematic process, similar to the well-known threat intelligence lifecycle. However, it is common for the intelligence lifecycle to be portrayed in a somewhat abstract manner, lacking detailed explanations of how each stage operates in practical terms.

To develop a more practical understanding of their workflow, CTI teams need to delve deeper into defining their processes. The framework incorporates several essential pillars, including:

n Stakeholder analysis: This involves identifying the consumers of threat intelligence within an organisation, understanding their roles, tasks, challenges and how CTI can assist them.

n Intelligence requirements: This step focuses on pinpointing the specific needs for collecting, analysing, producing or disseminating threat intelligence, ensuring that the efforts are purposeful and aligned with company objectives.

n Cyber threat profile: By establishing a cyber threat profile, CTI teams gain crucial context on the most pertinent threats within their organisation’s sector, industry and region, aiding them in prioritising their intelligence efforts effectively.

By delving into these core pillars and incorporating them into their practices, CTI teams can develop a more comprehensive and pragmatic understanding of their workflow, facilitating their ability to provide targeted and valuable threat intelligence to their company.

A pragmatic approach

Executing any framework or approach presents a significant challenge, but adopting a requirements-driven approach proves to be attainable and uncomplicated when put into action. To help make it a reality, we emphasise a pragmatic step-by-step approach that speaks to the ground truth of CTI functions. Steps include making note of stakeholder profiles and intelligence requirements, expert advice and gathering and incorporating effective feedback.

In today’s dynamic and everchanging threat landscape, the adoption of a requirements-driven approach emerges as a crucial imperative for CTI teams determined to maintain a proactive stance against cyber threats. By aligning intelligence efforts with the specific needs and demands of stakeholders, organisations can forge a stronger defence, enabling more informed decision-making, optimal resource allocation and an overall fortified security posture. Embracing this approach empowers CTI teams to outpace adversaries and safeguard the integrity of their digital ecosystems in an increasingly complex and volatile cyber landscape.

“In today’s dynamic and ever-changing threat landscape, the adoption of a requirements-driven approach emerges as a crucial imperative for CTI teams determined to maintain a proactive stance against cyber threats”

Network Logic

Many of the world’s most iconic buildings choose Fastlane turnstiles to secure their people and assets. Our market-leading entrance control products include the very latest integrations with both facial and biometric recognition systems. The latest updates to our popular Glassgate 150 and 300 models now include increased lane widths and our Sidegate Detection® technology.

Using cloud services securely

Cloud computing has evolved at an incredible speed and, for many organisations globally, has already become entwined with the complex technological landscape that supports critical daily operations. The scalability and efficiency of cloud services has been a tremendous incentive for organisations that are aiming to drive competitive advantage. But like most other technological innovations, information security is playing catch-up. Particularly in the Middle East, businesses are facing many unique challenges when considering whether the adoption of cloud services is the right option to drive digital transformation, such as regulations pertaining to data residency.

The challenges associated with effective cloud service implementation are multi-dimensional and complex. There are a variety of tiers of service that a cloud service provider may offer, including software-as-a-Service (SaaS), platformas-a-Service (PaaS) or infrastructure-asa-service. There are many obstacles to overcome when onboarding onto a cloud service provider too, such as identifying and maintaining the appropriate security controls; balancing the shared responsibility for security between the cloud service provider and the cloud customer; and meeting regulatory requirements to protect sensitive data in the cloud environment.

Avoiding data breaches

The rapid explosion of cloud usage has accentuated these challenges and, in some instances, left organisations

insufficiently prepared to tackle the security concerns associated with using cloud services. There is a misconception that cloud services are automatically more secure than internal services, but in practice, there is a different story.

For example, the misconfiguration of cloud services is a significant contributor toward data breaches for organisations globally. The deployment of cloud services must be carefully planned and expertly delivered to requirements, or vulnerabilities may emerge that cyber attacks will compromise. Protocols that must be considered include strong password management, as compromised user accounts may lead to exposure. Several previous cloud outages have been caused by human errors or natural disasters: In February 2017 one of Amazon’s regions, US-East-1, was taken offline due to human error. This had a direct effect on IoT devices which use Amazon’s cloud services, such as the smart home app Hive. A number of high-profile websites were also taken completely offline, resulting in lost revenue. In July 2018 Google Cloud also experienced an outage, affecting users’ ability to access Snapchat and Spotify. These incidents exemplify the potential impact of cloud outages.

Surveying the risk landscape

Another, more industry-wide concern is the market monopolisation by large cloud providers and the apparent ‘single point of failure’ for many organisations dependent upon a small number of popular providers. If a cloud provider was to be

systematically targeted via traditional DDoS, physical attacks or other means, there would be significant disruption to its services and dependent organisations. Some organisations have tried to offset this risk by investing in services provided by multiple cloud providers to underpin individual systems, but in doing so have actually created multiple points of failure that have to be continuously monitored. The risk landscape and subsequent mitigation plans are a real challenge to overcome, but it is totally dependent on the organisation’s appetite to manage risk themselves or be comfortable outsourcing it.

From the cloud service provider perspective, they optimise their services by using common technologies, such as virtualisation. Vulnerabilities discovered in these homogeneous technologies could have wide-reaching impact across multiple cloud providers. Issues of this kind have been seen previously with the Spectre and Meltdown security vulnerabilities, which affected a significant number of organisations.

Perfect planning

So, how can organisations in the Middle East make effective decisions on whether to invest in cloud services or not? This is a challenging question to answer in the first place – a large portion of organisations have already chosen to leverage cloud services so security is somewhat of an afterthought. Many security practitioners have to subsequently weave security controls in, or update contractual agreements, such as those covering business continuity management, disaster recovery, back-ups,

Dan Norman, Regional Director, EMEA, ISF, explores how organisations in the Middle East can securely and confidently deploy cloud services

etc. However, for organisations embarking on the journey, they must:

n Develop an effective governance framework internally so that technological development and innovation is risk assessed and subsequently managed effectively.

n Deploy a set of core cloud security controls with an understanding of their responsibilities as the cloud customer, covering:

Network security, e.g. cloud connections, network segmentation, firewall configuration

Access management, e.g. identity and access management, secure sign-on process

Administrator access

Data protection, e.g. data management, data encryption, data leakage prevention

Secure configuration, e.g. API management, virtualisation, containerisation

– Security monitoring, e.g. vulnerability management, security event management and security incident management.

n Select the right security products and services to support successful implementation of the core controls.

Organisations that operate securely in the cloud environment can achieve competitive advantage and drive forward their business by maximising the elasticity and scalability that cloud services offer. However, the responsibility for security and wider risk management is a personal choice for organisations and must not be an afterthought in the transformation plan. Security practitioners must take real caution before embarking on a cloudbased digitisation journey.

About the author

Dan Norman is the Regional Director, EMEA for the ISF. The ISF is a leading authority on cyber, information security and risk management. Its members comprise some of the world’s leading organisations featured on the Fortune 500 and Forbes 2000 lists. For more information visit www.securityforum.org

Industry interview

Yacine Benamane (below), CPP, MENA & Iran Senior Regional Security Manager for Unilever based in UAE, and Vice Chair of

Can you describe your experience in the security industry?

Latest research shows private security workers outnumber public police officers for the majority of the world, except in developing countries where the market for private security services remains nascent and undervalued. I grew up in such a country, lacking standardised security professional regulation, and where aspiring to become a security professional was not the norm.

So, I joined the first private security company in 1998 and was fortunate to have my first assignment in an oil & gas company which allowed me to understand the fundamentals of security but also, HE&S, the oil sector being strictly regulated. I moved then to different industries, in different countries, exposing me to different customs and traditions, increasing my cultural awareness while enabling creativity and driving innovation in my different roles.

What are the most pressing security challenges in the region?

Declining economies compounded by covid disruption, skyrocketing inflation, volatile energy and food prices and the rapid galvanising effect of social media are increasing popular frustration and leading to the threat of strikes, riots and civil commotion in the region. The impact on companies stretches from supply chain disruption to threat on its people and assets.

Navigating the geopolitics of sanctions and building a successful sanctions compliance programme is another issue requiring a solid screening and

management of a third party’s ecosystem and deeper cross-functional cooperation between the risk management and legal functions.

In the longer-term bigger picture, the effects of climate change will continue to exacerbate existing social, economic, and environmental challenges impacting food, water and energy supplies, increased competition over natural resources, loss of livelihoods, climate-related disasters, and forced migration and displacement requiring an all-hazard risk management approach.

Tell us about your experience with ASIS and how it has aided your career.

Very few people will dispute the benefit of joining ASIS International and you’ll hear countless success stories from security professionals on how ASIS International‘s membership acted as a catalyst to

develop their skills base, knowledge and academic qualifications eventually developing fully qualified, smart business security individuals.

At a time when access to industryleading and educational events was only available in English, ASIS changed the perception and narrative, allowing me to be part of a large networking organisation providing a readily accessible library of security, risk management and cyber advice, reference and knowledge, not to mention forging long-term personal friendships with lots of security practitioners around the world. So, I owe ASIS the ’rounded’ business security individuals I became today and try as much as I can to give back through the voluntary programme to benefit the upcoming generation of security professionals.

How will the security landscape evolve in the next 10 years?

As we look ahead to a year of continued uncertainty, organisations across the region face a multitude of social, economic and health-related threats. Building resilience ahead of the curve to mitigate risk and subsequently be better prepared to take advantage of the opportunities is a fundamental social, economic and business continuity imperative.

To cope with an uncertain environment, companies will need to adopt effective and collaborative approaches involving carefully crafted risk assessments of the convergence of the digital, virtual and physical business environment to uncover cause-and-effect relationships in markets, making the environment less ambiguous and more predictable.

Video Surveillance Implementation

and

Director of K Tech Consulting, looks at the role of video surveillance, software analytics and open systems in smart city implementation

Smart cities embody the vision of leveraging technology and data to enhance the quality of life, sustainability and e ciency of urban communities. By integrating various domains such as governance, infrastructure, transportation, energy, healthcare, safety & security and public safety, smart cities foster innovation and data-driven decisionmaking. Infrastructure and systems need to be implemented in an intelligent fashion and analysed, eventually leading to optimised resource allocation, improved service delivery and real-time responses to challenges and opportunities, with the ultimate goal of creating vibrant and liveable urban ecosystems based on actual data and performance analysis.

So, where does video surveillance t in? Video surveillance serves as a critical component in smart city implementation, enhancing urban security and safety. Video surveillance systems provide both real-time information and historical data – used correctly it acts as vigilant eyes, continuously monitoring public spaces, streets and key areas. This acts as a deterrent to criminal activities and provides valuable visual evidence for law enforcement, facilitating swi response and accurate investigations. In emergency situations, video surveillance helps in real-time incident detection and e ective disaster management, contributing to the overall wellbeing of citizens.

Boosting productivity

Newer systems enabled with so ware analytics will increase the productivity of a city’s operations, providing extra information in the analysis of video data

that should lead to a more proactive approach to safety and security. By leveraging advanced algorithms and AI-driven analytics, so ware solutions will automatically detect abnormal events, identify patterns and predict potential risks or anomalies allowing for more e cient resource allocation and improved public safety. So ware analytics also help in crowd management during large gatherings, identify congestion hotspots and facilitate e ective emergency responses. Improved e ciencies mean that manpower can be used more e ciently to such an extent that the gains make implementation a ‘no-brainer’ in terms of a return on investment. In the end, city authorities will be able to optimise urban processes and therefore enhance the overall quality of life for residents.

Promoting collaboration

Systems provided should be built on open standards and interoperability, these systems enable seamless integration of diverse technologies and applications. By promoting collaboration among stakeholders and facilitating data exchange between platforms, open systems foster innovation, scalability and adaptability. They allow end users to select best-ofbreed solutions, avoid vendor lock-in and incorporate emerging technologies as needed. Open systems also facilitate the integration of video surveillance, so ware analytics and other smart city components, ensuring e ective communication and synergy between di erent systems.

Credible solution providers bring expertise, experience and industry

knowledge to the table, ensuring the deployment of robust and reliable technologies. They o er tailored solutions, ensuring that the smart city infrastructure meets speci c requirements and addresses the unique challenges of each urban environment. In addition, through collaboration, cities gain access to the necessary resources, expertise and ongoing support for successful implementation and maintenance of smart city systems. Partnerships also promote knowledge exchange, best practice sharing and continuous innovation, enabling cities to evolve and adapt to changing needs and emerging technologies.

There are many factors to take into account in order to implement these systems, but proper design led by experts in the security eld, backed up by solution providers of video surveillance and so ware analytics are integral to the successful implementation of smart city security systems. By leveraging these components and fostering collaborative partnerships, cities can harness the power of technology, data and innovation to create intelligent, connected and sustainable urban environments.

2023

Please check the event websites for the most upto-date details as dates can change all the time.

15-17 August

CyberDSA 2023

Kuala Lumpur Convention Centre, Malaysia

cyberdsa.com

23-24 August

Indonesia Smart Industrial Expo

The Bekasi Junction

Indonesia

tpmi-group.com/ smart-industrial-expo

30 August –1 September

Security Exhibition and Conference 2023

ICC Sydney, Australia

securityexpo.com.au

4 September

Airport Innovation Conference Radisson Blu Hotel, Riyadh, KSA airportinnovationsummit. csevents.ae

6-7 September

Future Cities Summit KSA Riyadh, Saudi Arabia traiconevents.com/fcs/ksa

13-14 September

IDC CIO Summit 2023 Fairmont Riyadh idc.com/events

19-21 September

SECURA North Africa SAFEX (Union Hall) Algiers Exhibition Centre securanorthafrica.com

3-5 October

Intersec Saudi Arabia

Riyadh International Convention and Exhibition Centre (RICEC) intersec-ksa.ae. messefrankfurt.com

9-10 October

7th edition OFSEC

Oman Convention & Exhibition Centre, Muscat, Oman ofsecevent.com

11-12 October

Natural Disasters Expo

Messe Frankfurt, Hall 11, Frankfurt, Germany

naturaldisastersshow.de

14-17 November

Milipol Paris

Paris-Nord Villepinte Exhibition Centre, Paris, France

en.milipol.com

22-23 November

IDC Alliance Mövenpick Resort Al Marjan Island, UAE idc.com

Traka Intelligent Solutions for Healthcare

Healthcare is quite literally a lifesaving industry that never stops. A hospital’s main objective is to get people in and out as quickly and safely as possible. Since controlling hundreds to thousands of visitors daily is a constant challenge in itself, controls that can be implemented to limit risk on internal staff can prove to be invaluable.

Going far beyond simple key control, Traka systems are customized to affect the daily processes that drive your business, resulting in reduced operating costs, complete user accountability, and higher efficiency.

Expect more from an integrated key and asset management solution by Traka.

Reduced administration – no need to manually distribute keys or log usage

Monitor user activity – each user is uniquely identified through PIN, access badge or biometrics

Better control – allocate specific items to authorised users at specific times, and allow custom access rules such as double or triple authorisations as needed

Reliable and robust – our designed to IP67 rated, nickel-plated brass iFobs provide years of proven maintenance-free use

Increased visibility – real-time and centralised activity reporting, with

ROI Calculation

Cost of time lost looking for keys

Avg. time spent looking for keys per day: 1-1.5 hours

Cost of time loss: avg. labour rate (£15): 10 hours x £15 = £150

Avg. cost of time loss per month: £150 x 7 days x 4 weeks £4,200

TOTAL LOSS PER YEAR: £4,200 x 12 months £50,400

Note: Figures stated are based on our experience with customers

Results

If there is 1 nurse per ward losing 1 hour a day looking for keys, it equates to approximately TWO FULL-TIME nurses’ wages. Thus, by just managing access and processes, a healthcare facility will be able to invest in two more nurses per year to enhance patient care services.

What does this mean to your business?

In 6 to 12 months on average, the time spent to withdraw and return keys could drop by 20%, depending on the schedule and volume of employees using the system concurrently.

This means improved control over critical processes to maximize their effectiveness, efficiency, and safety. Beyond giving you total control over your keys and valuable assets, Traka can be a vital tool in affecting the way your facility, equipment, and personnel collectively operate.

Traka makes your keys and assets work for you like never before.

Traka is the global leader in intelligent management solutions for keys and equipment. Traka’s solutions help all types of organizations control their important assets, improving productivity and accountability, and reducing risk in critical processes.

For

information on Traka’s specialist key management solutions for healthcare, please visit: www.traka.com