A U S T R A L A S I A’ S L E A D I N G S E C U R I T Y R E S O U R C E F O R B U S I N E S S A N D G O V E R N M E N T
ISSUE #108 JUL/AUG 2017
HOW YOU’RE FUNDING TERRORISM
CUSTOMISABLE ELECTRIC HEIGHT ADJUSTABLE SIT STAND CONSOLES
Does your control room meet
Australian Ergonomic Standards?
www.activconsole.com
IFC-001_SSM108.indd 2
Clayton VIC 3168
20/06/2017 2:28 pm
Safe Work Australia, Nov 2015
“...in 2012-13 the cost impact of work-related injuries and illnesses was estimated to be just over $61 billion...�
State-of-the-art ergonomic lifting technology Lifetime Australia phone support AS/NZS 4443:1997 & ISO 11064
+61 3 9574 8044
IFC-001_SSM108.indd 1
sales@activconsole.com
20/06/2017 2:28 pm
SECURITY EXCELLENCE CALL FOR NOMINATIONS #SecurityAwards 2017 g By
Natalie Shymko, Marketing and Communications Manager, Australian Security Industry Association Limited (ASIAL)
T
he vital role performed by Australia’s private security industry will be recognised later this year at a special awards ceremony in Melbourne organised by ASIAL. The 2017 Australian Security Industry Awards for Excellence and Outstanding Security Performance Awards will recognise excellence in the security industry. Nominations are open to all and provide an opportunity to recognise individuals, including frontline security personnel who have gone beyond what could reasonably be expected of them in providing a level of service that exceeds client’s expectations. Likewise, organisations and teams who have demonstrated leadership and innovation will also be recognised. Judging of the awards will be undertaken by an independent panel of judges, that includes Kate Hughes, Chief Risk Officer, Telstra; Damian McMeekin, Head of Group Security, Australia & New Zealand Banking Group Ltd (ANZ); John Yates, QPM, Director of Security,
002-003 Advertising SSM108.indd 2
Scentre Group; Chris Beatson, Director, PoliceLink Command, New South Wales Police Force; John Adams, Editor, Security Electronics and Networks Magazine; John Curtis, Director, IPP Consulting Pty Ltd and Vlado Damjanovski, CCTV Specialist and MD, ViDi Labs. Nominations are now open and close on 1 September 2017. Winners will be presented at a special awards ceremony to be held at Crown Melbourne on 19 October 2017.
2017
Award categories include: • Individual Achievement – General • Individual Achievement – Technical • Gender Diversity • Indigenous Employment • Special Security Event or Project • Integrated Security Solution • Product of the Year (Alarm,
Access Control, CCTV – Camera, CCTV-IP System/Solution, Communication/Transmission System, Physical Security (bollard, gate, barrier)
Award categories include: • Outstanding In-house Security Manager • Outstanding In-house Security Team • Outstanding Security Training Initiative • Outstanding Security Partnership • Outstanding Security Officer • Outstanding Guarding Company • Outstanding Security Consultant • Outstanding Security Installer • Outstanding Information Security Companybarrier) For more detailed information on the award nomination criteria and process visit www.asial.com.au/ securityawards2017
20/06/2017 2:28 pm
RECOGNISING EXCELLENCE
Australian Security Industry Awards Nominations close 1 September www.asial.com.au
2017 EVENT Winners announced - 19 October 2017 The River Room, Crown Melbourne. The Australian Security Awards Ceremony & Dinner The night is an opportunity to celebrate excellence and innovation in the security industry, and network with likeminded security professionals.
Organised by
Lead dinner sponsor
Entertainment and centrepiece sponsor
2017
#securityawards 002-003 Advertising SSM108.indd 3
20/06/2017 2:28 pm
CONTENTS108
W i I a s
A m o a r i
T a e t s
COVER STORY: INSIDE THE SHADOW ECONOMY: ARE YOU FUNDING TERRORISM?
052 032
It costs money to commit acts of terrorism and field armies to fight the battles of jihad. The cost to pay for fighters, food, equipment, lodging, training, deployment and medical services for the jihadist by the controlling organisation or group is not cheap. When operating beyond the borders of the sponsor of terror, the costs can be five times as much as it would cost to conduct a local operation. How do terrorist groups fund their activities and how are thousands of Australians unwittingly contributing?
A c m o
INTO THE WILD BLUE YONDER Australian public and private organisations across a myriad of sectors are currently investigating and embracing the technological and competitive benefits of using remotely piloted aircraft called unmanned aerial vehicles (UAVs), or drones. But is drone technology right for your business? Garry Barnes looks at the factors every organisation should consider before flying into the great unknown.
060
PREPARING FOR THE NEXT WAVE OF RANSOMWARE ATTACKS – HOW TO DEFEND YOUR BUSINESS There’s no doubt about it, ransomware is both destructive and costly to businesses. However, in terms of an attack methodology it’s nothing new. What has elevated ransomware is the sheer magnitude and the evolving nature of the attacks. What steps can you take to protect your business from ransomware attacks?
068
THE NEW MASS GATHERING SECURITY REALITY Can security ever really counter the terrorist threat at places of mass gatherings?
084
SECURITY AND COUNTER TERROR IN LONDON
W n R a b
9,850 security professionals from over 114 countries travelled to London in May for the latest instalment of Security & Counter Terror Expo (SCTX). The show once again incorporated leading forensics show Forensics Europe Expo and Ambition – the event for the emergency preparedness, resilience and response (EPRR) community. We bring you a complete round up of this year’s event.
090
SECURITY 2017 Find out everything you need to know to plan and get the most out of your visit to this year’s security exhibition and conference. From exhibitor listings to the conference program and everything in between.
A fu t d
004 SECURITY SOLUTIONS 004-007_SSM108 Contents.indd 4
21/06/2017 12:34 pm
We are a leading player in the biometric identification market by pioneering In Motion Identification (IMID) access, a multimodal verification for instant, seamless, and non-invasive verification. Ask us about advanced features such as multi-modality, speed of identification, our committed accuracy, anti-fraud algorithm, double factor availability, restricted people alerts, simultaneous identification.
The solution is designed for enterprise and can be easily integrated with existing infrastructure. It can be added to any existing door, turnstile or speed stile, and any access control solution. Ask us about high availability, scalability, cyber security and encryption, multi-site management, traceability and auditability, our APIs and ease of integration.
FST Biometrics is a leading identity management solutions provider. The company’s IMID™ product line offers access control through its proprietary In Motion Identification technology. This provides the ultimate security and convenience for users, who are accurately identified without having to stop or slow down. IMID™ solutions integrate a fusion of biometric and analytic technologies that include face recognition, body behavior analytics and voice verification. For more information, please visit http://www.fstbm.com.
With IMID Access, authorized users do not have to slow down, sign in or stop. Rather, they are identified in motion, and granted seamless access to buildings and facilities. Ask us about our rich out of the box functionality, such as visitor management, time attendance, notifications, digital doorman and mobile applications.
004-007_SSM108 Contents.indd 5
Add-On APAC Innovative Solutions offers converged physical, cyber and communication security solutions. Operating across the Asia Pacific region, we harness advanced products and ground-breaking technologies, helping our customers transform the way they protect people, information and assets. Learn more about us at http://www.addonapac.com. Add-On APAC Australia Pty Ltd info@addonapac.com, 03 9607 8465
IMID is the future of access control. Prefer to take your own conclusions?
Ask us for a product demonstration, and see it for yourself.
21/06/2017 12:34 pm
CONTENTS108 010
LETTER FROM THE EDITOR
044 CCTV Leading CCTV expert Vlado Damjanovski looks at the
importance of designing CCTV systems to provide the necessary information to help deal with major incidents.
012 LEADERSHIP Jason Brown looks at the concept of leading from below.
014 CYBER SECURITY What are staff members really doing with company data?
016 RESILIENCE How has cyber resilience evolved a decade after the
048 BUSINESS Is risk policy the new risk paradigm? 058
LEGAL Q&A We answer your legal questions.
064 LOSS PREVENTION We present the first of our two-part special on
the role of loss prevention across the retail supply chain security program.
first large scale cyber attack?
018 HUMAN RESOURCES Greg Byrne presents the second part of his special on conducting workplace investigations.
072 AVIATION What does the immediate future hold for passenger screening?
020 RISK MANAGEMENT From a risk management perspective, is it legal to design security systems without a license?
076 ACCESS CONTROL What are the technology advancement that are currently reshaping the security landscape?
024
LEGAL Beware Google.
080 PROFESSIONAL DEVELOPMENT What is Risk Intelligence?
026 THINKING ABOUT SECURITY What is the value of Pro Bono work for
088
SECURITY STUFF
028 EVENTS A look at upcoming industry events.
090
SPOTLIGHTS
036 ALARMS Why do we need standards for electronic security
096
PROFILES
106
PRODUCT SHOWCASES
110
SHOPTALK Company announcements from within the industry.
security professionals?
systems?
040 OPERATIONS Richard Kay examines why brains are more important than brawn in public safety environments.
040
032
048
072
084
006 SECURITY SOLUTIONS 004-007_SSM108 Contents.indd 6
21/06/2017 12:34 pm
TR
OR
004-007_SSM108 Contents.indd 7
HÉE D’ OP
21/06/2017 12:34 pm
www.securitysolutionsmagazine.com
Editorial Editor: John Bigelow john@interactivemediasolutions.com.au Sub-Editing: Helen Sist, Ged McMahon Special Guest Editor: Don Williams Contributors: Garry Barnes, Karissa Breen, Jason Brown, Greg Byrne, Per Bjรถrkdahl, Vlado Damjanovski, Kevin Foster, Steve Lawson, Justin Lawrence, Rita Parker, Don Williams, Richard Kay, Tony Charge, David Lake, Kevin Cunningham, Jac Brittain, Craig Harwood, Rob Spinetti, Dr Gav Schneider, Dr Paul Johnston, Kate Down.
Advertising keith@interactivemediasolutions.com.au Phone: 1300 300 552
Marketing & Subscriptions admin@interactivemediasolutions.com.au $62.00 AUD inside Aust. (6 Issues) $124.00 AUD outside Aust. (6 Issues)
Design & Production graphics@interactivemediasolutions.com.au Phone: 1300 300 552
Accounts accounts@interactivemediasolutions.com.au Phone: 1300 300 552
Publisher
ABN 56 606 919 463 Level 1, 34 Joseph St, Blackburn, Victoria 3130 Phone: 1300 300 552 Email: enquiries@interactivemediasolutions.com.au Disclaimer The publisher takes due care in the preparation of this magazine and takes all reasonable precautions and makes all reasonable effort to ensure the accuracy of material contained in this publication, but is not liable for any mistake, misprint or omission. The publisher does not assume any responsibility or liability for any loss or damage which may result from any inaccuracy or omission in this publication, or from the use of information contained herein. The publisher makes no warranty, express or implied with respect to any of the material contained herein. The contents of this magazine may not be reproduced in ANY form in whole OR in part without WRITTEN permission from the publisher. Reproduction includes copying, photocopying, translation or reduced to any electronic medium or machine-readable form.
RS A DE VI
SSOCIATI
ON
ABN 56 606 919 463 Level 1, 34 Joseph St, Blackburn, Victoria 3130 Phone: 1300 300 552 Email: enquiries@interactivemediasolutions.com.au
O
RALIA LTD
SECURIT Y
PR
UST FA
O
Written Correspondence to:
Or i g i n a l Si z e
O C I AT I
ON
Y P R OVI D
RIT
CU
D LT
SE
PR O
ASS
SPAAL
AU S T R A L I A
STRALIA LTD AU
SECURITY
RS
OF
E
Official partners with:
SSOCIAT IO N
OF
RS A DE VI
blue colour changed to this colour green.
COPY/ARTWORK/TYPESETTING APPROVAL Please proof read carefully ALL of this copy/artwork/typesetting material BEFORE signing your approval to print. Please pay special attention to spelling, punctuation, dates, times, telephone numbers, addresses etc, as well as layout.It is your responsibility to bring to our attention any corrections. Minuteman Press assumes no responsibility for errors after a proof has been authorised to print and print re-runs will be at your cost. Signed.................................................................. Date........................
008 SECURITY SOLUTIONS 008-011_SSM108 Editors Letter.indd 8
21/06/2017 12:23 pm
Series 2005 is the leading brand of 19” rack mount enclosure for data and communications installations, with a huge range of sizes. MFB have the right cabinet for your needs.
When you choose Australian made, you’re choosing more than quality and reliability, you’re choosing peace of mind.
DESIGNERS & MANUFACTURERS OF 19” RACK SYSTEMS
MFB’s range of innovative racking solutions is proudly made onshore, to ensure quality and consistency above all others. Backed by constant development, unsurpassed customer support and expedited delivery. MFB proves a solid project partner whatever your requirements. Australian made, makes Australia. With a solid history of over 45 years of supplying innovative, off-the-shelf and custom built racking systems, you can rely on MFB to ensure when you buy Australian, you’re investing and supporting Australian industry.
AUSTRALIAN MADE MAKES AUSTRALIA
www.mfb.com.au
VIC NSW -
P (03) 9801 1044 P (02) 9749 1922
F (03) 9801 1176 F (02) 9749 1987
E sales@mfb.com.au E sydney@mfb.com.au
SECURITY SOLUTIONS 009 008-011_SSM108 Editors Letter.indd 9
21/06/2017 12:23 pm
LETTER FROM THE EDITOR While it is difficult to quantify to what degree terrorist activity has increased across the globe since 2001, there can be little doubt that the world has experienced a significant increase in terrorist attacks. Esri, a global leader in mapping and spatial analytics, recently published a map showing the locations and details of terrorist incidents across the globe for the year 2017 up to early June*. The map is a collaboration between the Esri Story Maps team and PeaceTech Lab and uses crowd-sourced data from Wikipedia to present a chronology of terrorist attacks around the globe. According to Esri, Wikipedia moderators include experts in the field of global conflict and terrorism, and the pages driving this story map have been revised thousands of times since the beginning of 2017. As a result, the quality of the data on this map is constantly improving. According to the map, there have been 571 attacks across the world resulting in 3,924 fatalities since the 1st of January 2017, including two attacks in Australia – the most recent being the siege involving Yacqub Khayre in Melbourne (who was reported as being inspired by ISIS), and an incident which occurred in Queanbeyan, NSW, in April involving two young boys (again reportedly inspired by ISIS) who attacked a service station and killed the 29-year-old service station attendant before stabbing another person. The unquestionable rise in terrorist activity over the last decade raises significant questions around not only how best to tackle terrorism but, equally importantly, how is it that these terrorist groups are able to fund and support their actions. In this Issue’s cover story, David Lake, a serving law enforcement officer and expert in the area of organised crime, shines a light on the shadow economy and examines issues around the types of illegal activities carried out by terrorist groups in order to fund their activities. In preparing this story, I was horrified not only by the scale and monetary value of these activities but, perhaps more importantly, the lack of action being taken by governments to stem the tide of funding and the degree to which many Australians (and citizens of other countries) have become unwitting financial supporters of terrorist activities. I would strongly urge every reader to take a look at this article and then think long and hard about how, in your role as both security professionals and everyday members of the public, you might best be positioned to help address and eradicate this problem and potential source of terrorist funding. Share the article far and wide. Debate it, discuss it, think about it but, most importantly, where possible, act upon it. If anyone is in a position to do something about this problem, it is the readers of this publication. * storymaps.esri.com/stories/terrorist-attacks/?year=2017
John Bigelow Editor
010 SECURITY SOLUTIONS 008-011_SSM108 Editors Letter.indd 10
21/06/2017 12:23 pm
R
EasyIP 3.0 H.265+ EasyIP 3.0 H.265+
EasyIP 3.0 SERIES
Simple and Powerful The Easier Journey toEasyIP Better 3.0Security SERIES Simple and Powerful The Easier Journey to Better Security
The all-new Easy IP product range is simple to install and use, and is available at a budget-friendly price. Rarely does an affordable system come with such powerful functionality: 4K ultra HD with true WDR, H.265+ Smart Codec compression technology. New cameras in the range also provide greater analytic functions, featuring on-board Video Content Analysis options. Its power, combined with its easy installation and user-friendliness, means the Easy IP 3.0 solution requires significantly less operator input to deliver a significantly more efficient and effective security solution. - 4K Ultra HD with WDRrange is simple to install and use, and is available at a budget-friendly price. The all-new Easy IP true product Rarely does an affordable system come with such powerful functionality: 4K ultra HD with true WDR, H.265+ - H.265+/H.265 Compression technology Smart Codec compression technology. New cameras in the range also provide greater analytic functions, featuring on-board Video Content Analysis options. Its power, combined with its easy installation and Hikvision Oceania user-friendliness, means the Easy IP 3.0 solution requires significantly less operator input to deliver a significantly more efficient effective security solution. Unite 14a Eden Park Dr, Macquarie Parkand NSW 2113 Tel: +61 2 8599 4233 - 4K HD557 with true WDR Toll Ultra Free:1300 450( Australia only) Email:salesau@hikvision.com www.hikvision.com - H.265+/H.265 Compression technology 008-011_SSM108 Editors Letter.indd 11
Hikvision Oceania
21/06/2017 12:23 pm
REGULAR
LEADERSHIP Leading From Below By Jason Brown
In the world of security, hierarchies are common and leadership tends to be associated with position or rank, but this need not always be the case. If you have the desire, competence and willingness to communicate your ideas you can lead from below (LfB). I would argue that in any well-run organisation, those who demonstrate a capacity to lead from below usually end up with a formal leadership position. In this article, I have gathered thoughts from a number of leadership writers on the topic of LfB. First of all, you have to wish to lead and be willing take the risks that putting yourself forward entails. This means being able to influence decisions and directions, not through position power, but through sharing good ideas and information and demonstrating a willingness to help others achieve their professional goals. You need to understand your organisation, particularly its goals, structures and processes. This knowledge of how everything works lets you input your ideas at the right time with the right people who will recognise your contribution and willingness to help. Consider the issues impacting on your overall organisation, not just those in your specific duties, and take them into account when making suggestions. You are more likely to be heard and understood by those more senior. In the Wall Street Journal report ‘Leading From Below’, James Kelly and Scott Nadler suggest that organisational change and development can only occur when there is leadership at all levels. They made a number of suggestions: Make a decision to be a leader, do not wait to be told: • become less essential to the doing of routine work, free up time and energy for leadership, unlock staff potential • become aware of signals from outside your organisational unit and your organisation.
Focus on influence, not control – enlist your staff in a common cause: • adopt the perspective of the people you are trying to influence • do not hoard information, share it • aim to influence existing work processes, do not build new ones • do not worry about being proved right • keep things clear and simple • keep a sharp focus. Make your mental organisational chart horizontal rather than vertical – connect with peers, make them your focus group Work on your trusted advisor skills: • turn conversations into meaningful discussions that make people seek you out • listen more than you talk • ask questions that broaden people’s perspective • share what others have seen and done in similar circumstances. Do not wait for the perfect time, just find a good time: • do not wait for an invitation • look for situations where complacency has been disturbed. Taking responsibility is a key attribute. Accept your successes and recognise and admit any failures. Keeping a win-win approach to the fore is an important way of engaging and leading others, particularly when you can share opportunities with others and align their goals to yours. You need to be open and generous with both time and information and accept and act on feedback. This is generally reciprocated and you will have the input to enrich your competence and influence.
This is demonstrated by the behaviours listed above. Herminia Ibarra, Professor of Leadership and Learning at INSEAD, summed it up in an interview in Global Network Perspectives: I define leadership behaviorally. A leader is somebody who is able to set direction for a group, and then mobilize them toward that goal. I don’t get into personality characteristics because it can vary a lot. The common factors really are big-picture strategic thinking and the capacity to influence people. In terms of vision, it’s being able to sense what’s going on in the world, see the unexploited opportunities and lurking dangers, and use that to figure out what to focus on and what not to focus on. With influencing others, it’s how you get people to see your view, how you get them to see it as their issue, not just your issue, and how you communicate in a way that makes them feel motivated, inspired, involved, and a part of things. Lastly, I would suggest that you need to be authentic in your actions and words. This builds trust and influence. But do not forget to add a bit of humour; at the right time it will build camaraderie and reduce negative tension. Good luck leading from below. It is worth the effort. Jason Brown is the National Security Director for Thales in Australia and New Zealand. He is responsible for security liaison with government, law enforcement and intelligence communities to develop cooperative arrangements to minimise risk to Thales and those in the community that it supports. He is also responsible for ensuring compliance with international and commonwealth requirements for national security and relevant federal and state laws. He has served on a number of senior boards and committees, including Chair of the Security Professionals Australasia, member of ASIS International Standards and Guidelines Commission and Chair of Australian Standards Committee for Security and resilience. As of February 2017, Jason has been appointed Chair of the International Standards Committee for Risk Management.
012 SECURITY SOLUTIONS 012-031 SSM108 Regulars.indd 12
21/06/2017 10:55 am
STOP TAILGATING AND OTHER UNAUTHORISED ENTRY ATTEMPTS
NOW AS EASY AS 1,2,... 1
2
1
Take 1 standard access controlled door with tailgating problems.
Tailgating is the art of unauthorised people following authorised people through an access controlled door.
www.pathminder.com.au
012-031 SSM108 Regulars.indd 13
2
Add a PathMinder HPJ half portal.
The PathMinder HPJ half portal can ‘cap’ any access controlled door to turn it into a secure interlock, the highly sophisticated ultra sonic tailgate detection technology makes sure access is limited to one person at a time.
3
Sit back and relax, job done.
With over 40 portals in the range, PathMinder has a high security solution to controlling access at any entry point. Our portals include vandal, attack and bullet resistant certified designs, DDA compliant solutions and full customisable models to match your security needs.
Phone: 1300 750 740
21/06/2017 10:55 am
REGULAR
CYBER SECURITY What Are Employees Actually Doing? By Karissa Breen
C
M
The news or the media are always reporting that outsider threats are the main source of cyberattacks, but who is actually looking at the employees on the inside? What are all these people doing? Is anyone monitoring what the system administrators are doing and ensuring they are not downloading every episode of “House of Cards” under the sun because they can and because they have ‘privileged account management’? Organisations are so quick to point the finger a ‘outsiders’ who are always generating bad media affairs because they are on point for performing sophisticated cybercrime. But what interests me the most about insider threat is the psychology behind why employees do what they do. Perhaps they believe having privileged access to sensitive information could advance their career, perhaps not. Who actually knows? But there are mechanisms to identify user activity. There are a few potential reasons why insider threats are going next level nowadays. Sometimes it is not always an intentional ‘crack’ at the organisation. It can sometimes be by accident or lack of security awareness and failure to undertake correct security procedures. For example, an employee could be sitting down in a coffee shop utilising the public free Wi-Fi (most people generally opt for this option anyway). The employee could have no intention of performing any malicious intent to the business.
However, anyone with malicious intent within range could piggyback on the employee’s signature to gain access to confidential information. In thi example, this employee probably did not set out with the wrong intention of jeopardising the company’s confidential information However, another example could be that when the cyber forensics team investigate the logs and see that the same type of behaviour was a frequent occurrence and data leakage was taking place through various mechanisms, it is probably safe to say that this was an intentional offence. Userbased activity can always be traced and, therefore, assumptions can be made on individuals. Once the unethical behaviour has been detected, organisations should undertake the correct protocol to ensure that this behaviour is stamped out immediately. Organisations engender trust with their clients; they should also be engendering trust with their insiders. Organisations need to understand human behaviours and be across potential defects that insiders make and intrinsically understand why this is happening. Information security teams need to have a comprehensive understanding of privileged account management and monitor these individuals through appropriate controls to ensure they maintain strong integrity. Senior management should be taking it upon themselves to ensure they are responding
appropriately and looking for trends in behaviour; organisations are now gathering this through artificial intelligence So, do not always point the finger straight awa and play the blame game, but instead understand what employee activity is going on. Privileged account management users need to have appropriate controls in place to monitor their level of access. Organisations should be aware of these types of insider behaviours and ensure the correct security policies and procedures are embedded to protect the organisation’s integrity and reputation. When data leakage occurs, it is not always for a bad intent, but if organisations are not aware of what their employees are doing it is quite easy to blame them and then in turn organisations lose their employees’ trust. Organisations should be advanced enough to identify a misdemeanour and distinguish that from an accident. Do not be so quick to judge, but ensure the business is performing the correct procedures to eradicate this type of unethical behaviour.
Y
CM
MY
CY
CMY
K
Karissa Breen is currently working as an account executive for Green Light, a provider of IT services to systems integrators, telcos, consultancies and defence organisations in the global market. Karissa has a background in cyber security, financial services and consulting an publishes her own IT blog.
014 SECURITY SOLUTIONS 012-031 SSM108 Regulars.indd 14
21/06/2017 10:55 am
NEW INT-QUADIP For PB- Series Quad Beams
C
M
Y
CM
MY
CY
CMY
K
IP INTERFACE MODULE
LAN/WAN
With the new IP interface module, our intelligent PB- series Quad Beams are as easy as IP cameras to install and integrate with leading VMS solutions.
VMS
Most intruder detection systems rely on legacy technologies which require a number of third-party products and man-hours to install. The INT-QUADIP module utilises infrastructures already in place with CCTV, Access Control, and other security systems; dramatically reducing installation costs whilst providing a fully integrated security system which can be easily expanded and configured as desired.
KEY SPECIFICATIONS ● ● ● ●
PoE Class 3 IEEE 802.3af VMS Compatible Direct control for cameras including: - Axis - Bosch - Hikvision - Sony
● Plug & play web browser interface ● No software installation required ● One cable installation
PB-IN-HF/HFA The ultimate in trouble free perimeter detection for distances up to 200m.
1300 366 851 www.seadan.com.au 012-031 SSM108 Regulars.indd 15
PB-F/FA Single channel quad beams ideal for simple perimeter systems.
PB-IN-100AT Anti-crawl beam for high security perimeters up to 100m.
PB-KH TAKEX quad beam performance for use in beam towers.
(02) 9427 2677 www.sprintintercom.au
21/06/2017 10:55 am
REGULAR
RESILIENCE Cyber Resilience – A Decade After The First Large-Scale Attack By Dr Rita Parker The fragility of cyber defences worldwide was exposed when malicious software (ransomware) created havoc around the globe in May this year, affecting businesses, individuals and critical infrastructure. The global reach was unprecedented. The first wave of cyberattack hit 200,000 targets in at least 150 countries, according to a statement by the head of the European Union’s police agency Europol Director, Rob Wainwright. Malicious software or ransomware is a program that enters your computer either by clicking or downloading malicious files. I then holds your data as ransom. The global attack in May this year was attributed to a form of ransomware known as WannaCry that targets Microsoft’s widely used Windows operating system to locks up files on your compute , encrypts them so they cannot be accessed, and demands payment to regain access. But there is no guarantee that access will be granted after payment. The question that needs to be asked is: have we developed our cyber resilience since the firs deliberate large scale cyberattack a decade ago, in May 2007? At the time, it was a coordinated approach that had never been seen before. The massive cyberattack occurred following the Estonian Government’s decision to move a bronze statue that the Soviets had built in 1947 to commemorate their war dead after driving the Nazis out of the region at the end of World War II. But having rid the country of German occupation, the Russians then occupied Estonia. For many citizens, the statue was a symbol of an oppressive occupation. Sixty years later in April 2007, the now independent Estonian state decided to move the monument from the centre of the city to a military cemetery on Tallinn’s outskirts. For Estonia’s ethnic Russians, who make up a quarter of the nation’s population, it was an emotionally
charged time and, following the statue’s removal, there were several days of civil unrest and violent confrontation resulting in hundreds of arrests, many injuries and, tragically, one death. But the situation did not end there. What followed was unprecedented – for almost three weeks, a series of massive cyber operations targeted Estonia and disrupted and closed banks, government networks and emergency services, the media and police operations. It was as close to chaos as was imaginable. Estonian border guards had reported no incursions and the country’s airspace had not been violated. The attacker was invisible, yet the attacks were virtual, psychological and real. Never before had an entire country been targeted simultaneously on almost every digital front. It was a wakeup call, not just for the Estonian Government, but around the globe about the extent of cyber vulnerability and of the need to become resilient. Ten years later, in May 2017, there was a feeling of déjà vu as malicious software attacked targets around the globe. Part of adopting a cyber resilience approach to business is to take anticipatory and preventive measures. One of the most basic preventative measures is to avoid clicking on links or opening attachments or emails from people you do not know or companies you do not do business with. To enhance cyber resilience, other basic steps are necessary, such as regularly backing-up your important files. Installing and using up-to-dat antivirus solutions, and ensuring your software is up-to-date also helps. In addition to seeking expert advice, it is important to have your systems and procedures tested. Thought also needs to be given to building in redundancies in the event of a complete or partial shutdown of your computer system. These preventive measures to safeguard business operations contribute to building cyber resilience, and they are just as important for small
businesses as well as large corporations. It is a mistake to think that as a small business you may not be a target for a cyberattack because this type of assumption can result in huge losses. In Australia, we realise that our geographic sovereign border is vulnerable with 35,876 km of coastline, with an additional 23,859 km when taking into account island coastlines. Yet another border, the Internet and the World Wide Web, potentially makes the nation even more vulnerable to real threats and risks to our economic, trade and social wellbeing and security. Every person who owns or operates a computer linked to the outside world has a responsibility to ensure they have in place relevant strategies and processes to prevent or mitigate an attack and, importantly, strategies to ensure they are resilient in the event of an attack. Dr Rita Parker is a member of the International Council of Security & Resilience Professionals, and Centre Manager of the Australian Centre for Armed Conflict and Society at the Universit of New South Wales, Canberra. Rita is also a former Distinguished Fellow at the Center for Infrastructure Protection at George Mason University (GMU) Law School, Virginia, USA, and she was a Founding Board Member of the Australasian Security Professionals Registry. Dr Parker provides advice to organisations seeking to increase their corporate and organisational resilience and crisis management ability. In additional to being a regular columnist for Security Solutions Magazine her work has been published in Australia, Germany US, Singapore and Malaysia. Her co-edited book, Global Insecurity, published by Palgrave McMillan will be available in 2017, includes aspects of her recent research about urgent global security policy issues. She can be contacted at ritap2020@gmail.com
016 SECURITY SOLUTIONS 012-031 SSM108 Regulars.indd 16
21/06/2017 10:55 am
EC - S
TALL. FAST. STYLISH. Our award winning speedgates combine state-of-the-art optical technology with a high barrier height to protect your building.
EASYGATE SPT
• • • •
Barrier heights up to 1800mm Fast throughput (up to one person per second) Ideal for Disability Discrimination Act compliance Choose from a number of models, including the LX, SPT, SG, IM or LG • Custom pedestals with an array of attractive finishes EASYGATE LX
Find out which security gate is right for you.
1300 858 840
www.entrancecontrol.com.au
EASYGATE IM
FULL HEIGHT TURNSTILE
EC - Security Solutions Ad.indd 1 17 012-031 SSM108 Regulars.indd
TRIPOD TURNSTILE
SWING GATE
6/02/2017 10:37:16 AMam 21/06/2017 10:55
REGULAR
M S
HUMAN RESOURCES Conducting Workplace Investigations – Part 2 By Greg Byrne
In this edition of the Security Solutions Magazine, I will conclude the two-part article on conducting an internal investigation. In the previous article (in Security Solutions Magazine Issue 106), I discussed that conducting an internal investigation involved a four-step process of: 1. Preparation and information collection 2. Interviewing the relevant parties 3. Making a finding and report 4. Resolution activities. In that article, I outlined the fi st two steps of preparation and information collection and interviewing the relevant parties and any witnesses. I discussed that the process of collecting information involved first establishing that there was a need to conduct an investigation in the fi st place, that it was vital that an independent and competent investigator be appointed, and that a proper interview process and plan was prepared and followed. The second step in the process was then to conduct the interviews, which involved identification of appropriate locations, correct and accurate record keeping, and maintaining the confidentiality of the process, including securing records of the interview and any evidence gathered. This article will outline the last two steps for investigators in conducting an internal investigation. The fi st is making a finding and the second resolving the complaint. When arriving at a finding, it is vitally important to objectively assess all evidence that
has been gathered. The information gathered should be consistent, reliable and credible and, if discrepancies exist, they should have been addressed. In weighing the evidence and arriving at a logical outcome, ensure that the reasonable person test has been applied, and consider that the more serious the implication of a finding the stronger the balance of probabilities test needs to be. Consider the fallout from the complaint and subsequent investigation and make sure that the welfare of all involved has been addressed, including the offending employee (if it is established there is one). Also consider what the complainant intended when making the complaint and that his wishes have been considered when arriving at a finding. Make sure the employer’s wishes have also been considered, since they are the people paying wages and are also responsible for ensuring a safe (free of bullying or harassment) workplace. Internal policies (such as meal room etiquette, movement around worksites and wearing of uniform) and external policies and legislation (such as work, health and safety [WHS], state crimes acts and other relevant acts) must also be considered. Police should be informed if criminal behaviour was either initially complained of or is detected during the investigation. Be aware that once the police have become involved, they must be informed of the existence of any information that could form part of a police brief of evidence.
When compiling information, consider summarising it using an evidence matrix. Then make findings on each of the matters complained of in the fi st instance, or anything arising. List elements of each complaint and make a finding on the facts: • behaviour found to have occurred • behaviour found NOT to have occurred • inconclusive. Then categorise as: • potentially unlawful • breach of policy/code • unreasonable • unprofessional • reasonable in all the circumstances. Decision Making Once all relevant persons have been interviewed, the welfare of all concerned (including any offending employees) and the wishes of the employee and the employer have been considered, and the information has been categorised, it is now time to make a decision. Firstly, do not leave any material matters unaddressed. A finding might be that there is insufficient evidence to support a finding of inappropriate behaviour or that the case against the respondent has not been established on the balance of probabilities. It is not fair to the respondent(s) to leave a matter unresolved. Take one last look at the various elements of the complaint in totality and see if there is a
018 SECURITY SOLUTIONS 012-031 SSM108 Regulars.indd 18
21/06/2017 10:55 am
MULTIPLE CAPABILITIES SUPERIOR SOLUTION
Volvo Group Governmental Sales Oceania
IN HOSTILE ENVIRONMENTS, IT’S IMPORTANT THE SYSTEMS THAT YOU DEPEND ON CAN
STAND THE TEST OF TIME.
At Volvo Group Governmental Sales Oceania, our core business is the manufacturing, delivery and the support of an unparalleled range of military and security vehicle platforms; a range of platforms that are backed by an experienced, reliable and global network with over one hundred years of experience
superior solutions, providing exceptional protected mobility www.governmentalsalesoceania.com 012-031 SSM108 Regulars.indd 19
21/06/2017 10:55 am
REGULAR
HUMAN RESOURCES public interest where appropriate. Some outcomes may include: • conciliation/mediation • counselling • formal apology • training • communication of policies to the workforce • re-crediting any leave taken as a result of the discrimination or harassment • disciplinary action – for example, warning, dismissal, transfer, demotion • dismissal of the complaint if it is found to have no substance • increased supervision/monitoring • reimbursing costs (for example, medical, counselling) • disciplinary action against the complainant if the complaint was vexatious or malicious • applying an appeals process if parties are not satisfied with the investigation result.
pattern of behaviour. Ensure that a connection between the evidence and findings and any subsequent conclusions has been established so that the rationale is evident. Findings should be presented in a workplace investigation report that outlines the evidence uncovered or discovered and details how the organisation could deal with the complaint if it is submitted in subsequent legal proceedings. For example, if a complaint is lodged with the Human Rights and Equal Opportunity Commission or another anti-discrimination agency, records of internal action will be useful in establishing whether ‘reasonable steps’ were taken to deal with the discrimination/ harassment and may assist in discharging the organisation’s liability. In the process of compiling an investigation report and making findings (and making recommendations, if requested), consider that: • all the issues have been covered • everyone who should have been interviewed has been • all respondents against whom an adverse
finding might be made have been advised of the relevant allegation and have been given a chance to respond to the allegation. Also ensure that all witnesses have had the opportunity to review and make any necessary corrections to their statements and that statements have been signed. Ensure that the decision-making process applied the balance of probability test and established that it was more probable than not that it occurred (an evidence matrix form as discussed above is a useful tool to assist investigators in this regard). Once the report has been compiled and the employer, aggrieved parties and offending parties have all been informed of the outcomes, consider resolving the complaint in a lawful and efficient manner. Every situation is different and the suitability of resolution activities varies accordingly. The decision-making process must consider all the evidence at hand and must consider the interests of all concerned, including the
Communication Keep in mind that while an investigation may be carried out that meets all process requirements, it is the perceptions of the individuals involved that will influence their ability to accept the outcome. With this in mind, consider creating and following a communication plan. That then is the brief outline on how an internal investigation should be planned for, conducted and finalised. I intended writing two articles on this, but I ran out of room to also cover some important information. I think some of the issues that I have not covered yet are important and, as a result, I will include them in a third article on conducting workplace investigations. Greg Byrne is CEO and director of MultiSec Consultancy Pty Ltd, a multi-faceted consultancy advising CEOs and boards of security organisations in Australia on best approaches to manage business risk, particularly operations, disaster recovery, business continuity and human resources. Greg can be contacted via email greg@ multisec.com.au or on 0402 295 124.
020 SECURITY SOLUTIONS 012-031 SSM108 Regulars.indd 20
21/06/2017 10:55 am
dorma
Co m
es Sec at ee th urit st e yE xpo and H futur e , fo 2 r yo 2, ur cha nce
WI aG
oP
ro V
ide
N
to
oC am
era
The c-lever range -The perfect symbiosis of technology and design. Since the launch of the smartphone, it’s been clear that intelligent secure technology and design are not mutually exclusive.
Come see the future
Our designers have taken inspiration from such developments and created shapes that stylishly combine aesthetic and functional secure requirements. Come visit stand H22 at the Security Exhibition & Conference to learn more about our c-lever range and our security solutions to meet your business requirements.
1800 675 411 www.dormakaba.com.au
dormakaba_c-lever x 275mm_SS#107_108_240517.indd 2 012-031 SSM108 air_210mm Regulars.indd 21
6/2/2017 9:21:54 AMam 21/06/2017 10:55
REGULAR
Co Fo
COMMUNICATIONS RISK MANAGEMENT Is It ‘Legal’ To Design Security Systems Without A Licence? A Risk Management Perspective By Dr Kevin J. Foster Recently, I heard an argument from a licensed security consultant that, in a legal sense, an engineer in Victoria cannot design electronic security systems for a project in Western Australia (WA) unless he or she is licensed in WA. I have heard similar arguments previously; for example, that someone in Canberra cannot work on a security project in Queensland unless they are licensed in Queensland and so on. The security industry legislation in WA clearly states that a security consultant (Class 4) licence is required if there is a transaction involving the provision of security advice to a paying customer and this transaction occurs in WA. The legislation has no specific requirements about who can or cannot draft technical specifications and drawings for the consultant’s consideration. The only requirement is that security advice must be provided to a paying customer under the authority of a security consultant’s licence and the licensed security consultant must be employed under the authority of a security agent’s licence. In this context, it is the advisory transaction that is being regulated, not the location of the pre-transaction design work, and not who was involved in the drafting of specifications and drawings. All that seems to matter is whose licence is used to provide authorised advice to a paying customer and in what state the transaction occurred. For example, if an electrical or electronics engineer (who we will call John) in Melbourne sends his security systems design to his colleague (Bill) in the same fi m in Perth, then
under WA security industry legislation, a licence is not required for that transfer of information from one office to another (for example, security systems diagrams and specifications). However, if Bill then presents the security design in the form of security advice to a paying customer in Perth, then Bill will need to be a licensed security consultant as defined under the Security and Related Activities (Control) Act 1996 (WA) Part 3 Division 1 s. 13. When an engineering team contributes to the design of a major building or civil infrastructure, a number of disciplines are involved. An electrical engineer (for example, John) might design electronic building services including intrusion alarms, CCTV and access control systems. If John has had no training in security risk management, it is possible he may not have a clear understanding of how any of these systems might reduce security risk, nor would he necessarily understand the intent of criminals or terrorists who might present a threat. However, if John is a chartered professional engineer and registered on the National Engineers Register, it might be a poor argument to suggest he does not have the expertise to design the technical elements of an electronic security system to a brief written by someone who is aware of the security risk issues. However, there is a valid argument that John should not be advising paying customers about the impact of his designs on the customer’s security risk. This is where the security consultant has an important role. The security consultant (Bill) should be the interface
between the customer and the design engineer (John). The security consultant should be the person responsible for presenting security advice to the customer, especially if there is an expectation that the security system’s design will alter the security risk in some way. Similarly, structural and civil engineers might design security structures and barriers to stop a vehicle or to provide resilience to a blast pressure wave. This type of work is security related. However, interestingly, I do not hear arguments that civil and structural engineers need to be licensed security consultants. If their designs are entirely technical then perhaps they do not need to be. The test for who needs to be licensed or registered needs to be consistent. I think the legislation in each state is clear, but perhaps the arguments from security consultants are not always so consistent or logical. Most states have legislation that regulates the provision of security advice to paying customers through provisions for licensing or registration of security advisers. I am not aware of any legislation that specifies a “licensed security systems designer”! This article should not be construed as legal advice. It represents the personal opinion of the author who is a commentator on security risk management issues. Dr Kevin J. Foster is the managing director of Foster Risk Management Pty Ltd, an Australian company that provides independent research aimed at finding better ways to manage risk for security and public safety, and improving our understanding of emerging threats from ‘intelligent’ technologies.
022 SECURITY SOLUTIONS 012-031 SSM108 Regulars.indd 22
21/06/2017 10:55 am
Contact us on 1300 364 864 Follow us on
Delivering Proven Solutions for Security & Safety We Protect People & Assets www.magneticautomation.com.au 012-031 SSM108 Regulars.indd 23
21/06/2017 10:55 am
REGULAR
LEGAL Beware The Power Of The Google Search By Justin Lawrence Google has become an incredibly effective research tool for business. It allows businesses to uncover information about current or prospective employees, suppliers and contractors that would have simply been unavailable several years ago. As employers are routinely using Google to do instantaneous background searches of prospective (and current) employees, the tide is also turning in the other direction. The reputations of businesses, business owners and high level management are increasingly being subjected to online attacks. It is estimated by some studies that up to 20 per cent of employees regularly submit comments on posts to blogs, forums and chat rooms. In the ‘old days’ reputations took many, many years of diligence, hard work and good service to establish. If a client had a bad experience, his ability to tell others about it was limited to those within ear shot. Now, one person with access to a computer can scuttle the hard-won reputation of a business by posting an account of his experience online, which can then be read by anybody at any location around the world. This, in itself, is a problem for business. As more and more people rely on Google as a source of information, the word of the nameless, faceless blogger is apparently given as much credence as any other source of ‘legitimate’ information. Some online publications are strictly controlled and legitimate. For example, after legal proceedings are issued, most courts
place details of those proceedings on their website portals for public access. Whilst specific details of each case are usually not published online, the name of the parties and the official steps that have been taken in the proceedings are published. This means that any court proceeding in which a party was involved is almost certain to appear in a Google search of that person’s name. Thus, an employer concerned about the character of a potential employee might be tempted to do a Google search to find out whether he/she has ever been involved in court action. Even then, there is no guarantee that full details of the allegations made by a party to that court proceeding will actually be available for public consumption. Sometimes judges make orders restricting the general public dissemination of information raised in court documents and in court hearings for protective reasons. Therefore, whilst a Google search might reveal the existence of a particular court case, it will often be that only a summary of the case is revealed. Without further detail, an employer might be unable to make an informed decision about the nature of the allegations in the case – was this person the victim of unacceptable workplace behaviour or are they simply a trouble maker searching for their next target? Of course the court file can be searched in an attempt to gain that information, but are most employers likely to go to that extent?
Much like many other sources of online information, court case details can often be found on the internet many months after the proceedings conclude. Any information found in a Google search should be checked against other reliable sources of information. If, through a Google search, an employer found out that a prospective employee had been involved in a court case against a former employer for unfair dismissal, that might be grounds for caution. At that point, the employer would be wise to undertake further enquiries, including old fashioned reference checks, to ascertain the overall suitability of the employee. While online information might be interesting – and to some extent useful – employers are well advised to proceed with caution. Ideally it should be used to complement existing sources of information, rather than being used as a substitute for it. Justin Lawrence is a partner with Henderson & Ball Solicitors, 17 Cotham Road, Kew, Victoria, and practises in the areas of Commercial Litigation, Criminal, Family and Property Law. Henderson & Ball has Law Institute of Victoria accredited specialists in the areas of Business Law, Property Law and Commercial Litigation. Justin Lawrence and Henderson & Ball can be contacted on 03 9261 8000. Whilst every effort has been taken to ensure its accuracy, the information contained in this article is intended to be used as a general guide only and should not be interpreted or taken as being specific advice, legal or otherwise The reader should seek professional advice of a suitably qualified practitioner before relyin upon any of the information contained herein. This article and the opinions contained in it represent the opinions of the author and do not necessarily represent the views or opinions of Interactive Media Solutions or any advertiser or other contributor to Security Solutions Magazine.
024 SECURITY SOLUTIONS 012-031 SSM108 Regulars.indd 24
21/06/2017 10:55 am
Recognize and Analyze How often was he here this month?
Is he a known suspect?
How old is she?
Are they employees?
When, where did she enter?
Is this valued customer Mia Clark?
How many people are here? Is it too crowded in this area? New: Recorded media import and advanced investigation tools upload sets of videos recorded at a specific location and time to track possible participants in a crime find a person enrolled in an image database or search for an unknown person locate appearances in multiple videos make use of filters that specify timeframe, camera location, age range, gender and glasses
See it in action at Security Expo in Sydney, stand K26! 012-031 SSM108 Regulars.indd 25
21/06/2017 10:55 am
REGULAR
THINKING ABOUT
SECURITY Pro Bono U2 By Don Williams Pro Bono does not mean being a fan of the group U2. Rather, it is pro bono publico – for the public good – basically Latin for you are not getting paid. Why would people do unpaid work? There are a number of reasons – the main one being that without volunteers little would actually happen, particularly in the security field. All of the security industry and professional associations are run by volunteers. There may be the occasional paid administrative positions, but they are the exception. The work to raise the image of the security industry, set standards, increase professionalism, have recognised certifications and registrations, recognise the efforts and gallantry of security employees and to represent security to government is driven by volunteers. There are benefits to volunteering to be on a committee, but there are also significant responsibilities. The benefits include making things happen and being part of the forces for change. There is a profile that comes with being on the committee of an organisation; it looks good on a CV. In some cases, it adds to the continuous professional development requirements for certifications such as CPP. It provides the opportunity to meet and work with others, sometimes quite influential people on the committees and in the government, industry and corporate sectors. The responsibilities include having to do something. Far too many people join a
committee, discuss the issues, debate the options and consider the next step. Far fewer actually make things happen. And it can be hard work. Someone (a volunteer) has to arrange the meetings with government and external agencies, draft the newsletters, organise the seminars, take and publish the newsletters and seek the views of members and others. If lucky, people have to help draft policy and even legislation. Not only are volunteers not paid, there are real time and financial costs. Few organisations pay people to attend meetings, so travel and accommodation, if needed, come out of the volunteer’s pocket. Only the most enlightened of employers sees the benefit of having their staff working on committees of professional and industry organisations. For those that are self-employed, the time spent in improving the world through volunteering takes away from business time. It can be seen as soft marketing; it provides exposure to other views and people, some of whom are good business contacts and it puts volunteers in the centre of decision making and developing change. Unfortunately, it has been a truism for more than 2500 years that “when all is said and done – a lot more is said than done” (Aesop). The main problem is those who ‘say’ but do not ‘do’. Committees need people who will put into action the decisions made, often after much long-winded discussion. A technique that assists is to do the volunteer work fi st; the paid work will happen, but the
For those that are self-employed, the time spent in improving the world through volunteering takes away from business time. committee work will continue to drop to the bottom of the priority list. Get it out of the way and off the desk quickly. Is it worth being on a committee? Certainly. There is a huge sense of achievement when change is achieved and the society made a little safer or peers are a bit better provided for or respected because a group have achieved what was needed. You can make a difference but if you do offer to help, make sure that what you promise to do happens. If you will excuse the pun – volunteering to improve the security sector should be for U2. Don Williams CPP RSecP has provided managerial advice on security and strategic security analysis for 30 years. Don can be contacted via email donwilliams@ dswconsulting.com.au
026 SECURITY SOLUTIONS 012-031 SSM108 Regulars.indd 26
21/06/2017 10:55 am
www.facebook.com/luminox
www.luminox.com
VIC 8th Avenue Watch Co., Emporium Melbourne, 03 9639 6175 | 8th Avenue Watch Co., Westfield Doncaster S/C, 03 9840 6304 8th Avenue Watch Co., Chadstone S/C, 9569 7652 | Temelli Jewellery, Highpoint S/C, 03 9317 3230 | Temelli Jewellery, Southland S/C, 03 9583 2633 | Temelli Jewellery, Westfield Knox City S/C, 03 9800 0799 NSW Lewis Watchmakers & Jewellers, Coffs Harbour, 02 6651 1612 | Melewah Jewellery, Haymarket, 02 9211 5896 | Vintage Watch Co., Sydney, 02 9221 3373 | Hennings Jewellers, Narellan, 02 4647 8555 WA The Watch Spot, Perth, 08 9421 1093 | Leon Baker Jewellers, Geraldton, 08 9921 5451 QLD 8th Avenue Watch Co., Pacific Fair S/C, 07 5575 4883 | Hatton Garden Jewellers, Beenleigh, 07 3287 1230 | Watch Tech, Brisbane, 07 3012 7023
012-031 SSM108 Regulars.indd 27
21/06/2017 10:55 am
REGULAR
EVENTS IFSEC International 20–22 June 2017 ExCeL London IFSEC International is the biggest security exhibition in Europe taking place over three days between 20 to 22 June 2017 at London ExCeL. IFSEC welcomes over 27,000 global security professionals to experience the latest technological innovations and hear from industry leaders – all under one roof, over three days. The event caters to everyone within the security buying chain from manufacturers, distributors, installers, integrators and consultants to end users. With over 600 exhibitors showcasing over 10,000 products, you will be able to find the perfect security solution your business is looking for. There’s more to it than just security. IFSEC International is co-located with FIREX International, Facilities Show, Safety & Health Expo and Service Management Expo, catered for those working across many platforms in building management and protection of people and information.
The new venue features a total of 35,000sqm of exhibition space presented in a smart, stacked layout to capitalise on the inner-city location and provide much improved loading facilities. Plus the halls feature customised registration and ticketing areas and dedicated meeting rooms. ICC Sydney will be Asia Pacific’s premier integrated convention, exhibition and entertainment precinct, underpinning Sydney’s position as one of the world’s most desirable meeting and event destinations. The entire team is looking forward to reuniting the industry once again in sunny Sydney where Security 2017 will connect more than 4,500 security professionals with over 150 leading suppliers. For over three decades the event has provided a showcase for new and innovative security technologies and solutions. Whether you are looking for a solution to protect your property, people or assets, the Security Exhibition & Conference provides the opportunity to discover the solution that is right for your organisation. Make sure you put 26–28 July in your diary; and we look forward to seeing you again in Sydney for the Security Exhibition & ASIAL Conference!
opportunity to discuss cyberthreat analysis, operations, research, and law enforcement to coordinate various efforts to create a more secure world. The ICCS 2017 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY. The conference program will include special sessions, presentations delivered by researchers from the international community, including presentations from keynote speakers and stateof-the-art lectures and keynote speeches. Post Conference, all accepted papers will be reviewed for possible publication in the THOMSON REUTERS (eSCI) and/or SCOPUS indexed Journals with H index or impact factor.
j
v
`j
For more information visit www.iccs2017.iaasse.org
jv
`v
`jv
CIO Leaders Summit Australia 2017 6 September 2017 Sydney
h
Security Exhibition & Conference 2017 26–28 July 2017 International Convention Centre, Sydney
To register now visit securityexpo.com.au
In 2017 the Security Exhibition & Conference is heading back to Sydney to the brand new International Convention Centre. This stateof-the-art precinct overlooks beautiful Darling Harbour and is a short walk away from Sydney’s vibrant city centre.
3rd International Conference on Cyber Security 12 August 2017 Kota, India
The CIO Leaders Summit Australia is invitation only and intended for Australia’s most senior IT leaders to gather for a strategic event in order to exchange knowledge and interact as one over a range of important issues facing the industry. The one-to-one meetings with leading supplier companies will also provide a wealth of knowledge and offer opportunities for all attending delegates, while the informal networking sessions promise to create a unique interactive forum.
The International Conference on Cyber Security (ICCS) 2017 is an unparalleled
For more information visit cioleadersaustralia.com
For more information or to register please visit www.ifsec.co.uk
`
028 SECURITY SOLUTIONS 012-031 SSM108 Regulars.indd 28
21/06/2017 10:55 am
`
j
v
`j
jv
`v
`jv
h
THE ALL-NEW TXF-125E BATTERY OPERA TED QUAD BEAM Introducing the eagerly anticipated TXF-125E; a high performance Quad Beam sensor designed for battery operation - perfectly suited for rapid deployment in creating temporary or permanent secure perimeter intruder systems. With 4 selectable frequencies, multiple beam sets can be used without crosstalk, whilst adjustable detection distance allows a single beam set to be re-deployed in a variety of installations throughout its operational life. Two 3.6V (17Ah) batteries power each unit for up to 5 years of service.
NE W!
AC TIVE IR BEAM S The ultimate in trouble free perimeter detection for distances up to 200m outdoor / 400m indoor.
+61 (3) 9544 2477
email: oz_sales@takex.com
HIGH -MO UNT PI R Triple mirror optics for maximum detection performance at 2 to 6m.
BEAM TOWE RS Rugged floor and wall mounted enclosures in 1/1.5/2/3m heights.
IND OOR PIR Spot, 360°, wide angle, and curtain detection from 2 to 4.9m height.
OU TD OOR PIR Hard-wired or battery operated outdoor PIR up to 180° x 12m .
1300 319 499 csd.com.au www.takex.com
TAKEX AMERICA
VIC: Mulgrave, Tullamarine NSW: Northmead, Waterloo ACT: Fyshwick QLD: Loganholme SA: Marleston WA: Balcatta 012-031 SSM108 Regulars.indd 29
21/06/2017 10:55 am
REGULAR
EVENTS CISO Leaders Australia Summit 7 September 2017 Sydney The CISO Leaders Summit Australia will highlight the emerging technologies that are leading the way and will examine current challenges that CISOs are faced with throughout 2017 and beyond. This conference will provide CISO professionals with a unique opportunity to learn and interact with their peers through a series of professionally led sessions hosted by both international and local experts, allowing all attendees the opportunity to be informed by front line executives while also having the opportunity to engage with a unique group of key suppliers through targeted prearranged meeting sessions. For more information visit cisoleaders.com.au
ASIS International Australia Conference Contemporary Security Leadership In Australia 19 October 2017 Melbourne The ASIS International Australia Conference 2017 is the premier gathering of security professionals. The conference provides an established platform for education and
business exchange, addressing the key trends and issues facing security professionals locally and globally. Key topics: • Terrorism • Cyber-Security • Behavioural techniques • Security Management • Emergency Management. The conference is a great opportunity to: • engage with peers and colleagues from the public and private sectors • join industry leaders accelerating the future of the security profession. Who should attend the event: • Security professionals across the public and private sectors • Security Risk Management professionals • Security service providers • Security consultants • Government and law enforcement professionals. For more information contact events@asisvictoria.org.au or visit www.asisvictoria.org.au
The 2017 Australian OSPAs 19 October 2017 The River Room Crown Casino, Melbourne The Outstanding Security Performance Awards (OSPAs) are pleased to announce the date for the 2017 Australian awards. They will be working for the third year in a row with the prestigious, Australian Security Industry Association Limited (ASIAL). The Outstanding Security Performance Awards (OSPAs) recognise and reward companies and individuals across the security sector. The OSPAs are designed to be both independent and inclusive, providing an opportunity for outstanding performers, whether buyers or suppliers, to be recognised and their success to be celebrated. The criteria for these awards are based on extensive research on key factors that contribute to and characterise outstanding performance. Aspiring to Excellence, a Security Research Initiative report conducted by Perpetuity Research. The OSPAs are being setup in collaboration with security associations and groups across many countries. By researching and standardising the award categories and criteria, the OSPAs scheme provides an opportunity for countries to run their own evidence-based OSPAs schemes while maintaining an ability to compete on an international level in the future, ‘World OSPAs’. For more information or to make a nomination, simply visit au.theospas.com
030 SECURITY SOLUTIONS 012-031 SSM108 Regulars.indd 30
21/06/2017 10:56 am
26-28JULY JULY2O17 2O17 26-28 ICCSYDNEY SYDNEY ICC DARLING HARBOUR DARLING HARBOUR
THE INTELLIGENCE OF SECURITY The Security Exhibition & Conference returns to Sydney this July to reunite the industry for three days of business networking and intelligence sharing. Offering inspiration and innovation to tackle your security challenges, you can compare solutions from leading suppliers whilst learning from the experts and connecting with your industry peers.
REGISTER FREE ONLINE AND ENTER PROMO CODE: SEC1 SECURITYEXPO.COM.AU
PRINCIPAL SPONSOR
012-031 SSM108 Regulars.indd 31
LEAD INDUSTRY PARTNER
ORGANISED BY
21/06/2017 10:56 am
INTO THE
WILD BLUE YONDER 032 032-035 SSM108 Article 1.indd 32
20/06/2017 5:23 pm
By Garry Barnes
Is drone technology right for your business? Factors every organisation should consider before flying into the great unknown.
Australian public and private organisations across a myriad of sectors are currently investigating and embracing the technological and competitive benefits of using remotely piloted aircraft called unmanned aerial vehicles (UAVs), or drones. Goldman Sachs (Drones: Reporting for Work) predicts that Australia’s drone spending will be an estimated US$3.1 billion between 2017 and 2021. And Australia’s Civil Aviation Safety Authority (CASA) estimates there are currently over 1,000 registered commercial operators.
033 032-035 SSM108 Article 1.indd 33
20/06/2017 5:23 pm
While the US and Europe currently lead enterprise use of UAVs, Australian businesses have been quick to capitalise on the benefits of the technology. Some examples of how organisations are implementing drones as strategic tools include: • pipeline security, management, maintenance, survey • land survey, mine exploration • real estate sales • package delivery • livestock/range management • film making • environmental management, such as surfing conditions, bushfi e management and wildlife conservation • underground sewer, power and utility maintenance and safety inspection • general security surveillance (private residences, corporate offices, public spaces). Along with the numerous benefits comes the need for organisations to review legal and regulatory issues around airspace, privacy, security and safety in order to protect the business and individuals. In 2013, a drone flew
into a car on the Sydney Harbour Bridge. In 2014, an athlete competing in a West Australian triathlon event was injured by a drone being used to film the event. The Australian Transport Safety Bureau noted that accidents involving drones grew from 14 incidents over eight years from 2006–2013 to 37 in just one year from 2014–2015 (West Australian News, Jan 2017). There are also implications that UAVs could be used for terrorist activities. In September 2016, CASA implemented new regulations for both personal and commercial use of drones. CASA now categorises commercial use, or using the drone for hire or reward, in two categories: a) small drones (under 2kg) – operators can now work without an operator’s certificate but still require a once-off registration b) large drones (over 2kg) – operators must be registered and apply for the Unmanned Aircraft Operators Certificate, which can cost between $5,000 and $10,000. These regulatory changes have largely been viewed as a relaxing of the rules, but whether operating small or large drones, organisations still need to be aware of and act in accordance
with CASA’s legal requirements and consider the business implications (regulatory, financial and safety) before deploying drone technology. Specifically, is the organisation ready to operate an aviation department? In March, ISACA issued a white paper entitled Rise of the Drones: Is Your Enterprise Prepared? which presents detailed questions and scenarios that management should answer when contemplating whether drone technology is right for their organisation. Key questions include: 1. Is running an aviation operation in line with the organisation’s mission? Core business? Capabilities? 2. Are uses of the enterprise’s UAVs consistent with the company’s ethics policy? 3. Is the business prepared to operate and manage an internal aviation department? Is the organisation ready to assume the responsibilities of flight operations? Has the organisation identified all the complexities and challenges of operating an internal certified flight operations function? 4. What added risk and liabilities will the organisation encounter once it establishes an aviation function/department and who
034 032-035 SSM108 Article 1.indd 34
20/06/2017 5:23 pm
6. How is UAV technology classified within the enterprise? Is it IT? Is it operations? 7. What procedures exist to attest that any organisational use of UAV technology: (a) is legal; (b) is authorised and approved by executive management; (c) is conducted according to established operational protocols; and (d) meets or exceeds legal compliance requirements? 8. Will the company be able to immediately comply with any legislation and regulations for the safe and proper operation of its UAV fleet? 9. Does the organisation maintain a policy for acceptable use of UAV technology? If not, does the absence of such a policy represent a potential liability to the organisation? 10. Does the organisation maintain appropriate levels of insurance, covering the operation, maintenance, storage and security of the UAV and its related technologies?
Privacy and Security
is responsible for all of the compliance requirements associated with this function? How is this risk expected to be mitigated? 5. Who is responsible for assessing and authorising applications of the drone technology to specific business usages/purposes?
In addition to preparing the business case and organisational risk analysis for using drone technology, organisations should also consider the potential privacy and security issues. CASA stipulates personal privacy should be respected, and outlines height and proximity rules. However, there is currently very little legal recourse. Government agencies, such as the Commonwealth House of Representatives and Senate Standing Committee on Rural and Regional Affairs and Transport, have called for more legislative regulation, ranging from updating
the Privacy Act, to requiring manufacturers to provide educational brochures regarding individuals’ privacy rights. The Australian Law Reform Commission recently called for a “tort of privacy” to be written to guard against intrusions and allow individuals to sue for damages. Australian courts have currently rejected the recommendation, although this may change as more drones are purchased for recreational and commercial use. Other countries have already incorporated remotely piloted aircraft into their privacy laws. Organisations also need to ensure their security measures adequately protect data gathered from the drone, and guard against unauthorised access of the on-board technology, programming and recording equipment. Processes and procedures also need to be drafted and adhered to for decommissioning drones, including purging sensitive data.
“In September 2016, CASA implemented new regulations for both personal and commercial use of drones.” In conclusion, an organisation’s decision to incorporate drone technology into the business means establishing and operating an aviation department within its business operations. Outsourcing this activity to a third party does not necessarily discharge the organisation from the responsibility to ensure that compliance is maintained and appropriate controls are in place to mitigate the risk. Poised to enable a tremendous leap forward in information collection and knowledge transfer, UAVs can bring enormous competitive, safety, financial and research benefits to enterprise. However, if not properly controlled, monitored and implemented, they can also lead to significant and potentially disastrou unintended outcomes. Garry Barnes is practice lead, Governance Advisory at Vital Interacts (Australia). He has more than 20 years of experience in information and IT security, IT audit and risk management and governance, having worked in a number of New South Wales public sector agencies and in banking and consulting.
SECURITY SOLUTIONS 035 032-035 SSM108 Article 1.indd 35
20/06/2017 5:23 pm
ALARMS
ONVIF:
The Evolution of A Standard
036 SECURITY SOLUTIONS 036-039 SSM108 Alarms.indd 36
20/06/2017 5:33 pm
has become a nearly 500-member strong organisation with more than 7,500 ONVIFconformant products in the market today. With members on six continents, ONVIF’s specifications for video and access contro have also been adopted by the International Electrical Commission (IEC), one of the world’s most influential standards organisations Not bad in eight years. Like many other standards, ONVIF has evolved incrementally and its development, use and acceptance have as well. The journey ONVIF is on is quite typical for a standards organisation. Other standards such as IEC, the Institute of Electrical and Electronics Engineers (IEEE), HDMI and Bluetooth have experienced similar ebbs and flows, hurdles, successes and acceptance in many of the same ways that ONVIF has. Over time, these organisations have expanded the scope of their standards, changed their approaches to standardisation when needed and have dealt with issues of false conformance, just as ONVIF has.
Building a Foundation
By Per Björkdahl ONVIF has achieved a lot since its founding in 2008. The member consortium began as a small group of manufacturers that wanted to collaborate to accelerate the acceptance of systems based on network surveillance cameras. While ONVIF’s mission has not changed significantly since then, its applicatio and influence has; it is now an industry allianc for the physical security industry. ONVIF
Standards organisations are often founded to create, at least initially, one specific kin of benchmark within an industry. ONVIF was founded by Axis, Sony and Bosch to create a global standard for the interface of network cameras and video management systems to be an alternative to the very much standardised analogue CCTV industry. The organisation sought to provide greater freedom of choice so installers and end-users can select interoperable products from a variety of different vendors. By establishing a basic standard for video in its early days, the founders also hoped to simplify product development for manufacturers. The philosophy was that establishing a basic integration standard within the industry would allow developers to spend more time on creating innovative features and designs and less effort on creating multiple application programming interfaces (APIs) for simple integrations between products. Even in its early days, ONVIF made some significant achievements, most notably by creatin and releasing its first specification soon aft its founding. When the first specification w deployed for real-world use, ONVIF realised it had to make some adjustments to its approach to creating a standard. Although members had agreed on how to specify APIs for video, the way the manufacturers actually deployed these in their products varied. All were following the
specification, but there was no agreement o which features to support. For example, a camera manufacturer may have only implemented specific video functions to interact with anothe manufacturer’s video management software (VMS) using ONVIF, but that particular VMS supports many additional functions of that camera. So, when users of the VMS expected to be able to utilise a specific function in th camera, it was not supported through ONVIF; all of which gave room for some doubts regarding the usability of the standard.
Why ONVIF Standards Matter to Integrators A common interface allows integrators to use technologies from different manufacturers together. This concept of designing devices to work with other brands or technologies is often referred to as interoperability. Interoperability typically equals a reduction in the time spent on the design and installation process, both in current and future installations or upgrades. From the end-user side, the benefit is freedo of choice. Using ONVIF-conformant products prevents end-users from being locked into using solutions from a single manufacturer and being tied to that manufacturer for years to come.
A Broadening Vision Less than a year after ONVIF was founded, members began to develop the profile concep to address the variance in supported features between manufacturers. The advantage of the profile approach was that a number of feature and implementation specifics could be defin under one umbrella and with greater specificit . The idea was that if manufacturers developed products in accordance with the profile, thei products would work together regardless of the manufacturer of the VMS or camera. ONVIF’s first profile, Profile S, was relea in 2011 following two years in development. If a product is Profile S conformant, i will always be conformant, regardless of when it is manufactured. Bluetooth experienced a similar chain of events when it introduced an updated version of its specification for headsets in 2005. Bluetooth s new version of the specification for headset did not initially support an older version of the specification and, as a result, conforman devices could not always communicate. Because of this, Bluetooth introduced Headset Profil (HSP), designed to work regardless of when the device was manufactured. Once HSP was
SECURITY SOLUTIONS 037 036-039 SSM108 Alarms.indd 37
20/06/2017 5:33 pm
ALARMS security industry. In addition to Profiles S and Q ONVIF has continued to use the profile concep to develop and release four additional profiles Profile G for video storage, Profiles C and A f access control, with Profile T to follo .
Collaboration Between Standards Standards bodies and the standards they create cannot operate independently – today’s world demands cooperation and collaboration. As the demand for interoperability between all devices increases and the concept of the Internet of Things becomes a reality, standards groups must work together on standards themselves. ONVIF and the IEC are working together in this collaborative way. The ONVIF specification ha been included in the international IEC 62676 standard, the first international standard fo video surveillance systems. defined, it was not to be changed. A new profi with a new name was created when future changes were needed, which is the same profil approach that ONVIF employs. Changing the specifications of a product can b a long process, but development of a new profil can happen rather quickly and lets ONVIF and other standards adapt as market and member demands change. Adaptability is paramount to maintaining real-world, usable standards and is an integral part of maintaining relevant standards across industries. An example of this can be illustrated with ONVIF’s Profile S and an ONVIF profile that currently in development. Profile S was released i 2012 to include support for pan, tilt, zoom (PTZ), audio and metadata streaming, and relay outputs on devices; it also encompassed configuration requests and control of streaming video data over an Internet Protocol (IP) network by a client. Profile S bridged the gap between conforman clients and devices on a basic level. In the four years since the release of Profil S, video technology has changed. To address new developments in video technology, ONVIF will introduce Release Candidate Profile , which employs a new media service that enables the support of H.265 video compression. Once the new video profile is released, Profile S will mo likely lose significance over time – both profil will be in circulation, as not all products in use will necessarily employ H.265 compression standards. Profile S conformant devices and clients therefore, will always be Profile S conformant independent of the new video profile. Th
Release Candidate Profile T will be circulated t stakeholders for at least six months before being released in its final form
Profile Profile Q, one of ONVIF s newest profiles, i especially relevant to system integrators. The two main features of Profile Q are easy set-u and advanced security features. Profile makes configuration and the use of advance security features easier. With an easy set-up mechanism and basic device level configuration, Profile manufacturers have ONVIF automatically enabled for products that are Profile Q conformant. Fo the integrator, that means time saved, because the installer does not need to activate ONVIF or search for instructions on how to do so. Profile conformant devices are also easily discovered and feature factory reset functionality. Profile Q supports ransport Layer Security (TLS), the widely used cryptographic protocol that is designed to provide communication security. TLS uses certificates and asymmetri cryptography to authenticate the data transferred between parties. TLS protocol allows Profil Q to manage certificates and keys on ONVI devices themselves. Once set up, Profile devices and clients can communicate across a shared network without being vulnerable to tampering and eavesdropping. Profile Q is just one example of how th framework established on ONVIF’s formation has enabled the group’s scope for standards to include any discipline within the physical
Members Matter ONVIF and other standards groups are member-driven organisations that operate on the basis of consensus. The next ONVIF profile will be developed based on feedbac from ONVIF members and the physical security industry at large. It is important to note that ONVIF is not only for manufacturers. ONVIF values input from all stakeholders, which is why it has developed four different membership levels that are geared to manufacturers, consultants, integrators, specifiers, end-users, installers, member of the media and those outside the physical security industry. Input from across the industry and beyond is needed to continue to produce meaningful and effective standards.
The Future By examining the evolution of other standards, it is obvious how vital they are to industries, often beginning with a relatively small focus on one specific market and expanding to includ others as acceptance and use grows. It is hard to predict if ONVIF will follow a trajectory similar to other standards like IEC. It is safe to say, though, that wherever ONVIF goes in the future, its path will be determined by its members and the physical security community, who ultimately are together at the helm, driving ONVIF forward as new technology develops and evolves. Per Björkdahl is the chairman of the Steering Committee for ONVIF.
038 SECURITY SOLUTIONS 036-039 SSM108 Alarms.indd 38
20/06/2017 5:33 pm
TR
OR
036-039 SSM108 Alarms.indd 39
HÉE D’ OP
20/06/2017 5:33 pm
INTELLIGENT PUBLIC SAFETY Brains Over Brawn
040 040-043 SSM108 Operations.indd 40
20/06/2017 2:20 pm
By Richard Kay The operational environment can be a dangerous place, with interpersonal conflict and violence being very real potential risks to officers as well as the public. Officers require practical solutions to resolve situations and confrontations, and that requires the ability to act from the basis of a planned approach involving strategic thinking. To teach officers how to act, it is important to teach them how to think and, to do that, instructors must develop officers’ problem-solving skills early in the training process. Nowhere is this more relevant than in operational safety training. Common issues experienced by new officers often include aspects like a failure to perceive danger, failure to make decisions and the inability to problem solve, which may be a result of technique-based training. Solution-based operational safety training is less concerned with an exact technique and places more emphasis on pattern recognition, decision making and problem-solving tactics. This is similar to contemporary fi earms instruction which is more concerned with accurate fi e than with any particular posture officers may take. To accelerate officer skill development, once they understand the fundamental concepts of a tactic, technique or procedure, they quickly depart the sterile training room and move to more realistic environments to practise. This training approach is reinforced via results from an agency research project. Due to an overly large group size, operational safety training was split into two separate days. One group of officers performed numerous blocked and constant practice repetitions of techniques strictly in a gym environment. The second group had far fewer repetitions of the same techniques, but they occurred in a random and variable manner while interspersed with combative skills in operational environments. The second group spent considerable time practising their skills in scenario-based experiences. Whilst the split-approach training was not a scientifically controlled experiment, the outcome was interesting and showed results that would not surprise cognitive and sports psychologists. During skills testing in the mid and final assessment periods, both groups performed similarly. However, during scenario testing where officers were required to perform in a situational environment with role players under
041 040-043 SSM108 Operations.indd 41
20/06/2017 2:20 pm
in detail how an instructor performs improves an officer’s ability to reproduce those skills. The power of excellence modelling has been understood for several decades, provided officers are paying attention and are interested in what is being demonstrated. Instructors need to get the officers’ attention by making them understand the life-saving value of the skills they will be learning. Then, their interest must be maintained by providing scientifically validated and challenging training. To develop long-term memory, motor programs and problem-solution schematics, the science of cognition and motor skill development should be incorporated into training. The learning experience should be structured in accordance with contemporary principles of motor learning and performance. Skills can be practised in blocked, variable, constant or random patterns, or some combination thereof. Studies have demonstrated that for both cognitive and motor skill training, a schedule of variable and random practice proves more effective for longterm skill retention.
Training Methodology circumstances that were tense, uncertain and rapidly evolving, officers that had been exposed to less rigid, open-skill, novel and solutionoriented training generally fared better.
Operational Relevance Officers want to know the why of what they are being taught and how that applies to what they will be doing with that information on the job. They bring mature reasoning skills to the learning environment, so instructors must stimulate officers to use those reasoning skills as soon as possible in training. Telling an officer how to perform a task without establishing the relevancy of the task to job application is indoctrination without context. Relevancy means understanding context. Content still needs to be taught – how to perform a search, how to apply a pair of handcuffs and so on – but there are numerous ways to accomplish this and instructors should avoid being overly rigid about technique. If officers modify a technique and get the job done in a safe and effective manner, then they have succeeded in that task. One method to demonstrate relevancy is to incorporate problem-based learning exercises when possible. For instance, direct
them to perform a task without instruction (for example, handcuffing or searching) and ask them to develop a solution. This accomplishes a couple of things. First, officers are required to actively problem solve and think of possible solutions. Next, the motivation factor is included as officers quickly realise that even simple tasks often are not. Once they see that applying handcuffs is not an effortless task, or finding a hidden weapon on subjects can be quite difficult, they will understand the personal relevance. Simultaneous to developing their attention, interest and motivation, instruct officers in the strategies, concepts and tactics that are universal to subject control and officer safety. A training cycle familiar to many is the emphasis on demonstration, explanation, repetition and simulation. Mirror neurons will influence how officers perform a skill. Their mirror neurons are activated when they observe a physical skill or problem-solving strategy being demonstrated. The study of mirror neurons suggests profound implications about how officers need to be trained. Modelling ideal behaviour in the demonstration phase is an important component of teaching. Through the impact of activated mirror neurons on the brain, watching
Blocked practice is a sequence in which officers work on a single skill for multiple repetitions before moving on to the next. In random training, officers minimise consecutive repetitions of a task and intersperse it with the practice of multiple tasks during the same practice period; skills are practised in no particular order. While it may seem intuitive to master a skill before moving to another, experiments have established that practising in a random manner more effectively develops long-term retention of the material. Officers learning new skills most likely need some blocked practice before moving to random practice. The extent to which officers remain in the blocked schedule depends upon innate individual traits, prior knowledge, motivation, attention and, most importantly, the simplicity or difficulty of the task. Instructors can influence most of these variables by structuring training in an efficient and effective manner, utilising motivating coaching skills and minimising the cognitive load of the material by simplifying the tactics, techniques and procedures taught to officers. As soon as officers have a fundamental understanding of how to perform a technique, random practice should be incorporated.
042 040-043 SSM108 Operations.indd 42
20/06/2017 2:20 pm
Officers may feel more comfortable practising a single skill for multiple repetitions believing that they are beginning to get it, and may become frustrated when just at that point instructors move on to another task. Since officers have a need to understand why they are doing what they are doing, instructors should explain the science of motor skill development to mitigate that frustration. To improve officers’ problem-solving and adaptability skills, tasks should be practised in a variable manner. Variability refers to practice sequences that introduce a number of variations of a particular skill during a training session. Variation refers to both surface features (context) as well as structural features (content) of tasks. Since the ultimate goal of instruction is the transfer of skills from the learning environment to the real world, content and context of a task should be practised in reality-based surroundings. An example is teaching handcuffing. In a constant practice regimen, officers perform their instructed handcuffing technique in isolation. They learn a single method for applying handcuffs with no problem-solving or environmental challenges. In fact, they may be required only to apply the handcuffs from a single approach angle. Sterile practice in a gym environment is not realistic training. Problem-solving scenarios in real-world environments (specificity of learning principle) must be incorporated into practice sessions in order to prepare officers for the real world. Instructors can promote this realistic training by varying task requirements. First, ensure that officers are forced to practise their handcuffing technique from various approach angles and know how to apply the technique to either hand. This would be an example of context variability, since the underlying procedures to accomplish the task remain the same. Then vary the content by changing the environmental considerations. Using 3-dimensional training environments such as hallways and Sim-houses, officers discover that techniques they learned in a sterile gym area do not translate to confined spaces, operating from behind cover, or in cluttered rooms where backup officers cannot attain a perfect cover position. Incorporating a problembased learning precept, officers are encouraged to develop options to adapt their initial training to solve the current problem in the more realistic environment.
Some officers can discover practical answers to handcuffing in a more realistic environment. Instructors should be looking for solutions that are reasonable and satisfactory, not operationally perfect. Other officers discover that the cognitive load of developing problem solutions is too great and interferes with learning. At any stall point in learning and problem solving, instructors should use one of several coaching strategies to further the instruction, such as worked examples, part problem solving, prompts, hints, inquiries or direct instruction.
Skill Development Public safety work involves open skills, or skills that are performed in an environment that is unpredictable or in motion and that requires officers to adapt their actions in response to dynamic properties of the environment. Many instructors train officers in a manner that is consistent with closed skills, or skills performed in predictable and stationary environments that allow officers to plan their actions in advance, and far from the real-world environment of operations. A by-product of a random and variable training model in an open-skill environment is a level of stress adaptation. The impact of closed-skill training has been measured by asking officers to self-report on their experiences. Officers assigned to closed-skill, constant and blocked training methodology state that they felt less prepared and more stressed about scenario testing during academy training, became bored and did not feel challenged during training due to the monotony of the more-reps instructional strategy, had difficulty transferring their gymbased theoretical knowledge into the practical knowledge needed for scenarios, and felt less confident in their ability to improvise and adapt to operational situations that they expect to encounter on the job. Blocked and constant training works best for short-term memory retention. If the desired outcome is to teach officers a skill one day that will be tested on the next, then have officers perform mass repetitions of the skill. If the goal is to develop a skill to be retained for many years, such as operational safety, then apply variety and randomness to the training cycle. New material is quickly forgotten if not reinforced, so review time should be strategically incorporated in practice schedules. High-risk and high-frequency skills needed by officers
are more readily retained with frequent and short practice sessions distributed throughout training. Start training sessions with a review of the tasks most frequently performed by officers. After breaks, review new material that was presented in the previous instructional block. Performance rapidly improves with this strategy, as does officer interest, confidence and motivation. With appropriate skill modelling and application of the scientific principles of adult learning and motor skill development, instructors can demonstrate relevancy, motivate officers to take responsibility for learning and develop their ability to transfer skills to different situations. By developing and applying simulations to the learning cycles, officers develop a problemsolving attitude and have an opportunity to adapt to the stressors presented in the event.
“Officers want to know the why of what they are being taught and how that applies to what they will be doing with that information on the job.” To develop the problem-solving operational safety skills of officers, agencies should deliver content while remembering that it is equally important to set context. Transition training from the gym to hallways, stairs and vehicles, set up scenarios that challenge officer skills early, and make the scenarios realistic and solvable. Instructors should guide officers to an acceptable resolution, not demand a preprogrammed solution – they are not going to be there on the job to assist them. Agencies should teach officers how to problem solve – how to think – and be confident that they have given their officers the best training upfront to prepare them properly for operational reality. Richard Kay is an internationally certified tactical instructor-trainer, director and senior trainer of Modern Combatives, a provider of operational safety training for the public safety sector. Visit www.moderncombatives.com.au for more information.
043 040-043 SSM108 Operations.indd 43
20/06/2017 2:20 pm
CCTV
ABOUT PIXEL
DENSITIES AND WHAT THEY MEAN
044 SECURITY SOLUTIONS 044-047_SSM108 CCTV.indd 44
20/06/2017 2:22 pm
By Vlado Damjanovski An Internet Protocol (IP) surveillance system is most often used to observe and protect people, objects and people’s activity inside and outside the objects, traffic and vehicles, money handling in banks, or games in a casino environment. All of these objects of interest may have different clarity when displayed on a workstation screen. The image clarity depends primarily on the camera used, the imaging sensor, its lens and the distance from the object. In a typical installation, once all cables are run, IP addresses allocated to the cameras and recorders, and the system is running, installers would then position the cameras and set the lenses for focused and sharp images. Most often, the choice is the widest possible angle of view (shortest focal length of the lens) and then the installer would focus the image, whether that be manually or automatically, set the optimum recording parameters and complete the installation. There is nothing wrong with this approach if the images are sharp and clear and the customer is happy with it. Very little attention is given to the clarity of the key objects for the given field of view, where clarity refers to the object size and the ability to recognise a person, a number plate or money, for example. Clearly, the closer the objects are to the camera, the easier it would be to identify an intruder and vice versa.
However, there is a better and more scientific approach. There is one parameter in IP CCTV that expresses the image clarity in a simple way – pixel density. The pixel density is usually expressed in pixels per metre (pix/m), at the object plane, although it can be expressed in pixels per foot. Pixel density in an IP CCTV sense should not be confused with the display pixel density quoted by various LCD display manufacturers, which defines the screen density in pixels per inch (PPI). The advantage of expressing object clarity with its pixel density is that it combines the sensor size, pixel count, focal length and distance to the object in just one parameter. When using pixel density metrics, all variables are included and the details on an operator’s workstation screen will be universally understandable. When designing a system, or a tender for a system, one can request pixel density for a particular image quality. So, instead of asking for a 6mm lens for a camera in a particular location for example (which means nothing without knowing the camera sensor it is used on), it would be much more useful if a particular pixel density is defined for the view. This will then be used to calculate the required lens for the camera used and the distance from the object. This will guarantee the clarity of the
SECURITY SOLUTIONS 045 044-047_SSM108 CCTV.indd 45
20/06/2017 2:22 pm
CCTV
“The advantage of expressing object clarity with its pixel density is that it combines the sensor size, pixel count, focal length and distance to the object in just one parameter.” image (assuming the lens is focused optimally and there is sufficient light, of course). Pixel Densities for Different Objects Pixel density can be used for any object that an IP CCTV user might be interested in: face, licence plate, playing card, money and similar. One of the most commonly referred pixel densities is for face identification. Face identification in CCTV means sufficient clarity of the image so that one can positively identify who the person on the screen is. According
to Australian Standard AS 4806.2, for face identification in analogue CCTV, 100 percent of a person’s height is required to fit on the monitor screen display. This has been tested many times and has been verified to be sufficient for identification. A PAL signal is composed of 576 active TV lines so, according to AS 4806.2, a person’s height would occupy all of the active lines to make it 100 percent. The head occupies around 15 percent of a person’s height, which is equivalent to around 86 lines (576 x 0.15 = 86.4), which is the same when converted to
046 SECURITY SOLUTIONS 044-047_SSM108 CCTV.indd 46
20/06/2017 2:22 pm
pixels (assuming recording is made in full TV frame mode, which is equal to two TV fields). Assuming that an average person’s height is 170cm, the head would occupy around 25cm of that. The pixel density at the object, which is required to make a positive face identification according to AS 4806.2, can be calculated to be 86 pixels at 25cm of head height. Since there are four times 25cm in 1m of height, this becomes 4 x 86 = 344pix/m. So, one can say that with a pixel density of 344pix/m at the object’s plane, it should be possible to positively identify a face, according to AS 4806.2. Some other standards may require different values, and one such (newer) standard is the IEC 62676-4, which defines 250pix/m to be sufficient (that is, it suggests that identification of a person is possible with a slightly lesser pixel density than the AS standards). Clearly, this number is not fixed in concrete and it will depend on the observing ability of the operator, as well as other parameters (lens quality, illumination, compression artefacts and so on), but the key is to understand that such a pixel density can be calculated for any type of camera, irrespective if that is SD, HD, 4k or any other format. The next image quality down, as defined by the standards, is for face recognition. The details of a face recognition image should be sufficient to recognise the gender of a person, what he/she is wearing and possibly make an assertion of who that person might be, if picked from a group of people that have already been identified somewhere else (for example, from a passport or drivers licence photo). This is basically an image with half the pixel density of the face identification, which according to AS 4806.2 should be around 172pix/m, while IEC 62676-4 suggests 125pix/m. Similarly, pixel density can be defined for visual recognition of vehicle licence plates (not software automatic licence plate recognition). In AS 4806.2, this is defined as five percent of the character’s height on a display screen, which is around 30 TV lines (pixels; to be very
accurate, 576 x 0.05 = 28.8). Assuming that a typical Australian number plate has characters of around 90mm in height, then this equates to 11 x 30 pixels = 330pix/m. The number 11 is obtained from dividing 1000mm (1m) with 90mm. Visual licence plate recognition requires a similar pixel density as for face identification. When money and playing cards are observed in banks or casinos, many practical tests have shown that at least 50 pixels are required across the longer side of the notes or cards in order to positively identify the values. According to ISO216 standard, the dimensions of standard playing cards are B8, which is 62mm x 88mm. So, the 88mm card length needs to be covered with at least 50 pixels for proper identification. This means around 550pix/m (1000mm/88 mm = 11 => 50 pix x 11 = 550pix/m) should be sufficient for playing cards. A slightly better pixel density may be required for identifying money, since the size of notes is typically larger than playing cards, so using the face inspection pixel density of 1000pix/m should attain good
identification, although as it can be seen from the real-life example in Figure 5, even 770pix/m might be sufficient. As it can be concluded from the above examples, the pixel density can be defined for any object and any camera, large or small. The beauty of the pixel density parameter is, as said at the very beginning, that it includes all parameters influencing the clarity of the observed objects. For this reason, ViDi Labs has developed the ViDiLabs iOS calc (search ViDiLabs calc in the iTunes App Store), a unique tool for the surveillance industry, which can also be used in cinematography, photography and any other imaging application dealing with object details. The table below can be used as a rough guide for various pixel densities: Vlado Damjanovski is an internationally renowned CCTV author, lecturer, innovator and consultant. He can be reached via his company website www.vidilabs.com
OBJECT
MINIMUM REQUIRED PIXEL DENSITY (PIX/M)
Inspect (IEC-62676-4)
1000
Face identification (AS 4806.2)
350
Face identification (IEC 62676-4)
250
Face recognition (AS 4806.2)
175
Face recognition (IEC 62676-4)
125
Observe (IEC 62676-4)
60
Intrusion detection (AS 4806.2)
35
Detect (IEC 62676-4)
30
Licence plate visual identification (AS 4806.2)
300
Playing cards
500
Casino chips (39mm)
1200
Money (notes)
800
Money (coins)
1500
SECURITY SOLUTIONS 047 044-047_SSM108 CCTV.indd 47
20/06/2017 2:22 pm
BUSINESS
RISK IS THE NEW RISK PARADIGM
048 SECURITY SOLUTIONS 048-051_SSM108 Business.indd 48
20/06/2017 2:22 pm
By Tony Charge
In Issue 102 of Security Solutions, (June 2016) an article was published around Risk Management which related to work the Australian Risk Policy Institute (ARPI) is doing in the complementary but separate space of Risk Policy. In response, I would like to take this opportunity to elborate on the subject and inform readers about the difference and benefits of Risk Policy, not only to the security profession, but generally to leadership as well as other business professions. APRI was founded in response to a call by the World Economic Forum, to revise and enhance risk management to provide greater benefits in decision-making at higher organisational levels and earlier in decision making process. More often than not, risk management advice is reactive, later than optimal and sometimes does not get to key decision-makers either at all or unfiltered. The Global Financial Crisis was just one example of this type of situation. ARPI is an independent and not-for-profit organisation aimed at senior professionals, with the specific aim of developing and publishing material around the need for paradigm change in leadership and risk. More specifically, our focus is on the need for strategic action earlier, and at executive/decision-making levels, addressing ‘vulnerabilities’ or potential risks. In the case of Risk Policy, the focus is on the response required to protect against vulnerabilities while often also generating
SECURITY SOLUTIONS 049 048-051_SSM108 Business.indd 49
20/06/2017 2:22 pm
BUSINESS • Ensuring that risk is now a trilogy of operations – risk policy, risk management and risk governance – the three arms being inter-dependent.
Risk Policy is thus designed to operate before risk management is involved, and is intended to actually inform and authorise the process of risk management
strategic opportunities, rather than in the case of risk management where the focus is often around waiting to identify and manage actual risks. Risk Policy is thus designed to operate before risk management is involved, and is intended to actually inform and authorise the process of risk management, and head a new ‘risk trilogy’ comprising risk policy, risk management and risk governance. ARPI enjoys engagement with all sectors of society, including an academic partnership with the Australian National University as well as a range of partnerships and relationships with peak professional bodies and in the public, corporate and community sectors. Word has spread globally and the creation of affiliated Risk Policy Institutes has begun with the European Risk Policy Institute (ERPI) in full stride across Europe. The ERPI will convene the fi st Global Risk Policy Conference in September 2017. A call for special purpose Risk Policy Networks resulted in the creation and successful operation of networks at a senior level in the areas of security, cyber security, complex project management, fraud, counterfeiting and anti-money laundering. Leading security identity, Jason Brown, National Security Director of Thales Australia, is the inaugural convenor of the Global Security Risk Policy Network. ARPI’s Risk Policy Model 2016 is freely accessible at www.arpi.org.au – not to be confused with a further publication titled Strategic Risk Policy (to which your previous article refers) which supplements the Risk Policy Model
especially to help risk management practitioners develop a better understanding of Risk Policy. The essence of Risk Policy, promoting paradigm change by leaders, is as follows (full details are contained in the Risk Policy Model): • Viewing the environment in ‘whole systems’ comprising (horizontal) networks and no longer living in (vertical) silos – nations, governments and organisations; • Paradigm change to a network-centric approach rather than the former organisation-centric approach; • Appreciating that in today’s interconnected world (like never before), information resides in networks; • Mapping stakeholder networks has become a critical exercise and source of information to identify strategic vulnerabilities (i.e. potential risks) plus consequential opportunities; • Obtaining the right information at the right time on the right matter from those networks – possibly through formal protocols where required e.g. confidentiality, privacy, etc; • Protecting against vulnerabilities will result in fewer and lesser risks to manage; • Recognising and engaging both internal and external networks; • Changing leadership paradigm so that Risk Policy authorises and informs risk management; • Articulating a Risk Policy Statement – e.g. defining and measuring risk appetite and tolerance; and
Two critical areas where ARPI considers improvement in risk management is needed are: 1. Recognition, identification and different treatment of ‘Systemic’ risks having multiple legal ownerships requiring plural, formal management and not just liaison to achieve results. Failure to so recognise and manage issues can lead to Wicked Problems: that is, Systemic risks are the precursor to Wicked Problems (e.g. the GFC); and 2. Revision of the traditional risk equation because today some consequences are so unthinkable that consequence must dominate the equation, particularly when faced with financial pressure to rely on likelihood. Consequence is the conjunction of vulnerability and threat. In response to growing interest, ARPI can announce it is developing an educational suite comprising vocational and tertiary courses – from a Certificate in Risk Policy through to a Masters’ Degree in Risk Policy. In addition, ARPI is currently providing Master Classes and strategic consulting arrangements at critical levels across all societal sectors. ARPI recognises the importance of security to society, hence the strong Risk Policy interest in this field and invites continuing contact and interaction with security professionals. Tony Charge JQ FARPI FAIM is President of the Australian Risk Policy Institute. For more information or comment, please email inquiry@arpi.org.au
050 SECURITY SOLUTIONS 048-051_SSM108 Business.indd 50
20/06/2017 2:22 pm
048-051_SSM108 Business.indd 51
20/06/2017 2:22 pm
COVER STORY
By David Lake
It costs money to commit acts of terrorism and field armies to fight the battles of jihad. The cost to pay for fighters, food, equipment, lodging, training, deployment and medical services for the jihadist by the controlling organisation or group is not cheap. When operating beyond the borders of the sponsor of terror, the costs can be five times as much as it would cost to conduct a local operation. For clarity, jihad will be separated into three tactics. First is the ‘inspired’ lone wolf attacks, then the planned and directed operations of terror groups, and finally the mobilisation of terror armies on the battlefield.
The overhead of a lone wolf attack is low for the instigator, but there are costs associated with creating, producing and broadcasting the instigating message through a variety of channels. How much does it cost to publish Inspire, the online magazine owned by Al Qaeda in the Arabian Peninsula? While the group behind the publication may not have to pay traditional publishing costs, such as print and distribution since it is an online publication, they still have to pay someone to do the production and work on the material – or that person will have to get a real job to eat, support loved ones and so on. It is possible
in this scenario that the lone wolf begins to receive some funding for training, existing and equipment once his operational commitment is confirmed and financial support is justified. The overhead of a planned terror event by a terror cell is much higher. If the cell is ‘radicalised in place’ members will already have established lives, which often include a job and a place to live. They may require extra funding for training, travel and equipment. If the cell is ‘inserted’, the costs grow considerably to establish housing, transportation, food and so on. Often, inserted cells have no legal means of employment in the host country. Cell members
052 SECURITY SOLUTIONS 052-057_SSM108 Cover Story-v2.indd 52
21/06/2017 12:39 pm
SECURITY SOLUTIONS 053 052-057_SSM108 Cover Story-v2.indd 53
21/06/2017 12:39 pm
COVER STORY
may have access to welfare, loans or other funds, but not enough to provide a manageable life while waiting to execute their mission. Then there are the various wars occurring around the globe – jihadist armies attacking government forces and civilian populations without regard. The costs associated with recruiting, training and deploying armies is extreme. The costs of beans, bullets, bandages and bad guys is beyond the reach of simple donations or petty crimes. To sustain any of these programs requires a significant funding infrastructure that can evolve when detected and redevelop when disrupted and dismantled.
Terror Groups are Criminal Syndicates For the fi st part of this discussion, set aside the motive for gaining money by terror groups and look at them like any other organisation or business. They have goals and need to make money to achieve those goals. That is no different than any business or organisation that exists today. They all have to market their product, pay employees, provide training and supplies, and pay for travel and lodging, communications, mentoring and so on. Once that paradigm shift is made, the next concept can be considered, which is that all terror acts are criminal; they are violent crimes with theological motives. Any group that commits criminal acts, regardless of motivation, is functioning as a criminal syndicate. What separates a criminal syndicate from a normal business is the fact that syndicates commit crimes to generate money. Now, do not get distracted here. This discussion is not about business ethics or conduct – it is about criminal syndicates specifically. These syndicates have employees, overheads, operating costs and all of the general struggles of normal business operations, compounded by the fact that they are operating outside of legal boundaries. In the end, the only difference between a criminal syndicate and a terror group is the ideological goals of the terror group. Criminal syndicates kill people, attack governments, create fear in civilian populations and even use propaganda to further their agenda. They just do it for greed and power, while terror groups do it for religion or politics, such as the Irish Republican Army. With the terror group / criminal syndicate paradigm established, the two can be set sideby-side and the operational similarities that help in speeding up the identification of terror cells in the future can be considered.
Traditional Organised Crimes can Support Jihad The one thing that can be said without any argument is that criminal syndicates make extremely large amounts of money. When compared with legitimate business, criminal syndicates are alarmingly profitable. When presenting on the topic of shadow economics, I am often heckled by an attendee shouting, “So you are saying that crime pays!” To which I respond, “Crime pays extremely well. However, the retirement plan stinks and the competition will kill you.”
"To sustain any of these programs requires a significant funding infrastructure that can evolve when detected and redevelop when disrupted and dismantled." The truth is, there is a tremendous amount of profit in shadow economic crimes. In fact, it is in these crimes that there is enough profit to pay for actions like terror operations, which probably comes as no real surprise to most readers. What is often surprising, however, is just how close to home these funding operations can be.
Additionally, the types of funding tools used by many terrorist organisations have, over recent years, evolved in such a way that the average person may be funding terror and not realise it. When they hear about criminal syndicates or organised crime, most people immediately think of drugs. The wealth generated in this vertical is high. It is known that cartels from Columbia to Mexico function as transnational criminal syndicates, shooting it out with government forces, killing judges and so on, and have for years. Afghanistan continues to produce opiates which Al Qaeda has financially benefitted from. In fact, the list of organisations that have financially benefitted from the sale of drugs and applied the money to their own sinister goals is longer than most people would believe. The drug trade is heavily investigated by governments around the world. This is partly because governments believe that drugs are still the primary source of funding for criminal syndicates. They are wrong. Drugs are just one amongst many sources of funding, not the source. Criminal syndicates have diversified into areas such as human trafficking, bank fraud, cargo theft, organised retail theft, identity theft, benefits fraud, trafficking in stolen property, stolen antiquities, stolen minerals, trees and even oil. Like any smart business, criminal syndicates and terror groups have realised that they cannot afford to have all their eggs in one basket and have diversified their income sources accordingly. The global crime market is awash with opportunities to generate funding. Interestingly, however, if one was to calculate the combined
054 SECURITY SOLUTIONS 052-057_SSM108 Cover Story-v2.indd 54
21/06/2017 12:39 pm
052-057_SSM108 Cover Story-v2.indd 55
21/06/2017 12:39 pm
COVER STORY
income generated as a result of previously listed crimes, the total income is dwarfed by the largest, most profitable shadow economic crime of all. This single source of criminal income not only provides significant profit for the offender, it is conducted in plain sight, has social approval and is subjected to very little enforcement action.
Counterfeit Goods How are counterfeit goods more profitable than all the other shadow economic crimes combined? From a business standpoint, the answer is quite simple. Consider drugs. The worldwide drug trade is estimated by a variety of sources to range between $350 billion and $500 billion annually in US dollars. In that total, the profit margin is relatively low compared to the cost of production, smuggling, sales and the laundering of money. The market for this product is only about five percent
of the population globally (UNDOC, 2015). And that is not for each type of drug, but all drugs combined. In the US, it is estimated that nine percent of the population uses drugs, with 70 percent of that drug use being marijuana, according to the National Institute on Drug Abuse (2017). That means that as a consumable product, it is only consumed by 10 percent of potential customers. The same can be said about human trafficking where, thankfully, only a relatively small percentage of the population participates in the purchasing of sexual favours from slaves. Yet there is enough money to keep the industry going, but it is not nearly the most profitable crime. Direct cash thefts and frauds can be more profitable because the overhead is lower; however, they can be complicated to carry out. Counterfeit is a term to describe the copying of a legitimate product, including its trademark, and then selling it to the consumer. It does not
imply that the consumer must know it is fake. So, consider this simple question. If five percent of the population uses drugs globally, what percentage uses soap, toilet paper, brake pads, cigarettes, medicines, clothing or even eggs? According to the Global Chamber of Commerce, the value of counterfeit goods is $1.5 trillion US. Let that sink in for a minute. The global counterfeit goods trade is three to five times larger than the global drug trade, with astronomical profit margins. Along with the incredible profit when compared to the efforts to fight drug trafficking, counterfeit goods enforcement is nearly non-existent. When talking about the counterfeit goods trade, there is a long list of crimes to choose from. For example, cargo theft is estimated to be a $30 to $50 billion a year market, while organised retail theft is estimated at $110 billion a year, not to mention a whole range of fraud types that, when combined, equate to nearly
056 SECURITY SOLUTIONS 052-057_SSM108 Cover Story-v2.indd 56
21/06/2017 12:39 pm
"The global counterfeit goods trade is three to fi e times larger than the global drug trade, with astronomical profit ma gins."
a trillion US dollars a year. But fraud requires certain skills that many do not have. So, when looking to launch a new criminal enterprise, an activity that requires low skill, is extremely profitable, has a large marketspace and has low risk of violence from competition is needed (making all the money in the world will not help if one is dead). Furthermore, it would be preferable to start the illegal business in an area that is nearly ignored by most governments, as those involved really do not want to get arrested or go to prison. Sadly, the trade in counterfeit goods meets all of these criteria. This is a massively misunderstood crime that allows criminals to make money in the open, right under the nose of most governments. What is more, it is accepted as being perfectly fine by many consumers. There is enough marketspace that the groups involved in the trade of counterfeit goods do not have to shoot it out with their competition over street corners, although that does happen from time to time. Furthermore, counterfeiters have a global partner in China (as in the country China) who will provide any item that can be imagined in counterfeit form. Counterfeiters can order online and even sell online if they wish to remain even farther underground and undetectable. If they use prepaid credit cards and post office boxes that change regularly, they can keep a few steps ahead of the rare and incidental investigation. How much money might they stand to make in their new counterfeit goods business? If they are engaged in the piracy of music and films, it will depend on their set-up. A sloppy, entry level operation should cost about $0.50 per disc to make. Music can be sold for $5 US a disc and $7 US for a movie. I have investigated groups that made high-quality discs for 5 cents a disc, making a profit of over 90 percent. In this scenario, now that the counterfeiters are making real money, they can expand their operation to include some luxury brands, where they buy a purse for $5 and sell it for $35. A purse is not a consumable, but it does provide reasonable cash flow. In the blink of an eye, they can expand into toothpaste, contact lenses, brake pads, electrical cords, dog food, eggs and just about anything else that can be imagined. All of this steers back to the earlier point at the beginning of this article. Why exactly was there a need to set up an illegal business and make all this money? Because those waging a terror campaign cannot work a regular job. Any of the shadow economic crimes work
well for funding other underground activities, but counterfeiting is the most profitable, least enforced, and most widely accepted by consumers of all the ways they might seek to make fast, illegal money. Now that they have money, they simply need to get it to their other like-minded individuals, which can be done many ways. To really maximise their financial power to fund terror, they can use currency exchange. The simple fact is that goods produced by global companies cost relatively the same everywhere. A specific clothing iron in the US is $35 dollars and, taking into account currency exchange, it will be roughly the same in any other market in which it is found. However, labour, food and housing are paid at local prices. So, if $100 US is wired to Syria, it will be $21,434 Syrian P ounds at today’s rate. The average monthly salary after tax in Syria is currently $93.13 US. This means that for every $100 US made selling counterfeit goods, a jihadist can be paid for a month to take up arms. Imagine what else can be done with all of the money when the profit margin is over 90 percent and market opportunities are endless. These are not theories but proven concepts. I have conducted several cases where money was being wired into countries such as Syria, Sierra Leone and the like. I have never had the capacity to trace the money within those countries. However, I can tell readers that there is no evidence it is being used to fund orphanages. When interviewing the suspects, they all claimed to not know what the money was being used for. The task ahead is a massive one. Counterfeit goods have been woven through all economies of the world. How can criminal profiteering be sorted from terror funding? In a world where counterfeit investigations are comparatively rare, the markets are booming and profitable, with little fear of enforcement. If the estimates on global intellectual property rights trade are correct, this is one of the most economically destabilising threats to civilisation, with things like global jihad just benefitting from the ride. For a full list of references, email info@interactivemediasoluitons.com.au David Lake has over 28 years’ experience in law enforcement, with a focus on shadow economics for the last 18 years. He is the founder of the International Institute for Shadow Economic Research.
SECURITY SOLUTIONS 057 052-057_SSM108 Cover Story-v2.indd 57
21/06/2017 12:39 pm
LEGAL
Q&A By Justin Lawrence
Dear Justin, Until recently, I had been working full time as a security guard and senior supervisor for a local security company. I had worked for the company for about three years. Approximately six months ago, the company appointed a new CEO with whom I did not see eye-to-eye on a number of issues. Things came to a head when I received an email from the CEO stating that records showed I allegedly had an extra uniform shirt, and asking that I please return it. Each officer within the company is issued two shirts as part of their uniform. Some time ago, while one of my shirts was being repaired, I acquired a third shirt. When the damaged shirt was fixed, I returned the third shirt and that was that, or so I thought. I replied to the CEO’s email, which I should add, I found to be a very unusual email to be
coming from the CEO rather than someone in administration. In my reply, I simply outlined that I had already returned the shirt. I then received a reply stating that the record showed I still had the shirt and that if I did not return it by the end of the following week, my pay would be docked $27 for the cost of the shirt. By this point I had become annoyed and frustrated and, unfortunately, let my annoyance get the better of me. I replied to the email stating, “If you are going to dock my pay $27 for a shirt I don’t have, you may as well just make it an even $30 and give the money to charity as it will at least be going to a worthwhile cause”. Within an hour of sending the email, I received a reply from the CEO stating that the company no longer required my services. Prior to this incident, I had never received either a verbal reprimand or a written warning. Though
I have since found another job, my loyalty to the owner of the company compels me to ask: doesn’t this sort of thing leave the company wide open to legal action? The short answer is “yes”. The way the CEO of the company has handled this matter is absolutely appalling. Whilst I would not have recommended that you send the email in the manner you did, I would not consider it to have been anywhere near sufficiently serious to justify your immediate dismissal. In order for an employer to summarily dismiss an employee, the employee’s conduct must be in flagrant breach of an existing essential term of an employment contract, must place the safety or wellbeing of other staff members in jeopardy, or must be absolutely inexcusable or reprehensible in nature. If none of these things are present, then the employee cannot be summarily dismissed.
058 SECURITY SOLUTIONS 058-059_SSM108 Legal Q&A.indd 58
20/06/2017 2:23 pm
LEGAL
Q&A If (notwithstanding the absence of these factors) the employee is summarily dismissed, then the employee may seek legal redress through the unfair dismissal provisions of the Commonwealth Fair Work Act. Under the terms of the Act, a person is unfairly dismissed if the adjudicating body (likely to be Fair Work Australia) finds that the employee’s dismissal was harsh, unjust or unreasonable, the dismissal did not constitute a genuine redundancy and the dismissal did not comply with the Small Business Fair Dismissal Code where the employee was employed by a small business. In order for you to make an unfair dismissal application, you must have completed at least six months employment and be covered by an award if you earn over $108,300 per annum. If those pre-conditions are met then there is nothing stopping you from bringing an unfair dismissal action if you consider your sacking to have been harsh, unjust or unreasonable. In considering whether your dismissal was harsh, unjust or unreasonable, Fair Work Australia is required to take into account a number of factors. These include whether there was a valid reason for dismissal related to your capacity or conduct, whether you were notified of that reason, whether you were given an opportunity to respond to any such information put to you, whether you had been notified of any unsatisfactory workplace performance, the procedures followed by the employer relating to your dismissal and the relevance of the size of the employer organisation in that regard, and any other surrounding factors that Fair Work Australia considers relevant. On all fronts it is very difficult to see how you have not been unfairly dismissed as all of these factors appear to favour you, not your former employer. Although you have now found alternative employment, you can still bring that claim. As far as your former employer is concerned, it will inevitably find itself in all sorts of legal trouble if it continues to act in such a capricious manner.
Dear Justin, We are a small patrol company with a fleet of five patrol vehicles and 18 staff. Our cars are lower end vehicles, which we have had for about three years. It has always been my philosophy that I would rather give any extra money we make back to the staff than spending it on unnecessarily flashy vehicles. However, in light of recent events, I may be forced to rethink this position. While out on patrol one evening, one of our newer patrol officers was involved in a ‘no fault’ accident. The officer driving the car sustained some injuries as a result of the accident. I have recently received notice that he now intends to sue us for damages on the grounds that by asking him to drive a vehicle with a low ANCAP (Australian New Car Assessment Program) rating, we have failed to provide a safe working environment. Is this even possible and, if so, what can we do about it? In all states and territories, employers have a common law duty to take reasonable care to avoid exposing their employees to risks of injury in the workplace. Most states and territories have their own workplace safety legislation. Employers have a legal obligation to report dangerous incidents and ‘near misses’ to the administrator of the health and safety legislation. Failure to do this may result in the employer being fined in excess of $33,000 as a company or in excess of $6,500 as an individual. Legislators have made it clear that the condition of workplaces and the monitoring of health and safety issues within those workplaces is a matter of high legal priority. A motor vehicle that is used for work purposes is, for the purposes of health and safety legislation, a workplace. This is the case irrespective of whether or not the vehicle is owned and maintained by the employer. The law requires that a motor vehicle that is used for work purposes be fit for the purpose for which it is to be used, is maintained according to the guidelines and
specifications of the manufacturer, is operated only by suitably qualified, licenced and competent personnel, and that all reasonably foreseeable risks of injury are removed or minimised in or on the vehicle prior to its use by the employee.
“While out on patrol one evening, one of our newer patrol officers was involved in a ‘no fault’ accident.” Courts are increasingly ruling that in-vehicle risks are easily eliminated by technological advancement in vehicle manufacturing. For example, where once vehicle occupants were protected in a crash by only their seat belts, now front, rear and curtain airbags are common in most new cars. It would fall on the employer to show why it was unable to provide a vehicle with airbags and other common safety mechanisms if its employee was injured in a car accident that was not fitted with these devices. Justin Lawrence is a partner with Henderson & Ball Solicitors, 17 Cotham Road, Kew, Victoria, and practises in the areas of Commercial Litigation, Criminal, Family and Property Law. Henderson & Ball has Law Institute of Victoria accredited specialists in the areas of Business Law, Property Law and Commercial Litigation. Justin Lawrence and Henderson & Ball can be contacted on 03 9261 8000.
Whilst every effort has been taken to ensure its accuracy, the information contained in this article is intended to be used as a general guide only and should not be interpreted or taken as being specific advice, legal or otherwise. The reader should seek professional advice of a suitably qualified practitioner before relying upon any of the information contained herein. This article and the opinions contained in it represent the opinions of the author and do not necessarily represent the views or opinions of Interactive Media Solutions or any advertiser or other contributor to Security Solutions Magazine.
SECURITY SOLUTIONS 059 058-059_SSM108 Legal Q&A.indd 59
20/06/2017 2:23 pm
FEATURE ARTICLE
060 SECURITY SOLUTIONS 060-063_SSM108 Article 2.indd 60
21/06/2017 11:11 am
PREPARING FOR THE NEXT WAVE OF RANSOMWARE ATTACKS How to defend your business By Kevin Cunningham There’s no doubt about it, ransomware is both destructive and costly to businesses. However, in terms of an attack methodology, it’s nothing new. What has elevated ransomware is the sheer magnitude and the evolving nature of the attacks. Case in point: WannaCry, an unprecedented attack served to organisations on a global scale with estimated economic losses in the billions of dollars. WannaCry has been a wake-up call for businesses, highlighting the havoc ransomware can wreak and increasing motivation for solid cyber security defences. Ransomware outbreaks have dominated the malware economy since 2016, with a 36 per cent rise in attacks and the potential for tens of thousands of attacks per incident. As the use of ransomware expands, this form of malicious software is rapidly evolving — modifying its delivery, concealing its actions, and attempting to avoid security countermeasures.
SECURITY SOLUTIONS 061 060-063_SSM108 Article 2.indd 61
21/06/2017 11:11 am
FEATURE ARTICLE
Detecting and defending against ransomware When looking to identify if an organisation is under a ransomware attack, it must know what to look for. In short, ransomware is a vicious malware variant that makes critical systems and data inaccessible to an organisation until a ransom is paid. Typically, a ransom is demanded within a 6 – 72 hour window, via bitcoin, or the stolen collateral will be deleted. Obviously, the impact of losing your data can be devastating, with a temporary loss of systems and information access, operational downtime, significant financial loss and, perhaps worst of all, irreparable reputation damage. Recently, WannaCry spread across the UK and Spain within four hours, halting the operations of factories, hospitals and communications companies. The attack
continued and has since infected over 230,000 computers in over 150 countries. For those affected, the starting ransom was US$300 per device, with any delay in payment causing this number to increase rapidly to US$600. For Australian businesses, safeguarding against ransomware involves understanding individual points of vulnerability whilst simultaneously developing proactive approaches to cyber security. It is no longer enough for organisations to operate with reactive measures; they must evolve their cyber security strategies to be proactive both in regard to technical capabilities and business attitude.
Your identity-enabled security strategy When it comes to defending your organisation from ransomware, you fi st need to understand
the exposure points that leave you vulnerable to an attack. Unstructured data (documents and files) is often the weakest link in an organisation as it is largely unprotected. Too often sensitive information has been taken out of safe-guarded applications and databases and disseminated and shared in these unstructured formats. When paired with the immense risk that employees pose either intentionally or unintentionally through poor training and lack of understanding surrounding cyber security policy and practice, it can create the perfect storm for an attacker to strike. Businesses in Australia are undergoing a digital transformation, and managing unstructured data is coming to the forefront of the challenges they must meet. According to recent global research, 66 per cent of
062 SECURITY SOLUTIONS 060-063_SSM108 Article 2.indd 62
21/06/2017 11:11 am
organisations in Australia admit that they aren’t sure how to manage and protect unstructured data from potential theft, which is notably higher than the 51 per cent of global respondents. With unstructured data continuing to grow at a fast and furious pace, enterprises not only need to get their arms around identity governance but understand how it plays a key role in protecting the sensitive data that resides in unstructured files and systems. Ultimately, ransomware is best defended with a security strategy that provides in-depth defence for the organisation. This includes such components as network security to prevent infiltration and email security to reduce phishing, along with consistent data backups to prevent data loss. As part of this strategy, a consistent configuration management program that ensures that all appropriate security patches are applied and resident systems are up-to-date will help prevent ransomware from spreading between machines within an organisation. However, the rapid evolution of ransomware drives home the need to also have a solution in place that can detect ransomware in ways that are not specific to any particular malware variant. A strong defence against ransomware requires the ability to detect the malware as it threatens a business. Through the identification and monitoring of unstructured data access and usage across network and cloud-based file shares, an identity-enabled security strategy can tightly defend your business. In order to effectively guard against ransomware, businesses must consider the following: • applying the principles of “least privilege” to minimise access rights and decrease the potential impact of any single infection • monitoring activities on file shares and using behavioural pattern matching to identify malicious behaviour such as the systematic modification of file suffixes as ransomware encrypts existing data
“However, the rapid evolution of ransomware drives home the need to also have a solution in place that can detect ransomware in ways that are not specific to any particular malware variant.”
• initiating actions to terminate any behaviour deemed malicious, stopping ransomware in its tracks and limiting damage to sensitive systems. Organisations also need to address the risks that are born from their people. It’s no secret that user identities are a major vulnerability in the enterprise, and organisations in Australia need to take action to address this. Nearly 70 per cent see employees as an exposure point in their organisations, making safe-guarding their identities a clear priority in 2017. The response to this can only be an increased focus on security training and awareness, cultural adjustments and heightened vigilance alongside an effective identityenabled security strategy. In the wake of realising that security needs to become “behavioural”, CIOs and CISOs must move the organisation towards a more adaptive and agile security model. The basic principles of identity and access management, lifecycle controls and good identity governance, have become a requirement for every organisation – large and small – and it is important that they become a cultural fixture. In addition, it is critical to remember the importance of acting quickly and decisively in the face of an attack – which is the best tactic for protecting sensitive data from ransomware. Utilising data access governance and an identity-enabled security strategy will help prevent data loss and better prevent organisations from becoming the next victim of an attack. WannaCry is only the latest wave in the rising tide of ransomware and other forms of cyber attack, and its efficient attack means that others will seek to emulate its success. While the management of unstructured data and leading cultural and behavioural changes in your organisation only form part of the cybersecurity picture, it is important to have multiple safeguards in place. Preparing for the next wave of attack means businesses must be not just technically, but behaviourally prepared, for what’s to come. Kevin Cunningham is President and Co-founder at SailPoint, a leader in identity management and governance, providing an integrated set of cloud-based services, including compliance controls, provisioning, password management, single sign-on and data access governance.
SECURITY SOLUTIONS 063 060-063_SSM108 Article 2.indd 63
21/06/2017 11:11 am
LOSS PREVENTION
Keeping Pace With The Global Retail Supply Chain PART 1 064 064-067_SSM108 LossPrevention.indd 64
20/06/2017 2:23 pm
cargo is secured and logs are signed. That image and mentality must change to reflect the tru nature of the management process within the retail supply chain.
Managing a Process
By Jac Brittain The role of loss prevention across the retail supply chain security program continues to expand. The retail supply chain network is a critical component of the retail machine. While many may view the heart of retail as the interactions and events that happen within the store, this support system has always fuelled the way. Through a complex web of processes and activity, a well-managed supply chain is essential to a successful retail operation. Merchandise does not magically appear on the shelves of stores and into the hands of customers. When it is considered that every single piece of retail merchandise must in some way pass through the retail supply chain network, it is easy to see the need to implement appropriate controls and protect a retailer’s interests as product moves throughout the network and ultimately makes its way to customers. For seasoned loss prevention professionals, the importance of sound retail supply chain policies and practices is nothing new. However, expanding the understanding of this essential aspect of the retail enterprise is something that they can all benefit from, and puts them o common ground as the industry moves forward. The role of loss prevention across the retail supply chain has grown considerably in recent years. The advancements in technology, the evolution of e-commerce and omni-channel retailing, and the mounting sophistication of retail crime will continue to revolutionise the role of loss prevention officers throughout th supply chain network. As this role grows more complex, the approach to the entire process must evolve as well. As a critical element of overall programs, this function is much more sophisticated than making sure that receiving doors are locked,
Supply chain management encompasses the planning and management of the many activities involved in sourcing, procurement, conversion and logistics management for the business. It involves planning and processing orders; handling, transporting and storing the products purchased, processed and/or distributed; and managing the inventory of goods in an efficien and coordinated manner. The primary objective is to fulfil business demands through the mos efficient use of resources. By maintaining contro over inventories and distribution, the retail supply chain seeks to match and manage supply with demand to reduce costs, improve sales and enhance company profitabilit . Efficient and effective retail supply chai networks are necessary to successfully compete in the global retail market. It rests on the loss prevention professional to take the necessary steps to gain a better understanding of the overall supply chain process and how the process impacts the business so that he can effectively support shrink reduction and profit-enhancement efforts In terms of understanding, even the term ‘retail supply chain’ can be viewed as a misnomer. This is not merely a seamless link of interconnected, proportional pieces that moves from a point of origin and leads to a single ending destination. It is a sophisticated, interdependent network of positions, processes, facilities, functions, responsibilities, tasks, transport and technology that all culminates with delivering products and services to customers. From a loss prevention management perspective, attention must focus on disruptive risk. As described by one industry leader, “Assuming the enterprise has taken the necessary precautions to ensure product quality, integrity and safety, the primary risk to any organisation posed by the supply network is disruption. Any disruption in production or delivery will result in potential lost sales, decreased revenue, margin erosion and profit loss.” These risks can exist a each origin location, at each intermediate location through which the product travels, and along each transportation link between points. Companies must design operational plans that will serve to identify potential threats; evaluate
how, when and where they may occur; develop effective approaches to mitigate losses; and build programs that improve efficiency and busines recovery. Theft is a primary consideration, but specific risks will vary depending on a variet of factors specific to a unique supply chai network. The potential risks must be identifie and analysed at each point along the network, building the plan that serves as the cornerstone of retail supply chain resiliency. But where do retailers start? What are the greatest risks? How do they determine where to focus their attention and resources? These are just some of the questions facing industry leaders as the risks are assessed and plans constructed.
Where does the Supply Network Begin? The first step of this process is to secure th products that will be offered for sale. Retailers want to offer quality products, obtain the appropriate quantities of product balanced with customer demand, get those products in the hands of customers as quickly as possible, and manage the entire operation through the most economical means. Where the product is coming from can significantly impact each of these ke management variables. The point of origin for the products could involve a vast array of sources from across the world, and through different channels depending on any number of factors that might influence suppl , demand, purchasing and product movement. Does the product have to pass through customs? If the products are manufactured internationally, are the products flown in, or does the product pass through th ports system? Are climate or weather issues a consideration? Are there political, labour, regulatory or other business considerations? A host of issues must be managed to simply secure the products, each of which can impact the success and profitability o the entire business, and each of which can pose potential points of risk. Even before the product is owned, such risks can impact supply, product costs and other factors that can directly influence the business Yet while the point of origin is important in setting a foundation, it is the point where ownership is established that is a critical determination. This not only establishes the right of proprietorship, but also the assumption of responsibility for the products. With the current complexity of the world trade market, the actual point where ownership of products is assumed
065 064-067_SSM108 LossPrevention.indd 65
20/06/2017 2:23 pm
LOSS PREVENTION
can be determined in many different ways, and at different points depending on specific contrac negotiations and other factors. Ownership determination will vary from company to company and, in some instances, may even vary depending on the particular product. But at the point where retailers assume ownership, are they getting what they paid for? Is it the correct quantity? Is it the correct product? Is it the correct price?
International Security Concerns Another primary point of risk is found when goods cross international borders. Customs is responsible for controlling the flow of good into and out of a country. Generally speaking, imported goods may not legally enter the US until Customs and Border Protection has authorised delivery of the goods. Officers may inspect cargo before it is loade onto vessels at a foreign port destined for the US, while in transit, and at the first port of entry wher the goods arrive. Inspectors may board ships, planes, rail cars and trucks in order to thoroughly inspect shipments. The goal is to achieve a sufficient level of security without jeopardisin the efficient flow of legitimate commerci trade at the border. The process is critical for many reasons. However, potential challenges can result from the inspections process. Inspections can cause substantial delays, product damage, spoilage of perishable items and compromised shipment integrity that may lead to other loss prevention concerns. Transportation costs can increase when containers sit at the ports waiting to be cleared. Regardless of the circumstances, there are costs, risks and protocols that must be managed. If the process is not managed properly, the risks increase, leading to shrink concerns, lost sales, lower profits and customer service issues
C-TPAT Unfortunately, some risks extend beyond product loss, theft, damage, or like issues, and carry the potential to create much more impactful considerations. The Customs-Trade Partnership Against Terrorism (C-TPAT) is a voluntary government–business initiative designed to build cooperative relationships that strengthen and improve both international supply chain and US border security. The C-TPAT initiative asks businesses to ensure the integrity of their security practices
and communicate similar guidelines to their business partners throughout the international supply chain. These principles have been adopted by the World Customs Organization and the international trade community, and similar programs are being developed and implemented worldwide. All ultimately have the same primary goal – to stop abuses of commercial trading lanes by terrorists and others who seek to corrupt the process.
“The temptation for thieves to attack goods in transit dates back to the days of piracy and highwaymen. The reason is simple: goods in transit are the most vulnerable to predation.” The premise of C-TPAT is fairly simple – if a company has well-conceived and appropriate internal controls in place, it can enhance the likelihood that its products will arrive on time, intact and without dangerous or unwanted goods substituted for the products that they expected to receive. This requires stringent internal controls regarding facilities, personnel, retail supply chain procedures, computer systems and other critical functions, not only at US facilities, but all over the world. Importers are expected to partner with foreign suppliers and worldwide business partners to secure their supply chain and ensure that internal controls are adopted and implemented.
Risks In Transit The temptation for thieves to attack goods in transit dates back to the days of piracy and highwaymen. The reason is simple: goods in transit are the most vulnerable to predation. Retail merchandise moves fairly anonymously across the nation’s roads, rails and highways, through jurisdictions with varying resources and differing abilities and/or willingness to prosecute if and when individuals are apprehended. As a result, cargo-theft incidents are rarely given high priority when compared to other types of crimes. Deterring these losses, therefore, mandates attention to security and loss prevention practices, strong operational controls, cooperation
among participants in the retail supply chain, and a variety of investments in safeguarding cargo security. But it also requires enhanced awareness. For retailers moving goods attractive to thieves, paying attention to in-transit product and loss prevention management should be a fundamental part of doing business. This is not as simple as a box falling off the back of a truck, and should not be perceived that way. Such incidents can be highly sophisticated operations that can be dangerous, as well as financially devastating As the retail supply chain grows more complex, so does the criminal element that leeches off a retailer’s legitimate business. One of the biggest challenges involves organised retail crime (ORC) and the potential disruption that can result. ORC incidents can occur at any point along the retail supply chain, whether at the point of manufacture, on loading docks, railway stations, distribution centres, or potentially anywhere along the transportation route. Thefts can range from smaller, subtle quantities that are part of larger shipments, to aggressive, armed hijackings involving entire truckloads of merchandise. ORC groups will take advantage of practically any opportunity to steal product that is vulnerable to theft and will potentially produce large profits Thefts are often pre-planned, highly coordinated and well executed. Many operations are managed to the point that they know exactly what they are targeting and have the ability to move, reload and redistribute stolen goods within hours. The stolen goods may be moved quickly to a warehouse, off-loaded, repackaged, re-manifested and placed on another vehicle – often before the theft is discovered by the company or reported to the appropriate authorities. Part two of this article will continue in the next issue of Security Solutions Magazine. Jacque (Jac) Brittain, LPC is editorial director, digital for LP Magazine. He has worked in the loss prevention industry for over 30 years and was instrumental in the development of the industry’s only internationally sanctioned LP credentials – the LPQualified (LPQ) an LPCertified (LPC) courses in collaboration wit the Loss Prevention Foundation. Jacque can be contacted via email jacb@Ipportal.com This article first appeared o losspreventionmedia.com, the website of the USbased Loss Prevention Magazine.
066 064-067_SSM108 LossPrevention.indd 66
20/06/2017 2:23 pm
dorma
When a high level of security is essential, dormakaba turnstiles and full-height gates provide the ideal solution. The robust turnstiles and full-height gates are especially suitable for securing the perimeter of buildings and property.
Secure your perimeters
Benefits include versatality in design, safe passage, minimal power consumption and lasting quality for any indoor or outdoor installation. For the complete range of smart and secure access solutions, contact dormakaba. 1800 675 411 www.dormakaba.com.au
dormakaba_TURNSTILES_210mm x 275mm_0117_SS#106.indd 1 064-067_SSM108 LossPrevention.indd 67
25/01/2017 10:05:51 AMpm 20/06/2017 2:23
FEATURE ARTICLE
THE NEW
MASS GATHERI N
Security Reality By Craig Harwood
068 SECURITY SOLUTIONS 068-071_SSM108 Article 3.indd 68
20/06/2017 2:24 pm
I NG
How does security counter the terrorist threat at places of mass gathering? That IS the question, is it not? Firstly, it is flawed thinking if one believes by countering that the threat is negated in its entirety. Insidious, callous, cowardly and suicidal attacks by their nature are extremely difficult to thwart. When an offender is willing to die in the execution phase of his attack at any stage, damage mitigation becomes a sliding scale of balancing factors. Protective strategies are generally hamstrung by two major issues – cost and operational impact, both of which are real-world problems. Cost is a factor as someone has to pay at some point and it has to be commercially viable. The other issue is the operational impact of protective strategies – if operational security overlays destroy the experience or engagement of the public at the event or place, that in itself becomes an issue, as people simply do not come. This then becomes an outcome where the terrorist ‘wins’, as they have altered people’s lifestyle in fear of their actions and security’s burdensome strategies to defeat them. The simple matter is, however, that a balancing act of degrees of operational palatability and financial viability exist. Once people understand that the new world paradigm is ‘we are all at risk at all times and safety and security have been reset downwards, whilst impact on our lives has been reset upwards’, they understand that the threat faced has to be countered at all levels at all times. Paranoia as a new reality? No, realism as a new reality. Some ‘things’ need to be given up to be able to deal with this evil. The fi st thing is something that has already been given up – innocence. The world has some evil people residing in it with equally evil intent. The second thing lost already is a sense of safety. People do not feel safe in the true sense of the word because they are not. Governments and police services want to play down the threat and its impact in order not to create fear and social instability arising from those fears and prejudices. The reality is that the current methodology of attacks strike at the heart of freedom and Australians’ lifestyles. Of course, the only way forward is not to give in to fear; it is through solidarity, strength of character and a layered, integrated security approach and measured actions that Australia can fight such an insidious disease in its society. There are some major points to be considered when operating a place of mass gathering.
SECURITY SOLUTIONS 069 068-071_SSM108 Article 3.indd 69
20/06/2017 2:24 pm
FEATURE ARTICLE
The attack methodology of terrorists (for the sake of this article, the focus is on Muslim extremists) is basically to kill and maim as many people as possible whilst gaining entry to paradise during the attack. Tactics include vehicle ramming attacks, which involve driving into large groups of innocent people; car and truck bombs (vehicle-borne improvised explosive devices or VBIED); suicide body bombs (SBIED); weapon attacks, such as gun and knife attacks; placement of improvised explosive devices (IEDs) around a major event, such as in rubbish cans; chemical attacks and cyber terrorism, plus a host of other methods too numerous to list. One of Australia’s greatest strengths is that its people live in a free and open society, free to congregate and move together as they wish, which also makes them extremely vulnerable to these types of attacks. Places of mass gathering are not just at events or outside events, they exist on public transport, schools, shopping centres and the general streetscape of cities. This means that if security at stadiums and events is increased, the vulnerabilities at
those events, once exposed, are simply moved to other areas of such an open society. The threat, in other words, is displaced to another more vulnerable location. For example, if security is increased at the Australian Open in Melbourne, Federation Square, where many gather during the event to watch tennis on large screens, becomes a more attractive and achievable target. When one location is target hardened, there are still vulnerabilities around it and at other locations. The threat is displaced, not negated; that job rests with intelligence and law enforcement partners or vigilant team members. Security professionals need to ensure all stakeholders operate on the same communication protocols, terminology and information-sharing methodologies. All stakeholders, including patrons attending such events, need to be informed of what to do and how to do it during an attack. The strength of knowledge rests in the fact that in knowing and sharing information, everyone becomes more vigilant and may pick up pre-attack indicators that help thwart an attack. After all, everyone is
at risk, thus everyone needs to take ownership of safety. The general public are very supportive of safety and security information and layered security in today’s day and age. The loss of innocence and number of occurrences across the world has shifted the paradigm, which means guests and patrons in fact react negatively when venues are not adequately protected and security is not functioning as it should. Mobile number reporting hotlines, safety signage, overt physical presence of law enforcement and security personnel is a must and helps keep information flowing that could be critical to deterring, intercepting or reacting immediately to an attack. Physical security personnel should be well selected, trained and licensed. All venue and management staff, no matter what their function, should be included in any security management plan and emergency response plan as a resource to be vigilant and have response roles to augment the site security and emergency management roles. Site induction compliance and role and responsibility briefings should occur every shift. Command and control
070 SECURITY SOLUTIONS 068-071_SSM108 Article 3.indd 70
20/06/2017 2:24 pm
hierarchies should be well defined and visible to all via uniform or luminous vest differences. Command hierarchy and redundancy roles should be well articulated throughout the organisation and personnel should be well versed in other supporting roles so, in the event of absence or during an incident, functionality can continue.
“Places of mass gathering are not just at events or outside events, they exist on public transport, schools, shopping centres and the general streetscape of cities.” All roles should have basic fi st aid training to support in the immediate moments after a terrorist incident. This expense to the bottom line is more than covered by everyday capability of an organisation to mitigate injuries in the workplace and helps mentally prepare stakeholders for an attack and its consequences. Obviously, the physical infrastructure of places of mass gathering should have had a security risk audit/assessment completed that categorises the risk(s) to the organisation and offers remedies for those risks. Today, vehicle separation and barriers to major pathways, access points and outdoor gathering spaces is the most fundamental baseline to counter the recent weaponising of common vehicles against pedestrians. Extensive venue coverage via CCTV and monitoring of same during events should also be a given. Having experienced CCTV security control room operators, trained to spot abnormal or suspicious behaviour or post-attack, helping to coordinate law enforcement vectoring to an offender(s) location, initiate a lock down, evacuation or a combination of both, is imperative. A ‘God’s eye’ view by trained personnel of the facility can save many lives at critical times, as situational awareness and hence response can be coordinated more quickly. This situational oversight should also be linked to an ability to use and broadcast audio instructions to public spaces and across the
facility or public space, in other words, the PA system should be situated at the CCTV control room operators seated position so real time audio instructions, updates and vectoring can be given to the public, fi st responders and other responding staff or elements. It is now also critical to look harder at pushing hardened outer perimeter security further away from the venue/location to create safe buffer screened zones between the entrances and the main seating arena or main crowd areas. Hardened multiple rings of physical and infrastructure security are now a necessary evil to defeat or mitigate, as much as possible, multi-phase attacks at entrance points, to disperse patrons over a greater area, break up crowds and push any explosive device attack into open air environments. This outer ring physical infrastructure, such as fences and crowd barriers, has been trialled at one major arena venue in Australia in the past and now needs to be implemented. This provides law enforcement, security staff and management time and space to understand the nature of an outer ring penetration or attack and respond accordingly and direct patrons to shelter or withdrawal to safer areas or exits. Whilst these extra outer perimeter layers increase the time for patrons to get into the venue/event, well-trained teams can process large numbers of people quickly and efficiently. The sad fact is, it is better to have the attack initiated at a smaller entrance point in open air against fewer people than in a crowded enclosed seating bowl. After all, when fighting such evil methodologies of attack, harm minimisation ultimately comes down to minimising the number of lives lost or people injured. Hence, the loss of innocence discussion earlier and a reset downwards of public safety. Patrons should all be electronically searched at the outer defensive rings by hand wands or walk-through scanners, and bags should be banned, cloaked at an outer perimeter location (including all staff bags) or only be made of transparent plastic. Vehicles accessing the venue, no matter the patron or service provider type, all need to be searched – this includes the occupants going through the same process as patrons at gate entry or member’s entry points. Security does not recognise class structures or VIPs; all patrons need to undergo the same vetting and screening process. Post Manchester, the defensive security posture has to continue well past event
conclusion. Security considerations have to extend to maintaining vigilance and proactive methodologies until well after the crowds have dissipated. The displacement of large event crowds into unvetted people will continue to be a challenge for event and places of mass gathering managers. Considerations of scaled cessation of events now must be managed to ensure crowds are dissipated in a controlled and safe fashion. Of course, emergency management team structures should be well versed and practise all possible attack methodologies on their venues using desktop exercises and realism-based training scenarios. These training scenarios should stress-test all levels of the organisation and be run in an honest and transparent manner to ensure the organisation identifies any deficiencies and has a clear mandate to rectify these deficiencies in a timely manner. Many organisations do not like to expose their weaknesses in management capability, infrastructure or human resource capability; however, it is better to be transparent and understand the capability of an organisation before an event than during it. In line with this, management teams should be communicating with like venues across the country to form relationships and understand innovation and best practice. Competitors will all feel the same devastating effect from a successful attack and thus competitive friction needs to be swept aside for mutual survival and protection. Management needs to drive this non-competitive sharing of information and effective strategies in this area. Attack one, attack all is the lesson learnt from across the world in relation to patronage, post-attack engagement and economic fallout. Managers should join organisations like the Venue Management Association (VMA) to help facilitate information sharing, relationship building and access to best practice. Australia has lost its innocence. The community is no longer immune or safe from these cowardly and evil attacks and now is the time for everyone to unite, review, communicate and act. Australians will prevail through strength of character and action. As both a former member of the Victorian Police Special Operations Group and Founding Director of Securecorp, one of Australia largest and most successful security and event specialists, Craig Harwood has many years experience in both event security and counter terrorism.
SECURITY SOLUTIONS 071 068-071_SSM108 Article 3.indd 71
20/06/2017 2:24 pm
AVIATION ALARMSSECURITY
The Immediate Future of
072 SECURITY SOLUTIONS 072-075_SSM108 Aviation.indd 72
20/06/2017 5:49 pm
By Steve Lawson
In July 2015, I wrote an article ‘The Future Of Passenger Screening’ that reviewed the International Air Transport Association (IATA) and the Airports Council International (ACI) joint Smart Security project. The idea of the project, according to IATA, “envisions a continuous journey from curb to airside, where passengers proceed through security with minimal inconvenience, where security resources are allocated based on risk and where airport facilities can be optimized.” It is a long-term project and there have been pilots of parts of the process at London, Schiphol, Doha and Melbourne. One of the milestones will be the end of 2017, so I thought it useful to look at where we are with screening. In the earlier article, I suggested that we should not expect major changes in the short-term but, by the end of 2017, there will be a variation of the model at several airports. Depending on what is considered a variation, that may have been an optimistic view. There
have been some changes in ancillary systems such as automatic tray returns, and I do know of the installation of computed tomography (CT) X-ray machines as passenger screening equipment. The CT X-ray machine used at airports is little different to the machines used in a hospital; it has an X-ray head that uses a very narrow X-ray beam that moves around the item being X-rayed, taking numerous ‘slices’ of the item which are stitched together to provide a 3D image of the item. CT machines are used in checked baggage screening because they are quite capable of detecting explosives. One of the other types of X-ray machines used in checked baggage screening are multi-view machines. Think of multi-view machines as CT lite – simplistically, they are several X-ray machines bolted together to give different views of the bag. Rather than a single X-ray head that uses a narrow beam, these multiple images are stitched together by the computer and an algorithm looks for the weapon or prohibited item.
SECURITY SOLUTIONS 073 072-075_SSM108 Aviation.indd 73
20/06/2017 5:49 pm
AVIATION ALARMSSECURITY It was an obvious step that checked baggage machines would eventually be used in passenger screening points; they are much more sophisticated machines. However, it is not simply a case of lifting a checked baggage screening machine from the baggage handling system and dropping it into a passenger screening point. The algorithms (the decisionmaking software) used by these machines as checked baggage screening systems are very different from those needed for passenger screening. Checked baggage screening only needs to find an improvised explosive or incendiary device rather than the diverse list of weapons and prohibited items that need detection in cabin baggage. I had expected that multi-view machines would have been the fi st choice rather than CT machines given the cost factor. In my 2015 article, I said that the interesting aspect of the Smart Security concept is the use of risk profiling. I expressed reservations about the ‘known traveller’ process and the sharing of intelligence. I thought it would become a bureaucratic nightmare with ever lowering standards or it would be a little club where a few select countries would exchange information. And I thought that it would end up being torn apart at the hearings following the next major terrorist incident. I still worry about those issues, but I think the result will be less terrorist related and more about facilitation for frequent flyers. So, do I think there is about to be a generational change in airport security? Quite possibly yes, but I think a major airport needs to be brave. Consider this: when passengers put their carry-on items onto a current X-ray machine, the belt runs at approximate walking speed and is regularly stopped while the operator checks the image. It can be sent back for rescreening and consequently the throughput rate of a standard X-ray screening point can be relatively low. Because of this, airports often use multiple screening lanes. That is not how checked baggage screening works. There are variations on a theme but, as an example, the bag is put into the baggage handling system where it is fi st X-rayed by a multi-view machine and if that machine clears the bag, the bag continues without further checking. However, the machine may send the bag to a smarter CT machine, that may clear the bag. Most bags are cleared by this process. If neither machine clears the bag it is sent to a
screening officer for checking and, if he cannot give it the all clear, it goes to a supervisor for a longer look and then, if none of this process clears the bag, it is sent for physical search. It sounds time consuming and very complex, but in reality it is very quick.
“Checked baggage screening only needs to find an improvised explosive or incendiary device rather than the diverse list of weapons and prohibited items that need detection in cabin baggage.” Consider this as a proposal. I am not sure how many readers have travelled with Qantas lately, but they now use an automated system for check-in and bag drops for checked baggage at larger airports. Similar systems are used throughout the world. Now think of all but one X-ray being removed from the screening point. A passenger arrives and, if he has carryon baggage, he goes to a token machine, which may be at the bag-drop point. He enters the number of bags or trays and is issued a token. His items are then placed in the automated bag drop. Once in the baggage handling system, the carry-on items are treated differently to checked baggage; they may use the same machines, but the algorithm is different and rather than being sent to the baggage make-up area they are sent to a collection point inside the sterile area where the passenger’s token allows him to collect his items. The passenger sees none of this; he puts his bag into a very nice collection point and, retrieves it from a very nice collection point. Very few bags will need physical searching. After dropping off his bag, the passenger walks to the screening point that now consists of a series of lanes using body scanners rather than walkthrough metal detectors. Modern body scanners process passengers quite quickly. There will still be a need for a standard screening point for people who have a medical (or other) reason that precludes the use of the body scanner or to clear items that they forgot to put through the automated system or that were found by the body scanner.
Would this system be quicker? Probably. Maybe not initially, but in a brief time passengers would become used to the system and it would move quite quickly. Would it be more cost effective? This depends on how cost is quantified. The equipment is going to cost more, it would likely release more space at the passenger screening point and make the movement of passengers through the screening point quicker (no pulling out laptops and so on), there would be fewer screening staff and overall the passenger experience would be better. The downside for passengers is that every bag going into the cabin would be weighed and could be measured, so no taking oversize or overweight items into the cabin – sorry! The important question – would it be more secure? Absolutely. This system would almost invariably detect prohibited items and especially improvised explosive devices (IEDs), something that is currently problematic. Considering the recent events in Manchester, an enterprising company could use a portable variation on this theme for venues like sporting events and concerts. Do I think that the IATA/ACI Smart Security project is on track? Probably not! It is getting there, but I do not see movement in the major part of the concept – risk assessments. Rather, I see that becoming more difficult as countries like the US tighten their borders. Richer countries will introduce multi-view machines and CT machines to airport screening points by 2020, but even then I am unsure it will be to every screening point. There will be more use of automated tray returns and intelligent conveyor systems, but not their widespread introduction. Would I like to see my suggested system trialled? Yes, but I cannot think of a single airport brave enough to try. Pity. Steve Lawson has over 20 years’ experience in aviation security. As a security executive with Qantas, Steve held a number of senior management roles covering all aspects of aviation security from policy development to airport operations. He was sent to New York immediately following the 9/11 attacks to manage the Qantas response and undertook a similar role following the 2002 Bali Bombings. On his return to Australia, he was appointed Security Manager Freight for the Qantas Group. Since 2007 he has been a Director of AvSec Consulting in partnership with Bill Dent, a fellow former Qantas security executive. Steve can be contacted via email slawson@avsecconsulting. com or on 0404 685 103.
074 SECURITY SOLUTIONS 072-075_SSM108 Aviation.indd 74
20/06/2017 5:49 pm
KeyWatcher is a reliable and extremely easy to use electronic key management system, designed to prevent mismanaged, misplaced, or stolen keys. KeyWatcher eliminates outdated metal boxes, unreliable manual logs and messy key identification tags utilising a computerised storage cabinet. The system releases keys only to the individuals with correct authorisation, recording each user transaction and providing total system accountability.
KEYWATCHER SYSTEM OFFERS l Up to 14,400 keys and 10,000 user per site l “Site” concept uses a common database l Numerous high level interfaces for access control, contractor management and vehicle fleet systems l Longer user IDs can be up to any 6 digits, plus a 4 digit PIN l Bright 7” full colour, touch screen l “Key Anywhere” allows keys to be returned to any KeyWatcher Touch within a site l On-screen guides for users, along with voice commands
Available in Australia through: AST Pty Ltd T: +61 2 8020 5555 | M: +61 417 089 608 | F: +61 2 9624 7194 E: di@astpl.com.au | www.astpl.com.au
072-075_SSM108 Aviation.indd 75
20/06/2017 5:49 pm
Trending Now:
Technology Advancements Re-Shaping Security By Rob Spinetti
076 076-079_SSM108 Access Control.indd 76
20/06/2017 2:25 pm
Facility safety and security are light years beyond the days of having several guards and an alarm system, and navigating a complex array of the technologies available. Whether the focus is on compliance and driving efficiencies, or simply bolstering efforts already in place, it is important to be aware of the trends currently shaping security and how they can benefit business. Following are five developments to watch.
Biometrics goes Mainstream Biometrics is no longer the domain of sci-fi movies and top-secret bunkers; it is increasingly employed for mainstream security purposes. This authentication method uses unique human characteristics such as fingerprints, retina scans and even the veins in a person’s hand. It can help drive greater operational efficiencies, like getting people through facilities quicker, while maintaining a more controlled environment by knowing exactly who is on-site and not just who cards in on-site, which is all part of enhancing security. If using a biometric-only technology, then losing or forgetting an access card is no longer an issue. Typically, biometrics is used in a layered approach, securing high risk in critical areas where one must know exactly who is entering or leaving. The pinnacle biometric solution within the next few years will be DNA – still a work in progress, but eventually commercialisation will define it as the most accurate of all the biometric measures.
Intelligence Moves to the Edge Gone are the days of relying solely on a central server for powering applications. Now, the storage and intelligence can be found in the device itself – or at the ‘edge’. When talking about closed-circuit television, this concept is coming to life through video enhancements, which provide the processing power to run advanced analytics or video analysis and capture extremely high-resolution footage within commercially available cameras. This speeds up the automatic identification of potential issues through smart analysis and gives security personnel a clear view of the situation in real time or post event. Edge intelligence is also shaping new innovations like electronic locks, or e-locks,
SECURITY SOLUTIONS 077 076-079_SSM108 Access Control.indd 77
20/06/2017 2:25 pm
from any location, improving control and increasing response time. Similarly, mobility simplifies visitor management and way finding as it is easier to swipe a phone to get access to specific areas in a building, or use a smart app to book or find the way to a conference or meeting room. From an end-user standpoint, mobility provides a more seamless experience and, since there is no need for a badge or other ID, it means one less thing to remember in the morning.
The User Experience is Paramount
which provide wireless access control. Rather than having to run wires from individual readers to a central panel connected to the building management system, the ‘smarts’ embedded in an e-lock cuts out the controller hardware in the middle, providing a quicker response and saving the need to run miles of cabling. This gives better control and can significantly reduce installation costs. Controller-less architectures do not only apply to smart locks, but can be smart readers as well. Combining smart cards with smart readers and mesh network communications, this powerful wireless architecture becomes easy to deploy and easy to maintain.
IT and Security Converge Central decision making is no longer limited to a security or facility manager. Physical and network security are converging and IT is becoming more important as security, building and enterprise systems connect. As a result, both sides need to learn new competencies and develop the expertise to manage processes and technologies that merge physical and logical security. One of the benefits of convergence is unified identification and credentials (also known as tokens) for easy, more accurate management. The earlier plastic cards containing a string of 1s and 0s to determine
access rights now flow to more secure encrypted security certificates or electronic signatures which can be authenticated on-site or at a centralised repository. The sophistication of encryption and authentication technologies needs to keep up to speed with cyber criminals and hackers; the systems are only as secure as the layers of any defence strategy and audit framework.
“Biometrics is no longer the domain of sci-fi ovies and topsecret bunkers; it is increasingly employed for mainstream security purposes.”
The idea of taking a class to learn how to operate a smartphone, tablet or laptop may sound absurd, but complex user manuals and start-up guides are the standard with facility technologies. People expect an out-of-the-box experience both in their personal lives and at their workplace. As a result, the commercial and industrial world is starting to see easy-tounderstand interfaces and intuitive technologies; ones that do not require significant training to operate, instead introducing new ways to visualise information and manage processes or guided workflows. While simple in concept, the impact is significant. When it comes to security, an enhanced user experience helps minimise operator error, increases the incident response time and ensures technology remains as an enabler to maintaining facility security. Guided workflows are known to reduce stressful situations, guide operators to calm, controlled decisions and ensure no critical steps are missed or forgotten. This is done through a recorded sequence of events replaying any critical incident, which allows operators and organisations to hone skills and improve processes and speed to response for next time. At its core, security ultimately comes down to quickly identifying issues and mitigating risk. These trends are a sample of the ways technology is providing a more efficient, effective means to those ends. And, in many cases, they are also reducing the resources and costs necessary to get there.
Mobility Reigns When was the last time anyone forgot their smartphone at home? People increasingly rely on their smartphones for everything, from checking the weather to hailing a car to the airport. So it makes sense to use these ubiquitous devices for access and other security applications. Leveraging mobile technology allows security personnel to manage systems
Rob Spinetti is a Principal Technologist with Honeywell Asia Pacifi ’s Major projects & PPP team. The Major projects team is responsible for the overseeing and governance of Honeywell project bids ranging from 10 to over 100 million US dollars within the Asia Pacific A ea, Middle East and South Africa.
078 076-079_SSM108 Access Control.indd 78
20/06/2017 2:25 pm
Aperio Technology
Wireless access control - The evolution starts here Aperio is a new technology developed to complement new and existing electronic access control systems; providing end users with a simple, intelligent way to upgrade the controllability and the security level of their premises. The heart of Aperio is a short distance wireless communication protocol designed to link online electronic access control.
Key Features • Affordable online door control for internal doors • Extends existing access control system • Enhances security for internal doors
+61 (3) 8574 3888 info.au@assaabloyasiapacific.com aperiotechnology.com.au
PROFESSIONAL DEVELOPMENT
WHAT IS RISK INTELLIGENCE? By Dr Gav Schneider, Dr Paul Johnston and Kate Down Before defining the concept of risk intelligence (RI) itself, it is worth asking the fundamental question of “Why does a concept such as risk intelligence matter?” The modern world is complex, volatile and essentially risky, and no amount of compliance processes can eliminate that risk – especially if an organisation wants to innovate, grow and expand. How can people feel confident that the decisions they make now will not have unexpected consequences or, if they do, that they can capitalise on them? No one can predict the future, but people can learn to make decisions that are empowered, innovative and enable them to seize opportunities and manage potential downside consequences if things do not go according to plan (which they very rarely do!). After spending 1000s of cumulative hours researching the psychology of risk, how it works and what makes people do what they do
and make the decisions they make, one of the core findings we established is that, much like emotional intelligence, RI is an attribute and skill that needs to be nurtured and developed. So, in terms of understanding what RI is, the starting point is to look at some key definitions, and then integrate and define RI in a meaningful way. Key related definitions: • Risk: the effect of uncertainty on objectives (AS/NZ ISO 31000:2009) • Innovation: generally refers to changing or creating more effective processes, products and ideas, and can increase the likelihood of a business succeeding. Businesses that innovate create more efficient work processes and have better productivity and performance (www.business.gov.au) • Agility: the ability to move quickly and easily / ability to think and understand
quickly (Oxford Dictionary) • Resilience: the capacity to recover quickly from difficulties; toughness (Oxford Dictionary) • Organisational resilience: refers to a business’s ability to adapt and evolve as the global market is evolving, to respond to short-term shocks – be they natural disasters or significant changes in market dynamics – and to shape itself to respond to long-term challenges (www. organisationalresilience.gov.au) • Empowerment: a management practice of sharing information, rewards and power with employees so that they can take initiative and make decisions to solve problems and improve service and performance (www. businessdictionary.com) Based on the above definitions, a
080 SECURITY SOLUTIONS 080-083_SSM108 ProDev.indd 80
20/06/2017 5:38 pm
conceptual integration of core RI attributes is summarised below: • manage uncertainty, unexpectedness and the interaction that comes with achieving goals and new frontiers • have the ability to move, think and understand quickly and easily • focus on creating more effective processes, products and ideas • embody social leadership with an emphasis on trust, coordination and engagement • focus on creating value for self, others and the organisation • strengthen likelihood of success through coordination with others who have shared goals • share information, rewards and power appropriately and fairly • take initiative and make decisions to solve problems and to improve service and performance • display toughness in the face of adversity and have the capacity to recover quickly and respond to short-term shocks • have the ability to adapt and evolve personally, and to shape groups and organisational structures to respond to long-term challenges. By integrating the above attributes, RI can be defined as a living skill and applied attribute that enables better decision making to proactively embrace opportunity and manage potentially negative outcomes. By definition, RI actively incorporates agility and resilience. People with a welldeveloped RI are able to: 1. Manage self. 2. Lead and empower those around them to achieve. 3. Drive high reliability organisation (HRO) performance. Now that RI has been defined, the focus shifts to its application, which starts with the concepts of risk attitude and risk appetite. The two sides of the risk attitude and risk appetite coin represent the extremes of each aspect, namely risk aversion and risk seeking. Both have their pros and cons (refer below), but knowing when to adopt which posture and how to apply a balanced approach that achieves risk equilibrium is the inevitable challenge faced in today’s complex and uncertain world. This concept is explored by leading researchers in the field and is described
by Dan Ariely (Duke University Professor in cognitive sciences and behavioural economics) who asks people to remember their fallibility and irrationality when making decisions. How to apply a balanced approach that achieves risk equilibrium is not only an inevitable challenge in terms of personal behaviours, but also in trying to lead and manage others in a way that empowers them to make decisions (Sinek, 2009).
RISK ADVERSITY
RISK SEEKING
Pros
Perceived safety, perceived dependability, potential stability
Innovation, adaptability and agility
Cons
Inertia – stuck! An inability to adapt
Potential harm and loss
The key risk (excuse the pun!) of not getting this dynamic risk equilibrium (DRE) is that people miss out on opportunities because of their risk aversions, or that they may be forced to manage the consequences of extreme risk/s manifesting in a very negative outcome as a result of an attitude that is too risk seeking (Schneider & Down, 2016). So, how do people get this right, especially when their own heuristic and cognitive biases actually mean that most of the time they are not even aware of the significant impacting factors that influence their behaviours and decisions? (Kahneman, 2011). To answer this question, it is necessary to unpack the attribute of RI at both a microand macro-management level. By doing this, the skills, capabilities and knowledge that a risk intelligent leader should develop and enhance can be defined. Knowing when to follow and when to lead (Riggio et al, 2008) is also a crucial aspect in the evolution of applied RI. To do this, we have developed what we refer to as the Risk Leaders Toolbox. This toolbox summarises the aspects, skills and capabilities people need to display RI in their personal capacities, to influence others to operate in a risk intelligent way, and to create risk intelligent cultures in their organisations. The Risk Leaders Toolbox is summarised below in three levels, namely: the Me level, the Others level and the Organisational level: Note: these skills, attributes and capabilities are not listed in order of priority and have not been explained in detail, but rather summarised as a quick reference list. It
is important to note that the three levels are sequential; in other words, without the Me level, the Others level will likely not be successful and without the Me and Other level, the Organisational level will likely not be effective.
Tier 1: Me • Sense making: applying sense making as an ongoing and informed process, actively adopting the three views approach (mine, others and overarching). • Meaning making: people behave based on the subjective meaning they have given to their experiences rather than objective truth. • Mindfulness: applying ‘pause’ between stimulus and response – and extending that space to ensure one is present in the moment. • Constant learning: evolve and improve so that others will want to as well. • Personal and situational awareness skills: active and passive awareness – starts with base lining and the ability to absorb, analyse and determine possible outcomes of what is happening around one (Schneider, 2012). • Critical thought processing: understanding and applying hindsight, insight and foresight in decision making and action. • Adaptive planning skills: embracing structured planning with flexible adjustments and implementations to achieve outcomes. • Informed intuitive capability: programming the subconscious effectively and using informed intuition as a trusted tool, but buying time to analyse wherever possible based on personal cognitive biases and heuristic decision-making characteristics (Schneider, 2012). • Understanding cognitive biases and heuristics: an objective awareness and acknowledgement of the subjective factoring in subconscious influences. • Strategic and tactical skill capability: understanding the key aspects of implementation from both levels and perspectives. • Fear and stress management: understanding real versus perceived fear, stress and associated management to ensure effective performance (Schneider, 2012). • Adrenal response management: understanding causation and dynamics,
SECURITY SOLUTIONS 081 080-083_SSM108 ProDev.indd 81
20/06/2017 5:38 pm
PROFESSIONAL DEVELOPMENT
and developing coping and amplification strategies (Schneider, 2012). • Managing reality and perception: understanding the realities of the honest truth about dishonesty (trust, but with eyes open). • Believe! Because if one does not, no one else will (relevant at all levels; personal, social and organisational)!
•
•
Tier 2: Others • All of the Me aspects. • Symbolic interactionism: the way people learn to interpret and give meaning to the world through their interactions with others. • Social psychology: being in the world of others and having the capability to examine and understand interactions in a meaningful way. • Empowered accountability: fighting a no-blame culture by stimulating informed risk taking and accountability, that is, it is not a loss if one learns and adapts (within reason). • Understanding cognitive biases and heuristics – in others. • Social leadership: building trust, deepening relationships and having real, not perceived, connections with others. • Leadership versus managerialism: be skilled enough to know the difference, and to use both skill sets. • Counter the hero myth: there is no such thing as the perfect leader. • Embrace the follower–leader dynamic: knowing when to lead and when to follow is a critical skill (Riggio et al, 2008).
• •
•
making sure there are real outcomes, not just paper-based metrics that people believe will solve issues. Understanding the link between culture, behaviour and bottom line results: behaviour creates culture and culture in turn influences behaviour (Richardson & Boyd, 2005). Critical thinking and perceptual sensitivity: avoiding common sense, myths and creating a uniformed culture via standardised vocabulary, and an objective and sensitised environment. Just culture: striving for a culture where people feel and believe that things are fair. Social conformity versus values/basic perceptions: noting and understanding that the tendency to conform can be stronger than values or basic perceptions! (Asch, 1951). Successful business = vision + systems and process + people: remember and be mindful of this ‘equation’; one part is not more important than any other if organisations want to achieve.
“RI can be defined as a living skill and applied attribute that enables better decision making to proactively embrace opportunity and manage potentially negative outcomes.”
Tier 3: Organisations
Moving Forward with RI
• All of the Me and Others aspects. • Apply HRO principles: doing so without losing entrepreneurial capability is the key (for more information, see Weick & Sutcliffe, 2015). • Understanding what is ‘normal’, what is ‘extranormal’ and what is ‘abnormal’. • Elastic enterprise: understanding the differences between growth and fixed mindsets, and how problemsolving strategies can develop or inhibit organisational agility. • Adaptive achievement approach: striving to avoid fixed-goal absolutes such as zero failure or zero harm; striving to achieve principles, not numbers, by
Ideally, people with a highly developed RI will naturally and instinctively apply the correct aspects of the Risk Leaders Toolbox at the right time. It does, however, take ongoing work and practice for people to develop the toolbox and make sure they are making it work for them. Leaders can, and do, use the same to enhance their own performance and their relationships. In doing so, it is argued that the motivation of those around them will also be positively influenced in such manner that will lead to a high performance, high reliability organisation output for their employers, and a more fulfilling lifestyle for themselve and those around them. However, most businesses today are not designed with such agility in mind. Their systems
are tightly coupled, and their growth has been driven by a desire for perceived efficiency rathe than adaptable flexibilit . The prevalence of risk management processes that are tick and flic or so complicated and systemised that they are too cumbersome to be used in a meaningful way leads to what we refer to as the CYA (Cover Your A*s) approach. The challenge in moving forward is to take the concept of RI, often observed at a micro-management level, and to actively embrace it at a macro or organisational level – thereby facilitating the flexibility and empowermen required to realise true organisational innovation, growth and expansion. For a full list of references and suggested further reading, email info@ interactivemediasolutions.com.au Dr Gav Schneider is an acknowledged leader in the field of human-based risk management and the psychology of risk. He is a leading academic in his field and heads up the Postgraduate Psychology of Risk program at the Australian Catholic University (ACU). Dr Gav is the CEO of the Risk 2 Solution group of companies, which focus on delivering innovative and cutting-edge solutions in the risk, intelligence, safety, security, medical and emergency response sectors. Visit www.risk2solution.com for more information. Kate Down is a behavioural scientist and coach who specialises in social and emotional intelligence and rational thinking. Kate heads up Risk 2 Solution’s: People, Culture and Behavioural change division. She is an Associate Member of the Australian Psychological Society and a lecturer on ACU’s Postgraduate Psychology of Risk program. Dr Paul Johnston has 25 years of operational and management consulting experience in both the public and private sectors, delivering risk management advisory services to a variety of industries and infrastructure projects throughout Australia and internationally. Paul is a lead consultant with a national management consulting group and is a lecturer with ACU’s Postgraduate Psychology of Risk program and the ACU Peter Faber Business School’s OHSE programs. This article first appeared in the May 2017 issue of Risk Management Today, a newsletter featuring articles designed to break down complex issues in risk management, with practical insight into what the implications are for business. For more information on Risk Management Today, call LexisNexis Customer Relations on 1800 772 772, or email customer.relations@lexisnexis.com.au
082 SECURITY SOLUTIONS 080-083_SSM108 ProDev.indd 82
20/06/2017 5:38 pm
Some cheap solutions can end up being the most expensive. STENTOFON offer fully monitored IP communications solutions made to the highest standards from premium components and materials to ensure unparalleled performance in the most demanding conditions. When you need secure, safe, reliable communications that can integrate into existing systems and grow with your future needs, look no further than STENTOFON.
whencommunicationiscritical
080-083_SSM108 ProDev.indd 83
www.stentofon.com.au
20/06/2017 5:38 pm
FEATURE ARTICLE
SECURITY EXPERTS COME TOGETHER
TO TACKLE TERRORISM AT
SCTX
084 SECURITY SOLUTIONS 084-087_SSM108 Article 4.indd 84
21/06/2017 12:43 pm
The terrorist landscape has changed in recent years, with extremists going to new measures to cause harm and disruption across the globe. Attacks are no longer limited to methods such as improvised explosives and the hijacking of planes. Everyday items such as cars and knives have been used by radicals in the latest wave of attacks across Europe. 9,850 security professionals from over 114 countries travelled to London in May for the latest instalment of Security & Counter Terror Expo (SCTX). The show once again incorporated leading forensics show Forensics Europe Expo and Ambition – the event for the emergency preparedness, resilience and response (EPRR) community. Show organisers, Clarion Events, reported that the number of visitors was up three per cent on the 2016 event, with one in 10 representing a police or counter terror force. Covering over 15,000 sqm, the show’s footprint also increased by 7%, enabling 351 companies to showcase their latest products, technologies and services alongside nine conferences, two live demo areas and the eagerly anticipated World Counter Terror Congress. David Thompson, Event Director at Security & Counter Terror Expo, commented: “The recent attacks in London, Manchester and Paris have highlighted the vital importance of ensuring that nations, security professionals and the public, are fully aware of the best way to tackle terrorism. This year, the programme was specifically developed to inform and educate visitors on the most effective strategies to protect the public and infrastructure.”
The World Counter Terror Congress One of the main attractions at this year’s event was the World Counter Terror Congress, which was attended by 1,050 delegates, including diplomats and high-ranking police officers. Covering policy and strategy in a number of key areas, such as de-radicalisation and preventing attacks, the congress featured dozens of world-renowned speakers, including Sir Malcolm Rifkind, Europol’s Rob Wainwright and Lucy D’Orsi, Deputy Assistant Commissioner, Metropolitan Police. In her presentation, D’Orsi, addressed the threat posed by both international and homegrown terrorists stating the importance of educating children in schools on the “Run, Hide, Tell” message. Meanwhile, Rob Wainwright, the head of Europol, spoke about the use of the ‘dark web’ and how extremists can buy a British passport for as little as £750. He went on to condemn encrypted Russian messaging app Telegram, with its refusal to cooperate with the authorities in discovering and preventing attacks before they happen. Sir Malcolm Rifkind, former Foreign Secretary and former chairman of the Intelligence & Security Committee of Parliament, said: “Events such as the World Counter Terror Congress provide the ideal platform for experts across the field to come together and discuss best practice on the most effective ways to disrupt plots and protect the public and infrastructure.” Richard Walton, former Head of Counter Terrorism for the Metropolitan Police Service added: “The biggest change we’ve seen from terrorists over the past year is the move towards simplifying their attacks as much as possible.
This has completely changed the goal posts in how we must prepare and try to prevent these atrocities from happening. Motor vehicles are now one of the most common weapons of choice, which presents a completely new challenge for security professionals to face. Events such as the World Counter Terror Congress are key in bringing the industry together to overcome these challenges and keep us one step ahead of the terrorists.” In addition, SCTX provided a series of free-toattend conferences focussing on the ever-growing cyber threat, infrastructure, border and transport security and advanced technologies. Located on the show floor, the sessions were at full capacity on both days, with visitors keen to hear the latest thinking from universally recognised experts.
The growing cyber threat The Cyber Threat Intelligence Conference, presented by techUK, brought together those who work to prevent cyber terrorism and crime – one of the security industry’s biggest concerns in today’s world. Among the topics discussed was an analysis of the top cyber threats and emerging trends this year. Key speakers included Dr. Louis Marinos, NIS R&A expert, Paul Thorlby, CTO at Qinetiq and John Godwin of UK Cloud. Talal Rajab, techUK’s Head of Programme, Cyber, National Security, added: “The cyber terrorism threat grows immeasurably year-onyear and we as an industry, must grow, adapt and react in equal measure. Security & Counter Terror Expo provides opportunities to learn from and meet with some of the key figures in the sector addressing the most important issues we face today.”
SECURITY SOLUTIONS 085 084-087_SSM108 Article 4.indd 85
21/06/2017 12:43 pm
FEATURE ARTICLE
This year was no different with a wide range of product innovations on display, including the latest in high security fencing, cyber-security modelling, simulation and training platforms, surveillance control systems and drone technology. AARONIA AG, Risk GOC and AUGGMED were among the top leading innovators at the 2017 show. AARONIA AG were proud to demonstrate the latest in anti-drone technology with their RealTime Spectrum Analyzer drone detection system. Founder, Thorsten Chmielus, commented: “It’s a constant battle to keep up with the developing drone technology. We are working with drone manufacturers looking at every new model that comes to market.” In the Advanced Technologies Live zone, Risk GOC displayed their smart stab-proof clothing. Despite being as thin as a t-shirt, the item is designed to protect the wearer from a knife attack with the blade unable to penetrate through the material.
Planning for the 2018 event Protecting infrastructure and businesses The Critical National Infrastructure & Business Reliance Conference featured a series of presentations examining the policy and strategy responses to today’s terror threat. Among the 20 high-ranking officials and academics who presented was James Brandon, Director of Geopolitical Risk – Stirling Assynt. He discussed the threat assessment challenge for critical business and infrastructure protection in the UK. “Carrying out accurate threat assessments on a regular basis can be challenging with the continuously changing environment, however it is vital in maintaining a security procedure that is both up-to-date and appropriate to the threat posed to that particular building,” said Brandon.
Preventing transport attacks Atatürk international airport in Turkey and both Brussels airport and metro station have been subject to recent terrorist attacks. Transport links are increasingly a target for terrorists, with aeroplanes, mass transit buses, rail terminals, ports, vehicles and transport facilities all facing the risk of future attacks. The SCTX Border & Transport Security Conference focussed on airport security, anti-trafficking, customs and immigration. The conference attracted key stakeholders from Border Agencies, Border management and Immigration professionals,
Customs and security policy makers and practitioners, Rail, Air, Sea, National and Homeland security advisors, Law enforcement and Diplomats and foreign affairs officials.
The latest technologies on show Public and private sector buyers, influencers and government delegations from across the globe attended SCTX to explore how the latest technology can be matched to their current and future needs. Advanced Technologies Live played a key role in delivering this as visitors were able to see and hear more about innovative solutions that the industry has to offer through a series of live demonstrations. This year saw a focus on drone and anti-drone technology. With technology developments enhancing their capabilities, these devices are becoming increasingly important to the security industry. As a result, a number of leading businesses, including Diametrex, Drone Defence and Aerial Academy showcased their latest solutions at the show.
A platform to source the latest services, solutions and technologies The exhibition at SCTX has established itself as an international hub where the industry elite come together to identify the security sector’s most significant innovations and new product launches.
Clarion Events announced that the next edition of SCTX will return to London on 6–7 March 2018 for UK Security Week. Event Director, David Thompson, added: “The 2017 show was highly successful and we aim to build on that next year by providing a conference programme and exhibition that ensures the world’s security professionals can source innovations and identify new tactics and strategies. We look forward to working with all our key partners over the coming months to develop an event that serves the needs of all our stakeholders.”
Contact us today to book your stand Security & Counter Terror Expo is the ideal opportunity to showcase your products and services to the most influential purchasers and specifiers. For all exhibitor enquiries, please contact Sophie McKimm, Event Manager on +44 (0)20 7384 7894 or by email Sophie. McKimm@clarionevents.com. Security & Counter Terror Expo is co-located with leading emergency preparedness, resilience and response event, Ambition – the EPRR Event, and Forensics Europe Expo, the only dedicated international exhibition and conference for the entire forensic sector and supply chain. To register your interest to attend as a visitor and receive a notific tion when online registration opens, please visit the website at www.sctx.co.uk/register
086 SECURITY SOLUTIONS 084-087_SSM108 Article 4.indd 86
21/06/2017 12:43 pm
Presco™ Standard Keypad, Combination RFID Keypad and RFID reader New PrescoTM Range
Introducing the new range of Presco™ indoor keypads and readers. The Proximity reader and Combination keypad are advanced self contained RFID (Radio Frequency Identification) contactless devices. They are capable of interfacing to either a Wiegand input control panel or to the Presco range of PAC controllers. When any of these devices are coupled with the Presco™ PAC series of door access controllers you get the full benefits of a secure door access control solution with all of the features of the Presco™ protocol.
FEATURES The PSK16 is a direct replacement for the PRE keypad and outputs Presco™ data only. Installations require only 3 wires to the controller but can be made with 2 wires if the LED indication is not required The PSC16 & PSR16 output both Presco™ and Wiegand format data. Output type required is auto sensed via white wire connection. Read range of up to 20cm Compatible with Presco™ PAC access controllers and all other Presco™ decoders, the entire system uses low cost non-shielded cable and keypads and readers can be up to 1 kilometre from the door controller (power supply and cable dependent) Compatible with industry standard 26 bit wiegand systems, the keypad can output 8 to 64 bit or burst mode wiegand and custom proximity cards and tags are available for wiegand formats up to 64 bits
For more info www.presco.com.au
NIDAC SECURITY 2 Cromwell Street BURWOOD VICTORIA AUSTRALIA 3125
084-087_SSM108 Article 4.indd 87
Audible and visual confirmation of all actions. Designed and manufactured in Australia. 36 month manufacturer’s warranty
Phone: +61 3 9808 6244 Fax: +61 3 9808 9335 E-mail: sales@nidac.com
21/06/2017 12:43 pm
SECURITY STUFF C O N T E N T S
SPOTLIGHT
PROFILE
Security Exhibition 090
Ad d -On
096
Cognitec
106
Boon Edam
110
SAAB Group
098
Hikvision
106
Hikvision
111
d STi
100
Prescoâ„¢
107
d STi
111
Seagate
102
P2WT
107
Pathmin d er
108
Videofied
109
Dahua
094
PRODUCT SHOWCASES
SHOP TALK
88 SECURITY SOLUTIONS 088-089_SSM108 Sec Stuff.indd 88
21/06/2017 11:25 am
SECURITY SOLUTIONS 89 088-089_SSM108 Sec Stuff.indd 89
21/06/2017 11:25 am
THE INTELLIGENCE OF SECURITY
26-28 JULY 2O17 ICC SYDNEY DARLING HARBOUR
SHOWCASING SOLUTIONS AND STRATEGIES AT THE SECURITY EXHIBITION & CONFERENCE 2017
PRINCIPAL SPONSOR
LEAD INDUSTRY PARTNER
ORGANISED BY
REGISTER AT SECURITYEXPO.COM.AU
Security Exhibition The security industry’s leading business event returns to NSW this July and we can’t wait for its debut at the new International Convention Centre Sydney in Darling Harbour. The Security Exhibition & Conference is the only three days of the year that the industry clears their calendar to reunite with colleagues alongside a Conference program curated by ASIAL and a showcase of the most innovative solutions in the Australian market. For over three decades the event has been the trusted destination to get hands-on experience with latest product releases whilst meeting suppliers face-to-face. In 2017 these opportunities are plentiful, coming off the back of ISC West in Vegas; the Security Exhibition is Australia’s first platform to see brand new launches in physical and electronic security such as Axis Communications’ award-winning Q6155E PTZ Dome and Site Designer. We have a great line-up of suppliers on the floor including Dahua, Avigilon, Samsung
and Inner Range plus the return of the likes of FLIR, Ness Corporation and HID Global. You can compare solutions side by side to negotiate deals and get the most competitive prices. Accommodating the full security supply chain, the Security Exhibition & Conference brings together manufacturers, distributors, installers, integrators, consultants and end users to not only learn and connect but to create unexpected business opportunities.
Gala Dinner The annual Gala Dinner hosted in partnership with ASIAL toasts the outstanding and memorable moments of the year in security. This entertaining networking evening brings together the security community from across Australia to celebrate, engage and socialise. The 2017 Gala Dinner is held on the second evening of the exhibition, Thursday 27 July at the spectacular Doltone House, Jones Bay Wharf. Incorporating a three-course meal and fine wine, the evening recognises the Best New Product Awards and offers great entertainment.
Tickets are on sale now and are expected to sell out fast. Individual seats are valued at just $199 or you can book a table of 10 for $1,890. Book now at securityexpo.com.au
FIND OUT MORE AND BOOK AT SECURITYEXPO.COM.AU ENTER PROMO CODE SEC1
090-095_SSM108 Spotlights.indd 90
EXHIBITION HOURS
CONFERENCE HOURS
Wed 26 July Thurs 27 July Fri 28 July
Wed 26 July Thurs 27 July Fri 28 July
9:30am-5:00pm 9:30am-5:00pm 9:30am-3:30pm
9:00am-5:30pm 9:00am-3:30pm 9:00am-3:30pm
20/06/2017 2:26 pm
ASIAL Security Conference The ASIAL Conference is your annual opportunity to receive valuable updates, from the organisations shaping today’s security landscape, in a program carefully curated by the industry’s lead association. Following feedback from the industry, we have refreshed the format of the Conference so you can receive industry updates in the first day of the program.
The second and third day can be tailored to hear from the most relevant speakers through in-depth Executive Briefings focused on specific areas to help you tackle operational security challenges.
ASIAL CONFERENCE, WEDNESDAY 26 JULY Time
Session
Speaker
9:00
Welcome from Conference Moderator Jason L Brown, National Security Director, Thales ANZ. Official Conference Opening from ASIAL President, Kevin McDonald
9:1010:00
From sci-fi to the boardroom threat Where the challenges lie in the digital future!
Shara Evans, Founder, Market Clarity
10:0010:50
Crisis management – Making sure you are prepared
Mario Gomez, Vice President Operations, GoCrisis (Americas)
11:1512:00
Organisational resilience - A catchcry or an effective holistic approach to risk management
Peter Gervasconi, Senior Partner, Risk & Resilience Team, Transport Accident Commission & Claire Willette, Principal, Windrose International
12:0012:45
Case study: Delivering a safe and secure games
Danny Baade, Head of Security, Gold Coast 2018 Commonwealth Games Corporation (GOLDOC)
13:4514:30
Supply chain management in the security industry Understanding your obligations
Greg Robertson, Director, General Protections and Misclassifications Team, Operations Group, Fair Work Ombudsman & Chris Delaney, Chris Delaney & Associates
14:3015:10
Facing up to security threats and risks A small business perspective
Kate Carnell, Federal Small Business & Family Enterprise Ombudsman
15:3016:10
Terrorism preparedness
Assistant Commissioner Mark Murdoch APM Commander, Counter Terrorism & Special Tactics, NSW Police
16:1016:50
Converging cyber and electronic security Why you can’t wait and tips for success
Neil Campbell, Director, Global Security Solutions, Telstra
16:5017:30
Why hacking physical security and IoT is easy and what to do about it
Tony Vizza, Cyber Security Practice Manager, Sententia
EXECUTIVE BRIEFINGS, THURSDAY 27 JULY 9:0011:30
Understanding the importance of media training in a crisis
Mario Gomez, Vice President Operations, GoCrisis (Americas)
9:0011:30
CCTV for critical infrastructure and local government - Mitigating cost overruns and variations
Arthur Barker, Principal Consultant, Electronic Security & Video Systems Specialist, T&L Enterprises
13:0015:30
Social media crisis management
Mario Gomez, Vice President Operations, GoCrisis (Americas)
13:0015:30
Designing “secure” buildings - Insights, current and future practices
Kerran Campbell, Adjunct Associate Professor (Security Science), Edith Cowan University & Director, CCD Alliance Security Consultants
EXECUTIVE BRIEFINGS, FRIDAY 28 JULY 9:0011:30
Airport security - Applying lessons learnt to other industry sectors
Kerran Campbell, Adjunct Associate Professor (Security Science), Edith Cowan University & Director, CCD Alliance Security Consultants
9:0011:30
Understanding pixel densities and what they mean
Vlado Damjanovski, CCTV Specialist & Author, Managing Director, ViDi Labs
13:0015:30
Security risk management - Risk intelligence, agility, resilience and leadership
Dr Gavriel Schneider, Group CEO, Risk 2 Solutions & Head Lecturer of Psychology of Risk, Australian Catholic University
13:0015:30
Large scale migration from analogue to IP (wide area) – Arthur Barker, Principal Consultant, Electronic Security & Video Systems Specialist, T&L Enterprises Case study on University of Tasmania
Advance booking is highly recommended as the 2016 program sold out. Conference passes start from only $625. BOOK NOW AT SECURITYEXPO.COM.AU
@security_expo /secexpo
All information correct at time of printing. The organisers reserve the right to alter the content of the program at any time due to reasons beyond their control.
090-095_SSM108 Spotlights.indd 91
20/06/2017 2:26 pm
EXHIBITOR LIST FLOORPLAN Stand F45
Aiphone
D18
Alarm.com
K42
Alarmcorp
A1
Amaryllo International Inc.
D48
Antrica (Div of Zilica Ltd)
A37
Archer Solutions
A47
ASIAL
K44
ASSA ABLOY
C22
Astute Access
A2
Australian Security Technology
J34
Avigilon
F22
Axis Communications
C30
Able Security Group
B24
BFT Automation Australia
F18
Boon Edam Australia
E46
Bosch Security Systems
D6
B-Sealed Security Seals
A36
Cardserv
K43
Cave Rock Software
A30
Centurion Systems Pacific
K40
Chemical Security
G48
Cognitec Systems
K26
Commend Australia
B46
ComNet
D16
Comtech Training
K35
Console Concepts
A28
Consolidated Security Merchants
J22
CR Kennedy Surveillance Solutions
G22
C R Kennedy Surveillance Solutions
B40
Criterion Solutions
K17
CSD
E22
Dahua Technology
G30
Dallas Delta
A48
DIGIFORT
J6
Digital Matter
B29
dormakaba
H22
EKA
F5
Electro-Com (Australia)
G16
Electrocraft
L28
Electronic Development Sales (Australia)
K8
Elite Wholesalers
B26
EOS Australia
D39
EQL Networks + Security
F46
ETM Pacific
K5
Extravision Australia
L42
Ficient
C46
FLIR Systems
H30
FSH Fire & Security Hardware
A46
Fullnet Security
K31
Gallagher
B16
Geared Up Culcha
B54
Genetec Inc
E4
Geuterbruck
H6
GK Solutions
G6
Gunnebo
J16
HARCOR
K12
Hikvision Australia
D22
Honeywell
C55
C47
B48
A48
D52
D47
C48
D45
C46
B46
A46
A45
C54
B54
E54
E55
E46
F45
D46
A43 A41
A37 A35
B40
A40
A36
B36
C35
A34
B34
C34
C40
E39
D39
SAMSUNG SOLUTIONS BAR
C30 A31 A27
A30
B26
B29
A28
B24
B27
F4
D22
C22
B22
A21
E22
A19
D18 A7
B16
E16
C18
F16
D16
A2
B12
F12
C9
D12
B10
E12 F10
C4 D6 A1
B2
E4 D4
F4
G40 G10
ID Warehouse
B48
IndigoVision
B12
InfoSign
D47
Inner Range
F16
Interlogix
C18
F53
D48
C4
ID Supplies and ISCS
090-095_SSM108 Spotlights.indd 92
B52
A47
K7
HID Global Hills
INTERLOGIX COFFEE CART
A23
Exhibitor Add-On APAC Innovative Solutions
ENTRY
20/06/2017 2:26 pm
F5
26-28 JULY 2O17
PRINCIPAL SPONSOR
LEAD INDUSTRY PARTNER
ORGANISED BY
ICC SYDNEY DARLING HARBOUR
E55
Cyber Security Zone
F53
F48
G52
G47
G54
G48
H49
H50
H52
NEW PRODUCT HIGHLIGHT STAGE
J49
H47
J48
INTERLOGIX COFFEE CART
L48
K43
H46
F45 G46
F46
H45
L46
K44
J46
L44 K42 G40
F40
H40 K40
L42
SHOW INFO
L38 H36
K36
L36
J34
K35
L34 G30
BAR
L32 J30
H30
K31
K30
L29 L30
K26 F22
H22
G22
L25
L28 International Pavilion L24
J22
L22 K16 L20 F18
H18
F16 G16
J18
L18
K17
J16 K12
H12
L12
J12
F12 G10
L8
K8
F10
K6 K7 H6
J6
G6
K5
F5 K4
CAFE EXIT
090-095_SSM108 Spotlights.indd 93
FEATURE AREA
EXHIBITOR
Exhibitor Stand IQ Innovations F48 I-TEK Metal Manufacturing Co., Ltd B22 Jacques Technologies D4 Jiangsu Tiancheng Smart Systems Group L24 JJ SecuWatch A23 Kaspersky Lab Australia and New Zealand G52 KBC Networks H47 Kore Wireless B10 LEDA Security Products C9 Lockit Systems F53 LSC F12 M2M One B27 Magnetic Automation J12 March Networks K36 Mindsystems H45 MOBOTIX AG E16 MSS Natural Power Solutions L25 Ncryptcelullar F53 Nemtek Electronic Fencing Products G46 Ness Corporation B2 Network Optix H40 Nocturna Ltd J48 Optical Solutions Australia J46 Optical Systems Design J30 OT systems D45 Panasonic Australia E12 Panorama Antennas B36 Perimeter Security Industries A27 Perimeter Systems Australia D46 Platinum Safes A21 PPC - ID Card Solutions A19 Proscan Australia D12 Registered Cablers Group L48 Ring A31 Royal Corp Security A43 Salto Systems C40 Samsung D30 Seagate Technology K16 Secure World Solutions L8 SECUREcorp L12 Securitag Assembly Group C35 Security Distributors Australia F10 Security Electronics Magazine A41 Security Solutions Magazine A35 Secusafe F40 SecuVision CCTV A7 Sensing K30 Senstar L29 Sententia J49 Shenzhen Utepo B52 simPRO Software H12 SIMTRACK C34 Smart Identity A45 Smiths Detection Australia K6 SpotCam L38 Stentofon Communications H36 Sumgia Electronics L32 Suprema Inc. J18 SX Technologies L44 SYLO E39 Takex America F4 TDSi Australia H46 Telstra K4 Total Recall VR A34 VIASEC B34 Video Alarm Technologies H18
20/06/2017 2:26 pm
IGH T SPO TL
Dahua Professional Surveillance System Transforms Cutral-Có, Argentina into Safe City in 30 Days As the second largest city in Neuquén Province, and one of Argentina’s most important oil producing regions, CutralCó was in need of a solution to safeguard both its citizens and infrastructure. In just 30 days, a state-of-the-art Dahua Safe City video surveillance system comprised of 242 devices is set up completely. It enables the city to become a pioneer in modern urban security development as well as a national technology hub. The Dahua Safe City solution was developed to greatly improve police, fire, transportation, and medical emergency response speeds and efficiency through a network of reliable cameras and intelligent technologies.
Challenge Located in northwestern Argentina, Cutral-Có is the second largest city in Neuquén Province and a major oil producer in the region. Due to the recent economic downturn and the resulting crime, on top of inefficiencies in the traffic system often causing painstaking gridlocks, the city needed an efficient, reliable solution that secure the its nearly 50,000 residents and natural resource infrastructure. This led former Cutral-Có mayor Prof. Ramón Riosecoto call for a comprehensive video surveillance system that would monitor traffic, improve city management, streamline responses to neighborhood emergencies, support the Civil Defense force, and safeguard urban areas. Without such a system, integral public services would not be able to function
094 SECURITY SOLUTIONS 090-095_SSM108 Spotlights.indd 94
properly, thus delaying the city’s modernisation process. In coordination with the Cutral-Có government, Dahua stepped up to the task and formed an action plan that would become one of the country’s most advanced security grids.
Solution As a leading global provider of advanced security solutions, Dahua Technology was chosen to develop an urban surveillance network for the city of Cutral-Có not only because of its numerous success stories in developing professional security infrastructure in major regions around the world, but also because of its compassionate, face-to-face technical support. In addition, a wide range of field-tested products able to withstand the adverse temperature extremes CutralCó experiences, which range from -10°C to 40°C, made Dahua the most qualified candidate for the project. At the project’s core, Professional Surveillance System (PSS) software was selected to design and manage deployment of the system’s numerous speed domes and camera components. With support for 256 simultaneous device connections, all 242 of the project’s components could be managed from one system. In order to handle the massive flows of data from multiple high resolution cameras, the Dahua DH-NVR6000 series network video recorder was integrated to provide 64TB of storage out of the box, with another 128TB added through network storage, bringing its
total storage capacity to 192TB and allowing the system to record and store video in full HD resolution for 45 days. The long archive time offered by this setup is perfect for intense data analysis and various facial and plate identification software. Dahua SD6C230S speed domes were chosen to provide extensive coverage around urban areas due to their long-range capabilities. With 30x optical zoom and 16x digital zoom at a resolution of 2 Megapixels, the speed domes are ideal for crime prevention units and automatic number plate recognition (ANPR) at variable distances, performing well on objectives at ranges of over 320 metres. These speed domes were installed at the main entrances of integral public sites such as hospitals, schools, police stations, and crossroads. To accommodate various geographical constraints, a portion of the speed domes were interconnected wirelessly, while others were connected by optical fibers. Uninterruptible power supply (UPS) was used to power each to ensure 24/7 operation. Three Megapixel fixed DH-IPC-HF8301E Ultra-Smart Network Cameras were placed in areas of high risk. Their progressive scan CMOS sensor, vari-focal lens, and motorised auto-iris, coupled with a multitude of smart detection features, including facial detection, enable the cameras to deliver superior performance during the day or at night, even in the absence of infrared illuminators. SMART Professional Surveillance System (SMART PSS) software was used to achieve
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
20/06/2017 2:26 pm
Dahua
integration with the entire network of cameras and digital components. This setup allowed the city to host its own internet-based data center administration system, which is the first of its kind in Argentina. Optical fibers provided by internet providers Telefónica and Copelco provided the system with the high bandwidth capacity required to support intense data traffic, which was managed through the SMART PSS software’s load balancing system. Vigilancia Online S.A., a Dahua partner company, accomplished smooth installation and integration of the system’s 242 cameras in only 30 business days.
Benefits In just a month’s time, Cutral-Có has been equipped with one of the most advanced command and control centers in the country, which is interconnected with the Radio-electric Command of the neighbouring city of Plaza
Huincul and defense agencies, displaying the importance of a Smart City system on both its immediate and surrounding areas. City officials can now take a relaxing breath knowing that Cutral-Có residents and infrastructure are fully protected by worldclass, state-of-the-art video surveillance technology provided by Dahua. This solution demonstrates Dahua’s core value in Innovation, Quality, and Service (IQS), which will continue to be its main driving factors as Dahua looks towards the future.
About Dahua Technology Zhejiang Dahua Technology is a leading product and solution provider in the global video surveillance industry. We had the second highest market share of the global video surveillance equipment market in 2015 according to IHS 2016 report. We were ranked fourth in 2016 by a&s Security 50, which ranks
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
090-095_SSM108 Spotlights.indd 95
global security industry players according to total security equipment sales. We commit to providing the highest quality product with the latest technology to enable our customers to perform their business successfully. Our company has invested about 10% of annual sales revenue in R&D since 2010. We have more than 5,000 R&D engineers today. Our engineers work on cutting edge technologies in camera lens, image sensor, video encoding and transmission, embedded processor, graphic processing, video analytics, software reliability and network security technology. We partner with leaders in respective areas to make sure our customers enjoy the latest and the best technologies. Numerous Dahua products have been acknowledged and awarded by professional associations and organisations in the security industry. Visit www.dahuasecurity.com to learn more.
SECURITY SOLUTIONS 095 20/06/2017 2:26 pm
PRO FILE
ADVERTORIAL
www.addonapac.com Max-Mesh from Maxtech Networks – connecting beyond network reach
MaxMesh is an innovative, patented Mobile Ad-hoc Network (MANET) that facilitates infrastructurefree, self-forming, self-routing, and self-healing networks. This technology frees users from the constraints of traditional communication methods, and enables them to connect anywhere – far beyond the network reach. MaxMesh technology has already established a significant track recor in the Critical Communications market thanks to its ability to ensure connectivity by implementing a multi-hop MANET that enables critical voice and data communications. Successful deployment of this technology has been proven across multiple critical communications segments such as defence, airport ground crews, tactical first-responder teams and law enforcement groups. Unlike traditional wireless networks, which often rely on routing from existing infrastructure such as WiFi or cellular networks, the MaxMesh MANET creates a virtual and dynamic infrastructure which does not require any static components. The combination of Maxtech mobile ad-hoc mesh technology with SDR capabilities ensures quick and efficient transmission of mission critica voice, data, and video in the most challenging environments supporting a wide range of applications and form factors.
96 SECURITY SOLUTIONS 096-105_SSM108 Profiles.indd 96
Key Benefits of the Maxtech MANET: • Infrastructure independent, with zero-time deployment, and no reliance on base stations. • Maximum resiliency: 1. Independent from reliance on GPS for synch, enabling real indoor operations based on a patented algorithm. 2. Self-configuring network, self-managed, self healing with no single point of failure. 3. Frequency-hoping capabilities to ensure radio interference resiliency. • Superior voice quality and data throughput, with assured voice QoS with efficient bandwidt utilisation over multi-hops, and simultaneous transmitting of voice and data enabling vast data applications. • Flexible and dynamic network, with units able to join and leave the network dynamically. Supporting three optional waveforms according to available frequency and application requirements. Supporting and unaffected by high-speed mobility. • Gateways – Networks can be extended via “gateways” across cellular networks (GSM, LTE), internet, legacy radio networks, microwave links, satellite links, etc. • Form Factor – Independence from hardware
such as internal clocks enable use of an extremely small form factor. The MaxMesh MANET is available on a mPCIe – smaller than a business card, that can be easily integrated into existing hardware including radios, tablets, computers, etc. • Automated Management – Networks are selfconfiguring, self-forming, self-managing, an self-healing. The multi-hop network changes with movement. The network constantly and dynamically determines the best and most efficient route for voice and data to travel, usin each device in the network to create a flexible dynamic, self-sustaining network. • Interoperability – MaxMesh technology is easily integrated into existing communications networks. Networks can expand to include legacy networks and local infrastructure. The SDR technology allows us to implement MaxMesh technology on the MAC layer thus enabling integration into third Party radios. • Ease of Use – Management, configuration and data transfer can all be done through the radio devices themselves or through PC software. Alongside an open API, and easy app integration, users are provided with an ease of use across multiple networks. The solution is available as an end user handheld two-way radio product supporting voice and data applications over a mesh network, or as a standard mini PCIe device including Phy and MAC layers running the Max-Mesh core technology that can be integrated into tablets, smartphones, laptops or embedded devices. Max-Tech Networks is represented in Asia Pacific by Add-On Apac Innovative Solution. The offer converged physical, cyber and communication security solutions. Operating across the Asia Pacifi region, Add-On Apac harness advanced products and ground-breaking technologies, helping their customers transform the way they protect people, information and assets. For more information of FST Biometrics, please visit www.max-mesh.com. For more information on Add-On Apac, please visit www.addonapac.com, or call us on 03 9607 8465.
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
21/06/2017 12:08 pm
Sign up to our eNewsletter and receive up-to-date valuable information regarding all things Security.
www.securitysolutionsmagazine.com
096-105_SSM108 Profiles.indd 97
21/06/2017 12:08 pm
PRO FILE
ADVERTORIAL
The Real Threat of Cybercrime
By Marc Tapping
With cybercrime now overtaking drug traffickin as the most prolific and profitable crim every business needs to be aware of the risks. Consumers are paying anything from AU$150 upwards to online criminals and the price continues to increase with some reports indicating that AU$1,000 is now the norm. The scale of what this can cost business is staggering. The purchase price for Yahoo by Verizon dropped by US$350M after multiple Yahoo data breaches were revealed. Marc Tapping, Head of cyber security and risk for Saab Australia, warns ransomware is rampant and continues targeting consumers, business and government. The most recent global ransomware event highlights just how fragile our systems really are, and equally how unprepared we were for what Marc says was "a natural evolution in the increasingly sophisticated world of cybercrime and espionage". "An intelligence agency sits on software vulnerabilities and code to exploit it for years; they get compromised somehow; the vendor is warned and interrupts its normal patch cycle to issue a fix; the information gets dumped online cybercriminals develop a way to make money from it; and real impacts are felt worldwide with the obligatory media frenzy. I’ve read a few books that follow a similar pattern,” says Marc. Many examples of ransomware are indiscriminate but others are clearly targeted based upon the sums being demanded in payment. What has caused this? Perhaps digital currency, because it has almost single-
98 SECURITY SOLUTIONS 096-105_SSM108 Profiles.indd 98
handedly enabled criminals to monetise their activities with a very slim chance of being tracked and held accountable. "The days of the stand over guy are over when criminals in any part of the world can extort, transfer and access money so easily”, says Marc. Criminal groups are organised and sophisticated; they have access to highly talented people either directly or indirectly using ‘crimeas-a-service’ type arrangements. Marc says, “I imagine that almost everyone knows someone, or of someone, who has been impacted by these types of activities; the media is full of it, government is challenged by it, and law enforcement is stretched by it”. Marc believes awareness levels need to be raised, that we should be prepared to tell the public the true scale of the problem and the types of organisations being impacted to effectively get the message across. Next year the Australian Government will be rolling out the Notifiable Data Breaches schem and this should help open up the conversation. The scheme will ensure affected individuals are notified about serious data breaches where thei information has been disclosed. “Other traditional measures like patching applications and operating systems, disabling macros on documents, creating strong passwords, not reusing your passwords, keeping a current backup of data offline, all help too”, says Marc “To appreciate the size of the problem, we only need to look back to 2014 when the United States Office of Personnel Management was breache
by nation state actors. As the threads were pulled by incident responders and information released, the scale of it was almost unbelievable. Whilst this might not be the most mediaattractive breach in comparison to Ashley Madison, Target, eBay, LinkedIn or Yahoo, it undoubtedly has the furthest reaching impact”, says Marc. Anyone who has undergone a security clearance will understand just how much of your personal information (including data about your family and friends) is provided. “Consider this,” says Marc, “the home address, education, family members, financial, health, criminal, work histor , travel, even the fingerprint information for million of current (and former) US clearance holders and applicants was breached. We may not know the true impact of this for years to come, but I’m sure the intelligence agencies of the specific natio state actors are busy!" It’s critical organisations understand the risks and take steps to protect themselves. They should understand what they need to protect, determine how best to protect it and maintain that state, be vigilant. “It’s not easy, clearly, so get advice from people who do this because despite what you read and what sales people will tell you, there is no onestop-shop for this, no fancy boxes with blinking lights, no quick fix,” says Marc No business and certainly nobody is immune. Saab Australia is offering advice and services to federal and state government agencies, technology companies, employment services, financia institutions, defence contractors, independent schools, national retail chains, universities, web developers, civil security, airports and law enforcement. For support with your business, give Marc a call on 08 8343 3800.
About Marc Tapping After a spell on building sites and the UK Armed Forces, Marc connected to the digital world as a mainframe computer operator, progressed to technical support, then networking in the 1990s. Up until 2010 he was heavily involved in managing and implementing networks, firewalls, intrusio prevention, proxies and the like. Marc then moved direction and started performing vulnerability assessments, penetration testing and more generic information security consulting. Marc has multiple vendor and industry certifications an is a certified IRAP assessor with the Australia Signals Directorate.
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
21/06/2017 12:08 pm
MORE REACH
than ever before
Security Solutions Magazine digital version is now available via ISSUU on every platform, everywhere! Download it now and enjoy your favourite security magazine when you like, where you like, however you like. PC, MAC, Linux, Apple, Android, Google and more...
issuu.com/interactivemediasolutions 096-105_SSM108 Profiles.indd 99
21/06/2017 12:08 pm
PRO FILE
ADVERTORIAL
Access Control Using Smartphones Successfully combining security and userfriendliness for a unique user experience
Virtual cards need to offer the same levels of security as traditional high-security cards, while improving the user experience for workers. This is where STid stands out from its competitors.
Get ready to discover the many possibilities that mobile technologies can offer for access control solutions. From smartphones to smart watches, mobile devices are everywhere and are well-suited for a vast range of uses. Vincent Dupart, CEO of STid, a French fi m that develops secure access control solutions, tells us how important it is to tie in great user experience with the top security systems in order to meet the growing need for corporate mobility.
What do you mean by improving the user experience? Today’s mobile access solutions should also take advantage of Bluetooth® Smart technologies and the latest advances in gesture technology so that users can unlock doors from a distance. This means that you could open a door by tapping twice on your smartphone or by swiping the access reader, even if you’re in the middle of a call or if your smartphone is tucked away in your pocket. Over 90% of workers feel that access control is a nuisance! Virtual cards and their many identification methods help workers to accept and comply with the security policy of businesses, industries and governments.
Your STid Mobile ID® solution recently won a new award at ISC West in Las Vegas. Tell us more. How would you assess the impact of smartphones on the way we work today? Around two-thirds of workers use their smartphone to access company applications. They are more mobile than ever and need the right tools to access their professional data at any time. BYOD-type approaches (Bring Your Own Device) give workers new freedom and improve their user experience. If you leave your access card at home, you probably won’t bother to go back for it, but if it’s your smartphone, you won’t think twice about turning the car around. Smartphones have become essential, making mobile technologies the logical next step in access control for offices, parking lots and warehouses. Users find them easier and more natural to use and Directors of Security love their straightforward and secure administration systems.
100 SECURITY SOLUTIONS 096-105_SSM108 Profiles.indd 100
Does the fact that access rights are stored on an ultra-connected smartphone require extra layers of security for data protection? What are your thoughts? Obviously, the choice of digital solution must not compromise the core principles underpinning your security policy. Why would you outsource your data to a third party? Where is the data stored? Are you independent in managing your security? No technical or technological constraints should prevent Directors of Security from managing their systems independently, with the freedom to host sensitive data in-house if that’s what they want. In any case, data stored in a mobile application and any data exchanges must be secured using encryption and obfuscation methods that comply with government recommendations.
In April 2017, the SIA (Security Industry Association) presented STid with the award for the best Mobile Application for our secure and instinctive access control solution, STid Mobile ID®. The Architect® Blue range of readers and STid Mobile ID® application have reinvented access control by making identification a fun and intuitive user experience. This innovative solution transfers access cards to smartphones either alongside or as a substitute for traditional RFID cards. This fifth award recognises STid’s ability to drive the security market forward by offering non-propriety open technologies that make everyday life easier for users. It reflects our desire to propose increasingly innovative solutions that will win over new markets, including in North America.
More Information on www.stid.com – info@stid.com – +61 2 92 74 88 53
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
21/06/2017 12:08 pm
096-105_SSM108 Profiles.indd 101
21/06/2017 12:08 pm
A Comparison of Seagate HDDs for Video Surveillance and Analytics ®
Your security can take many forms—receiving notifications when the kids arrive home from school, monitoring your business over a weekend or holiday closure, overseeing visitor activity at schools, and monitoring hospital traffic flow and patterns to prepare medical teams to react faster. There are many scenarios and possibilities. But no matter where you implement these security systems, storage is essential as data is captured and analyzed 24 hours a day, 7 days a week.
PRO FILE
ADVERTORIAL
Seagate offers storage to support a variety of systems; here we’ll focus on those drives which support video and analytics. The applications these drives support include surveillance DVRs (SDVR), network video recorders (NVR), and centralized or cloud surveillance for video data analytics.
Safe and Smart A Comparison of Surveillance Seagate® HDDs forGuide Video Drive Selection Safe and Smart Surveillance Drive Surveillance and Analytics
Marketing Bulletin
Selection Guide
A Comparison of Seagate HDDs for Video Surveillance and Analytics HDD Options
Surveillance DVRs (SDVR)
Network Video Recorders (NVRs)
T
®
s
Centralized Storage for video analytics
n
Your security can take many forms — receiving Surveillance Digital Video Recorders, NVRs support the use of up to 32+ The opportunity to analyze and make notifications when the kids arrive home from or SDVRs, are simple systems enabling cameras in their multi-drive system to use of large amounts of video data school, monitoring your business over a significant cost and space savings when maximize space for networked video is enormous. Cities can predict and capacity and scalability are not top recordings. improve traffic flows, and stores can weekend or holiday closure, overseeing visitor priorities. Single drive, systems typically lay out merchandise in more compelling support up to 16 cameras. ways with the support of 100+ cameras. activity at schools, and monitoring hospital traffic flow and patterns to prepare medical Seagate SkyHawk and Enterprise Seagate SkyHawk and Enterprise Seagate® SkyHawk (formerly Surveillance HDD) Capacity 3.5 HDD Capacity 3.5 HDD teams to react faster. There are many scenarios and possibilities. But no matter where you Your security can take many forms—receiving notifications when the kids arrive home school, monitoring your business over a weekend or holiday closure, overseeing implement these security systems, storage from is essential as data is captured and analyzed visitor 24 activity at schools, and monitoring hospital traffic flow and patterns to prepare hours a day, 7 days a week. medical teams to react faster. There are many scenarios and possibilities. But no Seagate offers storage to support a variety of matter where you implement these security systems, storage is essential as data is systems; here we’ll focus on those drives which captured and analyzed 24 hours a day, 7 days a week. support video and analytics. The applications Seagaterecognition offers storage to support a variety of systems; here we’ll focus on those these drives support include surveillance or willtake it more To choose programs), the right drive, thesimply time be to learn your system requirements. How often will drives which support video and and analytics. The applications these drives support DVRs (SDVR), network video recorders (NVR), used to record content it back only cameras be running and play recording? How long do you need to keep your footage? Where DVRs (SDVR), network video recorders (NVR), and centralized or and centralised or cloud surveillance for include surveillance when an incident needs reviewing? If it is, then will you be storing and streaming your data? How many drives does your system support? cloud surveillance for data understand analytics. the video data analytics. these factors are video important These questions will helptoyou understand which Seagate drives will best support your To choose the right drive, take the time to level of performance you’ll expect from the Capacity 3.5 HDDs. system: Seagate SkyHawk or Enterprise learn your system requirements. How often drive. For example, surveillance systems often It’s important to understand the workload of a security system first so you can determine will cameras be running and recording? feature advances in intelligent video analytics the performance the system requires from the drive. Will the system be used for fast How long do you need to keep your footage? and high-definition image recording. In order to video analytics (the use of features like facial recognition programs), or will it more simply Where will you be storing and streaming your manage the vast amounts of video and related be used to record content and play it back only when an incident needs reviewing? If it data? How many drives does your system metadata in an intelligent surveillance solution, is, then these factors are important to understand the level of performance you’ll expect support? These questions will help you a relational database or similar traditional from the drive. For example, surveillance systems often feature advances in intelligent understand which Seagate drives will best data system is typically used. It is absolutely video analytics and high-definition image recording. In order to manage the vast amounts support your system: Seagate SkyHawk or critical that reads and writes for such systems of video and related metadata in an intelligent surveillance solution, a relational database Enterprise Capacity 3.5 HDDs. employ the utmost levels of performance and or similar traditional data system is typically used. It is absolutely critical that reads and It’s important to understand the workload of error detection correction to ensure writes for suchand systems employ the data utmost levels of performance and error detection and a security system fi st so you can determine integrity isn’t compromised. correction to ensure data integrity isn’t compromised. the performance the system requires from Next consider what implications this Next consider what implications this workload will have on your system design. All the drive. Will the system be used for fast workload will have on your system design. surveillance applications expect support 24×7, but how does this affect your storage video analytics (the use of features like facial All surveillance applications expect support
0102 SECURITY SOLUTIONS 096-105_SSM108 Profiles.indd 102
requirements. Applications that stream video to a central location may need higher capacities and throughput to accommodate their streaming activity, remote access and data In fact, ever file sizes in video are behind the Unlessreplication. otherwise expressly stated, the review of the increasing product or products appearing in this section represent surveillance the opinions of the relevant advertiser and do not represent the or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication. insatiable hunger for greater storageviews capacity; such data can quickly fill even the most copious storage system. But sometimes sheer drive capacity is just part of the answer. Efficiently transferring these voluminous files demands drives with outstanding throughput, 21/06/2017 as well as robust error correction features to ensure data integrity is maintained during
re
th
c
12:08 pm
IMS-A
WE’RE VIDEO HEADS
In a digital and fast paced world, video is an ever advancing asset to your arsenal. Whether you’re in need of a promotional, corporate or explainer video, a motion graphic or animation, IMS has you covered. Show the world what you can do, harness the power of video today.
www.interactivemediasolutions.com.au
096-105_SSM108 Profiles.indd IMS-Ad.Video-working.indd 2 103
Interactive Media Solutions 21/06/2017 12:08 am pm 2/10/2014 10:02
A Comparison of Seagate HDDs for Video Surveillance and Analytics ®
Your security can take many forms—receiving notifications when the kids arrive home from school, monitoring your business over a weekend or holiday closure, overseeing visitor activity at schools, and monitoring hospital traffic flow and patterns to prepare medical teams to react faster. There are many scenarios and possibilities. But no matter where you implement these security systems, storage is essential as data is captured and analyzed 24 hours a day, 7 days a week.
PRO FILE
ADVERTORIAL
Seagate offers storage to support a variety of systems; here we’ll focus on those drives which support video and analytics. The applications these drives support include surveillance DVRs (SDVR), network video recorders (NVR), and centralized or cloud surveillance for video data analytics.
Safe and Smart Surveillance Drive Selection Guide
24×7, but how does this affect your storage requirements? Applications that stream video to a central location may need higher capacities and throughput to accommodate their streaming activity, remote access and data replication. In fact, ever increasing file sizes in video surveillance are behind the insatiable hunger for greater storage capacity; such data can quickly fill even the most copious storage system. But sometimes sheer drive capacity is Marketing Bulletin just part of the answer. Efficiently transferring these voluminous files demands drives with outstanding throughput, as well as robust error correction features to ® ensure data integrity is maintained during transmission. The SATA interface takes advantage of breakthroughs in very large scale integration (VLSI) technology and high-speed serial transceivers, enabling Government or retail applications usually require data be stored for a given amount of time SATA drives to deliver an unprecedented versus a typical home security system, which is usually saved for about a month. This will blend of performance, flexibility, data help you understand what capacity requirements, streaming requirements and vibration integrity and reliability. tolerance will be required to support a system. Government or retail applications usually "Government or retail Finally, when you want extra assurance your data is covered, look into adding data require data be stored for a given amount of applications usually recovery services before systemrequire deployment. These services can complement drive Your security can take many forms—receiving notifications when the home kids arrive time versus a typical securityhome system, data be stored a given warranty terms to coverfor a drive crash, virus failure monitoring to recover data should a driveover a weekend from or school, your business closure, overseeing whichorisholiday usually saved for about a month. become nonfunctional. serviceactivity up frontat can potentially you hundreds amount of time Purchasing versus thevisitor This will helpand youpatterns understand capacity schools, andsave monitoring hospital traffic flow towhat prepare dollars. Supplement backups with recovery services to gain peace requirements, streaming requirements aof typical home your security medical teams to react faster. There are many scenarios and possibilities. But no of mind and ensure you remain within compliance of industry regulations. and vibrationistolerance willas bedata required storage essential is system, which is usually matter where you implement these security systems, to support a system. All are important considerations when choosing the right drive for your security systems captured and analyzed 24 hours a day, 7 days a week. saved for about a month." and will affect the reliability and ultimately ROI of the system design. By knowing your Finally, when you want extra assurance your Seagate offers storage to support a variety of systems; here we’ll focus on those system workload, the number of cameras that will be supported, storage requirements data is covered, look into adding data recovery drives which support and analytics. The applications thesesystem drivesdeployment. support These and drives required per system, you can choose the right drivevideo for your surveillance services before include surveillance DVRs (SDVR), network video recorders (NVR), and centralized or terms environment. services can complement drive warranty cloud surveillance for video data analytics. to cover a drive crash, virus or failure to recover SkyHawk Enterprise Capacity 3.5 HDD data should a drive become nonfunctional. 3.5-inch: 1, 2, 3, 4, 6, 8, 10TB 3.5-inch: 1, 2, 3, 4, 5, 6, 8, 10TB Form Factor/ Capacity1 Purchasing the service up front can potentially Application Addresses the need for high-resolution Bulk storage, data center, government or cameras and camera counts, and ensures corporate applications where HD video and/or save you hundreds of dollars. Supplement your cost-effective performance and durability in video analytics are valued backups with recovery services to gain peace of always-on surveillance DVRs or NVRs mind and ensure you remain within compliance Advantages Tuned for high-write cycle workloads typical Fast random performance and time-to-ready in in video surveillance storage systems; high multi-drive applications of industry regulations. storage capacities support higher-resolution All are important considerations when cameras and systems with high drive counts for reliable drive performance choosing the right drive for your security Data Recovery Services Available 3-year option with +Rescue models — systems and will affect the reliability and Time-to-Ready Excellent: Idle 1, 2 and 3 Best: Power Choice™ technology for customized ultimately ROI of the system design. By knowing time-to-ready and power savings your system workload, the number of cameras Workload Rating 180TB/year 550TB/year that will be supported, storage requirements and 10+ drives System Vibration Tolerance 8+ drives2 drives required per system, you can choose the Data Security — ISE feature in SED or FIPS configurations3 right drive for your surveillance environment. Reliability 1M-hr MTBF/SATA 2.0M-hr MTBF/SAS, SATA For more information, please Limited Warranty 3 years 5 years visit www.seagate.com
Safe and Smart Surveillance Drive Selection Guide A Comparison
of Seagate HDDs for Video Surveillance and Analytics
1 One gigabyte, or GB, equals one billion bytes and one terabyte, or TB, equals one trillion bytes when referring to drive capacity. 2 8+ drive bays suggested for 4TB to 10TB. 1TB to 3TB suggested in systems with 1 to 8 drives. Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the 3 See FIPS 140-2 Level 2 Certificate at http://csrc.nist.gov/groups/STM/cmvp/validation.html#05
0104 SECURITY SOLUTIONS 096-105_SSM108 Profiles.indd 104
views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
21/06/2017 12:08 pm
•
•
•
•
•
• UP TO 10TB • IMAGE PERFECT TECHNOLOGY • SUPPORTS UP TO 64 CAMERAS • 180/YEAR WORKLOAD • ANTI TARNISH MATERIAL FOR HARSH CLIMATES To find out more about Rescue, visit seagate.com/ internal-hard-drives/rescue
SKYHAWK
FOR VIGILANT SURVEILLANCE
LEARN MORE AT SEAGATE.COM
SMART • SAFE • SECURE
© 2016 Seagate Technology LLC. All rights reserved.
096-105_SSM108 Profiles.indd 105
21/06/2017 12:08 pm
PRO DU CT
S E S A C W O SH COGNITEC FACEVACS-VIDEOSCAN The video screening and analytics technology from Cognitec, FaceVACS-VideoScan, allows users to perform complex searches and analyses on persons appearing in realtime camera streams and video footage. The latest product version introduced a user-friendly interface to quickly import sets of recorded video and then carry out detailed investigations. For example, security and law enforcement agents can upload the video files of a specific location at a specific time to find possible participants in or witnesses to a crime. Users can find a person that was previously enrolled in an image database or search for an unknown person and find their appearances in multiple videos. Person searches can also make use of filters that specify age ranges, gender and ethnicity. FaceVACS-VideoScan employs leading-edge face recognition technology to analyse the count, flow, demographics and behaviour of people visible in video streams. Surpassing traditional video surveillance systems, the technology detects and extracts people’s faces in live video streams or video footage and uses anonymous facial analysis to count individuals, generate demographical information, track people movement in time and space, detect frequent visitors and crowds, and much more. The product applies Cognitec’s premier face recognition technology to compare faces to image databases and instantly find known individuals. Businesses and organisations can detect and prevent unwanted behaviour in much faster and more efficient ways, as operators can track individuals in real time, or receive alerts on mobile devices to act within the immediate vicinity of a suspect. On the other hand, FaceVACS-VideoScan can identify authorised individuals or high-ranking customers in real time. Positive authentication can prompt access to restricted areas or alert personnel to provide special treatment. For more information, visit www.cognitec.com or email info@cognitec.com
EASYIP 3.0 SOLUTION The all-new Easy IP product range is simple to install and use, and is available at a budget-friendly price. Rarely does an affordable system come with such powerful functionality: 4K ultra HD with true WDR, H.265+ Smart Codec compression technology. New cameras in the range also provide greater analytic functions, featuring on-board Video Content Analysis options. Its power, combined with its easy installation and user-friendliness, means the Easy IP 3.0 solution requires significantly less operato input to deliver a significantly more efficie and effective security solution. H.265+: Remarkable reduction of bandwidth and storage An intelligent algorithm self-developed by HIKVISION, it can greatly decrease the bitrate of video based on a standard H.265 codec. With the help of three core technology: Prediction Encoding, Noise Suppression and Bitrate Control. The smart codec has outstanding bandwidth-light and storage save performance.
106 SECURITY SOLUTIONS 106-109_SSM108 Product Showcases.indd 106
4K: Recently, ultra-high-definition surveillanc cameras introduced 4K resolution to the security industry. However, 4K resolution has yet to achieve wide application, mainly because of the tremendous bandwidth and data storage requirements. The H.265+ codec optimises data efficiency and makes 4K vide surveillance possible. Every pixel comes to life with vivid clarity. VCAs Video Content Analytics is no longer reserved only for enterprise level security systems. The EasyIP solution brings VCAs into reach for SMB security, too. Staff can use the Smart Search tool for Alarm event and VCA detection, and the Smart Playback function to replay footage capturing line-crossing, intrusions and faces. Alarm triggering and investigation are further enhanced with object removal and unattended baggage detection as well. Super PoE The EasyIP 3.0 Solution is also the easier way to get better video surveillance to and from the most important locations. While traditional PoE travels only 100 metres, this solution features
Super PoE — upgraded power-over-Ethernet — transmitting both power and data over the same cable up to 300 metres (using 802.3af, CAT.6). OTHER FEATURES Designed for state-ofthe-art performance with easier installation, our solution comes armed with reliable components and robust protections. With automatic network backup features and simple Internet connection services, a vigorous security system goes into operation quickly — and stays that way. • • • • • • • • • •
Designed for easier installation 120 dB WDR (Wide Dynamic Range) EXIR 2.0 Triple-stream On-board storage IP67, IP66, & IK10 protection ANR (Automatic Network Replenishment) Dual system backup (NVR) IP address automatic allocation Free Hik-connect cloud service
For more information visit www.hikvision.com.au
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the Editor or relevant editorial staff member assigned to this publication and do not represent the views or opinions of Interactive Media Solutions or the advertisers or other contributors to this publication.
20/06/2017 2:27 pm
CT DU PRO
SHO WC ASE S PSC16 STANDARD PRESCO™ & WIEGAND COMBO KEYPAD & PROX READER The Presco™ PSC16 Proximity Reader is an advanced, self contained RFID (Radio Frequency IDentification) contactless reader. It is capable of interfacing to either a Wiegand input control panel or to Nidac’s range of Presco™ PAC decoders. When a PSR16 is coupled with any PAC series door access controller, users get the benefits of a secure door access control solution with all of the features of the Presco™ system. Featuring outputs for both Presco™ and Wiegand format data, the PSC16 Proximity Reader not only auto senses the output type required via white wire connection, it also has a read range of up to 20cm and is compatible with industry standard 26bit Wiegand systems while also being fully configurable for other systems with up to 64 bits of data from the keypad. Custom proximity cards and tags are also available for other Wiegand formats. Supporting over 19 million possible code combinations (when used with Presco™ PAC), the entire system uses low cost non-shielded cable and can support the use of keypads up to one kilometre from the door controller (power supply and cable dependent). Backed by a 36-month manufacturer’s warranty, this Australian designed and manufactured keypad is ideal for a wide variety of applications. For more information call +61 3 9808 6244 or visit www.presco.com.au
SMART VIRTUAL FIBER—X30 TRI-5GHZ MESHRANGER Full-featured HD surveillance cameras typically use fiber optic connections for remote locations or long distances. However, creating the physical fiber connection to all desired locations is not always feasible. With Smart Virtual Fiber technology, the last mile of connectivity of IP cameras is no longer limited to the reach of cables. P2’s industrial grade wireless solution shortens the deployment time from months to days, or even hours, promising a rapid system rollout. X30 is an industrial-grade 5GHz tri-radio wireless mesh unit designed for flexible and expandable deployment, regardless of physical constraints. Working as a Smart Virtual Fiber, the X30 extends connectivity for IP cameras to the locations where extensive fiber optic cabling is infeasible due to a tight timescale. P2’s Double UP Mesh Ring is an extension from a conventional daisy-chain topology, offering double capacity and reliability. Utilising the exclusive Self-Healing Algorithm, the wireless network allows alternative routing path for fail-over redundancy in mission-critical infrastructures. The easy setup of X30 is ideal for rapid deployment of wireless mesh transmission for the most demanding connectivity requirements. The Smart Virtual Fiber technology breaks the traditional hopping limitation of wireless networks by tackling the multi-hop bandwidth degradation. With the built-in Hardware Programmable Filters, it provides supreme interference isolation for delivering the highest end to end network throughput. Featuring an extra high throughput mesh backhaul application; support 80 concurrent HD IP cameras; more than 20 hops of mesh backhauling and 802.3af PoE output for network cameras, X30 is ideally suited to use in: • safe city projects for instant city-wide surveillance system for existing infrastructure • robust surveillance systems for mission-critical infrastructure • extension of camera reach to remote sites • ultra HD surveillance of 4K resolution in systems requiring sophisticated video analytics. For more information visit p2wt.com or email to sales@p2wt.com
SECURITY SOLUTIONS 107 106-109_SSM108 Product Showcases.indd 107
20/06/2017 2:27 pm
PRO DU CT
S E S A C W O SH PATHMINDER LAUNCH THE NEW C5 SECURITY PORTAL PathMinder have recently launched their new C5 Security Portal in Australia. The unique C5 Security Portal combines a high security anti tailgating man trap with a 1200mm emergency egress door. Following an authorised user through a door is known as ‘tailgating’ and is very easy to do. We have all been told that it is good manners to hold doors open for other people. However, good manners equals poor security practice. Willingly allowing intruders into a secure area not only flies in the face of security, it also renders even the most sophisticated access control system redundant. PathMinder portals solves this problem by ensuring everyone who passes through a doorway must present their access control card. This will give Security and Facilities Managers peace of mind that they are making the most of their security system. The C5 Security Portal is made up of two interlocking doors. The intelligent controller in the portal makes sure only one door is open at a time, thereby restricting access and a sophisticated ultra-sonic tailgate detection system to ensure access is limited to authorised people only. As standard, the units are designed to be burglary resistant and are certified as P1A. Options for each model include vandal, attack and bullet resistant solutions up to BR5 in certain models. Other customisations include metal detector to stop weapons being brought on to a premise. Uniquely, the C5 Security Portal has an added side door. When the emergency exit door is opened, the doors of the C5 cylindrical Security Portal slide away, creating a wide-open space to allow deliveries, wheelchair access or an escape route in case of an emergency. When the door is closed, the security portal automatically resets to normal operation as a highly secure interlock system. For more information visit www. pathminder.com.au or contact Michael Bystram on 0417 229 801
108 SECURITY SOLUTIONS 106-109_SSM108 Product Showcases.indd 108
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the Editor or relevant editorial staff member assigned to this publication and do not represent the views or opinions of Interactive Media Solutions or the advertisers or other contributors to this publication.
20/06/2017 2:27 pm
CT DU PRO
SHO WC ASE S
THE VIDEOFIED OMV – OUTDOOR MOTION VIEWER The Outdoor Motion Viewer ®, a battery-powered PIR motion sensor with an integrated digital video camera and infrared illuminators, is designed to detect an intrusion, instantaneously record a 10-second video and send video alarm signal to the Videofied control panel via a Military Encrypted RF for cellular relay to a nominated Central Monitoring Station where immediate review/verification can initiate a priority response and dispatch from Security/Law Enforcement personnel. Product features include: • 100% Wire free • Colour Video • Operating temperatures -30° / +60° Celsius • Tilt tamper with Accelerometer • IP 65 weatherproof rating • 90° angle detection by default • 3 x lens options included. The OMV – Taking outdoor video verification to the next level.
ALL-IN-ONE SOLAR POWERED IP BULLET CAMERA SYSTEM The Solar Panel Wireless Bullet Camera system by Guardforce is a “Plug and Play” Surveillance system. Once connected through the 4G Network via the built in 4G modem, you will be able to remotely view via your mobile phone with smartphone apps on both iPhone and Android Platforms. This system is IP66 and also has up to three-day battery life from the 24AH Battery. Product features include: • 2 Megapixel Camera with 1080P Resolution • Built in 4G Modem • Built in Micro SD Storage Slot – up to 128Gb • IP66 Rated • Support ONVIF Protocol • P2P Plug and Play.
ALL NEW GUARDFORCE 4G SPEED DOME CAMERA The Speed Dome camera is a Wireless PTZ IP Camera. Our speed dome camera supports mobile phone remote viewing via a smartphone app available on both iPhone and Android operating systems. With a built in 4G modem, 1080p resolution, 4x optical zoom and an IR Distances up to 50m makes the Speed Dome a perfect partner for any situation when attached to our Complete Solar Power Kit.Product features include: • 2 Megapixel Camera with 1080P Resolution • Built in 4G modem • 4 x Optical Zoom with Automatic Focus • Built in Micro SD Storage Slot – up to 128Gb • IP66 Rated • Support ONVIF Protocol • P2P Plug and Play. For more information visit www.videoalarmtechnologies.com.au or call 1300 46 44 55
SECURITY SOLUTIONS 109 106-109_SSM108 Product Showcases.indd 109
20/06/2017 2:27 pm
LK SHO PTA
Unless otherwise expressly stated, the review of the product or services appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
Boon Edam to throw entrance security a Lifeline at Security Expo 2017 A global leader in entrance security systems, Boon Edam, will exhibit for the first time its latest Speedlane Lifeline Series of entrance security gates at the Security Expo 2017 (Stand E46) to be held in Darling Harbour this July. The Lifeline Series – one of Boon Edam’s extensive range of entrance security technologies – is being introduced to major public and private security applications in Australia and worldwide, including in legislatures, treasuries, diplomatic posts and mobility hotspots such as entrances to high rise HQs. Designed to the highest standards of quality, aesthetics and ergonomics, the Lifeline Series is an intuitive, refined and secure entry management system for guiding and managing people flow through to secured areas of buildings. The Lifeline Series interacts with those who approach it, guiding the flow of high visitor levels and acting as a boundary between public and private worlds. “Lifeline is unique to the industry in that it has approach sensors, which allow the unit to sleep until someone comes within range of the sensor. For buildings with sustainability objectives, or those who are interested in saving power, this adds a huge advantage,” says Boon Edam Australia National Sales Manager, Mr Alastair Russell, who has over 30 years of experience in entrance security and its associated technologies. Boon Edam’s Australian office is serving the growing security needs – including OEM equipment service – of facility managers, security officers and consultants, architects, specifiers and property owners here. “The Lifeline Series is one of Boon Edam’s most versatile and useful ranges for entrance security, because it can be used in so many different scenarios, from allowing smooth and guided disability access through to multi-tiered security buildings, where high volumes of people need to be guided simultaneously to different areas,” said Mr Russell. Other major advantages of the Lifeline Series include its intuitive symbols, ergonomic design, premium quality materials and customisation to fit a diversity of interior designs. “We’ve found that technological advances often aren’t met with equal advances in style. Boon Edam understands that entrance security systems like Lifeline are often the first interactions visitors have with a building, so it’s not only important that they’re functional, but also aesthetically pleasing and in keeping with the surrounding architecture,” said Mr Russell. The Lifeline Series contains three models – Slide, Swing and Open – which can each be further customised with dimensional and glass choices as well as a range of currently trending colour finishes. Every combination is possible for all levels of security. For more information on the Lifeline Series, please visit www.boonedam.com.au/lifeline or come and see it demonstrated at Stand E46 of the 2017 Security Expo at ICC Darling Harbour, 26–28 July. Boon Edam’s sleek and elegant Speedlane Lifeline series blends form with function to smoothly guide and manage people flow through to secured areas of buildings
110 SECURITY SOLUTIONS 110-IBC_SSM108 Shop Talk.indd 110
21/06/2017 11:50 am
PTA SHO
Unless otherwise expressly stated, the review of the product or services appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
LK
Hikvision and Cisco Hold Joint Meeting on Cybersecurity Collaboration in Hangzhou Hikvision, a leading supplier of innovative video surveillance products and solutions, together with Cisco, the worldwide leader in IT and networking, recently held a joint meeting on cybersecurity collaboration in Hangzhou, China. This meeting marked the successful completion of the first phase of a collaboration that began in December 2016. Cisco is sharing its professional and sophisticated cybersecurity management experience and technologies with Hikvision, facilitating Hikvision’s globalisation process. During their recent meeting, CISCO cybersecurity experts reviewed results of the first phase of the project and shared relevant experience and advice on the next step. At the same time, Cisco recognised Hikvision’s dedication to safe R&D management. Weiqi Wu, VP at Hikvision, said that Hikvision is committed to the highest possible levels of cybersecurity. “Although the company’s cybersecurity best practices are industry-leading, cybersecurity efforts must be ongoing. Going forward, Hikvision will continue to assess and improve its cybersecurity efforts in the R&D process, and strengthen its research on security technologies. Hikvision will also continue to deepen its collaboration and communication with the world’s top-notch cybersecurity companies, such as Cisco, to further improve cybersecurity in the security industry.” For more information, please visit www.hikvision.com.
STid wins the Award for Best Access Control Mobile App at ISC West, Las Vegas The Security Industry Association (SIA) awarded STid with its Mobile Apps trophy for its secure and intuitive access control solution, STid Mobile ID®. The SIA awards are a key moment for the security industry, introducing over 30,000 professionals from the sector to the most secure and innovative solutions on the market. Earlier this year, STid, a leader and a pioneer in the design of high-security solutions, won the Gold Trophy for Best Access Control Mobile App. STid’s Architect® Blue readers and its STid Mobile ID® app have reinvented access control, providing fun and user-friendly identification solutions by transferring the user’s access card onto their smartphone, to work alongside or replace their RFID card. This innovative solution stood out amongst 120 other candidates: a record number of participants in the history of the competition since its launch in 1979! “The STid Mobile ID® app has a lot of potential. What truly sets it apart is its user-friendliness. We were impressed with its various identification methods, allowing the user to open a door without getting their phone out of their pocket… This is a real improvement for organizations in search of simplicity and efficiency”, said one of the judges. For instance, you can open a door by tapping your smartphone twice in your pocket, or by simply swiping your hand against the access reader, even while you are making a phone call or when your phone is in your bag. This new prize rewards advanced functionalities in terms of userfriendliness, security and technological innovation. Vincent Dupart, CEO of STid, concluded: “This fifth trophy recognises STid’s ability to bring advances to the security industry with its non-proprietary, open technologies that make people’s lives easier. The award consolidates our objective to develop new solutions to reach new international markets, including North America”. For more information, please visit www.stid.com
SECURITY SOLUTIONS 111 110-IBC_SSM108 Shop Talk.indd 111
21/06/2017 11:50 am
SUBSCRIBE Security Solutions Magazine, Level 1, 34 Joseph St, Blackburn, Victoria 3130 | Tel: 1300 300 552
I wish to subscribe for:
oONLY $62 per annum!
Name: ............................................................................Company: ....................................................................................... Position: . .......................................................................Address: ......................................................................................... Suburb:...........................................................................State: . ............................... Postcode:............................................. Tel:..................................................................................Email: ................................................................. ........................... TERMS AND CONDITIONS For more information on subscriptions, or to contact Interactive Media Solutions, please phone 1300 300 552 or email to admin@ interactivemediasolutions.com.au. Deductions will be made from your nominated credit card every year in advance of delivery. The direct debit request and subscription price may be changed by Interactive Media Solutions from time to time, however you will always be given at least 28 days notice. The authority to debit your account every year remains valid until you notify Interactive Media Solutions to cancel your subscription by contacting Interactive Media Solutions Customer Service. No refund is given after a payment is made. In the event of a cancellation of your subscription, the subscription will simply expire twelve months from when the last subscription payment was made. Information on how we handle your personal information is explained in our Privacy Policy Statement.
Credit Card oBankcard
oVisa
oMastercard
oAmex
oDiners
Card Number: ........................................................................................................................................................................ Exp: _ _ / _ _ Card Name: .................................................................................................................................................................................................................... Signature: ....................................................................................................................................................................................................................... When payment has been received and funds cleared, this document serves as a Tax Invoice. Interactive Media Solutions ABN 56 606 919 463. If this document is to be used for tax purposes, please retain a copy for your records.
Security Solutions Magazine digital version is now available via ISSUU on every platform, everywhere! Download it now and enjoy your favourite security magazine when you like, where you like, however you like. PC, MAC, Linux, Apple, Android, Google and more...
Subscribe to Security Solutions Magazine for
ONLY $62 per annum!
Simply fill in the form or call 1300 300 55
112 SECURITY SOLUTIONS 110-IBC_SSM108 Shop Talk.indd 112
21/06/2017 11:51 am
110-IBC_SSM108 Shop Talk.indd 113
21/06/2017 11:51 am
EZI SHALLOW MOUNTED CRASH RATED PRODUCTS
Ezi’s Elkosta Wedge II and Safety Flex Bollards are designed and test certified to guarantee the highest levels of security with unequalled shallow foundation capability! Typical areas of application are embassies, government facilities, power stations, military sites and other high security areas, increasingly including public spaces exposed to hostile vehicle threat assessment. Both systems can be installed as a single unit or as a combination to secure perimeters of any width.
FIND OUT MORE ABOUT US!
WEDGE II • Only 300mm installation depth (200mm foundation + 100mm road covering) - suitable for city centre installation; achieving unequalled protection with minimum disruption to underground services and utility, and practical installation timeframes. • Certified with a blocking width of 4m according to the following performance classifications:
•
•
treasures, high-risk venues and public spaces Special Safetyflex patent pending technology integrates spring steel allowing absorption / dispersion of extreme amounts of impact energy with minimum foundation mass and depth Various installation options available for different application or site conditions: - Surface Mounted crash test rated
PAS68:2013 V/7500[N3]/80/90:0.0/20.7 IWA 14-1:2013 V/7200[N3C]/80/90:0.0
- Fixed M50 crash test rated shallow mounted, removable
SAFETYFLEX BOLLARDS • Ezi’s Safetyflex Bollards exhibit crash test rating to IWA and PAS68 Crash Test Standards • Safetyflex Bollards provide perimeter protection at many of the world’s iconic
- Retractable, shallow mount, wind down, crash test rated
AUSTRALIA NATIONAL
- Crash rated street furniture, Planter boxes - Crash Rated Fences
1300 558 304 11 Cooper Street Smithfield NSW 2164 www.ezisecurity.com.au sales@ezisecurity.com