For the latest news, features, essential analysis and comment on security, counter-terrorism, international affairs, warfare and defence
February 2016
Subscribe Here G4S Global Forecast for Q1 What is the argument for Convergence? Flooding - Keeping the power on! What do we make of Community Resilience? Critical Infrastructure: Emerging threats and their identification Industry News
www.cipre-expo.com
www.cip-asia.com
EDITORIAL
www.worldsecurity-index.com
When the lights go out!
Editorial: Tony Kingham E: tony.kingham@worldsecurityindex.com
In December last year a cyber-attack on the Ukrainian power grid left thousands without power and is said to be the first known example of a cyber-attack bringing down a major power network.
Contributing Editorial: Neil Walker E: neilw@torchmarketing.co.uk
The attack was sophisticated in its nature and used something called “BlackEnergy” malware and affected approximately 700,000 people. Who was responsible for the attack has yet to be established but given the situation in the region the list of suspects is obvious.
Design, Marketing & Production: Neil Walker E: neilw@torchmarketing.co.uk Advertising Sales: Tony Kingham T: +44 (0) 208 144 5934 M: +44 (0) 7827 297465 E: tony.kingham@worldsecurityindex.com Paul Gloc (UK & Europe) T: +44 (0) 7786 270820 E: paulg@torchmarketing.co.uk Subscriptions: Tony Kingham E: tony.kingham@worldsecurityindex.com World Security Report is a bi-monthly electronic, fully accessible e-news service distributed to 39,000 organisations globally. It tracks the full range of problems and threats faced by today’s governments, armed and security forces and civilian services and looks at how they are dealing with them. It is a prime source of online information and analysis on security, counter-terrorism, international affairs, warfare and defence.
More recently, the Israeli power grid was attacked in one of the largest cyber assaults that the country has experienced, said Minister of Infrastructure, Energy and Water Yuval Steinitz. Steinitz said that attack was dealt with by his ministry and the National Cyber Bureau and that it was under control. “I can tell you that the virus was identified and software was activated to neutralize it,” Steinitz said. “This is a fresh example of what we need to be prepared to face at any time,” he added. The fact that we have had two major attacks in quick succession should come as no surprise, because experts have been warning of such vulnerabilities for years. What’s more of a surprise is that there have not been more. Given the vulnerability of our utilities to attack, the sheer number of potential targets and the low risk of being caught, it surprises me that our terrorist enemies have not devoted more time, energy and money to developing this area of their operations. After all, all you need is the know-how, a lap-top and internet access and you can attack multiple targets almost continuously with virtual (pardon the pun) impunity. Last year, our web site www.WorldSecurity-index.com came under repeated attacks over a two week period which sucessfully shut us down for a couple of days. In the end, although they covered their tracks, our IT manager traced the source of the attacks to a particular IP address, ironically in the Ukraine. He denied the address access and within minutes, we were under attack again from an IP address in the same building. Whilst this attacker was not able to access our administation area, they were able to cause a denial of service for a short period. Why we were targetted is anyones guess, as all our information is open source, but it illustrates the ease with which someone with mailicious intent can disrupt any organisation that is linked to the web. And these days every organisation is linked to the web. We should take these attacks as a real wake up call. Cyber attacks on critical infrastructure, whether it’s state sponsored, terrorist or criminal are a clear and present danger and will only grow in frequency and sophistication in the future. So we need up our game as a matter of urgency and ensure that all stakeholders, whether that’s governments, operators or vedors, co-operate, collaberate and communicate and if necessary legislate to ensure that our critical infrastructure protected.
Copyright of KNM Media and Torch Marketing.
2 - World Security Report
Tony Kingham Editor
www.worldsecurity-index.com
WORLD SECURITY
G4S Risk Consulting Global Forecast 2016 Quarter 1
The G4S Global Forecast for Q1, 2016 focuses on the key thematic threats faced by countries around the world in the coming three months. These include militancy, political and civil unrest, health and disease, terrorism, economic risk and the impact of major geopolitical developments, providing insight by subject matter experts into the most pertinent risks and threats on a regional basis. Increased focus on IS-inspired terrorism
Protests challenge incumbent leaders
As the international coalition ramps up airstrikes against Islamic State (IS) in Syria and Iraq, domestic concerns will grow over the threat posed by returning fighters and self-radicalised individuals and the debate over privacy versus security will dominate political discourse. IS’s impact will continue to be felt far outside the borders of its proto-state, with another attack in western Europe highly likely in 2016. Continued reports of arrests across the world, including in the Asia-Pacific region, will pressurise governments to enact legislation to monitor their civilians, bordering on intruding on privacy. With IS militants empowered by their propaganda success, further allegiances cannot be discounted as the group overtakes al-Qaeda as the jihadist brand of choice.
Good governance will be a central concern of populations in 2016 as citizens become more critical of incumbent leaders struggling to energise ailing economies. Antigovernment protests and calls for resignations will continue in the Americas as further corruption scandals come to light and current matters proceed through the courts. Meanwhile, in Europe, antiausterity parties continue to gain traction and are able to attract large numbers onto the streets. In addition, increasing numbers of protests on environmental and security issues are drawing hundreds of thousands of people. In Asia, protests remain small, but both local and national leaders are being called to govern with greater transparency as corruption becomes a core issue among electorates.
www.worldsecurity-index.com
El Niño phenomenon As the El Niño phenomenon takes hold in late 2015, its effects will be felt acutely in 2016, affecting crop yields, infrastructure and food security. El Niño typically triggers mass rains and flooding on the Pacific Coast of South America, while drought is common in southern Asia and Australia. The Horn of Africa is already feeling the effects of a drought, with Ethiopia calling for humanitarian aid as food stocks are depleting. The 1997-98 El Niño cost the global economy an estimated USD 30-45 billion and the current cycle will likely exceed this figure as basic commodity prices are driven up and governments contemplate reconstruction costs. Agricultural and fishing societies will suffer the most. Supply-chain management and the distribution of resources to affected areas will be key to minimising the human
World Security Report - 3
WORLD SECURITY
impact of El Niño; however, many countries are ill-equipped to address the weather phenomenon and have failed to plan for it. Africa
approving changes to the country’s constitution that allows him to run for a third term. Political uncertainty will persist in Tanzania’s Zanzibar after the electoral commission nullified recent election results. The outcome of unresolved political crises will be demonstrated in Burundi, where political violence will continue as President Nkurunziza seeks to crush the momentum towards an armed opposition movement. The ongoing civil war in South Sudan and persistent insecurity in the Central African Republic, will continue, fuelling the refugee crisis.
Incumbent presidents set to maintain grip on power Presidential and parliamentary elections are due to be held in the coming quarter in Uganda (18 February) and Niger (21 February). Presidents Yoweri Museveni and Mahamadou Issoufou are predicted to win the elections due to their strong positions as incumbents and the weakness and division among their opposition. In Uganda, Museveni remains strong after 30 years in office and, although there is a risk of urban unrest, the elections are expected to maintain continuity. Similarly, Issoufou is expected to win a second five-year term, but violent protests are likely to be more widespread over anger at the electoral process. There is also a growing risk of civil unrest in DR Congo, including in the mining area of Katanga, as President Kabila delays elections in an attempt to remain in power beyond constitutional term limits. In Nigeria’s Delta region, instability is also rising as the new government cracks down on corruption and oil theft. President Denis Sassou Nguesso’s regime in Congo-Brazzaville will continue to repress anti-government dissent in the wake of a referendum
4 - World Security Report
Middle East & North Africa
Increased international involvement The ongoing conflicts in the region, particularly in Egypt, Syria and Iraq, will persist into Q1 and likely extend through 2016. A decisive and coordinated military response in Egypt is expected following the October 2015 terrorist attack on a Russian airliner over the Sinai Peninsula. Air campaigns in Syria and Iraq will increase in frequency as the French military takes a greater role in the region. There is a strong likelihood that troops from an international coalition will be deployed in Syria during Q1, most likely comprising small units of special operational forces. Similarly, the Saudi-led air campaign in Yemen shows no sign of abating and air strikes on civilian targets will continue to pose a major threat to life in Sana’a and Taiz. Meanwhile, Turkish military operations against the Kurdistan Workers’ Party (PKK)
are set to continue, as will tensions with Russia, despite pressure from the international coalition to focus on the common enemy and back Kurdish forces against IS. Continued spread of Islamist insurgency Political instability and security vacuums will continue to pose a threat to stability in 2016; precursors to the spread of insurgency. Political instability in Libya has offered IS-affiliate groups the opportunity to establish operational bases in Sirte, Derna and parts of Benghazi. Although efforts are underway to counter the IS threat, the spread and persistence of IS fighters will be a challenge to local governments concerned with domestic issues and power struggles. IS activity in Tunisia could increase as it has one of the highest export rates of foreign fighters. Returnees pose a major domestic security threat and there is a precedent for attacks targeting the tourist industry. Dozens of militants have been arrested in Morocco during 2015 which is symptomatic of a growing problem, and a domestic crackdown on militant recruitment will continue across North Africa in the first quarter of 2016. Civil unrest across the MENA region Civil unrest is set to persist across the MENA region in Q1, potentially increasing as the region marks the fifth anniversary of the 2011 uprisings. Violent protests and knife attacks in the West Bank and Jerusalem will continue as the Israeli security forces have passed new laws allowing them to deal with what they consider to be “domestic terrorism” more effectively. A combination of poor living standards and high utility costs has sparked protests, and public opinion in Morocco is shifting towards more affirmative
www.worldsecurity-index.com
WORLD SECURITY
action as protest groups grow more disillusioned with limited government reforms. With a decline in oil prices, oil-dependent economies, including Algeria and the Gulf States, will struggle to maintain their high public spending, resulting in a decline in infrastructure investment and reduced welfare benefits. This could trigger increased antigovernment sentiment, but is unlikely to escalate into countrywide unrest in the Gulf States. Moreover, increasing youth unemployment and a lack of public services could intensify civil unrest in Algeria. International investment in Algeria’s oil sector has declined, which will further diminish the growth of the public sector and strain the country’s budget, limiting its ability to placate dissent. Asia
on politics and corruption rather than reform, as he marks the halfway point of his first five-year term. Upcoming elections in Taiwan and the Philippines will both frame and disrupt the political climate. In Taiwan, opposition Democratic Progressive Party (DPP) candidate Tsai Ing–wen is almost certain to be elected president. However, the DPP is likely to face a challenge in stemming the increasing proindependence sentiment among young voters. In the Philippines, the run-up to the May election will be characterised by violence against candidates and their supporters, particularly in more remote locations, as President Benigno Aquino aims to secure his legacy. In Thailand, as the timescale for elections becomes unclear, a slowing economy and the delicate health of the King will prompt the ruling junta to become more assertive, while renewed hostility between the government and the opposition in Cambodia will set back the political reform process. Regional issues defined by China
Domestic situation characterised by unsettled politics Myanmar faces a period of unsettled politics as the National League of Democracy (NLD)dominated parliament elects a president. NLD leader Aung San Suu Kyi will exert considerable influence over the new president, but stability will depend on her ability to accommodate the military. Most foreign investors are likely to hold a watching brief until the political transition and current uncertainty settles. In China, President Xi Jinping’s focus will be
www.worldsecurity-index.com
With China’s regional power intrinsically tied to its economic performance, Beijing will push ahead with efforts to redirect the global economy through Asia with its One Belt, One Road (OBOR) infrastructure network plan. However, an economic slowdown could result in a scalingdown of such plans, curtailing China’s influence in the South China Sea. Beijing will struggle to temper North Korea, which moves to project an image of military strength and Kim Jongun’s control over the elite, amid increased sensitivity over the regime’s legitimacy ahead of the 7th Party Congress in May. The US will conduct further Freedom of Navigation sail-pasts of Chineseoccupied islands in the South China Sea, prompting diplomatic, but not military, rebukes.
Islamist militancy gains traction The region faces an increasing threat from Islamist terrorism. Security agencies will announce the foiling of terror plots as the focus shifts to south-east Asia, from where hundreds of people have gone to fight in the Middle East. In Indonesia, the military will target groups such as the Islamic State (IS)-affiliated Eastern Indonesian Mujahideen (MIT) led by Santoso in Central Sulawesi. Across the region, the concern continues to centre on people returning from conflict zones with training in bomb-making and weapons-handling. At present, the local militant capability in Indonesia, the Philippines, Malaysia and Singapore is low while some groups, such as Abu Sayyaf, are focused more on financial reward. However, an elevated threat is posed by trained militants beginning to train local groups, which in turn increases the possibility of attacks on major cities. The increasing militarisation of China’s western Xinjiang region is likely to see Uighur militants and separatists stage attacks on security forces and places of commerce. Americas
Political instability and high risk of civil unrest Following a series of upheavals in 2015, several countries in the region will be challenged by a high risk of political unrest. The
World Security Report - 5
WORLD SECURITY
threat is particularly significant in Guatemala, where a highprofile corruption scandal led to the resignation and judicial trial of former president Otto Perez Molina and a number of cabinet members. Newlyelected President Jimmy Morales, a former comedian with no experience in politics, will face the enormous challenge of restoring credibility to the government as soon as he takes office in January. The post-electoral political context in Haiti is expected to remain fragile and the lack of social cohesion will likely trigger violent protests as a large portion of the population continues to express discontent amid ongoing economic despair. The escalation of violence between street gangs in El Salvador is expected to remain the most significant threat to the rule of law in the country; the increasing number of attacks against government forces and civilians has the potential to prompt the proliferation of vigilante groups and further damage the security environment. In Nicaragua, the plan to build an inter-oceanic canal with Chinese investment will become increasingly controversial, particularly regarding environmental concerns. The expected displacement of residents in the construction area has already triggered protests and the risk of political violence is likely to intensify during the first months of 2016. Cyberattacks pose threat against CNI The threat from cybercrime, including cyber-related terrorism, will attract greater attention and investment in 2016, particularly in the US and Canada. The Canadian Security Intelligence Service (CSIS) is expected to conduct a cyber security review early in the year, covering seven federal departments, which
6 - World Security Report
will outline the threat to critical national infrastructure (CNI). The budget and timescale allocated to this initiative is likely to trigger controversy between the new Trudeau administration and the opposition. The US has also highlighted the threat from cyberattacks and although the government has budgeted some USD 14 billion for 2016 to tackle the threat, the risk is expected to remain for the foreseeable future as businesses and government agencies continue to struggle against the ever-evolving threat posed by cyber criminals. Potential areas of weakness in 2016 include Cloud Computing - cloud-based application services are expected to grow by some USD 33 billion in the US alone, making it a major target for hackers. US security services are also likely to increase efforts designed to protect CNI from cyberattacks, as future plots could be aimed at CNI rather than information breaches. Europe
European city are highly likely. The threat of “lone wolf” attacks carried out by individuals returning from Syria remains high. Concerns are also mounting over domestic Islamist radicalisation, and increasingly aggressive counter-terrorism operations are anticipated over the coming months, which may escalate community tensions. High threat targets include government assets, public transport, sport stadiums and other large public gatherings. Stadiums and mass gatherings of fans in bars and designated “fan zones” will prove challenging to secure, particularly during major sporting events. Increased travel bans and passport confiscations are expected to be implemented as part of heightened efforts to prevent individuals from travelling to join militant groups in Iraq and Syria. Border security will increase, particularly at airports, and temporary border closures will become more frequent, due to both the threat from terrorism and to stabilise the influx of refugees. Passport-free travel between the 26-country Schengen area is at risk as states continue to debate introducing systematic border checks or the reduction in the area covered to include only Luxembourg, Belgium, the Netherlands, Germany and Austria. Anti-austerity support to continue
Ongoing threat from Islamistrelated terrorism The Islamist-related terrorist threat remains a major concern, and may manifest in further attacks in western Europe, particularly in those countries targeting Islamic State (IS) in Syria. The November 2015 terrorist attacks in Paris will have widespread ramifications, with European officials agreeing that further attacks in a major
Support for populist, antiestablishment parties is expected to continue in the coming months, with Ireland, Slovakia, Iceland, Macedonia and Portugal all holding key elections. In Portugal, the centre-right, pro-austerity ruling Social Democrat Party is likely to maintain its popularity. In Ireland, the left-nationalist Sinn Fein party is likely to increase its seat numbers in parliament. The outcome of Spain’s December 2015 national elections will likely
www.worldsecurity-index.com
WORLD SECURITY
prompt a change in Spanish politics with anti-austerity parties likely to gain ground. Attention will also turn to the matter of Catalonian independence as pro-independence parties won the September regional elections. Despite Alexis Tsipras being re-elected in Greece, the government will likely experience continued opposition as it attempts to implement unpopular policies under the new three-year bailout deal. Ongoing migration crisis The ongoing migration crisis in Europe is expected to continue and the inclement winter weather is not expected to significantly alter the number of people seeking to enter Europe. The EU predicts that some three million more migrants could arrive by the end of 2016. The cold weather will heighten the risk of unrest as the harsh conditions exacerbate tensions between migrants/ refugees, local populations and the authorities due to the lack of basic amenities such as shelter, food, water and warm clothing. This is in addition to the extensive pressure already placed on public services, including housing and infrastructure. Eastern bloc countries, including Serbia, Slovenia, Macedonia and Croatia, will continue to implement partial border closures in an attempt to stem the flow of people. Political tensions within the EU will also continue as negotiations over refugee resettlement will continue. Russia & CIS Cybercrime poses international threat to businesses and governments Cyber threats will continue to emanate from the post-Soviet space in 2016, with organised crime syndicates in Russia, Ukraine and elsewhere posing a significant long-term threat to private
www.worldsecurity-index.com
interests in Europe and North America. Hackers target online banking most of all, typically to sell stolen data on dark web markets using bitcoin. The threat is also pertinent beyond the private sector, amid allegations that the Russian government periodically co-opts its cybercriminals, particularly to steal intellectual property from the defence sector. Russian hackers are conducting surveillance of critical national infrastructure, such as power grids, as well as of NATO and government targets, including think tanks and companies in the security community. The threat is likely to remain low, but may emerge periodically in response to other crises related to Russian expansionism abroad. As a result, countries in Russia’s conception of its “near abroad” face the highest threat, particularly Ukraine, Georgia, Moldova, the Baltic states and the Arctic High North, with the Kremlin allegedly using cybercrime to complement other tools to co-opt and coerce local elites and evade foreign sanctions. Syria leads to regional concern over terrorism and state-on-state proxy conflict Terrorism will be a major concern for Russia and the CIS countries going into 2016, with any military action against Islamic State (IS) in Syria set to provoke a backlash from the estimated 1,700 Russian nationals fighting with the jihadist insurgency. Internal
terrorism threats are most likely to emerge from the North Caucasus region, where Islamism has been repressed by its dominant politician, pro-Moscow Ramzan Kadyrov. Meanwhile, Russia-Turkey tensions are a new concern, as the growing focus on forcing back IS after the Paris attacks exposes splits among NATO allies. With rising tensions among regional powers, Turkey and Russia, there is a growing risk of rhetorical confrontation escalating beyond trade sanctions to heightened violence within the borders of Syria or Iraq. However, President Putin is unlikely to engage in any confrontation with Turkey that leads to the invocation of NATO’s Article 5 - an attack on one member is an attack on all - as Russia would be bound to lose in any direct fighting due to its inferior conventional capabilities. Soft-power competition between Russia and China In Central Asia, the long-term competition for regional influence between Russia and China will continue into 2016, with the Asian Infrastructure Investment Bank (AIIB) set to function as a key soft power battleground as China prepares to fund energy, transport and infrastructure projects, offsetting Russia’s traditional dominance over Kazakhstan, Kyrgyzstan, Tajikistan, Turkmenistan and Uzbekistan. Externally, the issues of human rights and insecurity will continue to dominate the headlines, but authoritarian leaders will continue to legitimise their security states via the threat of jihadist terrorism, particularly from a destabilising Afghanistan. The most capable authoritarian leader in the region, Kazakhstan’s Nursultan Nazarbayev, has correctly warned his counterparts about the threats posed to regional stability and good governance by their failure to prepare successors.
World Security Report - 7
EVENT PREVIEW
What is the argument for convergence?
Most critical national infrastructure is reliant upon its IT systems for the proper functioning of its physical security systems as well as its cyber security. And with that interdependence comes increased risks as well as benefits. The wider the security landscape the more areas of potential attack there are. Security is after all, only as good as its weakest link. Whether that’s electronic gates, CCTV camera’s, seismic or microwave sensors, thermal imaging systems, firewalls or computer security hardware. Software can be manipulated to cause physical damage or disable physical security systems as well as cause shut downs, loss or damage of data cyber-attacks. With increasing technological sophistication of physical security systems and their reliance on the IT systems, there is an ever greater need for co-operation and convergence between the roles of physical security and cyber security. Currently this is not widely discussed or understood.
8 - World Security Report
CIPRE is the only event that brings together both sides of critical national infrastructure community to debate and discuss a holistic approach to protection of CNI, from both physical and cyber security perspectives, which is increasingly important. Collaboration between agencies and CNI operators, and individual departments, will become increasingly important. How can we work better together for common purpose, resource sharing and intelligence gathering to deliver better value for the tax payer and greater success in delivering security and resilience to our Critical National Infrastructure, and improving disaster risk-reduction? This year’s Critical Infrastructure
Protection & Resilience Europe will once again hosted by the Ministry of Security & Justice National Coordinator for Security & Counterterrorism and the Municipality of The Hague. The conference will be opened by Ard van der Steur, Minister of Security & Justice, The Netherlands and he will be followed by some of the most important thought leaders in the European CIP community including Olivier Luyckx, Head of Unit HOME.D.1 (Terrorism and Crisis Management), DG HOME, European Commission, Liviu Muresan, Executive President of EURISC Foundation – European Institute for Risk, Security and Communication Management, Romania and many more.
www.worldsecurity-index.com
EVENT PREVIEW
The keynotes will be followed by the final combined sessions Collaborative Approach to CIP and CIIP and Critical Infrastructure Protection Interdependency Analysis and the impact from Cyber and the closing address. In the afternoon and the morning of the next day the conference splits into a unique ‘two track’ programme which gives the specialists in areas of physical and cyber security the opportunity to listen to experts in their own field.
In the afternoon of the second day the two tracks converge once again to hear the Plenary sessions. Throughout the conference and expo delegates are given the opportunity to meet, discuss and communicate with some of the most influential infrastructure security and management policy makers and practitioners. If you are not already thinking about convergence. Now is the time!
Further details of Critical Infrastructure Protection & Resilience Europe can be found by visiting www.cipre-expo.com.
Are you joining the IET Round Table at CIPRE? IET Round Table at Critical Infrastructure Protection and Resilience Europe
on 1st March 2016 at the Crowne Plaza Den Haag Promenade in The Netherlands.
Tuesday 1st March - 3pm to 5pm
Open to all professionals working in the field of critical protection and resilience of national network systems and infrastructure, the event will explore the interoperability of systems for greater resilience across transport, the built environment and communications. Key conclusions from the roundtable will form part of the plenary session on Day 1 of the CIPRE event.
The Institution of Engineering and Technology (IET) is the largest multidisciplinary professional engineering institution in the world. The IET represents the engineering profession in matters of public concern and assists governments to make the public aware of engineering and technological issues. The IET will be hosting a Round Table discussion at Critical Infrastructure Protection and Resilience Europe on Tuesday 1st March from 3pm-5pm. The IET Sectors: Transport, Information and Communications and Built Environment are organising the roundtable discussion event at the Critical Infrastructure Protection and Resilience Europe (CIPRE) event
www.worldsecurity-index.com
IET Experts chairing and moderating the Round Table include:
- Peter Wood FBCS CITP MIEEE CISSP M.Inst.ISP - Chief Executive Officer, First Base Technologies LLP - Gary Middlehurst C.Eng MIET MCIBSE – Research Engineer at University of Reading The IET Round Table is FREE OF CHARGE to attend for registered delegates to Critical Infrastructure Protection and Resilience Europe, but you MUST PRE-REGISTER TO PARTICIPATE. For further details visit www.cipreexpo.com/conference/iet-roundtable
- Blane Judd BEng FCGI CEng FIET – Director ( Business Leadership Teams and Knowledge (BLTK) Consulting Ltd) and Chief Executive at EngTechNow – Chair - Martin Lee CEng – Technical Lead, Security Resarch at Cisco
World Security Report - 9
EVENT PREVIEW
Schedule of Events Tuesday 1st March 3:00pm-5:00pm - IET Round Table Discussion
Wednesday 2nd March 9:00am-10:30am - Opening Keynote 10:30am-11:00am - Networking Coffee Break in Exhibition Hall 11am-12:30pm - Plenary Session: Collaborative Approach to CIP and CIIP 12:30pm-2:00pm - Delegate Networking Lunch
Critical Infrastructure Protection Track
Critical Information Infrastructure Protection / Cyber Security Track
2:00pm-3:15pm - Session 3a: Emerging & Future Threats Detection & Management 3:15pm-4:00pm - Networking Coffee Break 4:00pm - 5:30pm - Session 4a: Enhancing Preparedness and Response through Modelling and Simulation
2:00pm-3:15pm - Session 3b: Cyber Security Standards and Law 3:15pm-4:00pm - Networking Coffee Break 4:00pm - 5:30pm - Session 4b: Convergence in Cyber Security and CIIP
5:30pm - Networking Reception in Exhibition Hall
Thursday 3rd March
Critical Infrastructure Protection Track
Critical Information Infrastructure Protection / Cyber Security Track
9:00am-10:15am - Session 5a: The PPP Role in CIP 10:15am-11:00am - Networking Coffee Break 11:00am - 12:30pm - Session 6a: Technologies to Detect & Protect
9:00am-10:15am - Session 5b: Protecting the ‘Smart CII’ 10:15am-11:00am - Networking Coffee Break 11:00am - 12:30pm - Session 6a: Cyber Analysis, Monitoring and Defence
12:30pm-2:00pm - Delegate Networking Lunch 2pm-4:00pm - Plenary Session: Critical Infrastructure Security and Resilience : Approaches and Case Studies from Transport, Energy & Telecomms Sectors
Exhibition Opening Hours Wednesday 2nd March Thursday 3rd March
10 - World Security Report
On-Site Registration Hours 9.30am to 7.00pm 9.30am to 4.30pm
Tuesday 1st March Wednesday 2nd March Thursday 3rd March
2.00pm to 5.00pm 8.30am to 7.00pm 8.30am to 4.00pm
www.worldsecurity-index.com
EVENT PREVIEW
Speakers include:
Co-Hosted by:
Opening Keynote – Wednesday 2nd March – 9am: – Ard van der Steur, Minister of Security & Justice, The Netherlands – Olivier Luyckx, Head of Unit HOME.D.1 (Terrorism and Crisis Management), DG HOME, European Commission – Liviu Muresan, Executive President of EURISC Foundation – European Institute for Risk, Security and Communication Management, Romania
www.worldsecurity-index.com
•Paul Gelton, Director of Resilience, Ministry of Security, The Netherlands •Evangelos Ouzounis, Head of Unit - Secure Infrastructure and Services, European Union Agency for Network and Information Security - ENISA •Fred Ruonavar, Chief of the Contingency Operations and DoD Information Network (DoDIN) Critical Infrastructure Protection (CIP) Branch, Operations Directorate, Defense Information Systems Agency (DISA), USA •Paul Minnebo, Senior Strategic Intelligence Analyst, EUROPOL •Andrew Wright, Head of Industrial Resources and Communications Services Group , NATO •Elena Ragazzi, Project Coordinator ESSENCE, Italy •Florian Haacke, CSO / Head of Group Security, RWE, Germany •Bharat Thakrar, Cyber Resilience & Advanced Threat Defence, BT Security Enterprise, BT GS, UK •Dietmar Gollnick, CEO, e*Message W.I.S. Deutschland GmbH, Germany •Cinzia Secchi, Manager of Integrated Prevention System Unit, Lombardy Region – G.D. Safety, Civil Protection and Immigration, Italy •Ms. Lina Kolesnikova, Fellow, Institute of Civil Protection and Emergency Management (ICPEM) •Selcuk Nisancioglu, Senior Researcher, Federal Highways Research Institute, Germany •Jaime Martin Perez, Project Manager, Homeland Security and Defence Sector, Research & Innovation, ATOS •David Lange, Project Coordinator IMPROVER, SP Fire Research, University of Sweden •Robert Pelzer, Research Associate Technische, FORTRESS, Germany •Maria Cristina Brugnoli, ICT4People Research Unit, University of Rome, Italy •Ilias GKotsis, Associate Researcher, Center for Security Studies- KEMEA, Greece •Tobias Larsson, Director and Head of DHL Resilience360, Deutsche Post DHL Group
World Security Report - 11
FLOOD RESILIENCE
Flooding - Keeping the power on!
The recent wide spread flooding in Northern England has once again highlighted the fact that for most ordinary people, natural disasters are a far more likely to have an impact their lives than a terrorist attack. Indeed, thankfully most people outside of the major conflict zones will never witness a terrorist attack but the will be affected by a flood, major storm, earthquake, volcanic ash cloud or tsunami. Indeed, back in 2000 my own home, which at the time was 125 years old, flooded for the first time and the local church which has been around since the 14th Century was also flooded for the first time. The immediate cause, we were told, was a very biblical 40 days of rainfall, which we had of course noticed, combined with an exceptionally high tide. Being 20 miles inland with only a small stream running through the valley, the high tide issue came as a bit more of a surprise. Other factors probably added to this “exceptional” event such as the changing of river courses, silting of rivers, greater numbers of houses using outdated Victorian drainage systems etc. but the experience really just confirmed what we already believed and that
12 - World Security Report
was that something is changing in our weather system and the local environment, and not for the better. The UK’s Met Office has recently reported that global temperatures are set to rise more than one degree above pre-industrial levels and another report published in Nature, has now officially confirmed that global warming is changing global weather patterns and extreme heat waves and heavy rain storms are happening with increasing regularity worldwide. Prof Stephen Belcher, of the UK’s Met Office said in delivering his report: “This is the first time we’re set to reach the 1C marker and it’s clear that it is human influence driving our modern climate into uncharted territory.”
We have surely reached the point when even the most ardent climate change deniers will struggle to maintain their stance, and even if they continue to blame the changes on other causes, they surely can’t deny that whatever the cause, doing nothing is no longer an option. When it comes to rainfall, the equation is really quite simple; higher temperatures mean increased evaporation of the oceans, more evaporation means more cloud and water in the atmosphere and more cloud and water means more storms and rainfall. Add to that the melting ice caps and permafrost and you have a future with increasing extreme storms and flooding. So what do these changing weather patterns mean to our critical national infrastructure.
www.worldsecurity-index.com
FLOOD RESILIENCE
Well my own experience of what was really only localised flooding shows how vulnerable our national infrastructure really is. Power to the whole village was out for some time, the phone lines as well and the local emergency services were simply overwhelmed. It also demonstrated the interdependence of all the infrastructure services that we depend on for our daily lives. According to a report by the UK Parliament - The highly connected nature of NI is a major concern for sector operators trying to improve its resilience. The two main forms of interdependence are Cascade Failure and Single Point of Failure. Infrastructure components often exhibit a chain of dependencies. For example, water companies rely on energy companies for
their power supplies and both sectors need communications to coordinate the functioning of their assets. Failure of one component in such a chain will thus propagate to dependents, a process dubbed ‘Cascade Failure’. Since neither the extent nor complexity of chains of dependence is well known, cascade failure may represent a significant threat to infrastructure. When a number of components are dependent on a single asset, or type of asset, this becomes a Single Point of Failure (SPF). In this sense Regional Convergence, where multiple infrastructure components are located in the same area, is a form of SPF, and constitutes a risk to resilience by magnifying the impact of localised disasters. Simply put, if the power goes off, so too might the water treatment
and fresh water pumping stations, gas distribution system, phone lines, ISP’s, supply chain distribution for fuel and food etc. Electricity sub stations in particular are a vulnerable part of the power grid system and CNI. Substations take the high voltage power from the main power stations and transform it down to lower voltage power that can then be fed to homes, hospitals and business locally. They range from very large ones serving around 200,000 homes to very small ones that serve just a few homes and there are over 400,000 substations in the UK alone. So it is easy to see the scale of the problem. National Grid, who are responsible for the power grid system in the UK have identified 7 main substations that are vulnerable to flooding and are
The Homeland Defense and Security Database
WorldSecurity-Index.com is the only global homeland security directory published in English, Arabic and Spanish on the web and in CD network format. www.worldsecurity-index.com The Global Security
Portal
Advertise on WorldSecurity-Index.com from only £515 for 12 months
Contact info@worldsecurity-index.com for details Security Report - 13 or call +44World (0) 208 144 5934.
FLOOD RESILIENCE
taking steps to protect them but how good are their predictions of vulnerability and how quickly will climate change make current predictions obsolete. I was interested to watch on television a flooding exercise in the south of England where one of the power suppliers carried out an emergency flood exercise. They arrived at the sub-station with two low loaders of specialist temporary flood barriers and dozens of especially trained staff. They went on to completely surround the substation with barriers within a matter of hours. The exercise was deemed a great success! They then proceeded to take the whole structure down, pack it back on the low loaders and head off back to base with everybody feeling very good about a job well done. The problem, as far as I could see, was that the whole exercise was based on the premise that they knew the flood was coming, that it was going to be in a localised area, and that they would have sufficient resources to meet the scale of the emergency. The problem with that premise, is that the problem we are trying to address is the unpredictable nature of nature...if you get my meaning? The amount of resources, time, manpower and training involved in deploying temporary systems, surely it would have been better if at the end of all that effort that the team had left a permanent or semi-permanent solution to the threat posed to that particular station, which of course is entirely doable. I’m thinking specifically of an old fashioned berm or perhaps not so old fashioned. Using a modern geotextile-based
14 - World Security Report
rapidly deployable cell system a similar number of personnel and equipment, the substation could have been surrounded with a semi permanent solution in only a few hours, leaving only entrances and exits for temporary flood barriers. Ok this may not be suitable at all sites but a berm has many advantages over temporary systems. Firstly, it is as permanent as you want it to be, it can be filled rapidly with locally available material and it can be covered with soil and planted with grass, plants or trees. It also doubles up as protection against physical attack from terrorists or thieves. As an example of what can be achieved, in April 2011, the town of Smithland, Kentucky, USA, which is situated at the confluence of the Ohio and Cumberland Rivers had to deal with a record surge in river levels. The Louisville Office of the U.S. Army Corp of Engineers (USACE) requested an emergency installation of a DefenCell Flood Wall system. Within 24 hours, 3 miles worth of DefenCell Flood Wall units were delivered. Within an hour of delivery, small teams were able to start placing, connecting and filling the systems.
After just two hours, installation was being achieved at a rate of 20+ units per hour, (Equivalent to 22,196 sand bags in the initial three hours after delivery.) In 34 hours, more than 10,500 linear feet of DefenCell Flood Walls had been installed; over 700 units were filled with more than 4,700 tons of sand, by a willing and enthusiastic but untrained, local workforce. The barrier was more than one mile in length, adding an extra four foot of flood protection height to the Smithland levee. Whilst this barrier was subsequently dismantled, it could just as easily remain as a permanent barrier over time blending into the environment. In short, our critical infrastructure is overwhelmingly static, so whether it is this type of system or another like it, we should be looking at permanent, multifaceted, economically viable solutions to protecting our infrastructure, not short terms fixes. N.B. This article first appeared in Critical Response Magazine in October 2015. Tony Kingham Editor World Security Index www.worldsecurity-index.com
www.worldsecurity-index.com
RESILIENCE
What do we make of Community Resilience?
The attacks in Paris on Friday 13 November were part of an on-going campaign by Islamic State to undermine people’s resolve by sowing fear – the classic terrorist tactic. More incidents are likely to follow, each being an assault on community cohesion and collective confidence. Efforts by politicians, supported by the traditional organs of state, will be key determinants in the ‘war’ on the terrorist. However, one of the most influential factors will be the resolve or resilience of the community. (Community is interpreted here as any social group who share a common location, interest and circumstance. It usually has a shared but not necessarily homogenous culture and purpose.) Resilience is not about achieving permanent stability of some state but rather about absorbing change and disruption, and adapting to a new state of stability. The idea that a community can come together before, during and after a major disruption and then rebuild itself for the long term, recognizing that the status quo ante is no longer valid, is a powerful one. It has allowed many communities to survive and prosper over millennia. However, it does not happen without design or forethought. Some countries have tried to address the concept of community resilience in national risk planning. In 2011 the UK produced a Strategic National Framework on Community Resilience, which provided national guidance on how individual and community
www.worldsecurity-index.com
resilience can work at a time of emergency. In the same year, the Council of Australian Governments approved a National Strategy for Disaster Resilience, a strategy which stresses the role of communities in building resilience. Marking a valuable departure, Resilient New Zealand launched in 2015 a project called ‘The Role of Business in Recovery’ to improve how the private sector contributes to the economic and social well-being of their communities following a natural disaster. This reflects the view that businesses are an integral part of communities and have an important role to play in any recovery effort. The initiative states that ‘Communities need to be linked together from large businesses to the corner store and
local sports club, with families, neighbours and colleagues all prepared to help out during a natural disaster.’ As part of its plans, the Government of South Australia, with advice from the Torrens Resilience Institute in Adelaide, proposed three sets of enablers which were described as the ingredients of building community resilience. Physical enablers (systems and assets) provided the means to survive and recover; procedural enablers (policies, plans and processes) provided the ideas; while social enablers (leadership, knowledge and motivation) provided the will. All three enablers are mutually supporting. Enhanced physical security, for instance, will improve a community’s confidence and
World Security Report - 15
RESILIENCE
threat faced by all generated a collective response while strong leadership and solid information channels (e.g. the ‘Keep Calm and Carry On’ message) encouraged determination and robustness. Nights spent in underground shelters and the routine carriage of gas masks were activities that could not be envisaged at other times.
morale. Based on the enablers, a community resilience framework was created to offer a RAG-type assessment for establishing the right balance of physical, procedural and social capital. It is a benchmarking tool that provides a guide for all communities when coping with adversity. It offers a set of outcomes that are likely to result in fewer deaths and less damage, and to create an environment more likely to rebound with a semblance of order and functionality: it may not be the same community as before, however, but it will be collectively wiser to meet future challenges. It should be added that not all professionals agree that such a generic framework would be universally applicable, particularly as communities are so diverse, but it does provide a good start.
What is clear from history is that community resilience needs to be inculcated and nurtured. It does or will not happen by accident or default. Plans and systems need to be developed at both the national and local level so that communities and people are prepared and trained. The defunct post-war UK Civil Defence Organisation was an example of one such organisation that helped the population prepare for nuclear war. A similar organisation could be revitalised to meet major threats such as major terrorist atrocities and major natural disasters. It requires both the will and the resources, ideally created pre-emptively and involving co-operation across many organisational silos. As the New Zealand document acknowledges, businesses have a fundamental part to play in building community resilience. Commerce is often the glue in cities as commuters flood into urban centres on a daily basis – doubling the local population in
some areas – and shopping malls thrive amongst high-rise office buildings. In the absence of any national or city resilience plan, businesses can take the lead in developing a local community environment and building social links. Such a move can only be good for business and reputations. Yet, businesses need a plan based on both mitigation and adaptation. This can come through joint ventures and combined working practices, even if in a small way at the start. There are many organisations that represent the private sector in major conurbations and these should be promoting the call for community resilience in the modern age. Significantly, one former diplomat has recently suggested that ‘We must develop a highly public national resiliency programme. And I can’t think of a western country better able to lead a resiliency campaign in the West than Britain.’ References: 1. Alastair McAslan, Strathfillan Paper, Community Resilience: Understanding the concept and its application, December 2012. 2. Judith Rodin, The Resilience Dividend. Profile Books, 2015. 3. James Rubin, former US Assistant Secretary of State, writing in The Sunday Times, 31 May 2015.
One aspect of community resilience that is fundamental is the notion of people supporting one another through adversity with a communal spirit. Strong social bonds and collective action based on relationships, trust and culture are essential. The spirit of Londoners in the wartime Blitz is a good example. A large-scale
16 - World Security Report
www.worldsecurity-index.com
RETAIL SECURITY
Riots on the high street: Securing your premises can be a matter of life and death! It is a sad reality that civil disorder and the accompanying looting of commercial premises is an issue that every business owner that works on the high street is aware of and should be prepared for..
W
hatever the cause, whether it is anarchist march or disorder triggered by some sort of social issue, rioting, looting and criminal damage can spread faster than the authorities can often mobilise and deploy resources to keep up. Especially in these days of social media rioters can co-ordinate their activities, dispersing quickly at one location and re-converging at another location where there is no police presence to carry on looting and damaging property. In a 2011 report into the riots across cities and towns in the UK, the Riots Communities and Victims Panel said social networking and TV footage of police officers watching people “loot at will” helped fuel the disorder in London and other UK cities. And went on to say “From the evidence around the August riots and from what people have subsequently told us, it seems clear to us that the spread of rioting was made worse both by televised images of police apparently watching people cause damage and loot at will, and by the ability of social media
www.worldsecurity-index.com
to bring together determined people to act collectively.” Social media acts as a sort of impromptu command and control system making crowds much more mobile and making it much more difficult for the police respond effectively. It is not just the looting that is a problem for retailers and other high street businesses. Arson is a regular consequence of rioting and looting and with many business owners living on the premises or with flats and apartments above property, securing your premises can be a matter of life and death! It is therefore imperative that retail and business owners and operators chose the right systems to secure their premises. Shutters are normally the first line of defence and in a riot situation probably the only effective one, as alarms are unlikely to get a response from hard pressed police and CCTV is easily overcome by the wearing of face masks and hoodies. One observable failure of shutters in the 2011 riots was that shutters that were not properly locked down were easily forced up by looters allowing access
to the premises. To counter this weakness Charter Global produce the Obexion range of LPS 1175 shutters which have a unique lockdown system that means that the shutters cannot be forced up regardless of what position they are left in, fully closed or not. They are opened from the outside which means that they can be first or single point of entry. They range from the LPS 1175, Issue 7, SR2 ideally suited to medium risk commercial buildings, public facilities, schools, universities, community centres and retail outlets where ventilation or vision is required to the first ever SR5 t-rated shutter the LPS 1175, Issue 7, SR5 designed for highest level of security such as national infrastructure sites, and other high value premises such as banks, jewellers, galleries and museums.
World Security Report - 17
INFRASTRUCTURE SECURITY
Critical Infrastructure: Emerging Threats and their Identification
Critical Infrastructure (“CI”) is exposed to international conflict, terrorism, civil unrest, activism, pandemic disease and cyber risk. It is dependent upon supply chains that traverse conflicted areas or where it presents a target to insurgents or terrorists. The wars of centuries past were fought over vital assets and trade routes in conflicts whose combatants targeted roads, bridges, fuel and food supplies and other vital assets. Securing these was often the key to success in war. Today, governments around the world have established complex plans to protect CI and ensure the continuity of the essential services it provides.
The events of 9/11 led governments and the risk management industry to focus on the threat posed by al-Qaeda and like-minded groups. Today, much of the attention of governments and the risk management industry is focused on the threat posed by cyber risk, but other risks persist. CI is defined in different ways. Examples from the United States, Canada, Australia and Europe are given below. The United States A U.S. Deputy Chief of Staff for Intelligence handbook states that the term Critical Infrastructure came into use during the mid-90’s. It defines CI as the “systems and
18 - World Security Report
assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on the security, national economic security, national health or safety, or any combination of those matters.” The National Strategy for Homeland Security identifies twelve areas of CI: 1. Agriculture & Food 2. Water 3. Public Health 4. Emergency Services 5. Government 6. Defense Industrial Base 7. Information and
Telecommunications 8. Energy 9. Transportation 10. Banking and Finance 11. Chemical Industry and Hazardous Materials 12. Postal and Shipping Terrorists posed a major threat even before 9/11, and the mitigation of that risk is an important element of CI protection. Stefan Aubrey writes about the threat posed by al-Qaeda and Osama bin Laden, noting that “…attacking critical infrastructure networks in the United States would offer an effective means of
www.worldsecurity-index.com
INFRASTRUCTURE SECURITY
conducting asymmetrical warfare and exploiting his adversary’s weaknesses.” Aubrey discusses the mechanics of restructuring the intelligence community and redefining the roles and missions of federal, state and local authorities in the protection of CI, noting that al-Qaeda “recognizes no fronts or distinctions between military and civilian targets.” Australia The Australian Government’s National Counter-Terrorism Committee has issued National Guidelines for Protecting Critical Infrastructure from Terrorism, designed to provide a framework for a national approach. In it, CI is defined as: ‘those physical facilities, supply chains, information technologies and communication networks which, if destroyed, degraded or rendered unavailable for an extended period, would significantly impact on the social or economic wellbeing of the nation, or affect Australia’s ability to conduct national defence and ensure national security’. As in the example of the U.S., CI in Australia extend across key sectors of the economy, including:
gathering”. Though these are not defined as CI, the risks to them require monitoring. Recent attacks by Islamic State in Paris, Istanbul and Jakarta indicate that terrorists are targeting civilians at places of mass gatherings such as bars, concert halls, tourist sites and Western-franchised outlets. Canada Canada’s Office of Critical Infrastructure Protection and Emergency Preparedness writes that Canada is growing increasingly dependent upon the products and services that make up its CI network. Canada has identified that natural, accidental and malicious threats that are most likely to impact upon its CI. These are becoming increasingly interdependent due to reliance on telecommunications and the Internet. Interdependence is increasingly a characteristic of CI networks around the world. The paper states that Canada’s CI is made up of six sectors. They broadly reflect those defined by the U.S. and Australia: 1. Energy and utilities 2. Communications 3. Services
4. Transportation 5. Safety 6. Government services Like Australia, Canada recognises the diversity of the threat to which its CI is exposed, noting the “ongoing phenomenon of climate change.” While incidents of terrorism have been rare in Canada, the 9/11 attacks served to heighten awareness of the threat to its physical and cyber infrastructure. Europe The authors of a 2012 paper on risk assessment methodologies for CI protection in Europe stress that effective risk assessment methodologies are the cornerstone of a successful protection program. Like Canada, the paper notes the important of interdependencies, identifying four types: Physical; Cyber; Geographic and Logical. Besides cross-sectoral interdependencies in ICT, Electricity, Satellite navigation and Transport, it notes that at the European level intrasectoral interdependencies of national infrastructures can be identified that form European infrastructures. This is an important
• Banking and finance • Transport • Energy • Water • Health • Food supply • Communications • Key government services • Manufacturing and supply chains. An attachment to the guidelines refers to “places of mass
www.worldsecurity-index.com
World Security Report - 19
INFRASTRUCTURE SECURITY
distinction as European integration and interdependence deepen. Giuseppe Ateniese et al in a March 2014 report by the TENACE project in Italy concur that CI is “at the heart of any advanced civilised country”, including these sectors among CI: • Finance and insurance • Transportation • Public services • Energy • Health care A CI asset is often identified as one whose incorrect functioning, even for a limited time period, may negatively affect the economy of individual subjects or groups, involving economic losses and/or even expose people and things to a safety and security risk. Within the European Union a CI is defined as:
1.
International Relations
2.
IGCW (Insurgency, Guerrilla and Civil Warfare)
3.
Terrorism
4.
Civil Unrest
5.
Crime
6.
KREP (Kidnap, Ransom, Extortion & Piracy)
7.
Environment & Health
8.
Political Risk
9.
Business Risk
10.
Infrastructure
“…an asset, system or part thereof located in member states which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the
20 - World Security Report
disruption or destruction of which would have a significant impact in a member state as a result of the failure to maintain those functions.” Furthermore, a European Critical Infrastructure (ECI) is defined as a “…critical infrastructure located in Member States, the disruption or destruction of which would have a significant impact on at least two Member States. For ECI there are additional effects resulting from cross-sector dependencies on other types of infrastructure.” The TENACE project investigated the protection of national CI from cyber threats, citing examples of attacks on systems at Iranian nuclear facilities and others targeting the telecommunication and power grid infrastructures of Estonia and Georgia. Its authors believe that, among other reasons, cyberattacks against CI are becoming increasingly prevalent and disruptive due to the “growing exposure” of the Information Technology employed within CI to the Internet. Identifying and Monitoring Threats to Critical Infrastructure Since the events of 9/11, terrorist threats against CI have been discernible through the statements made by terrorist groups and leaders. By closely monitoring their statements, analysts can contextualise the possibility of an attack on shipping, mining facilities or other CI. The fastestgrowing threat to CI is arguably cyber risk with technology developing at an unprecedented pace. Communications, security and operations are increasingly governed by and reliant upon the Internet. Cyberattacks against CI
have been reported in the U.S. and elsewhere. By monitoring trends, analysts can work to identify threats and the possibility of similar incidents. Their findings can be used to support risk assessment and management. G4S’ Global Intelligence System (GIS) applies ten risk factors to its monitoring of security threats: The platform is used to continually scan open source data, seeking to identify the earliest indication of an incident. Working together, analysts can explore scenarios and draw conclusions, providing valuable input for risk management. Through the use of its archive, users are able to access incidents relating to specific threats, sectors and locations. A basic search using keywords such as ‘infrastructure’ produced these results. India / Kashmir Region 07/05/2015 Flash Floods Destroy Infrastructure In Ladakh Province Nigeria / Niger Delta 01/05/2015 Urhobo Group Claims Attacks On Gas Infrastructure Afghanistan / Central Region 27/04/2015 Telecoms Infrastructure Attacked In Wardak Somalia / Mogadishu 20/06/2013Landmine Bomb Damages Infrastructure In Warta Nabada Iran / Tehran 03/10/2012 Cyber Attack Hits National Infrastructure According To Officials Specific words can be used to narrow the search. The terms ‘fracking’, ‘nuclear’ and ‘shale gas’
www.worldsecurity-index.com
2nd-3rd March 2016
Including Critical Information Infrastructure Protection
The Hague, Netherlands www.cipre-expo.com
Co-Hosted by:
Convergence for Enhancing Security Register Online Today at www.cipre-expo.com/onlinereg The ever changing nature of threats, whether natural through climate change, or man-made through terrorism activities, either physical or cyber attacks, means the need to continually review and update policies, practices and technologies to meet these growing demands. Opening Keynote – Wednesday 2nd March – 9am: – Ard van der Steur, Minister of Security & Justice, The Netherlands – Matthias Ruete, Director General, DG HOME, European Commission – Liviu Muresan, Executive President of EURISC Foundation – European Institute for Risk, Security and Communication Management, Romania The European Union is developing its policy on critical infrastructures in relation to the European Programme for Critical Infrastructure Protection (“EPCIP”) which considers measures that will enhance, where necessary, the level of protection of certain infrastructures against external threats. Critical Infrastructure Protection and Resilience Europe is the premier discussion bringing together leading stakeholders from industry, operators, agencies and governments to debate and collaborate on securing Europe’s national infrastructure. For further details and to register visit www.cipre-expo.com.
Leading the debate for securing Europe’s critical infrastructure
Owned & Organised by:
Supporting Organisations:
Speakers include: •Paul Gelton, Director of Resilience, Ministry of Security, The Netherlands •Evangelos Ouzounis, Head of Unit - Secure Infrastructure and Services, European Union Agency for Network and Information Security - ENISA •Fred Ruonavar, Chief of the Contingency Operations and DoD Information Network (DoDIN) Critical Infrastructure Protection (CIP) Branch, Operations Directorate, Defense Information Systems Agency (DISA), USA •Richard Oehme, Director of Office of Information Assurance and Cybersecurity, Swedish Civil Contingencies (MSB) •Andrew Wright, Head of Industrial Resources and Communications Services Group , NATO •Elena Ragazzi, Project Coordinator ESSENCE, Italy •Florian Haacke, CSO / Head of Group Security, RWE, Germany •Bharat Thakrar, Cyber Resilience & Advanced Threat Defence, BT Security Enterprise, BT GS, UK •Dietmar Gollnick, CEO, e*Message W.I.S. Deutschland GmbH, Germany •Cinzia Secchi, Manager of Integrated Prevention System Unit, Lombardy Region – G.D. Safety, Civil Protection and Immigration, Italy •Ms. Lina Kolesnikova, Fellow, Institute of Civil Protection and Emergency Management (ICPEM) •Selcuk Nisancioglu, Senior Researcher, Federal Highways Research Institute, Germany •Jaime Martin Perez, Project Manager, Homeland Security and Defence Sector, Research & Innovation, ATOS Media Partners:
INFRASTRUCTURE SECURITY
as seaports, airports or the energy sector: Netherlands 01/01/2016 Bomb Hoax Prompts Temporary Evacuation Of Amsterdam Schiphol Airport Russia / Moscow
Fig. 1 UK Compare Country Threat Bar Graph October 2014 to January 2016
01/01/2016 Moscow Train Stations Evacuated Due To Bomb Threat India / New Delhi 03/01/2016 Bomb Threat Prompts Rail Delays In New Delhi Threat types can also be compared within each country, across date ranges and categories. The examples below are of the UK from October 2014 to January 2016.
Fig. 2 UK Compare Country Chart October 2014 to January 2016
Analysts can use the data to identify the precedent of incidents in a given country or region. The rate of incidents can also be compared between countries. The graph below compares France and Germany from March 2015 and January 2016. Conclusion
Fig. 3 France and Germany March 2015 and January 2016
were used below. Searches can be cross-referenced with time, location and threat category. United Kingdom 31/05/2015 Anti-Fracking Groups Protest In Bassetlaw
United Kingdom 01/04/2015 Anti-Fracking Protest Camp Shuts Down Australia
Denmark
05/12/2015 Greenpeace Activists Protests Arrival Of Nuclear Waste In Port Kembla
13/04/2015 Greenpeace Protests Shale Gas Exploration Site
The search capability can also focus on specific CI assets, such
22 - World Security Report
The comparative definitions of CI above provide a context for the work of an intelligence platform designed to monitor incidents and identify threats. The conclusions can be used to analyse trends and forecast future incidents, providing valuable input for risk management. Examples of terrorist and cyberattacks against shipping, mining infrastructure and telecommunications demonstrate the changes in target modes that are apparent. A comparative review demonstrates the similarities that exist between countries in
www.worldsecurity-index.com
INFRASTRUCTURE SECURITY
the identification of threats. CI networks are subject to greater interdependence as they become increasingly reliant on online systems. All countries agree on the growing cyber threat. In Europe, interdependence goes further than CI networks within individual countries. CI in Europe today implies interdependence between countries and a shared threat. The assets of private European corporations in the mining and oil and gas sectors are also at risk in Africa and elsewhere. Shipping and ports infrastructure have already been attacked in the Middle East and strategic assets remain at risk. Intelligence and monitoring systems can support risk management through the reporting of incidents and the archiving of data, and the information used to generate connections, identify trends and forecast the possibility of further incidents.
See http://www.nationalsecurity. gov.au/Media-and-publications/ Publications/Documents/nationalguidelines-protection-criticalinfrastructure-from-terrorism.pdf.
4.
Threats to Canada’s Critical Infrastructure, Office of Critical Infrastructure Protection and Emergency Preparedness, the Government of Canada, March 12, 2003 Number: TA03-001. See https://www.publicsafety.gc.ca/ lbrr/archives/cn000034012674eng.pdf.
5.
Risk assessment methodologies for Critical Infrastructure Protection. Part I: A state of the art Georgios Giannopoulos, Roberto Filippini, Muriel Schimmer, European Commission Joint Research Centre, Institute for the Protection and Security of the Citizen, EUR 25286 EN – 2012. See http://edz.bib.uni-mannheim. de/daten/edz-k/gdj/12/ra_ver2_ en.pdf.
6.
Critical Infrastructure Protection: Threats, Attacks and Countermeasures, TENACE, March 2014, by Giuseppe Ateniese et al. TENACE Protecting National Critical Infrastructures from Cyber Threats is a research project funded by the Italian Ministero dell’Istruzione, dell’Università e della Ricerca under the program Progetti di Ricerca di Interesse Nazionale (project number 20103P34XC). See http://www.dis.uniroma1. it/~tenace/.
7.
M. Brunner and E. M. Suter. International CIIP Handbook 2008/2009, Center for Security Studies, ETH Zurich, 2008.
8.
European union directive 2008/114/ec, 2008.
9.
10.
Ibid.
Ian L Betts IS Global Head, Risk Analysis AT G4S Risk Consulting Ltd
Critical Infrastructure Threats and Terrorism 10 August 2006, US Army Training and Doctrine Command, Deputy Chief of Staff for Intelligence, Assistant Deputy Chief of Staff for Intelligence – Threats, Fort Leavenworth, Kansas, DCSINT Handbook No. 1. 1.
USA Patriot Act of 2001, incorporated into 2002 Act, from Interim National Infrastructure Protection Plan, February 2005.
2.
Combating Al-Qaeda And The Jihadist Ideology – An In-Progress Review Of The Us National Counterterrorism Strategy, by Stefan M. Aubrey Fellow, Weatherhead Center for International Affairs, Harvard University, August 2005.
3.
www.worldsecurity-index.com
World Security Report - 23
CYBER SECURITY
ECIPS issues ISIS cyber Jihad Alert for 2016
ECIPS issued an official Cyber Attack Alert to the threat of ISIS and Al Qaeda Electronic routes that has reached a point posing a serious threat to European Governments and Corporations. The President Baretzky of the ECIPS said that the threat is a very real threat and all cyber industries are at risk with the growing number of terror attacks seen over the last year in Europe. Some expert reports indicates that Al Qaeda’s Electronics typical defacement attack involves replacing the content of the targeted website with a single identical page proclaiming that the site has been hacked. The text, normally in English and Arabic strongly suggest, and expresses pro-Palestinian and antiWestern sentiments, and is often referenced to a quote by Osama bin Laden. The ECIPS warned that the number of international cyber attacks could rapidly increase
during 2016 and we urgently need to step up the CERT response team across the ruling worlds of Europe to avoid a catastrophic day “0” that could come at a huge price and human cost. It is believed that the ISIL Cyber Alert will stand for the duration of 2016 and beyond in accordance with cyber experts. The ECIPS warned and said that these threats might be totally invisible to the departments of security and that a strong cyber security financial budget is necessary to combat this emerging threat of what it
called a potential “Cyber Jihad”. The ECIPS was the initiating body behind CYBERPOL, the International Cyber Policing Organization not-for-profit and has established an international cyber framework monitoring this emerging cyber threat. Corporations and government cyber departments are advised to takes strong precaution against possible cyber intrusions and said that the risk of this could be part of what it called a “Trojan horse”. The ECIPS said that recent reports of African police services indicates that cyber tools are used in mobile phones that could assist cyber hackers in this threat deriving from non traceable tools developed in Pakistan.
24 - World Security Report
www.worldsecurity-index.com
including Critical Information Infrastructure Protection
15th-16th June 2016 Bangkok, Thailand www.cip-asia.com
Save The Dates Southeast Asia has seen a rise in insurgency-related attacks and terrorist activities, creating uncertainty and insecurity on critical national infrastructure. Climate change has also seen more extreme weather patterns, creating additional hazardous, unseasonal and unpredictable conditions and a severe strain on infrastructure. On a country level, there are strategies to deal with infrastructure protection issues. On a regional level, there is the Association of Southeast Asian Nations (ASEAN) Agreement on Disaster Management and Emergency Response (AADMER), under which several teams have been set up to deal with disaster management in general, but none is geared towards the protection of critical infrastructure. Cyber security is also becoming more prevalent, and as more critical infrastructure becomes connected to the internet and exposed to the dangers of cyber security attacks, new strategies and systems need to be developed to mitigate these threats. Critical Infrastructure Protection and Resilience Asia will bring together leading stakeholders from industry, operators, agencies and governments to collaborate on securing Asia. www.cip-asia.com
Gain access to leading decision makers from corporate and government establishments tasked with Critical Infrastructure Protection and Resilience.
Owned & Organised by:
www.worldsecurity-index.com
Supporting Organisations:
How to Exhibit Gain access to a key and influential audience with your participation in the limited exhibiting and sponsorship opportunities available at the conference exhibition. To discuss exhibiting and sponsorship opportunities and your involvement with Critical Infrastructure Protection & Resilience Asia please contact: Suthi Chatterjee Exhibit Sales Manager (Asia) PRMC Thailand Tel: +66 2 247-6533 Fax: +66 2 247-7868 Mobile: +66 (0) 87-060-5960 E: suthi@prmcthailand.com Tony Kingham Exhibit Sales Director T: +44 (0) 208 144 5934 M: +44 (0)7827 297465 E: tony.kingham@worldsecurityindex.com
Media Partners:
World Security Report - 25
INDUSTRY NEWS
Cambridge Pixel’s VSD Security Software Aids Threat Detection at Airports & Coastal Facilities Cambridge Pixel has unveiled a security and surveillance display application, called VSD, designed to improve target detection at airports, airbases and coastal facilities such as harbours and naval bases. The sensor-independent VSD software runs on a standard Windows PC and integrates and displays data from multiple radars and up to 16 daylight/ thermal cameras. It also incorporates radar/video tracking technology, track fusion as well as support for ship (AIS) and aircraft (ADS-B) transponders to filter out authorised targets and thereby speed threat detection. David Johnson, CEO of Cambridge Pixel, said: “VSD has been designed as an intuitive front end to a sophisticated multisensor surveillance system with key features including automatic radar slew-tocue, video tracking, and transponder technology
been designated within the radar display, video tracking can provide more accurate camera positioning for enhanced slew-to-cue.
built-in.” VSD’s ability to combine or fuse primary radar tracks with secondary data from transponders fitted to commercial/military aircraft (ADS-B or Automatic Dependent Surveillance – Broadcast) and marine vessels (AIS or Automatic Identification System) is an important feature in Cambridge Pixel’s software. “This capability allows an operator to quickly differentiate between real threats and legitimate movements,” added David Johnson. “This is essential to avoid real incursions becoming ‘lost
in the noise’, particularly the growing ‘backdoor’ threat posed by terrorists, smugglers and pirates at commercial airports and seaports as well as at military airbases and harbours.” A key feature of the VSD application is its ability to control a camera to follow a selected radar track automatically. This capability is known as slew-to-cue and is further improved in VSD by the built-in video tracking function. Video tracking uses analysis of the camera video imagery to determine the target motion. Once a track has
“Video tracking is significantly more accurate than radar tracking, due to the higher update rate of at least 30fps and superior resolution of the sensors,” added David Johnson. “This enables VSD to predict and follow the target’s movement and maintain it in the video frame.” VSD has been designed with touchscreen devices in mind and provides a clear display of the camera video in a main window, with picture-in-picture and thumbnails of all available video feeds for rapid selection. The radar portion of the display provides a geographic overview of the situation, showing all of the available radar videos, tracks and secondary data, overlaid on a clear tiled map.
MI5 has achieved 1st place in the annual Stonewall Workplace Equality Index The index measures an organisation’s work to tackle discrimination and create an inclusive workplace for lesbian, gay, bi and trans people. MI5 Director General Andrew Parker commented:
“Much of MI5’s work keeping the country safe goes on by necessity out of view. So I’m delighted we can be publicly recognised as such an inclusive and welcoming place to work. “MI5’s success in protecting the country
26 - World Security Report
depends on our staff’s commitment to the mission and to our enduring values of teamwork, professionalism and innovation. People can only give the best they can give when they feel supported, valued, and treated with respect by
their colleagues. “Diversity is vital for MI5, not just because it’s right that we represent the communities we serve, but because we rely on the skills of the most talented people whoever they are, and wherever they may be.
www.worldsecurity-index.com
INDUSTRY NEWS
IPS introduce ShieldSak mobile phone shield to their product range For over 25 years International Procurement Services have provided security solutions to Government agencies, International companies and high net worth individuals supplying surveillance, debugging sweep team services, countermeasures and consultancy services and now, along with REI, Audiotel, Shearwater, Scanna, Flir and QCC equipment ranges, they have added ShieldSak to their product range. ShieldSak is a lightweight fabric bag that is proven to block RF, infrared, skim and quick scan signals that are capable of reading your critical information on your mobile phone or RFID chipped products. Gerry Hall, Managing Director at IPS said “At IPS, we tested many so
transponders, so that any active mobile phone will completely disappear off the grid with 5-10 seconds after being sealed within a ShieldSak. It won’t ring, and it can’t be tracked. Additionally, any item fitted with an RFID chip, such as passports, Credit Cards, ID cards cannot be tracked, or remotely scanned once inside the ShieldSak. called ‘phone shielding devices’ only to find that most failed even the most elementary tests. Apart from general uses such as boardrooms, secure business meetings etc., law enforcement agencies will appreciate the uses of this equipment in situations where immediate shielding is critical.” He continues, “The SHIELDSAK is one of
the only such devices to have been fully laboratory evaluated - a copy of which is available on request.” The ShieldSak is a “Faraday Cage” made into a lightweight fabric bag which is woven from several types of metal with a Velcro closure that simply blocks all electronic signals and radio transmissions from reaching data
This bag was originally made exclusively for the US Military and Government departments and is now available for all types of mobile devices including, but not limited to: Smartphones, Tablets and the popular iPad. Some devices (like the iPhone) contain a tracking device that cannot be turned off; but, with the SHIELDSAK, they are irrelevant.
Smiths Detection Inc. wins award from DNDO for handheld RadSeeker detectors Smiths Detection Inc. (SDI) has announced an initial award of $1.27 million for its RadSeeker handheld radioisotope detector and identifierunder a fiveyear indefinite delivery/ indefinite quantity (IDIQ) contract with the DHS Domestic Nuclear Detection Office (DNDO).
detection system. The handheld device locates the source of radiological material and is used by the Department of Homeland Security (DHS), U.S. Customs and Border Protection (CBP), emergency responders and law enforcement agents around the world.
RadSeeker is a nextgeneration, selfcalibrating, and highly accurate radiation
RadSeeker’s enhanced capability distinguishes radiological and nuclear threats from naturally
www.worldsecurity-index.com
occurring radiation or other legitimate everyday radiological materials. It was specifically designed to meet DHS’s mission requirements for a next-generation system capable of detecting and identifying varied nuclear threats. Stephen Esposito, Interim President of SDI, said, “Under a competitivelyawarded contract RadSeeker was developed
in cooperation with the DHS to help keep our country safe from the threat of nuclear and radiological proliferation. It’s another example of how we work with our customers to understand their needs and then leverage our experience as the world leader for threat detection technology to create solutions that meet the challenge.”
World Security Report - 27
INDUSTRY NEWS
FEC HELIPORTS Portable Helipad Lights (HEMS-Star) and Remote Lighting Controller achieved CE certification with FCC certification pending The HEMS-Star® Helipad Light is a battery powered, microprocessor controlled light designed for rapid deployment in temporary and emergency situations to provide safe and effective marking at designated or ad-hoc helicopter landing areas. FEC’s Remote Lighting Controller (RLC) is an all new system of operator or pilot controlled helipad lighting systems and peripheral circuits, which not only works through the tried and tested VHF radio method, but now has added SMS control from any mobile device. CE certification is the manufacturer’s declaration that the product meets the requirements of EC directives whilst the FCC Certification is a declaration of conformity that certain electronic devices sold in the USA meets stringent requirements. HEMS-Star® Helipad Light
using the VHF radio control of helipad lighting and secondary circuits with its all new, fully digital design which integrates both traditional VHF with the addition of SMS control and monitoring.
Each HEMS-Star is capable of showing, at programmable intensities, red, blue, green, white visible LED’s and infra-red or a combination of a visible colour and infra-red to support pilots wearing Night Vision Goggles (NVG’s). The HEMS-Star can be easily programmed to flash warning, location beacon or Morse Code and has the ability to detect light levels for automatic sunset and sunrise switching. Each set of 4 or 8 lights are portable and rechargeable in their own case via mains at 100240V AC, vehicles at 13.5-28VDC, solar or wind power. HEMS-Stars are pilot control enabled and fitted with an 868 MHz (915 MHz in USA) UHF transceiver to enable each individual light or set of lights to be programmed,
28 - World Security Report
interrogated and controlled by wireless commands. Using this function, HEMSStars can be switched on from the aircraft using a Remote Lighting Controller or using a PC/Tablet with the Zulu “dongle” transceiver with USB connector provided with each case. Wireless can set up, test and control groups of lights via the UHF transceiver operational up to 2km away (UK/EU Version). USA version is to be confirmed. HEMS-Star is an IP65 rated light fitted with rubber soled stainless steel base to ensure stability under the toughest rotor-wash conditions and has been successfully tested at the Sikorsky Development Flight Center (DFC) in Florida for stability under the rotor wash of a CH-147 (Chinook). FEC’s Remote Lighting Controller (RLC) The RLC offers a flexible solution to the traditional Radio Pilot Controlled Lighting (PCL) solutions
The RLC can be used simply to control the helipad lighting, or there is now the option of automatic weather reporting (wind speed/ direction, temperature, dew point and pressure) right from your helipad via SMS message to pilot. The meteorological sensors will provide richer monitoring and reporting both by helipad operators and other agencies. THE RLC is easy to install and use. The keypad and LCD display is IP65 rated making it suited to the harshest of environments. The power source is 110240V AC 50-60Hz or 12V DC making it ideal for solar and battery operation. Fraser MacKay, Commercial Director at FEC Heliports Worldwide, said, “We are very proud to announce that we have achieved full CE certification for HEMS-Star and FEC Remote Lighting Controller, and await FCC Declaration of Conformity to follow Feb 2016. It is an important milestone in the development of our global standard offering our customers peace of mind of product conformity”
www.worldsecurity-index.com
INDUSTRY NEWS
Thales Delivers High Assurance and Trust Across Business Critical Applications with Next Generation Hardware Security Modules (HSMS) Thales announces nShield XC, its next generation hardware security module (HSM) for application security. With accelerated crypto performance, best-in-class Elliptic Curve Cryptography (ECC) and unique CodeSafe application protection, nShield XC meets the increasing demands of customers as they deploy certified crypto to protect their data and applications. News facts: Proven support for high volume Public Key Infrastructure (PKI) and public cloud computing: Efficient crypto processing is essential in high volume crypto transaction environments. nShield XC builds on the legacy of previous models to support demanding credential issuance environments such as high tech device manufacturing and the public cloud. Network-grade SSL/ TLS: Performance is a constant concern in the networking world as is the need for seamless security. nShield XC brings turbo speed crypto processing for already proven integrations with Application Delivery Controller partners including Citrix and F5 Networks. Unique custom application HSM hosting: nShield XC expands Thales’s unique CodeSafe feature, allowing customers to
run larger and more powerful applications within the secure boundary of the HSM, helping them safeguard their most sensitive custom applications and the data they handle. Thales customers have used CodeSafe for a wide variety of use cases, including streaming media protection, digital currency, and implementation of custom cryptographic algorithms. Cindy Provin, president Thales e-Security Inc., says: “As organizations deploy more cryptography, in more places, they need to be sure that their cryptographic resources can handle the demands and don’t create bottlenecks. The nShield XC offers higher performance to support high volumes of cryptographic transactions providing the trust that protects the cryptographic infrastructure. As organizations, leverage big data or cloud services and implement public key infrastructure in support of the internet of things, trust and control are of paramount importance and need to be delivered on a large scale. We
www.worldsecurity-index.com
are very pleased to be launching the nShield XC in response to the increasing requirements of our customers.” David Monahan, senior analyst, Enterprise Management Associates, says: “Companies need hardened security solutions that deliver a strong root of trust as the foundation for enterprise class data protection in their security and risk management programs. These solutions must meet operational demands in maintaining remote management, high levels of performance and reliability, and address critical needs such as key management at scale, across multiple data centers and cloud providers. With the continued explosion of sensitive data across connected devices, organizations failing to do so will fall behind and may ultimately fail.” Marissa Schmidt, director of product management, NetScaler at Citrix, says: “The integration of Citrix NetScaler with Thales nShield provides our
mutual customers with technology to enhance security while offering a secure and cost-effective solution for SSL key management. Citrix customers increasingly demand high performance solutions that provide robust levels of protection for cryptographic keys. We welcome Thales’s next generation nShield XC to continue to meet these needs.” Jon Kuhn, Senior Director, Product Management, F5, says: “F5 and Thales customers are demanding highperformance solutions that provide flexibility as they redesign their environments to neutralize evolving threats around SSL/TLS—whether that means providing support for the newest ciphers, enhancing key management, or improving IPS and DLP service scalability. With the companies’ long-time partnership, joint customers are well positioned to take advantage of the new nShield XC platform to address increasingly sophisticated security demands.”
World Security Report - 29
INDUSTRY NEWS
Headwall Introduces Ultra-Compact Data System for UAV Airborne Applications Headwall Photonics has introduced a new, powerful data processing unit specifically designed for UAV airborne applications requiring sensor fusion. The small size and weight of HyperCore combined with its powerful data processing and high capacity storage connections offers the industry’s only processing platform for fusing hyperspectral sensing data with many other sensor payloads on the aircraft. Utilizing Hyperspec III, Headwall’s powerful spectral imaging application software,
HyperCore™ serves as the central connection point for remote-sensing instruments such as multiple hyperspectral sensors, LiDAR, thermal cameras, RGB instruments, GPS/IMU units, and many more. Designed for harsh airborne environments and only the size and weight of a Rubik’s Cube, HyperCore stores 500GB of incoming airborne data and features two Gigabit Ethernet connections, one base CameraLink connection, and a multipurpose I/O port to handle GPS/INS, sensor commands, etc. Depending on the
Synectics Wins Security Contract With UK Power Station Surveillance technology and security systems company Synectics PLC has secured a contract with a new power station currently under construction in the UK, worth just under GBP1.0 million. The company will be installing an integrated security and safety system for the unnamed power station under the terms of the contract, which also includes a two-year maintenance agreement. It said there is potential for further work to follow. Synectics said contracted
work on the power station, which will supply a million homes with electricity, will be delivered in the current financial year to end-November. The power station is scheduled for completion in 2016. “Power stations are unique security environments with rigorous requirements. Synectics is already well established in the power generation sector and understands the challenges of providing security in these specialist environments,” said Paul Webb, chief executive.
30 - World Security Report
instruments being connected, Headwall supplies HyperCore with the necessary Hyperspec III software modules to provide a comprehensive operational platform. HyperCore is the industry’s first true data processing hub specifically designed for use aboard today’s small and light UAVs. CEO David Bannon said “The convergence of small UAVs and the need for different but complementary instruments such as LiDAR, GPS, thermal, and others led us to develop a single point of fusion for the data streams
from each instrument. HyperCore puts a focus on managing and synthesizing the data streams that are so crucial for developing imagery in remote sensing applications. HyperCore gives the user community a processing solution for managing those data streams in a small and light UAV-friendly package.” The product weighs only 1.4 pounds (0.64 kg), measures 3.5” x 3.0” x 3.0”, and draws only 12W. It is designed to work with Headwall’s Hyperspec® family of sensors, plus a wide range of instruments by notable third-party vendors
RFEL announces its High Definition Non-linear Image Contrast Enhancement (NICETM) module that extends operation in Degraded Visual Environments (DVE) RFEL has announced the latest addition to its award winning HALO™ eco-system of advanced video processing solutions. The high definition Nonlinear Image Contrast Enhancement module (NICE™) reveals poorly defined details in low contrast areas of video, such as those captured in degraded visibility environments (DVEs).
NICE™ can dramatically improve the value of video as it can increase situation awareness; and enhances detection, recognition and interpretation of features of interest. It is therefore a powerful and cost effective upgrade solution for diverse civilian and military applications such as: 24-hour security systems, border surveillance, quality control/inspection and medical screening.
www.worldsecurity-index.com
INDUSTRY NEWS
Stratech’s iFerret™ selected for ‘live’ performance assessment of airport ground surveillance systems in Orlando Airport, US The Stratech Group Limited has announced that its flagship iFerret™ intelligent Airfield/Runway Surveillance and Foreign Object & Debris (FOD) Detection System has been selected for performance assessment of a cost effective surveillance system to track aircraft and ground vehicle movements in areas other than runways. These places include taxiway crossings, apron, terminal and cargo areas. The project is undertaken by the Federal Aviation Administration (FAA) Airport Safety Technology Research and Development Subteam and the University of Illinois Center of Excellence for Airport Technology (CEAT) as part of an on-
going effort to improve overall airport safety. Stratech’s iFerret™ will be installed at the Orlando International Airport for the pilot test. The surveillance function of the real-time image-based iFerret™ will undergo performance, operational viability and cost effectiveness assessments. The results from these will provide key technical information to develop standards and requirements for an Advisory Circular with respect to ground surveillance systems in US airports. Executive Chairman Dr David K.M. Chew said: “This collaboration with the FAA recognises iFerret™’s superior and versatile capabilities to
meet surveillance and safety needs beyond FOD detection of runways. “Ground surveillance is paramount to the safety and security of airports globally. Unlike radar technologies, iFerret™’s revolutionary night vision and superior high-definition images, will equip airport operators with superior visual information that is vital for validation and identification of any security or safety threats on the ground. “More importantly, the adoption of such systems to track the increasing high volume of aircraft and ground vehicle traffic in nonmovement areas around the terminals and ground ramps will open a new market segment for Stratech.”
Known for its ability to detect, track and display FOD in real time, the iFerret™ has been gaining acceptance at major international airports since its certification by the FAA in 2012. Its customers include Singapore’s Changi Airport, Dubai International Airport, Hong Kong International Airport and Miami International Airport. Dr Chew added: “With the growing focus on aviation security, airports around the world will have different safety and surveillance needs. We will continue to improve our proprietary technologies to expand the capabilities of iFerret™ to meet the specific safety requirements of all airport surfaces.”
Belden Enhances Security Operating System to Better Secure Industrial Networks Belden has added new functionality to version 3.0 of its Hirschmann Security Operating System (HiSecOS) for the EAGLE20/30 firewalls, providing a single, secure network solution. HiSecOS 3.0 now offers enhanced security features for customers using the EAGLE20/30 firewalls, including Deep Packet Inspection (DPI) and Firewall Learning Mode. The flexibility of the EAGLE20/30 firewalls continues to enable many configuration options,
which eliminates the need for multiple devices, and saves customers space and costs. “The EAGLE20/30 firewalls deliver advanced multiport devices that combine added security features into one flexible solution,” said Vinod Rana, product manager at Hirschmann. “With HiSecOS 3.0, users can customize firewall rules with one click of a button using the Firewall Learning Mode to ensure peace of mind. The single device solution is the only
www.worldsecurity-index.com
firewall that combines the level of security through DPI with the redundancy and flexibility of its customer-specified network interfaces.” The EAGLE20/30 family is best suited for systems integrators, engineers and plant operators looking for a one-device solution to secure their network, reduce network risks and maximize uptime. “The industrial firewalls, paired with HiSecOS 3.0, not only allow different types of packets to go
through the network, but also goes into the packet itself using new DPI functionality, sees what it is supposed to do, and, based on rules configured, allows the packet to go through or discards it,” said Rana. The multiport firewall is built-to-order with various configuration options for up to eight ports, including Fast Ethernet, Gigabit Ethernet and symmetrical high-speed digital subscriber line (SHDSL).
World Security Report - 31
INDUSTRY NEWS
Grandmother smuggles drugs in body cavity As the incredible story of a grandmother smuggling drugs into prison highlights in very stark terms the problems faced by correctional establishments worldwide. The woman faces four drug related charges after admitting attempting to smuggle drugs into a Canadian maximum security prison where her son is an inmate. Three packages containing, methamphetamine, heroin and marihuana resin were found in her vagina. After her arrest, investigators also found nicotine patches, cigarettes and hydromorphone (an opiate) in her bra, and other patches and
toothpicks in her person. The value of the drugs inside the prison system would have exceeded USD 12,200.00 Netherlands based security manufacturer, OD Security have announced that they have been awarded another contract to install a further 3 SOTER RS ThroughBody Scanners in US Correctional Facilities. The contract is to supply 1 each SOTER RS ThroughBody Scanners to Wood County, Ohio and Carrol County, Kentucky and a second unit in the City of NewsPort News, Virgina. The use of Through Body Scanners in prisons
is regarded as the most effective way of countering the smuggling of contraband material without subjecting inmates and visitors and staff to intrusive body searchers. The SOTER RS is a low dosage full body scanner which combines ultra-low radiation with maximum visibility, for use at airports and prisons. Within seconds the SOTER RS reveals hidden items, such as weapons or narcotics, diamonds, or any stolen or smuggled goods. It doesn’t even have to be metal. The SOTER shows a clear difference between human tissue and other materials. Even ingested or camouflaged items will
be shown. The SOTER RS will increase the level of security operations previously possible through the use of conventional metal detectors. Non-metallic objects hidden under clothes, in natural cavities or within the human body cannot be detected by conventional metal detectors and typically, these non-detectable items, such as narcotics, explosives, precious stones, plastic weapons, or other contraband, can only otherwise be detected by highly intrusive total body searches.
Morpho has announced a contract with U.K.’s Cornwall Airport Newquay to supply and service advanced detection solutions that screen passengers and baggage for explosives and contraband Following competitive tendering, Cornwall Airport Newquay selected Morpho’s compact CTX 5800™ explosives detection system (EDS) to screen all passenger checked baggage. In addition, Morpho will supply baggage handling system (BHS) components, including conveyers, to enable a fully-automated hold baggage screening program. As a result, Cornwall Airport Newquay will be the first U.K. Airport to comply with Department for Transport regulations mandating Standard 3-approved EDS to screen all hold baggage by September
2018. At the checkpoint, Morpho will supply cabin baggage X-ray systems and walkthrough metal detectors to facilitate a robust, multilayered approach to checkpoint security. “Morpho commends Cornwall Airport Newquay for being the first U.K. airport to meet the September 2018 mandate and is excited to be their partner in upgrading
32 - World Security Report
and expanding hold baggage and checkpoint screening capabilities,” said Karen Bomba, president & CEO, Morpho Detection. “By investing in localized sales and service support, Morpho has created unmatched, field-proven solutions for airports of all sizes to meet current and emerging security challenges and regulatory mandates.” Richard Thomasson, Operations Manager at Cornwall Airport Newquay, added: “As a rapidly growing regional airport we want to stay at the forefront of security, service and facilities provision. The new screening equipment
shows our commitment to customer service improvement and will help us continue to provide a high-level of aviation security at the airport.” Designed to allow smalland mid-sized airports to plan for evolving threats and future expansion, CTX 5800 combines industryleading imaging and data collection in a smaller and lighter solution. The CTX 5800 is approved by the European Civil Aviation Conference (ECAC) as meeting Standard 3 requirements and certified by the U.S. Transportation Security Administration (TSA) and Civil Aviation Administration of China (CAAC).
www.worldsecurity-index.com
PRODUCT FOCUS
Smiths Detection
World Security Report
World Security Report is a quarterly electronic, fully accessible e-news service distributed to over 40,000 organisations globally. It tracks the full range of problems and threats faced by today’s governments, security and armed forces and civilian services and looks at how they are dealing with them. It aims to be a prime source of online information and analysis on security, counterterrorism, international affairs and defence. Smiths Detection
Obexion Shutters, developed by Charter Global Ltd, now include the first ever security shutters certified to LPS 1175, Issue 7, SR5 Security shutters to SR2, SR3, SR4 and bespoke risk specific specifications also available protection without compromise
www.obexionshutters.com
0845 050 8705
Targeted Solutions to your PR & Marketing Needs
KNM MEDIA Specialising in the Aerospace, Defence and Security Markets
Tel: +44(0)208 144 5934 Email: tony.kingham@worldsecurity-index.com
www.worldsecurity-index.com
World Security Report - 33
PRODUCT FOCUS
Smiths Detection
World Security Report
World Security Report is a quarterly electronic, fully accessible e-news service distributed to over 40,000 organisations globally. It tracks the full range of problems and threats faced by today’s governments, security and armed forces and civilian services and looks at how they are dealing with them. It aims to be a prime source of online information and analysis on security, counterterrorism, international affairs and defence. Smiths Detection
Border Security Matters
Border Security Matters is the quarterly newsletter of BORDERPOL, the World Border Organisation, delivering agency and industry news and developments, as well as more in-depth features and analysis to over 10,000 border agencies, agencies at the borders and industry professionals, policymakers and practitioners, worldwide. Smiths Detection
advantages
Smiths Detection
advantages
www.defencell.com 34 - World Security Report
www.worldsecurity-index.com
EVENT CALENDAR
February 2016
21-23 ASIS Middle East 2016 Dubai, UAE 22-25 IDEX Abu Dhabi, UAE www.idexuae.ae 23-24 MilSatCom Middle East & Africa Abu Dhabi, UAE www.milsatcom-mea.com 23-28 SICUR Exhibition 2016 Madrid, Spain www.ifema.es/sicur_06
To have your event listed please email details to the editor tony.kingham@worldsecurity-index.com
March 2016
2-3 Critical Infrastructure Protection & Resilience Europe, The Hague, Netherlands www.cipre-expo.com 8-9 Cyber Security Show London, UK www.terrapinn.com/conference/cyber-security-show/ index.stm 8-10 Security & Policing Farnborough, UK www.securityandpolicing.co.uk 14-17 Securika MIPS Moscow, Russia www.securika-moscow.ru 15-17 ISNR Abu Dhabi Abu Dhabi, UAE www.isnrabudhabi.com/portal/home.aspx 14-17 Securika MIPS Moscow, Russia www.securika-moscow.ru
35 - World Security Report
April 2016
12-13 Cloud Security Expo 2016 London, UK www.cloudsecurityexpo.com 13-14 Border Security Expo 2016 San Antonio, Texas, USA www.bordersecurityexpo.com 14-16 SecuTech India Mumbai, India www.secutechindia.co.in 19-20 Counter Terror Expo London, UK www.counterterrorexpo.com
June 2016
15-16 Critical Infrastructure Protection & Resilience Asia, Bangkok, Thailand www.cip-asia.com
www.worldsecurity-index.com