Industry News March 2011
Are small businesses immune to cybercrime? According to a new survey, more than 85 percent of small business owners believe that their companies are less apt to be targeted by cybercriminals than large companies are. While nearly half said that the cost in time and money to fully secure their businesses was not justified by the threat, 54 percent of the respondents said they were better prepared to protect sensitive data than large companies were.
The online poll of 1,000 small business owners, conducted by Zogby463, was commissioned by Visa Inc. and the National Cyber Security Alliance (NCSA). The sponsors warn that complacency in information security is risky. That view is shared by security experts who believe hackers increasingly target small businesses, and it is borne out by recent events. Last fall a group from the Ukraine was charged with stealing $70 million from the U.S. bank accounts of small and medium-sized businesses.
Visa and the NCSA offer resources to help small businesses secure their online activities. Find them via www.securitymanagement.com.
PARTNERSHIPS AND DEALS
Walsall Academy in the United Kingdom has deployed the AvigilonHD Surveillance System to protect students and assets.
Chubb Security installed a CCTV, access control, and intruder alarm system for the Ronald McDonald House at Birmingham Children’s Hospital in the United Kingdom. Contemporary Services Corporation has renewed its contract to provide security for Buffalo Bills home games and special events.
King Rogers Group Analytics will offer loss prevention and operations audit services to Envysion managed video customers.
ERIS Technologies, LLC, has entered into a partnership with Virginia Tech and L-3 STRATIS to develop an integrated security and incident management center of excellence on the school’s campus.
Network video surveillance software and servers from exacqVision have been installed at Virginia’s George Mason University.
First Community Credit Union has deployed Fraud-MAP for Retail Banking from Guardian Analytics to protect its online and mobile channels.
Infinova announced that its cameras and illuminators are being used in a vehicle access control system at the University of Sharjah in the United Arab Emirates. The system was designed and created by 3Soft USA.
IndigoVision’s IP video technology is in use on the Polar Pioneer offshore exploration platform, which is based in the North Sea. StatoilHydro operates the platform.
A new partnership allows Info Innovation Japan Inc. to represent iovation to Japan’s leading online brands.
Ohio University has added six KeyWatcher cabinets from Morse Watchmans to its key management system.
Nortech Controls will distribute the uPASS product line from Nedap AVI in the United Kingdom.
North American Video designed and built a surveillance system for Las Vegas CityCenter, a joint venture between MGM Resorts International and Infinity World Development Corporation.
Oberthur Technologies was selected to provide its smart card to members of CLEAR, Alclear LLC’s trusted traveler program.
OSS Inc. has contracted with Minshall Development Corporation to provide security guard services for the Galleria Mall and Towers at Erie-view in Cleveland, Ohio.
Pelco and Zenitel are integrating Zenitel’s STENTOFON communications systems with a range of Pelco video cameras and systems to create an interactive audio-visual security system.
Rapid Notify, Inc., was selected by Allegheny Energy Supply to provide emergency notification services for its Lake Lynn Power Station in Pennsylvania.
SureView Systems has joined the ADPRO Advantage Partner Programme, an Xtralis initiative.
Societé Tunisienne de Banque in Tunisia will implement the VACMAN Controller and DIGIPASS 260 from VASCO Data Security International, Inc., to secure its online enterprise customers.
Cernium Corporation has received a contract from SecureNet, Inc., to provide equipment and services to the Transportation Security Administration’s Exit Lane Security Project.
Gamewell-FCI by Honeywell is now a General Services Administration Schedule No. 84 supplier of fire alarm and mass notification systems.
Giesecke & Devrient and Secusmart have released a new generation of the SecuVOICE solution for encrypted cell-phone calls for the German Federal Office for Information Security.
HSS Aviation and Government Services will provide Hartsfield-Jackson Atlanta International Airport and San Diego International Airport with services to include perimeter security, delivery monitoring, and access control for parking lots and security areas.
Infinova cameras are part of a toll surveillance system for Bangalore, India, which was created by Infinova and Deepti Electronics & Electro-Optics Pvt. Ltd. for Nandi Infrastructure Corridor Enterprises.
MaxID and P-SIG have won a contract from the U.S. Coast Guard for Transportation Worker Identification Credential (TWIC) readers and software.
Virginia’s Fairfax County Public Schools is using the VisionFrame video wall from Middle Atlantic Products to monitor its school bus GPS system, expulsion hearings, and intrusion and fire alarms for 230 facilities.
PlantCML will provide emergency notification technology to the U.S. Army at Fort Lee, Virginia.
Raytheon Company will develop and install a system to provide improved intelligence and information sharing for the U.S. military’s Joint Interagency Task Force South.
Dallas Area Rapid Transit has deployed the SightLogix video intrusion detection system to provide perimeter security at its Northwest Rail Operations Facility.
Verizon Business is providing Virginia with smart credentialing services to enable authorities to electronically confirm the identities and skills of emergency responders at a disaster scene.
AWARDS AND CERTIFICATIONS
AlliedBarton Security Services was recognized by the Texas Veterans Commission as Employer of the Year in the large employer category. The company also received a 2010 Employer Award of Excellence from the Texas Workforce Commission.
Avigilon was named Best New Exporter in the 2010 British Columbia Export Awards, which was cohosted by the Ministry of Tourism, Trade, and Investment and Canadian Manufacturers and Exporters.
Axis Communications named LENSEC its 2010 Education Partner of the Year.
Codebench, Inc., has received the 2010 Homeland Security Award from Government Security News for its PIVCheck software suite in the category Best Integrated System for HSPD-12/FIPS 201 Compliance.
G4S Secure Solutions (USA) was named a Top 100 Military-Friendly Employer by G.I. Jobs magazine.
Genetec was named a regional winner in Canada’s 10 Most Admired Corporate Cultures of 2010, a program sponsored by Waterstone Human Capital.
ID Analytics received a patent for the company’s system for identity-based fraud detection for transactions using multiple historical identity records.
Lumidigm won the New Product Innovation of the Year Award, Fingerprint Biometrics, North America from Frost & Sullivan.
MorphoTrak received the 2010 Homeland Security Award for biometric access control solution from Government Security News.
NABCO, Inc., announced that its total containment vessels received approval from the U.S. Department of Defense Explosives Safety Board and the U.S. Air Force Safety Center.
Perimeter E-Security has successfully completed the PCI Security Standards Council Qualified Security Assessor testing process and is validated as compliant with the Payment Card Industry Data Security Standard.
Senstar Corporation was named 2010 North American Company of the Year in the intrusion detection industry by Frost & Sullivan.
Smith & Wesson announced that its Universal Safety Response, Inc., won the 2010 Government Security News Homeland Security Award for Best Crash Barrier.
Tri-Ed/Northern Video Distribution announced that its IP Video 101 training class has earned Electronic Security Association certification. The National Training School certification provides two CEU credits for the class.
G4S has established a training program for its video monitoring support and data center operators.
Geutebruck has launched a new online store to sell software applications or “apps,” which add value for its system users.
Lumenera Corporation has expanded its manufacturing facility in Ottawa, Ontario, Canada.
Morphix Technologies has launched a Facebook page, where first responders can share ideas and information with one another.
Napatech has opened an office in Tokyo to provide local sales and support for its customers in Japan.
Personnel Security Consultants, Inc., is an authorized liaison among the U.S. Bureau of Indian Affairs, the FBI, and tribes, enabling tribes to obtain fingerprints for criminal history record searches.
Risk Control Strategies has created the International Travel Intelligence Network to provide information to safeguard people as they travel abroad.
Safe Communications, Inc., has formed a new corporate security division, called MaskMail, that will work to reduce internal theft for corporations and retail outlets.
Securitas has acquired Security Professionals Inc. and Security Management Inc., two security services companies based in Chicago.
Security Door Controls has moved to a new corporate facility in Westlake Village, California.
In July 2010, Vector Security began sponsoring Project Home Again and displaying posters of missing children on its service vans and patrol vehicles. Within four months, six children had been recovered. Their pictures had been posted on vehicles in Ohio, Pennsylvania, Florida, and California.
Video Mount Products has launched an electronic newsletter for customers. Participants can register for the monthly newsletter at www.videomount.com.
Visonic Ltd. has a new section in its corporate Web site that provides North American customers with specific information for their needs, including a product catalog, webinars, and links.
Waterfall Security Solutions, Ltd., has established a U.S. subsidiary in New York City.
U.K. University Offers Certificate in Security Management
United Kingdom-based Buckinghamshire New University is offering a postgraduate-level certificate in security management. Existing and newly qualified Certified Protection Professionals® (CPPs) can earn the qualification by completing a 20-week academic program via distance learning.
There will also be an opportunity to use the certificate as accredited learning in place of one module of the university’s master’s degree in business continuity, security, and emergency management. This means that with an additional 12 months of study, CPPs will have the potential to hold a full master’s degree. The program will provide knowledge and concepts together with structured assessment tasks, and students will be encouraged to identify the relevance of the content to their own working environments. There will be emphasis on applying the various principles, theories, and practices to the students’ individual businesses, work roles, and employment requirements or aspirations.
Baroness Ruth Henig, chair of the U.K. government’s Security Industry Authority, stated that “the formal education of individuals—both those already working in security-related roles and those newly starting their careers—is one way in which the industry can continue to move forward and maintain its aim to drive up standards and so create a better and safer environment for the public. Creating functional and successful security university courses contributes to the continuing development of a modern security industry, and it is encouraging to see this being achieved through the work of various educational institutions. Degree and postgraduate-level security courses demonstrate to the general public the level of professionalism to be found in the industry and how seriously the security industry takes the development of its employees.”
Students will be able to access support mechanisms and module tutors through e-mail, telephone, the “Blackboard” virtual learning environment, and, if they wish, face-to-face. Students will also have access to the full range of journals, standards, and library resources as all of the students at the university, and the program will be supported by electronic documents and other resources and workbooks.
This initiative has been designed to meet the needs of security professionals who have committed themselves to earning CPP certification and now want to go forward and enter full academic study. The program recognizes that prequalification to take the CPP examination demands a level of experience and academic ability, and that many of those practitioners who are certified aspire to move forward and further enhance their professional and career potential.
Security Convergence: A New European Initiative
By Alessandro Lega, CPP, and James Willison, M.A.
For many years, physical/operational security and information security have been seen as separate disciplines with marginal overlap. Legal and other enterprise risks have also been addressed by units operating in their own silos. Today, however, there is the understanding that risks converge and so must security planning and processes. The solution is security convergence wherein the different aspects of security are addressed within the same responsibility.
The positive effects achieved where security convergence has been totally implemented prove that this organizational model is a win-win solution. The subject is destined to become one of significant interest for all security professionals and their organizations.
To accelerate this process and create a better awareness of the potential for convergence, the ASIS International’s Group 15 (Europe) has developed specific strategies that are based on three key points:
Security convergence can be defined as a set of processes that bring together all those who are dedicated to different aspects of security to protect business assets.
In many organizations, physical security and information security are managed by two separate departments. The recognition of the interdependence of these business functions and processes has led to the development of a more holistic approach to security management.
Authorized access to company information is of particular importance to both teams and their unity in ensuring this is crucial.
In the second part of 2010, a convergence representative was appointed with the primary objective of promoting relations between ASIS, ISACA, and the Information Systems Security Association (ISSA) in Europe. After some months of activity that focused on the state-of-the-art of convergence in Europe, the European Advisory Council decided to further develop this initiative.
The decision was taken by this body to set up a dedicated subcommittee, bringing together some of the most experienced practitioners in this area. This was proposed in November 2010 with the intent of having a fully-operational subcommittee by early 2011. The members’ selection process took time to identify volunteers to work together within the subcommittee.
The role of chair was given to Alessandro Lega, CPP, one of this article’s authors, who is a member of the ASIS Italy Chapter. Lega was the convergence representative in 2010. Conscious of the fact that the United Kingdom has taken the lead in working on convergence in Europe, Lega decided to analyze the model used to build and maintain relationships between the three founder associations—ASIS, ISSA, and ISACA—that formed the Alliance for Enterprise Security Risk Management in 2004.
Meetings with relevant members of the ASIS United Kingdom Chapter, and ISACA and ISSA’s U.K. chapters have helped avoid reinventing the wheel in setting up operations for the initiative in Europe.
The European Convergence Subcommittee was officially put in place on February 1, with the involvement of eight members from five different European countries. (Other members are expected to join the subcommittee in the future.) All are ASIS members with years of experience in security convergence.
They are: Lega from Italy; coauthor James Willison of the United Kingdom, who is serving as the subcommittee’s vice chair; Paolo Campobasso, group chief security officer of UniCredit Group, from Italy; Richard Knowlton, group director of corporate security, Vodafone Group Services Ltd., from the United Kingdom; Sylvan Ravi net, CPP, PSP, of France, associate director of the Gambade Group; Christoph Teuber of Switzerland, executive director, head of physical security and safety, UBS AG; Martin Smith of the United Kingdom, chairman and founder The Security Company (International) Limited; and Rene Bouter of the Netherlands, senior consultant for Atos Origin.
One of the first issues that the Convergence Subcommittee will address is the selection of an education center in Europe to become an Academy of Excellence for Security Convergence. The current members of the subcommittee will select a location for what is hoped will become the best-in-class for security convergence education and training.
Other objectives are in the pipeline for 2011. One of the key issues is to develop relationships with other associations and with other ASIS working groups. Every effort will be made to share experiences and best practices. The area of standards is an excellent example of the progress already being made.
To conclude, after some years of limited attention to security convergence, with some relevant achievements mainly in the United Kingdom, ASIS in Europe intends to promote the clear benefits of convergence. The issue and the work of the subcommittee will be addressed during one of the presentations on April 5 during the Annual ASIS European Conference in Vienna.
Alessandro Lega, CPP, is chair of the ASIS European Convergence Subcommittee. James Willison is the committee’s vice chair.