Month: October 2017

By now, it’s a familiar story! A company puts massive amounts of data on a remote cloud server – then someone finds a way in, gaining access to sensitive business documents or the personal information of millions of people. It happened to Verizon; it happened to WWE; and it happened to the political data company Deep Root Analytics. Most recently it happened to the accounting firm Deloitte. According to a news report, hackers tapped into the company’s email system simply by logging on as an administrator. And it will keep happening, experts say, especially when companies neglect data security in their eagerness to convert to the cloud. “They inherently believe they get all these magical properties of security by moving (to the cloud), and it just doesn’t happen,” said Josh Douglas, Raytheon’s Chief Strategy Officer for Cyber Services. Cloud computing is an increasingly popular option for businesses. The cloud-services market could generate as much as $236 billion in revenue by the year 2020, according to Forrester Research. The reasons are clear – the cloud cuts the cost of hosting and maintaining on-site servers, it allows employees to work seamlessly from anywhere, and it adjusts to the size of the organization. “But just like any other connection to the internet, it creates ample opportunities for cybercriminals to attack,” Douglas continued, “As we tell our clients, cloud computing puts your information on someone else’s computer. So it’s vital to protect the cloud exactly as you would your own servers.” The Verizon, WWE and Deep Root Analytics breaches, all appear to stem from improper cloud-security settings. Media reports on all three incidents said the databases were accessible to anyone who had the URL. In the Deloitte breach, news reports said the attackers signed onto a server that required only a login and password – less protection than many people have on their social media pages. A common measure known as ‘two-factor authentication’ would require both a login/ password combination and another means of verifying identity such as a fingerprint or PIN code that appears on a secondary device. “It is a basic part of cyber hygiene, and while it might not have prevented the intrusion altogether, it would have at least slowed the attackers and forced them to use more sophisticated methods,” Douglas said. He also mentioned other common mistakes in converting to the cloud that include failure to scan old code for vulnerabilities, failure to segregate systems and forgoing ‘red-teaming,’ also known as adversary emulation testing, where security consultants play the role of hackers and attempt to breach systems critical to the business. “But data security in the era of cloud computing isn’t just about setting things up correctly. It’s also about the behaviour of employees,” said Matt Moynahan, CEO of Forcepoint, a cybersecurity company jointly owned by Raytheon, “Using technology to monitor employee activity, identify possible errors and sniff out malicious intent can help reduce risk.” “Regardless of whether organizations are securing data using on-premises or cloud-based technology… organizations need to balance protecting privacy and understanding how their employees interact with critical business data and intellectual property,” Moynahan concluded. Even with all the risks cloud computing can present, businesses shouldn’t fear conversion to the cloud. Companies often over-correct after cybersecurity problems, with security measures so strict they impede the growth of business. That, Douglas said, is also a mistake. “If the pendulum swings too far to the right, security puts a standstill to the innovation and technology,” he said, “It’s important to adopt things like clouds, because that innovation is what helps our society grow.”

HID Global® has recently introduced new standards-based identity and access management (IAM) solution for government agencies to more easily comply with the mandate to improve physical access and digital identity security. At the heart of this IAM solution is the new HID Crescendo® temporary access card, which gives visitors a more secure credential to enter government buildings. HID developed this temporary access card to provide a visitor credential that has the same level of security as the standard government-issued PIV and PIV-I cards used by all U.S. government employees. The new HID Crescendo temporary access card creates a PIV-like access experience for people who, unlike a full-time government employee, only need temporary access. Because visitors to U.S. government agency buildings are not eligible to receive a government-issued PIV card for access, government agencies have been using traditional physical access technology for visitor IDs, thereby creating an unnecessarily higher risk of intruders trying to gain entry, likely from badges being cloned. A call within the U.S. federal government to start moving away from traditional visitor management based on proximity-based technology cards has intensified with rising concerns about potential vulnerabilities to government buildings. This follows the U.S. Office of Management and Budget (OMB) mandate through OMB M11-11 for U.S. federal government agencies to move to PIV cards for access to facilities. “The U.S. government has recognized the need to make sure that visitors to government agency buildings are using the most secure credentials available and can be trusted,” said Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions (IAMS) business within HID Global, “No other access card technology on the market today can do what our new HID Crescendo temporary access card can do with a digital identity certificate for a PIV-like experience to increase security of visitor access.” The HID Crescendo temporary access card is based on public key infrastructure (PKI) technology, which means a digital certificate is embedded on each visitor ID access card, providing an extra layer of trust that the card holder is authorized to access a building. Federal government building managers are moving to ‘PKI-at-the-door’ based on mandates to discontinue using traditional physical access credentials. New-generation technologies are needed. However, most government agencies have limited resources to deploy a full PKI/ credential management system solution on their own. This is why HID’s new IAM solution is significant and timely, delivering a simplified, cost-effective way for agencies to deploy a ‘PIV-like’ PKI-at-the-door experience right away to address today’s potential vulnerabilities. The HID Crescendo Temporary Access Card uses HID’s advanced credential management, which is particularly beneficial for government agencies that do not have their own credential management system. The solution can be deployed seamlessly onto FIPS 201-compliant physical access systems at any government building and does not require the installation of complex software.

ASSA ABLOY has signed an agreement to acquire Mercury Security, a leading OEM supplier of controllers for physical access control. “Mercury Security is a strategic technological addition to the ASSA ABLOY Group. The company reinforces our current offering, where Mercury Security considerably enhances the Group´s position within physical access control and will provide complementary growth opportunities,” says Johan Molin, President and CEO of ASSA ABLOY. “The acquisition of Mercury Security will advance HID’s global leadership in the physical access control industry, adding Mercury Security’s high-quality controllers to HID’s product portfolio while extending HID’s installed base of millions of users beyond the readers and smart cards that we are already well known for,” says Stefan Widing, President and CEO of HID Global. Mercury Security was founded in 1992. It is headquartered in Long Beach, California and has some 45 employees. Sales for 2017 are expected to reach USD 60 million (approx. SEK 500 million) with a good EBIT margin. The acquisition will be accretive to EPS from start. The transaction is conditional upon regulatory approval and satisfaction of customary closing conditions and is expected to close during the fourth quarter of 2017.

Enables customers to receive full threat analysis and prevention within Asia-pacific borders while benefiting from global threat prevention. Palo Alto Networks® has unveiled its APAC WildFire™ cloud, located in Singapore. The service allows customers in the region to benefit from Palo Alto Networks WildFire cloud-delivered threat analysis and prevention capabilities, while addressing customer’s data privacy concerns, via an APAC-based cloud. WildFire is now available with regional-specific clouds in Asia-Pacific (APAC), the European Union, Japan, and North America. As cyberattacks grow in complexity and sophistication, threat prevention has become more difficult, time-consuming and expensive, especially when done in isolation. Today, this is not a fight any one organisation can win alone. A global, cloud-delivered, community-driven approach to aggregated threat analysis is crucial to achieving the best possible threat intelligence and prevention, to effectively defend against a community of attackers who share information, attack methods, and techniques. However, recent developments in data regulation – both globally and in the region – have heightened concerns about data transfer, protection and sovereignty. By offering customers the ability to submit their unknown content to the APAC WildFire cloud for analysis and verdict, customers will have more control and certainty over the location of their data, in order to better comply with their data sovereignty and privacy requirements, while continuing to capitalise on the benefits of globally shared threat data. Additionally, with the APAC WildFire cloud, security teams across the region can accelerate threat hunting, analytics, and response efforts, with globally correlated intelligence from the entire WildFire community, made directly accessible through the Palo Alto Networks AutoFocus™ contextual threat intelligence service. The launch of the APAC WildFire cloud is part of Palo Alto Networks commitment to customers in Singapore and the wider APAC region, following the opening of its new APAC headquarters in Singapore earlier this year. The investments made in Singapore into local cloud infrastructure, and an on-site threat intelligence team – Unit 42 – will provide customers in the region, and globally, the opportunity for increased protection against advanced cyberattacks. As businesses in Asia-Pacific continue to grow at a rapid pace and modern networks evolve, so too will the threat of cyberattacks. Our APAC WildFire cloud allows organisations to tap into global prevention capabilities and counter increasingly sophisticated threats, while addressing their data sovereignty and privacy concerns – Simon Green Senior Vice President, Asia-Pacific, Palo Alto Networks  

Thales closes the acquisition of US company Guavus, a pioneer in real-time big data analytics. Headquartered in San Mateo, California, in the Silicon valley, Guavus employs 250 people, of which 140 are based in Gurgaon (India), 60 in California and 50 in Montreal (Canada). Guavus is perfectly suited to help Thales address the growing needs of an increasingly connected global ecosystem. The company has built a recognised industrial ‘big data’ platform particularly adapted to real-time analytics and designed to be easily implemented across any number of new markets. Its revenues are expected to exceed US$30 million for the current fiscal year. The impact of this acquisition on Thales’s 2017 EBIT should be non-material. This business will be assigned to the defence & security operating segment. Thanks to this acquisition, Thales strengthens its positioning in one of the key technologies at the heart of digital transformation of its customers. Patrice Caine, Thales’s Chairman and CEO, commented, “Thales is very excited that this acquisition has now closed and welcomes Guavus’s talents as part of its family. Combined with our established expertise in other key digital technologies, the acquisition of Guavus represents a tremendous accelerator of our digital strategy for the benefit of all our customers, whether in aeronautics, space, rail signaling, defense or security.”

Gemalto advanced ePassport technologies are now being used in over 30 different countries. Thanks to their outstanding security and the faster, more convenient border crossings they facilitate, the company’s solutions help authorities strengthen homeland protection and improve the traveller experience. Gemalto’s leading position has been built on the supply of complete travel documents and key components such as polycarbonate data pages, visible and hidden document security features, electronic passport covers, and ICAO-compliant embedded software. In addition, the company’s secure embedded software has consistently outperformed the competition in international tests on speed over the last decade. Gemalto is also making an active contribution to the definition of international ePassport standards. Introduced in 2005, the ePassport – which now represents 57% of passports in circulation – delivers enhanced fraud protection by incorporating a secure microprocessor that stores the holder’s personal data and digital photo. Electronic passports include a standardized electronic portrait of the holder for facial recognition, which opens the door to a comprehensive range of automated, self-service airport services for passengers. This extends from check-in through to immigration control and boarding, resulting in an enhanced experience on arrival and departure. The future ePassport A new generation of ePassport will digitally store travel information such as eVisas and entry/ exit stamps to support even more efficient immigration control. The key trends in travel documentation identified by Gemalto include: Swift migration to tamper-proof polycarbonate data pages, which dramatically reduce the risk of fraud. Rapid growth in secure digital identity credentials. Sensitive ePassport data is stored on the holder’s smartphone to create a secure companion to the physical passport, making life easier for travellers. Smart borders/ smart airports to emerge at a faster pace. Combined with the hundreds of millions of ePassports now in circulation and a strong push behind biometrics (particularly facial recognition), they offer travellers quick and secure cross-border movement.

Criminal hacker group brought to trial Criminals scammed millions from Swedish companies and authorities by hijacking computers. As recently reported in Swedish media, a criminal hacker league has been charged with one of the biggest IT-based frauds in Swedish history. What makes the fraud unique is the severity and extent of the attack; a group of eight criminal hackers from Sweden and Poland has stolen 40 million Swedish kronor from 60 companies, authorities and municipalities; among the victims are several Swedish financial institutions and a political party. The preliminary investigation has been limited to SEK 40 million due to the maximum sentence value, but the scam most likely vastly exceeds that sum. The attackers gained access to the organization’s user IDs and passwords, as well as an understanding of how the organization communicates by utilizing malicious files and remote administration tools. This information was then used in the social engineering part of the scam. The add-on of social engineering added to the success rate where users were tricked into clicking on links and/ or malicious files which enabled the attackers to gain full access and lateral movement within the victim’s networks. With the access gained by the criminal activity, attackers were able to redirect significant amounts of products such as IT equipment to alternative addresses. The scam pivoted over time to also include actual changes in financial systems to redirect payments to alternative accounts, hence leapfrogging the logistics side, transferring cash directly to specified accounts. JesperSvegby, CEO of Bitsec, part of the European cybersecurity company Nixu, comments that the fraud wasn’t very sophisticated technically but it was advanced in terms of the large scale and strategy. In addition, the attacks evolved over time to generate even better outcome for the criminals, so there was a long-term characteristic involved in the attack that lasted over a long period of time. According to JesperSvegby the attacks could have been successfully prevented and stopped, which was the case in many instances. Operations that had on-site control features to prevent malicious code and limited access to remote software had better chances to resist the criminal attack. Furthermore, businesses with a higher security awareness and incident readiness had better capabilities to identify the incidents, respond to them and mitigate them. Cybersecurity calls for new approach throughout the society The fraud is setting a new trend in terms of IT related crime, two worlds are converging which has created a significant impact. General company based fraud generating revenue through fake invoicing, tax fraud has in this case been merged with the IT-based crime scene by utilizing malware and weaknesses in systems and procedures to gain access to sensitive systems. The combination has enabled the perpetrators to manage the entire chain in the fraud in a very efficient and scalable manner. “This is a new trend that we have been able to follow closely when supporting some of the companies exposed to this fraud,” says Bitsec CEO JesperSvegby. “As society becomes increasingly digital, ensuring effective protection against this type of crime requires new approaches and structures from various parties in society. Organizations need to lift their information security to management and board level. In addition, society must realize its vulnerability and require more interaction within and between police, prosecutors and companies and organizations facing cyber-threats,” summarizes JesperSvegby. The trial is scheduled to run for approximately 55 days. The prosecutor is aiming for the maximum sentence of eight year’s imprisonment. The preliminary investigation is significant, involves as many as 13 prosecutors and has produced investigatory material exceeding 20,000 pages.

CNL Software showcased its latest IPSecurityCenter™ PSIM solution at ASIS 2017 in Dallas. CNL Software’s pure focus on PSIM technology facilitates efficiency and cost savings through integration and automation, and by maximizing the longevity of existing subsystems, promoting subsystem and openness. Today, organizations across the globe are battling with increasing security risks with tightening security budgets, often leaving people, infrastructure, and commerce at risk. Fortunately, technology is helping to bridge this gap for security professionals, creating force multiplier scenarios to help leverage visual and data based intelligence, and optimize resourcing. For almost a decade, IPSecurityCenter has been helping secure major cities, government buildings and military installations; protect public and private critical infrastructure; help public and private corporations manage risk and protect assets; and keep transportation facilities and networks operational and the people that rely on them safe in North America. IPSecurityCenter is enabling a new era of security, providing unprecedented intelligence and information correlation capabilities, enabling organizations to best leverage big data, social media, and the Internet of Things. “We look forward to a great show and to meeting our customers and industry peers in Dallas. This year we will be showcasing some of our latest IPSecurityCenter developments, including an enhanced Windows client with interactive dashboards; and automated IPSecurityCenter client update, which improves sustainability and allows for the efficient upgrading of IPSecurityCenter clients across the network. We also have completely new web and mobile clients, as well as many new supported integrations and enhancements to our federated system architecture.” says Mike Mostow, General Manager – Americas at CNL Software, “These IPSecurityCenter features have been designed to meet the specific operational challenges for our public safety, security, and emergency management customers to help them better visualize risks and resources, facilitate collaboration, and provide seamless and immediate access to all critical data, when and where it is needed.”

As the part of Hangzhou International Day activity, the distinguished delegation of 11 Consulate Generals in Shanghai visited Dahua Technology Headquarters. Michael Chen, Dahua Vice President and General Manager of Overseas Business hosted the reception. The annual Hangzhou International Day is a window for the international friends to gain in depth understanding of Hangzhou, and experience the culture exchange and integration. Participation of Consulate Generals’ on the Hangzhou International Day is a traditional practice. This year, Dahua, as an outstanding company was honored to be one of the four representative companies that were visited by this distinguished group of people. The delegation comprised around 40 people representing 17 countries including Argentina, Austria, Bulgaria, Cambodia, Kazakhstan, New Zealand, Pakistan, Poland, Turkey, The United Arab Emirates, Ukraine, Brazil, Chile, Hungary, South Korea, Lao and Philippines. Michael Chen warmly welcomed the Delegation, and briefly presented Dahua’s core competency in video. Later the delegation was taken to a thorough visit to Dahua showroom. The ambassadors were very pleased to learn Dahua’s expanse, and advanced technology and solutions.

Avigilon Blue is a powerful cloud service platform for security and surveillance that is purpose-built for Avigilon partners and their customers (subscribers). It offers a new recurring monthly revenue model based on site subscriptions. Avigilon Blue enables subscribers to add new services as the platform expands, bringing additional value to their business. It also allows partners to remotely support and service sites with fewer resources, enabling them to scale their business faster while providing even greater value to their customers. For subscribers, Avigilon Blue provides advanced cloud technology for easy and secure system access, smart notifications, system upgrades, and new services pushed directly from the cloud. “We are introducing Avigilon Blue, our subscription-based cloud service platform for security and surveillance, to help revolutionize our industry and create a new recurring revenue business model for Avigilon and our partners,” said James Henderson, Avigilon’s Chief Operating Officer, “Collaborating with Microsoft allows us to use their trusted Microsoft Azure cloud platform to build a cutting-edge solution that provides inherent value to our customers.”  A new level of managed services With Avigilon Blue, partners will be able to deliver a new level of managed services with a platform that is straightforward and intuitive, whether they are an IT novice or an expert. It will provide site analytics and automatic system health notifications, and enable remote monitoring as well as identification of system performance trends. Partners will be able to adjust camera settings and perform system upgrades from the cloud without having to deploy a technician. Users will be automatically notified of the latest updates, ensuring systems remain secure and current. Advanced video analytics-based notifications Harnessing patented Avigilon self-learning video analytics, Avigilon Blue utilizes real-time alarm notifications to bring attention to the events that matter most. The system integrates an on-premise Avigilon Blue Connect device that supports local storage as well as Avigilon and ONVIF compliant cameras, and sends critical events to the cloud for users to view and verify from their web-connected device. Trusted and secure cloud technology Powered by Azure, Avigilon Blue will leverage cloud services that are built, deployed, and managed through a global network of trusted datacenters, providing customers with enterprise-grade security and global scale. Rapid innovation deployed through the cloud The launch of the Avigilon Blue platform will be a foundational step that will enable partners and their subscribers to take advantage of Avigilon’s rapid innovation through an expanding selection of subscription service offerings, starting with video surveillance and advanced video analytics.