Month: June 2018

UBM India is all set to bring in the fourth edition of ‘Security and Fire Expo (SAFE) South India’ for the first time at Hitex, Hyderabad during 28 – 30 June 2018. The expo aims to bring together renowned Indian and international brands from video surveillance, access control, entrance and home automation, and perimeter protection industry to interact, network, view latest innovations, and source and gather business solutions  and invaluable expert supports – all under one roof. SAFE South India is supported by the Electronic Security Association of India (ESAI) and Asian Professional Security Association (APSA).  Highlights: Security services revenue to reach USD1.69 Billion by 2019 Central Government has shown commitment to enhance the security budget by 35% 70 plus brands showcasing their latest technological advancements Conference on the changing paradigm in security technologies With a distinguished line up of key exhibitors and thought leaders on board, the expo will add immense value to the commitment shown by the Central Government to enhance its security budget by 35 per cent for creation of a dedicated homeland security department, developing coordinated intelligence gathering, protecting critical infrastructure and upgrading maritime security. The revenue for security services accounted for 61% three years ago in 2015, and is expected to increase to 66% by 2020. Security spending on hardware, software and services in India is expected to cross the USD 1.69 billion mark by 2019. SAFE South India will be a launch pad for security companies to introduce products in this emerging market, and establish relationships with the key decision makers. The congregation will see security professionals from across industries including security and safety managers from hospitality, IT/ BPO & service industry, real estate, port authorities, power plants, logistics, construction, architecture, automobile, manufacturing, industrial, retail, jewellery, health, education, IT, networking, telecoms, automation, BFSI etc. The 4th edition of SAFE South India has attracted prime exhibitors such as Mark Electronics Corporation, Timewatch Infocom Pvt. Ltd., RoadPoint Ltd., N S Enterprises, ACJ Computronix, Advance Infotech, WYSE Biometrics Systems Pvt. Ltd., Mantra Softech (I) Pvt. Ltd., Matrix Comsec Pvt. Ltd., Prama hikvision India Pvt. Ltd., Pictor Telematics Pvt. Ltd., Axestrack Software Solutions Pvt. Ltd., R G International, Lana Technologies Private Limited, Tekno Electro Solutions (P) Ltd., Face ID Systems LLP, HiFocus Electronics India Pvt. Ltd., Enterprise Software Solutions Lab Pvt. Ltd., Futureeye Global Technologies, CAMTECH Solutions, Dahua Technology India Pvt. Ltd., and Vamo Systems Pvt. Ltd., amongst others. The event will also be organizing a unique conference on The Changing Paradigm in Security Technologies, slated for Day one. The conference will comprise in-depth speaker sessions and panel discussions on trending subjects such as ‘Security of a New-Age City,’ ‘The Role of Drones and UAVs in Homeland Security,’ ‘Visual Analytics in Ensuring Safe Cities,’ ‘IoT and Security of Assets’ and ‘The Threat of Cyber Attacks on Surveillance Systems,’ among others.  “The expenditure on surveillance and security has been increasing in the Indian market in recent years. The government has taken various initiatives to increase security services revenue which will benefit the citizens as well as the security and surveillance services industry. After all, a modern civil city should be able to showcase seamlessly safe, smart, energy efficient and technologically advanced features.  Notably, for the first time since its inception, SAFE South India is being brought to Hyderabad as a strategy to get the show closer to the end users by rotating it across the several key Indian cities that are situated in South India. SAFE South India provides an exclusive platform for the leading players in the security industry to tap into the growing South Indian market by    forging joint ventures, partnerships/associations, sourcing, dealerships and networks.”   Yogesh Mudras, Managing Director, UBM India Pvt. Ltd.                           

There are several factors that make the widespread adoption now difficult, the first of which is the pitfalls of different phones and the platforms on which they run. Not everyone carries the same type of phone – or even a smartphone. When you have 3,000 people in a company who all need credentials to access a facility, it is rarely feasible to give each person a phone that will run the application needed. Another consideration is how to handle visitors and contractors that might require short- or long-term access to a facility. Perhaps more obvious is the challenge that emerges when a mobile device runs out of battery, thereby rendering it useless when trying to access a facility. Considering privacy Another challenge end users face when considering implementing a mobile-based access control solution is the concern employees may have regarding privacy. When using mobile credentials on a private mobile phone, there’s a certain level of access an employer has to the phone. Employees are concerned as to how employers are using their information with regards to location-based data, or where an employee is at any given moment. Naturally, with this level of access to personal information, there’s going to be a concern about how that data is used. While there is definite movement in the direction of mobile credentials across enterprises, another issue is the proprietary nature of the technology. Since it’s still emerging, there are no common standards in place that police can use, so end users that choose to invest in the technology are often locked into a single manufacturer’s system without the flexibility that more open-platform solutions allow. Addressing these concerns Many end users are now shifting toward a hybrid approach to access control that utilizes both traditional badges that allow access to a facility, as well as the option to use their mobile device as their credentials. The argument is that many employees will have their phones on them at all times, but might not always remember a badge or ID. Having the option to use either solution is becoming a more widespread use of mobile-based systems. With regard to privacy concerns, it’s important for security managers to work closely with human resources and other C-level executives to implement best practices for the use of this technology in an effort to better inform employees and guide implementation. Customer point-of-view We are seeing an increasing customer demand for mobile credentials, so it’s important to understand their needs when discussing which access control solutions are ‘right’ for an organization. Many want the flexibility to offer multiple options to their employees, but again, have to consider the privacy implications as well as the technology involved in trying to implement such a solution. Another consideration is the actual physical implementation. Most mobile based credentialing systems are built with bluetooth, which has a long-range capability; and this can be problematic. For example, turnstiles that are in close proximity to each other might pick up credentials that are a greater distance away. Standards such as near-field communications (NFC) that can be found in a lot of devices can address some of these concerns, but NFC’s ability to be used openly in an iPhone environment is not fully established and therefore isn’t a viable option unless the same kind of devices is used across an organization.

Joint Secretary (PM) Ministry of Home Affairs has recently issued directions to all Controlling Authorities to use CCTNS (Crime & Criminal Tracking Network System) to check the crime record of private security guards, as well as the owners/ directors of the private security agencies so that the police verification of the private security guards can be done speedily and certificates can be issued at the earliest. This will speed up the verification processes for the renewal of PSARA license. Almost 90% police stations across country have been connected through computer network under CCTNS, thereby antecedents of a person especially his/ her criminal records can be checked and verified soon. CAPSI has been persuading MHA to speed up the verification process so that every security guard is verified through its systems. This notification of the MHA will really help in renewal of pending licenses.

Over the last few years, cybercrimes have become more intense, sophisticated, and potentially debilitating for individuals, organizations and nations. Law enforcement agencies are finding it difficult to check and prevent the crimes in the cyber space because the perpetrators are faceless and incur very low cost to execute a cybercrime whereas the cost of prevention is extremely high. Targets have increased exponentially due to the increasing reliance of people on the internet. Cybercrimes which were restricted to computer hacking till some time ago, have diversified into data theft, ransomware, child pornography, attacks on critical information infrastructure (CII) and so on. “Cyber related risks are a global threat of bloodless war. India can work towards giving the world a shield from the threat of cyber warfare” Narendra Modi Prime Minister of India India is becoming increasingly vulnerable to this menace because of rapid digitization and proliferation of mobile data without matching pace of cyber security and cyber hygiene. At present, India is ranked at 3% in terms of cybercrime incidents as per data shared by a leading security vendor, which compiled data of bot-infected systems controlled by cyber criminals in different countries. As per CERT-In, one cybercrime was reported every 10 minutes in India during 2017. These statistics are quite alarming and therefore, merit focused and collective attention from law enforcement agencies (LEAs).   Expansion of cyber ecosystem and its impact The increase in technology convergence has created an extremely complex ICT ecosystem of interdependencies within and among critical sectors. This leads to an increased number of stakeholders and a larger attack surface which can be easily exploited by cyber criminals. There is no silver bullet technology which can identify or predict which element of the system (people, process or technology) is more susceptible to cybercrime, though empirically it is observed that the people are the weakest component of the cyber ecosystem. Inherent anonymity and closed nature of the dark web has turned it into a safe haven for cyber criminals and their wares. The dark web hosts a wide range of illegal online markets of cyber exploit kits, drugs, counterfeit documents, stolen credit cards, bank account credentials, human trafficking, illegal immigration etc. It has thousands of forums which operate in a tightly controlled environment. Crypto-currencies are used for transactions so that these transactions cannot be traced to individuals or organizations. Ransomware continues to be a major threat the world over. In 2017, WannaCry, Petya, NotPetya etc., caused major disruptions in the connected cyber ecosystem of the world. India was also affected. CERT-In confirmed 37 incidents of WannaCry and Petya attacks in India between May and June last year. Petya caused extensive disruption of services in India. One terminal of JNPT (Jawaharlal Nehru Port), Mumbai had to switch over to manual operations due to this attack. India was the worst affected country in Asia and seventh overall, due to Petya attack. Apart from ransomware, another area of significant concern is theft of personal identifiable information (PII) and financial credentials of individuals. In another incident of cybercrime, criminals stole personal data of over 2.74 lakh Indian users of the Ashley Madison website. Hackers, who stole 300GB of personal information of the users, put it up on sale over the dark web. Also, Cryptojacking is another lucrative method adopted by attackers to deploy a malware forcefully and unknowingly into a victim’s computer to use their hardware for generating crypto-currency. It is becoming yet another tool of choice for cyber criminals because it cannot be classically categorized as a crime. Figure 2: Top cybercrimes in 2017 “The advent of Digital India and Smart City initiatives has brought about a paradigm shift in terms of connectivity, services and threats for both urban and rural eco-systems. While greater connectivity promises wider deliverables, it also paves the way for the emergence of new vulnerabilities. Leading companies in energy, telecommunications, finance, transportation and other sectors are targeted by new-age cyber criminals. The ‘Make in India’ initiative has identified 25 core sectors as part of its effort to give a special thrust. While cyber security is not one of the sectors, it could be embedded in certain sectors like defence manufacturing, electronic systems, and IT & BPM. It is crucial for ‘Make-in-India’ to focus on cyber security as well as promote development of indigenous solutions to combat cyber-crime.” – Dilip Chenoy Secretary General, FICCI Figure 3: Rise in cyber crime Cybercrimes in the connected world One reason why cybercrimes are becoming more sophisticated, better orchestrated and increasingly ambitious is because many of the perpetrators operate outside the jurisdiction of the victim’s country. As per industry estimates, 32% of the threat vectors originate from Eastern Europe and Russia, and social engineering is the preferred mode of launch for most perpetrators. A report indicates that there are four distinct groups of cyber-criminals – traditional gangs, state-sponsored attackers, ideological hackers and hackers-for-hire. The report also states that the entrance of new participants has transformed cybercrime from isolated and individualized acts into pervasive, savage practices run by distinct groups of individuals. Outsourcing is also possible for execution of these crimes on the dark web where cybercrime is offered as a service. “Cybercrime is the biggest challenge these days with development and access to technology across the globe. Cyber space is increasingly being used to radicalize young minds” Rajnath Singh Union Home Minister of India Cybercrime-as-a-service not only allows malicious actors to leverage other cybercriminals’ resources to conduct attacks but also provides a cheap and easy option to others who are willing to enter the world of cybercrime at a very low entry cost. Netizens have increasingly become more active in leveraging these services, which is driving a surge in activities like illicit drug sale, trafficking of human beings, terrorism, child pornography and other crimes. Illustrative rates of some of the services offered are given next page. Cybercrime-as-a-service model has led to the emergence of a complex and multi-layered cybercrime economy where overt acts of crime have been replaced by a covert criminal…