Category: International

Recent survey results from Gartner, Inc. reveal that the majority of Internet of Things (IoT) technology adopters in the U.S. are also adopting blockchain and combining it with their IoT networks. “The integration of IoT and blockchain networks is a sweet spot for digital transformation and innovation,” said Avivah Litan, distinguished Vice President at Gartner, “It is actually moving ahead at a much faster pace than expected, according to the survey.” The Gartner IoT Implementation Trends Survey was conducted via an online survey from May through June 2019 with more than 500 respondents from the U.S. Respondents were required to be at manager level or above and should have a primary involvement and responsibility for making decisions in IoT implementation. IoT implementers are big on blockchain Seventy-five percent of IoT technology adopters in the U.S. have already adopted blockchain or are planning to adopt it by the end of 2020. Among the blockchain adopters, 86% are implementing the two technologies together in various projects. “These results are significant and much stronger than we anticipated.They emphasize that although both blockchain and IoT technologies are still in the early stages of adoption, coupled with the fact that blockchain technology is still immature itself, enterprises have started combining them to drive favorable business outcomes,” said Ms. Litan. Increased security, trust and lowering costs cited as top benefits Of the survey respondents who are implementing blockchain technology in conjunction with IoT, nearly two-thirds chose ‘increased security and trust’ as either the primary or secondary driver for implementation. More than half of respondents said the top benefit is an increase in business efficiency and lowering costs. “As enterprises implement IoT projects, many of them focus their efforts on building more security, trust and transparency around the management or movement of physical things, so that they can improve situational awareness and greater efficiencies,” said Ms. Litan, In fact, through 2024, more than 80% of implementers will have to upgrade their combined IoT and blockchain solutions at least once or twice to address technical challenges such as scalability, security and reliability. Blockchain adoption among IoT implementers varies by industry Blockchain adoption is significantly impacting every industry that manages connected IoT ‘things.’ Organizations that are relatively more mature in adopting IoT are also seen to be way ahead in their implementation of blockchain technology. The highest rate of blockchain adoption among IoT implementers is companies in pharmaceuticals, energy, natural resources, utilities and transportation. “These industries all have business models that include the movement of physical goods, so they benefit from links that bridge the physical to the digital world, especially those enabled by a combination of blockchain and IoT technologies,” said Ms. Litan. The lowest rate of adoption in any one industry was reported by respondents in financial services, given that financial services deals primarily with virtual goods and services rather than physical things that are tracked by IoT networks. “In the long term, we expect the combination of IoT and blockchain to enable innovative devices and business models, but the necessary evolution in both blockchain and IoT will take five to 10 years to achieve maturity,” said Ms. Litan.                                                                       

A new report from Juniper Research has found that biometric authentication will be used to secure $2.5 trillion worth of mobile payment transactions by 2024, an increase of almost 1,000% on the $228 billion expected to be transacted through the method by the end of 2019. Generic hardware biometrics driving awareness, not usage The new research, Mobile Payment Authentication & Data Security: Encryption, Tokenisation, Biometrics 2019-2024, shows that the availability of dedicated biometric hardware will not be an obstacle to biometric usage as it will be present on an estimated 90% of smartphones by 2024. However, we expect less than 30% of these phones to be used to authenticate contactless payments, thanks to the presence of contactless cards. The report also shows that the use of facial recognition, whether hardware or software-based, is gaining ground on fingerprint-based payment authentication. Juniper Research believes that because of the ubiquity of smartphone cameras and the ability to utilise software-based biometrics as a service platforms, these will reach a similar level of usage to dedicated hardware biometrics over the next 5 years. Standards to bring biometrics to mobile browsers The report notes that there are several payment standards and protocols coming into force in the future that will increase the use of mobile biometrics. Most particularly, 3D Secure 2.0’s requirement for two-factor authentication will drive merchants to adopt biometrics to make the payment experience smoother across a variety of platforms. “Biometrics has traditionally been used for in-person contactless payments,” remarked Research Author James Moar, “However, with an increase in the need for smooth authentication on all mCommerce channels, we anticipate over 60% of biometrically verified payments will be made remotely by 2024.” However, the report shows this will be mostly confined to Android devices, as iOS does not currently support WebAuthn authentication. Due to this, biometrics’ use for mobile payments on non-iOS devices will grow at double the rate of that of iOS devices.  

Gartner, Inc. has identified the 15 main risk hot spots for legal and compliance leaders spanning the next two years. Gartner, Inc. has published a report identifying risk management hot spots for legal and compliance leaders after interviewing many clients and experts and surveying tens of thousands of respondents across multiple surveys. There are 15 main hot spots, spanning five categories, according to Gartner Inc. “Hot spots reflect current trends in the business and regulatory environment that create or exacerbate the legal, compliance and privacy risks that legal leaders have to manage,” said Stephanie Quaranta, Research Director in the Gartner Legal and Compliance practice. The 15 risk hot spots for legal and compliance leaders span 5 categories. They include: Heightened regulatory, trade and recession uncertainties complicate risk analysis Organizations today are operating in an environment of unprecedented uncertainty. “Regulatory uncertainty, geopolitical volatility, and macroeconomic uncertainty combine to make it more difficult for legal leaders to assess and manage organizational risks at the same time, meaning that fast, proactive responses to emerging risks are becoming more crucial to success,” Ms. Quaranta said. Across all industry segments, at least 60% of respondents reported an increase in the scope of relevant regulatory change in the past three years. The three hot spots include: Trade barriers as a policy tool. Patchwork regulation in key areas. Heighten recession chatter. New technological applications cause clash of efficiency and ethics Organizations are increasingly able to create new capabilities and value through technological advancements using big data and analytics. However, Ms. Quaranta said growth in these technologies continues to outpace clear regulatory and ethical consensus, leaving organizations struggling to balance current value against the potential for crossing an as yet undefined line. The hot spots include: AI implementation without clear guidelines. Employee monitoring reducing trust. Growing consumer demands for data privacy. External change escalates complexity of compliance As organizations have increasingly adapted their business models to rely on the capabilities of third-party partners and contingent workers, the business ecosystem has become more complex. “Given that more than four-fifths (83%) of the organizations we surveyed are employing an external workforce, it is important for most legal leaders to manage the associated risks,” Ms. Quaranta said. The hot spots include: Shifting classifications for gig workers. Increased complexity of nth-party ecosystem. Unpredictable foreign corrupt practices act (FCPA) enforcement patterns. Rising social consciousness leads to new stakeholder demands Almost nine in 10 (87%) of the employees Gartner surveyed said they expect companies to take a public position on social issues relevant to the business. But this is difficult, and the consequences of getting it wrong are steep as stakeholders, from employees to investors, feel more empowered to demand change. The hot spots include: Rising employee activism at work. ESG at a corporate expectation. Advances in data processing heighten risk to businesses and consumers As both regulators and customers increase their attention on how organizations combine, analyze and otherwise use information, data processing is on pace to surpass data collection as the primary source of privacy risk for organizations. Interest in data lakes among senior executives is growing rapidly, having risen almost fourfold in the past six months, judging from Gartner analysts’ call volumes. This is pressuring legal leaders to manage associated privacy risks. The hot spots include: Increasing use of biometrics as identifiers. Rising threat of de-anonymization. Emergence of data lakes. Expanding definition of personal data. “At a time when businesses are already facing so much uncertainty, and when resources for legal, compliance and privacy functions are already stretched thinly, these risk hot spots add an additional layer of complexity for legal leaders to manage,” said Quaranta.  

nCipher Security, an Entrust Datacard company and provider of trust, integrity and control for business-critical information and applications, announces that its nShield® XC hardware security modules (HSMs) have received Common Criteria EAL4+ certification. This certification confirms that nShield HSMs meet the requirements of the European Union’s electronic identification, authentication and trust services (eIDAS) regulation. “Our company has long championed best practices and industry standards, and this level of security certification demonstrates our commitment to achieving the highest standards and compliance requirements,” says Peter Galvin, Vice President Strategy, nCipher Security, “Common Criteria EAL4+ certification is based on independent review of the nShield XC HSM and its security properties, which is a powerful tool for building trust and confidence for nCipher customers. By meeting this standard, government agencies and private sector enterprises deploying nCipher HSMs can be assured they are implementing the most secure solutions available.” With this Common Criteria certification, service providers who issue digital certificates, time stamps, or digital signatures can use nShield HSMs as a part of eIDAS compliant solutions. eIDAS compliance is required in the European Union, and has been adopted by many other countries around the world for government-to-government and government-to-citizen services, provision of public services and website certificates, and regulated markets such as banking, financial services and healthcare. eIDAS can be used for any cross-border services such as car rental, or whenever a business wants to ensure the legal validity of an electronic signature.                                                                                

ONVIF®, the leading global standardization initiative for IP-based physical security products, will be at Intersec 2020 during January 19-21 in Dubai, together with participating member companies to demonstrate interoperability between products using ONVIF profiles. At booth #SA-L17, attendees will be able to see demonstrations of interoperability between different manufacturers’ products using various ONVIF profiles. ONVIF executives are also participating in a number of presentations describing the standardized approach to security as part of the Intersec Future Security Summit 2020 to be held in the Al Multaqua Ballroom, Dubai International Convention and Exhibition Center, in conjunction with the exhibition. Per Björkdahl, Chairman of the ONVIF Steering Committee, will participate in a panel discussion titled ‘Enterprise Security: Challenges for New Age Security Managers,’ on Monday, January 20 at Intersec Arena. This discussion will focus on developing, implementing and maintaining resilient programs in complex operating environments, and will also touch upon the need for flexible, simple and modular integrated systems. Also participating in the panel will be Joule Sullivan, Director of International Security Operations for Abbott and David K. Young, Chief Executive Officer for Oxford Analytica. “Interoperability between disparate devices and systems will continue to fuel innovation and provide valuable intelligence for sophisticated, enterprise environments,” Björkdahl said, “ONVIF is focused on continuing to provide new and innovative interoperability solutions to the industry to help it advance.” Also on January 20, Stuart Rawling, head of segment marketing at Pelco and ONVIF Steering Committee member, will present on the topic, ‘Converging systems into one operational interface to improve the security, intelligence and oversight of shopping malls and retail parks.’ Attendees will learn how using a standardized interface for security systems will mitigate risk, provide scalability and aid in capitalizing on business opportunities.  

Tenable® research team has discovered seven severe vulnerabilities in Amazon- owned Blink XT2 security camera systems. If exploited, the vulnerabilities could give attackers full control of an affected device, allowing them to remotely view camera footage, listen to audio output and hijack the device for use in a botnet to perform, for example, distributed denial of service (DDoS) attacks, steal data or send spam. According to Strategy Analytics, over 50 million smart home cameras were sold in 2018. However, these devices are also a potential gateway for bad actors to gain access to personal information and home networks. If exploited, the flaws in Blink XT2 allow an attacker to obtain sensitive information about the owner’s account, enabling them to view stored photographs and videos, add or remove devices from the account or block camera communications entirely. “Connected devices, like Blink cameras, are everywhere. Precisely for that reason, cybercriminals are focused on compromising them,” said Renaud Deraison, Co-Founder and Chief Technology Officer, Tenable, “Manufacturers of IoT devices have an opportunity and an obligation to ensure that effective security is baked into the overall design from the start and not bolted on as an afterthought. This is especially critical when the device in question is a security camera. We thank Amazon for collaborating with us in this disclosure to ensure patches were released in a timely manner. Tenable Research continues to identify and disclose vulnerabilities across enterprise and consumer technology to keep everyone more secure.” As the attack surface expands with the adoption of connected devices, including IoT and operational technology (OT), foundational cybersecurity is paramount. Tenable is leading the charge by building the largest vulnerability intelligence knowledge base in the industry and one of the largest security research teams, which has surpassed its 100th zero-day discovery in 2019. Its extensive vulnerability research and expertise spans beyond traditional IT and includes everything from critical infrastructure to enterprise applications. Tenable works alongside vendors and the entire security community to identify, disclose and patch vulnerable technology to keep organizations and their customers more secure. Amazon has released patches for the vulnerabilities and users are urged to confirm their device is updated to firmware version 2.13.11 or later.                                                                            

The alarm manufacturer Texecom has chosen Tavcom Training, part of Linx International Group, to assist in providing professional training for installers. Through the Texecom Academy online portal, installers have the opportunity to gain a BTEC Level 3 intruder alarms qualification developed in conjunction with Tavcom Training. Wayne Foster, Technical Services Manager at Texecom stated, “Texecom Academy benefits our installers by giving them the skills and expertise to ensure the installation and maintenance of every Texecom system is done efficiently and to the highest possible standard. It also provides end users with the peace of mind that the work is being carried out by an installer with a recognised accredited qualification.” Andrew Saywell, Head of Sales at Tavcom Training added, “We are excited to be working with Texecom to deliver our BTEC Level 3 Intruder and Hold Up Alarms course. Expert knowledge helps installers to stand out from the competition and provides their customers with the best service. We have worked very closely with Texecom to ensure the training syllabus perfectly matching the real world needs of the professionals who design, install, commission and service these systems.” Wayne Foster continued, “Our expert teams are always on hand to offer support, but we also believe in empowering our installers with the knowledge they need to address any issues themselves. It is better for them, better for the end customer  and better for us.” As a result, Texecom and Tavcom will also be providing ‘bite size’ training modules via their online portal. The modules are based on the top 20 technical support call topics identified by Texecom. The first of these modules, entitled ‘Detection Devices,’ will be offered free of charge to Texecom installers. Wayne Foster concluded, “We are committed to producing the highest quality products and ensuring our installation partners and end users receive the very best service.”

Global security technology manufacturer, Gallagher, and the international service-based system integrator, Convergint Technologies, have announced a partnership that will see them work closely together, particularly across Asia and the United States. With this partnership, Convergint Technologies joins Gallagher’s exclusive network of certified channel partners who deliver innovative security solutions across the globe. “Working with  Convergint  Technologies  presents an exciting opportunity for us to extend our network across the United States and Asia,” said Mark Junge, Global General Manager – Security, at Gallagher. Both Gallagher and Convergint Technologies share significant strength in delivering innovative solutions to the education, healthcare and government sectors. The two companies excel in the high-security space, protecting some of the world’s most high-consequence critical assets. Gallagher’s strong array of innovative technology demonstrates a deep focus on all aspects of security, including cyber,” said Tony Varco, Vice President of Security & Marketing for Convergint Technologies, “Additionally, Convergint and Gallagher have a strong cultural alignment and similar values, making us natural partners. We look forward to working together with the Gallagher team to create solutions that protect our customers.” Both award-winning companies, Convergint was recently announced the Number One Systems Integrator  by SDM Magazine, for the second year in a row. “Convergint Technologies have an outstanding reputation in the industry,” said Junge, “Our business is expanding rapidly, and we are really pleased to have formed a strong relationship with them. Together, we know we will do great things to protect people and places around the world.”