James Willison

Founder of Unified Security Ltd and Co-Vice Chair Smart Buildings Group, IoTSF., Unified Security Ltd

Author Bio ▼

James Willison BA MA MSyI is Founder of Unified Security Ltd and Co-Vice Chair Smart Buildings Group, IoTSF. James was awarded the Imbert Prize for an ‘outstanding contribution to the Security Industry in 2011’ for his work on convergence with ASIS Europe and the Information Security Awareness Forum. He has more than 20 years of management experience in the physical and information security industry, including posts as Advisor on Convergence to: AXIS Communications, the Mitie TSM Board and Perpetuity Research; Senior lecturer in Security Management at Loughborough University, Advisor to IFSEC 2018 Converged Security Centre and Digital Security Expert with the European Union. He is an ISACA Academic Advocate and member of the Security Institute. James is a member of the working stream in the ASIS International Board ESRM initiative, on the working group for the draft ASIS/ISC(2)/ISACA Security Awareness Standard and Vice-chair Smart Buildings working group, Internet of Things Security Foundation.
December 11, 2019

Sign up to free email newsletters

Download

Working with the insider threat

The growing significance of converged security

Converged Security-19

Image from the BBC’s, The Capture

James Willison MA Founder, Unified Security, and Sarb Sembhi CISM, CTO & CISO, Virtually Informed, offer a closer look into why converged security will continue to be a major theme in 2020.

IFSEC International welcomes back the Converged Security Centre in 2020. What is the reason? Well, there continues to be an increasing concern amongst end users of CCTV and access control systems that their physical security devices and systems could cause major problems for the IT network, and they need reassurances that this will not be the case.

The last thing anyone wants is an email from HR highlighting an investigation that identified a GDPR breach had occurred and it was your systems that were used to install malware on the IT network, which in turn led to an invoice being paid by the Finance Director to a cyber fraudster. Whilst such incidents may be rare, it is crucial to be able to identify unusual network behaviour on your CCTV or access control systems.

 

A centralised solution

Since this is a growing concern, it highlights the need for businesses to adopt a converged security centre solution. A central platform brings all your physical security systems together in one place, from any location in your organisation, so that you can see what is happening at all times. It also brings in cyber security feeds and monitoring solutions, including social media.

Security operators can therefore identify whether hackers are in the building, or it is an online attack, in the event of a network disruption. For example, if an employee badges in and the camera indicates that a different person is logging into the network from outside on their PC or even inside, then further access to the network can be quickly denied. If the camera itself has been hacked – an ever more commonplace occurrence, as the BBC’s The Capture programme has portrayed – then this too can be identified. Again, this was emphasised in the show, when the timing of the recording is changed so that the viewer doesn’t see what is happening in real time.

“Six million CCTV cameras in the UK. Almost all of them are online. And if they’re online…They can be hacked.”*

Joining up the dots means that policies in the centre’s software can isolate devices which are acting in unexpected ways. Even those CCTV cameras which have a mature cyber security solution to protect them can be subject to attack, which the centre will detect and send an alert to the security team that it is being controlled by a rogue actor. As an example, the scenario might involve a criminal gang that has gained access to the camera to change its direction, enabling an accomplice to enter the building unnoticed to commit theft.

Whilst we applaud new legislation that ensures CCTV systems are better protected by changing passwords or updating firmware, this doesn’t mean they cannot be controlled by an attacker. It is still crucial to bring all your systems to one place to, offer a more clear and defined overall picture.

 

Proven platform

We were delighted that Vidsys was awarded Security Software Manufacturer of the Year at the IFSEC Security and Fire Excellence Awards in November. The Vidsys solution allows any physical security system and device to be brought to one platform, with no necessity to install additional software across other locations.

It also works with the most advanced Security Information and Event Management (SIEM) solutions,. This means that a cyber attack can be seen on physical systems and bring in any physical device, such as a CCTV or an access control point, to contain the threat and respond accordingly, in line with company policies. At the same time, it monitors attacks in near real time on the IT network. Fraudulent behaviour can therefore be quickly identified and a suspicious insider attack can be stopped before it escalates into a serious, large-scale incident. Fraud remains the most commonly experienced crime in the UK, with an estimated overall cost of £190 billion (cited in NCA 2019 National Strategic Assessment of Serious and Organised Crime).

When you join up physical and logical access monitoring, it provides the security team with a better chance of following a single audit trail and locking out staff while their access rights are checked. While they may be genuine and simply need access updated, if the camera shows a different face to the ID badge being used to log into the payroll system then action can be taken. Since some fraudulent activities can take about two years before they are identified in other ways, using this kind of converged physical logical monitoring is of significant value. Crucially, the Centre not only enables this kind of near real time risk management, but it also produces reports on the data.

Vidsys’ additional integrations with highly sophisticated and advanced Artificial Intelligence is used to make sense of all the cyber physical data and send alerts, in line with company policies and the latest legislation. As it does so, it means the Vidsys solution can produce reports which can be used to verify the action taken, should this be required, by an investigation and possible legal proceedings. As more and more GDPR and NIS Directive fines are issued, the need to monitor and respond effectively is only set to increase in 2020.

Clearly then, it is vital that organisations consider how to evidence their prevention solutions and responses, given the increasing occurrence of legislative fines in the sector – and a converged security centre could well provide the answer.

*Quote courtesy of the BBC’s, The Capture – September 2019 : Episode 4: 25:00

The Seagate Surveillance Storage Survey Report 2018

IFSEC Global Exclusive: The State of Surveillance Storage

Download this eBook to begin navigating the fast-changing surveillance and security landscape, from the growing quantity of data to new innovations like Artificial Intelligence and machine learning.

Identify the challenges, and discover exactly what storage solutions need to offer to meet the evolving needs of security industry professionals, installers and integrators.

Related Topics

Leave a Reply

avatar
  Subscribe  
Notify of