CTO, Virtually Informed and Founder, Unified Security (respectively)

January 28, 2022

Sign up to free email newsletters

Download

Whitepaper: Multi-residential access management – The move to digital

Converged security centres

The value of converged security centres in pandemic risk management

James Willison, Founder, Unified Security Ltd and Sarb Sembhi, CISO Virtually Informed, discuss the value converged security centres can bring to security and facilities teams to health and safety practices – never better showcased than during the current COVID pandemic.

As we all continue to live with the complex nature of pandemic risk management and ask if technology can make a difference, the place of converged security centres should be carefully considered. As we build up to the return of IFSEC and its Converged Security Centre showpiece in May, it is worth considering what can be achieved with a blend of technological solutions in one location working together to identify and respond to a wide range of physical and cyber security risks.

ConvergedSecurity-AlekseyFuntap-AlamyStock

Unified Security Ltd is delighted to be working with IFSEC, Advancis and Kaseware in developing the IFSEC 2022 Converged Security Centre. It is our conviction that we can demonstrate how organisations can better prepare for future pandemics and continue to respond to the current one by more effectively integrating technologies and their capabilities and enabling security teams to help isolate the disease and prevent its spread.

This can be achieved using CCTV, access control and building management systems, including air quality controls. It is the harmonisation of these systems in real time which will achieve the resilience that many leaders are now looking for. With the fact that these systems are increasingly connected to the internet, the need for them to be protected from cyber-attack is increasingly recognised by many organisations.

Richard McClellan – Commercial Director at Advancis UK comments: “We are delighted to be part of the Converged Security Centre for IFSEC 2022. With WinGuard, our Open PSIM platform, we will be showcasing how the latest physical & cyber security technologies can converge to provide a control centre with more meaningful information, enabling operators to make more informed decisions, increasing situational awareness, security and the safety of people and assets.”

Dorian Deligeorges: CEO Kaseware, also a part of this year’s feature, adds: “Kaseware is honored to be part of the Converged Security Centre and we look forward to exhibiting the power and field-tested value of the product alongside our partners at the IFSEC event. As a premiere data management and data analytics platform, convergence is at the heart of our offering because the benefit that our solution provides to customers around the world is greatest when the amount and type of data it helps manage and analyse, is from multiple and disparate sources.”

A recognised security challenge

For example, the House of Lords report on Preparing for Extreme Risks, published in December 2021, found:

“the pandemic has exposed the UK’s risk management system as deficient and too inflexible to provide the protection our nation needs…A reliance on electricity and the internet and the increasing complexity and interdependence of the networks underpinning daily life have left us vulnerable to cascading failures which could proliferate rapidly and cause widespread devastation.

It recommended:

The Government’s risk management system should change from attempting to forecast and mitigate discrete risks, towards a more holistic system of preparedness.”

Unified Security submitted written evidence to this report, which included the recommendation that organisations converge their security teams following the US Government’s advice that this will more effectively manage cyber-physical risks – also known as IoT risks. We wrote:

“The practical outcome of a converged security approach will be the building of CONVERGED SECURITY CENTRES. These have been showcased at the ExCeL Centre in the leading security exhibition, IFSEC International, since 2018. Here, a real time response to all security risks can be achieved using cyber and physical monitoring provided by advanced physical and digital systems integrating on one platform, so that a physical security officer can suspend a remote VPN connection after checking if the authorised person is on site. The array of cyber-physical security capabilities enabled by these technologies has developed in the last three years, but is only deployed in advanced IT companies such as Microsoft and a few leading global companies.

Some private companies will plan to develop existing network operations centres, while others will build new ones, but how many include technologies to monitor physical security, building management systems or IoT devices and systems? As the US Government’s CISA document on Cybersecurity and Physical Security Convergence indicates, these are increasing threats.

The system owner must ensure that these systems are protected. This might be the head of IT or physical security who should ensure real time monitoring of their CCTV and access control systems. The facilities management professional also needs to collaborate with cyber security specialists to help them assess risks to the Building management systems.

 

The Converged Security Centre returns for IFSEC International 2022!

The IFSEC team is looking forward to welcoming you to the Converged Security Centre at IFSEC 2022 from May 17–19, where partners will be showcasing all these technologies and listening to the perspectives of senior physical and cyber security leaders in an educational theatre. Visitors can ask questions and understand how to better protect your organisation and people from online and physical attacks with the help of the people and technology in the theatre. It is a unique opportunity for everyone to learn how to do security risk management better.

IFSEC will be welcoming Advancis as the new Converged Security Centre partner, with the team on hand to showcase its own solutions and collaborations in the field of cyber-physical risk and threat management.

Similarly, when an organisation plans to build or develop an existing Physical Security Operations Centre, will these include cyber solutions to manage the cyber risk to their physical security systems?

The clear benefits by acting on these considerations would be a faster response to a compromise, a common view of these risks in real time and the ability to end unauthorised activity on site and remote online attacks.

Allan Dickinson, Technical Director Advancis UK, adds: “Expectation from control centres in the way they wish to operate and protect their physical assets has changed over the last 10 years. Technology businesses such as ourselves have had to adapt our offering to include the latest integrations with IoT, building management and big-data based sources alongside AI, data mining and reporting based tools.

“Of course, this converged technology needs to be protected from the ever-developing cyber threat, creating a product that uses high-level end to end encryption for data both in transit and at rest but, also something that works alongside integration with cyber protection/management tools has never been more important. At Advancis we strive to ensure this is at the heart of our products.

“WinGuard provides our users with the ability to view the data in a clear and concise manner and provides the tools to deal with both the physical & cyber threat quickly, in a very simple manner ensuring simple operations and compliance to all the required standards.”

If all of the above is the current state of security risk management in the UK as it would appear from the House of Lord’s report, then it really is no surprise that our Government and businesses continue to struggle to manage pandemic risk. It is not the norm for enterprises to bring all their security solutions together in one centre to understand all the main security risks they face. Hence if people are working from home, as so many are or have done, then ensuring the home network is secure is difficult. Unless there is a link between the physical location to identify in real time that a person is authenticated on the network, there can be no certainty they truly are.

Why is a converged security centre approach beneficial to pandemic management?

So, how can converged security centres help?

Corona-Securityresilience-20The teams which will need to be converged can collaborate to analyse the range of risks which flow into the centre from CCTV, Access control, BMS alerts, Cyber incidents, social media reports, and open source intelligence. The single platform aggregates these such that when there is any commonality a significant threat to the organisation is identified and the team is presented with the company policies that need to be followed. Put simply, an integrated solution gives the capability to security and risk professionals to better understand the overall risk, which a siloed piece of date would not provide.

Take the example of a criminal who has hidden themselves on the internet being exposed by one piece of evidence which is flagged as suspicious, which then links them to a stolen credit card and several other data points. If the same card has been used to purchase illicit drugs and the location where these have been picked up at the port is surveilled by the CCTV system, the container can be identified and tracked, and a trail can be followed. As the journey continues and the seller begins communicating with the buyer, the police tracking the delivery simply need to decide when to intervene. All this can be done more effectively and efficiently in a Converged Security Centre.

Brad Brekke, EVP Kaseware, and Former Chief Security Officer for Target Corporation adds: “As criminals become more sophisticated and use new technologies to gain an illicit advantage, those of us who are playing defence must be both vigilant and adept at uncovering these constantly evolving types of activities. The Kaseware platform uses the most sophisticated software tools to provide the ability to ingest and analyse multiple types of data. In doing so we enable our front lines to filter and reveal hidden links and connections, quickly alerting investigators and analysts to trends and patterns. This insight is critical as we protect our people and assets, ultimately disrupting fraudulent activity and reducing losses to our organisations.”

While this provides a useful police use-case, the increased capability afforded by these converged centres can also be used in many different environments, such as healthcare facilities to ensure that patients with infectious disease are kept securely isolated. This is because a range of solutions – from CCTV and access control, to BMS and HVAC – can be monitored on one platform. If an area or room is identified as needing to be isolated for quarantine, then this can be done with a trail of who has accessed the area to be followed up for any testing procedures. The same platform can alert an operator to maintenance issues, including when medical equipment is due for sterilising and its precise location for quicker access.

In conclusion, there are many benefits for monitoring a complex range of risks in one location, not least is the speed at which the data can be analysed and prioritised so that the security team can respond quickly to combined cyber-physical threats. The importance of being able to track incidents in real time means that some crimes can be prevented before they happen. The ability to follow the criminal and understand the intelligence from a variety of sources gives the organisation the upper hand in fraud prevention, with the ability to use live CCTV streams with social media reports, credit card location information, door access feeds and other data sets on one platform to identify and respond to attacks.

This is an important impact of pandemic risk as the economic risk is difficult to reduce. The capability of disease control in a converged security centre is significant, as people who are at risk can be protected and others can be identified and advised to self-isolate.

Keep up with the wireless access control market

Download this free report to find out more about:

  • The current state of wireless access control solutions in the market
  • The rising popularity of mobile access control
  • Awareness of cyber security regulations and how this relates to access control
  • The growing use of the cloud and ACaaS to manage access systems
  • How your choice of access control solution can impact sustainability
WirelessAccessControlReport-23-Featured-23

Related Topics

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments