SIA 2019 Security Megatrends 1 & 2 – What You Need to Know

The next set of blog posts will explore the SIA’s forecasted 2019 Security Megatrends in order of importance. We are going to dive into Megatrends #1 and #2 in our first post.

Megatrend 1: 8 Smart Ways to Integrate Physical and Cybersecurity
Cybersecurity’s impact on physical security moved from the number two spot in 2018 to claim the number one security concern in the new year. This year will continue the escalating arms race between security professionals and cybersecurity criminals.

Several newer cybersecurity threats are forecast to dominate the landscape. According to “The Cybersecurity Imperative” produced by ESI ThoughtLab and WSJ Pro Cybersecurity in partnership with the SIA and other organizations, AI, the IoT and blockchain technologies, in conjunction with the proliferation of open platforms, will be the largest risk factors in cybersecurity. This comprehensive report also foresees most risks coming through electronic interactions with partners, customers, vendors and supply chains as businesses become more interconnected.

How do you secure both your physical and cyber assets against these growing threats? The following provides 8 ways to best integrate physical and cybersecurity:

  1. Nix default passwords in your software and equipment: This is one of the top ways for hackers to install malware, phish for information or deploy ransomware, all potentially devastating ways to access your network.
  2. Test and test some more: Software, hardware and other products, whether they be IoT or another, benefit from a thorough testing period. Ideally, you should test multiple times and have a third party test them as well.
  3. Know your risks: Use a monitoring program that tracks and reports vulnerabilities, or hire a security company to help you with this important task. Then prioritize the list and devise a plan for addressing all risks.
  4. Dive into your software and firmware: Are your updates up to date? Do you know who’s using your software and firmware? Run regular reports to catch any vulnerabilities and only grant access to authorized users.
  5. Designate a central command: Create a security resource center for your customers and security integrators to keep everyone on the same page. Where there are communication gaps, seek to fill them. Silos can breed security breaches.
  6. Educate, educate, educate: Ensure that your security training program is up to speed and that all employees receive ample and ongoing training.
  7. Start early with cybersecurity: Build cybersecurity into every product development cycle. When you integrate it early, you can find holes.
  8. Repeat: Cybersecurity risks aren’t going away. As they get stronger, your security needs to be strengthened too. Stay ahead of the curve. Keep learning, tweaking and improving.

These steps go a long way towards securing both physical and cyber spaces.

Megatrend 2: Top Challenges and Opportunities as the IoT and Big Data Converge
Big data is big business. A recent Accenture study showed that 79% of enterprise executives believe that companies that do not embrace big data will lose their competitive positions and even face extinction. On the flip side, 83% are embracing big data to gain a competitive edge.

Data continues to mount as more and more devices join this data collection party. From drones to robotics, to SaaS to the IoT, connected devices and platforms are generating data at an alarming speed, which makes it difficult to properly protect. When it comes to crucial information like healthcare, financial or other sensitive information, security becomes the ultimate challenge. How do we keep this data safe as the Iot and big data converge so that we can use both to benefit our businesses as well as our lives?

Let’s break down the challenges and opportunities:

Challenge: By 2020, Statista predicts that there will be between 6.6 and 30 billion IoT connected devices. With more data comes the need for more ways to communicate that data to the end user and responding authorities efficiently and securely.
Opportunity: Analytics and AI to the rescue. With these superpowers, it’s infinitely easier to parse and digest big data. As more devices collect information, these newer technologies can help enterprises put the information to work. On the security front, this equates to faster response times for security system users and the responding authorities.

Challenge: The IoT and other smart platforms provide an easy way in for potential hackers to breach the physical-cyber security connection. Any connected devices are at great risk, and open connections make them even more vulnerable.
Opportunity: If set early, the enabling data analytics function yields safer and more productive data generation. For instance, certain types of dashboarding and IoT enablement facilitate this. With better built in protection, these devices can counteract various threats.

2019 promises to be a year of big changes for as IoT and big data converge. The companies that seize these trends and the opportunities that go with them will be the ones that come out ahead.

Emerging Security Technologies and How to Keep Staff Up-to-Date In An Ever-Changing World

Staying on top of new technologies can be a full time commitment—one that’s often easier to relegate to a future time. While in the short run it may be more efficient to push these efforts to a later date, the effects of not being in the know will affect your organization’s long term safety, especially when it comes to security technology.

In the security technology arena, the forces of good and evil continue to play a dangerous game where each tries to stay a step ahead. Fortunately, “white hat” security professionals are gaining the upper hand with new strategies.

Here are four emerging security technologies to keep on your radar:

1. Authentication is Baked into Hardware

This is not a new concept, but it will be adopted on a larger scale in the coming quarters. The three components of authentication include “what a user knows” (usually a password), “who they are” (usually a username) and “what they have” (usually a token). By making the “what they have” piece the device itself, then your laptop, desktop and mobile device, outfitted with an Intel chip, will have “baked in authentication.” As we increasingly incorporate the IoT into our offices as well, these devices will also be able to authenticate from their hardware.

2. Advanced Analytics Step up Security

Since information security professionals see user behavior as one of their most vexing and hard-to-spot concerns, they are staying ahead of would-be hackers with user and entity behavior analytics (UEBA), which identify anomalous online behavior patterns. User behavior analytics (UBA) detect if someone’s username and password have been stolen by comparing past to present online behavior. They can also compare behavior with others in a similar position, like a comparably titled manager or someone in the same department. This is called “peer analysis.” Deep learning algorithms in AI or machine learning also discover other irregular behavior patterns that adversely affect the organization. For instance, the software examines “entities” like a data center, rather than users.

3. The Cloud Gets Bigger and Stronger

The cloud is becoming bigger and has earned a reputation for tighter security. As more traditionally on-premise functions migrate to the cloud, virtualized security hardware, virtualized firewalls and virtualized intrusion detection and prevention systems will move as well.

4. Smarter Breach Prevention Develops

Encryption and tokenization are emerging as powerful ways to combat possible data breaches, even down to the field and subfield levels. These tools prevent data monetization, enable secure movement of data within an organization and ensure compliance with protect payment card information (PCI), personally identifiable information (PII) and protected health information (PHI).

How to Keep Your Staff Up to Date?

With these and other technologies creating an ever-evolving learning curve, the following steps can streamline your education process. By devoting a little time consistently to learning and mastering the technology, you can stay on top. Try this strategy:

1. Map Out Your Needs

Start by clearly identifying your needs, whether they’re effective communications, streamlined production tools, or others. List the items that accomplish these goals—hardware like phones, laptops, and the computer network. Then list how you use these items—like the need for weekly meetings or even better access to a spreadsheet.

2. Take Inventory

What’s working right now and what’s not? Are your software systems in sync? Do you have the latest updates? Do a little research online through resources like TechRadar and CNET and take advantage of available training sessions to stay up to date.

3. Prioritize

Decide which technology gives you the best return on your investment.

4. Dedicate Time for the Technology

If you set a regular time to tackle the technology, you can better manage what can seem like an overwhelming amount of work. Keep up to speed with news sources like Flipboard’s technology category and keep an eye on those starting the new technologies, like VCs, incubators and startups. Whether you have someone dedicated to this or you do this on your own, make sure to check in regularly to break it down into manageable actions.

Following these simple steps and making technology a weekly priority will help keep a your security in check. We’re a deep resource too, so please check our website for new and emerging security technology, and consider attending any upcoming events that make sense for your organization. Time spent keeping up with technology is time well spent, period.

Leveraging Smart Data for Security

Leveraging Smart Data for Security

A Closer Look at 2018 Security Trends: How do we leverage smart data for our security?

In the last 60 seconds, our worldwide community sent 156 million emails, ran 3.8 million Google searches and uploaded 400 hours of video onto YouTube. This glut of data hijacks serious storage space and poses some pretty serious security concerns.

 

The good news? It’s getting easier to make sense of it all, with technology that interprets and even acts on the information. Add in the ever-expanding web of social media, and we’ve closed the loop with real-time alerts and security measures.

 

Our last post covered securing the IoT and our connected world. Now that we’re well connected with a continuous feedback loop from the IoT, how do we use this information to keep us secure? We’ll delve into the next two trends here.

 

Trend 3:  We’re Making Swifter Sense of Smart Data

The data we generate is astounding. By the year 2020, each person will create 1.7 megabytes of new information every second, but that’s only the data that we initiate. Sensors, medical records, corporate databases and other sources contribute to this data overload.

 

Currently, less than 0.5% of the data is being analyzed and used to help manage important tasks like creating better traffic flow, eradicating medical epidemics or even trading stocks. By adding AI to the equation, we can process the unfathomable volume and turn it into usable, actionable information. What’s more, this information translates into higher sales. According to Forbes, an average Fortune 1000 company that harnesses just ten percent more of their data will reap $65 million more in net income.

 

Smart Data Security Best Practices:  How Can Providers Help?

Security professionals must create plans for how they’ll use smart data and big data to keep us safer, and how they’ll secure it in the process. To accomplish this, they must direct sensor-driven data towards proactive protective actions and ensure that cyber controls are in place. The data needs to ferret out weaknesses in the premises and employ predictive analysis algorithms in real-time. Since time is of the essence, technology like video analytics, AI and AR (Augmented Reality) will be useful tools.

 

Trend 4:  Social Media Aids Security

By virtue of its instantaneous, wide-reaching powers, social media is highly effective in alerting large members of the population to an immediate threat. When community service members or citizens need to let other citizens know about an active shooter, a natural disaster, criminal activity or any other community threat, both can broadcast these issues in real time. Universities nationwide have used their Twitter pages as one of their crisis management vehicles. In fact, Virginia Tech used Twitter and Facebook during the 2011 shooting to warn people to take cover. The news broke on social media before the media outlets even picked it up.

 

In response to an event like this, Facebook instituted a Safety Check tool so its two billion users can let their friends and family know that they’re okay in the event of an emergency. Called a crisis hub, this resource consolidates information about an unfolding disaster, so people can see what’s happening (even via live video) and coordinate help quickly.

 

Social Media Security Best Practices:  How Can Providers Help?

In the near future, we’ll see stronger social media-security collaborations for more granular targeting. The IoT will play a critical role here. For instance, a video management system (VMS) detecting a car driving the wrong way can automatically alert area residents via the social media hubs. Providers can harness this exponential power to help save lives.

 

For our next two trends, we’ll discuss the reality of going mobile and the cloud’s continual growth. As security continues to evolve, IST continues to lead the charge. For more information on how IST can help you explore the next big things in security, contact us here.

 

IoT Security Best Practices

IoT Security Best Practices

A Closer Look at 2018 Security Trends: How Will Providers Secure the IoT and Our Increasingly Connected World?

With Amazon Alexa on your nightstand, your Nest thermostat watching your energy consumption and your Samsung “fridge of the future” letting you know when you’re low on ketchup, you’re likely interacting with an ever-growing collection of devices and receiving their analytics in real time.

Our last post covered the ten largest trends transforming the security market today. We’ll delve into the first two here; they are perhaps the easiest to observe since the Internet of Things (IoT) is exploding with unprecedented growth. 

Trend 1:  The IoT is Taking Over

It’s true—we’re fully in IoT age. Gartner Inc. projects that the planet will contain 20.4 billion connected devices by 2020. Out of 20.4 billion, 12.9 billion would be consumer-related and 7.5 billion would be from businesses, up from an 8.4 billion total in 2017. While consumer devices eclipse enterprise devices by their sheer number, businesses used 3.1 billion connected “things” in 2017 and clocked in at the majority, 57 percent of spending for IoT in 2017.

Whether for business or not, each and every connected device or appliance is at risk for security breaches.

Internet of Things Security Best Practices:  How Can Providers Secure the IoT?

Both vertical and cross-industry IoT uses abound. While process sensors for electric generating plants and real-time location devices for healthcare lead the IoT’s growth, cross-industry uses that cut across silos are forecasted to outpace these in the next year.

These crossovers include items like LED lighting and physical security systems that can be applied virtually anywhere. For 2020, it’s projected that vertical industry-specific devices will number 3.2 billion units and cross-industry will be 4.4 billion.

By 2018, IDC Research predicts that 66% of these networked entities will suffer a security mishap. That’s where security providers come in. Using predictive modeling and situational awareness to stay ahead of hackers, they can help keep this IoT running smoothly. In the coming year, their current focus on client data will shift to client safety, industrial industry operations and national infrastructure, as these sectors become more vulnerable.

Trend 2:  Everything Will Be Connected

As everything we rely on becomes connected, security becomes one more piece of the connectivity puzzle. Consumers will expect a seamless service, along with convenience and easy integration with other systems. What began as finite security systems now encompasses a much wider range of solutions:  video, smart sensors, water detection, automating devices and even energy-managing devices.

Businesses salivate at this connectivity and corresponding built-in security because they see the greater ROI payoff in energy and lighting savings, among others. 

Internet of Things Security Best Practices:  How Can Providers Secure Everything?

As the new smart home sensors reach an unimaginable 4.5 billion by 2022, the building and managing of homes will undergo unfathomable changes, starting in 2018. Looking just a few years ahead, almost every IoT device we own will have a sensor and will feature voice control, AI and analytics. These devices will tie into home security, manage water and energy use, automate regular functions, and provide remote access. The Security Industry Association (SIA) even speculated that Amazon Alexa and Google Home would offer security systems soon.

Both traditional and new security providers are shifting to service the market with DIY or self-install equipment. Security providers must offer services specifically designed for these connected systems and follow with excellent customer service since consumers are used to seamless functionality.

One boon to providers is that many of these services can be performed remotely, saving them site visits and their corresponding costs. On the business front, the security providers that can provide these new services to enterprises will reap tremendous benefits as they seek to save their clients money and time as well.

Our next two trends touch on Big Data. We’ll explore how we’re digesting it better and faster and how we disseminate it in real time harnessing the power of social media. The pace of change is fast, but IST is on top of it. For more information on how IST can help you leverage these exciting trends, contact us here.