• Covid-19 – click here for the latest updates from Forum Events & Media Group Ltd

Posts Tagged :

Research

Global study shines security spotlight on hybrid working

960 640 Stuart O'Brien

96% of business leaders and 93% of employees agree that it is important for their company to have a system in place that logs and tracks visitors who enter and exit the building when employees work in the office.

That’s according to a new study Securing the New Hybrid Workplace, undertaken by Entrust, to gauge the mood within business as a rise in variants spurs new uncertainties around the COVID-19 pandemic, with many developing a long-term plan and work model, whether in-person, remote or hybrid, that meets the needs of employees and the business.

Entrust surveyed 1,500 business leaders and 1,500 general employees from 10 countries to better understand how workers from the manager level to the C-suite are preparing for a new hybrid workplace. Key findings include:

  • Hybrid is here to stay, but security concerns are high: The overwhelming majority of respondent companies are moving to a long-term hybrid workplace approach. In fact, 80% of leaders and 75% of employees said their company is currently using a hybrid model or is fully remote and considering a hybrid work model. But, 54% of employees reported up to six instances of lost productivity due to network access issues and leaders cite home internet security (21%) and leakage of sensitive company data (20%) among their top security challenges.
  • Visitor management is an in-office priority: Having a detailed record of who has been in and out of a company’s office is a larger priority in 2021. 96% of business leaders and 93% of employees agree that it is important for their company to have a system in place that logs and tracks visitors who enter and exit the building when employees work in the office.
  • Home office data security presents new challenges: Businesses need to change their data security approach now that employees are more decentralized than ever before. However, while data security is a priority for leaders with 81% saying their company has offered employees training on it, only 61% of employees said their company offers this training, indicating a communication gap.

Anudeep Parhar, Chief Information Officer at Entrust, said: “With the uncertainties of the last year and a half, many organisations are well-adapted to remote work. With leaders planning the future state of their workplace models, we wanted to ask how they are adapting security and identity for the hybrid workplace: how are leaders and employees prepared to protect data and sensitive information? How will office security evolve? Will adapting to hybrid workplaces multiply vulnerabilities… or will enterprises choose smart security strategies to enable employees wherever they work?

“With the study overwhelmingly indicating the desire of 91% of employees to work in a hybrid model moving forward, this data study provides businesses insight about how to democratise work from anywhere and incorporate security practices into their hybrid approach by working with companies like Entrust to implement solutions such as password-less and biometric authentication, mobile identity verification and more.”

The report says there is no question employers are leaning into a clear desire among employees for hybrid work options, with 68% saying they are considering hiring talent that resides in geographically diverse locations. For employers following this trend and hiring employees in a new, hybrid environment, there are several ways to improve and secure the onboarding process.

The study found business leaders are improving training methods (53%), rolling out new or improved collaboration tools (47%) and implementing mobile ID issuance for remote employees. Furthermore, leaders are taking steps to maintain internal security as they incorporate a hybrid model, with 51% rolling out one-time password technology, 40% utilizing biometric authentication and 36% using mobile identity verification, citing the desire to stay ahead of hackers and protect their internal data.

As companies start bringing workers back to the office, the ongoing pandemic raises the stakes of physical security to include health, safety and infosecurity. For example, companies must consider best practices when they begin to open their doors to visitors outside their internal workforce once more. Entrust found support for organizational visitor management is overwhelming, with 96% of business leaders and 93% of employees agreeing that it is important for their company to have a system in place that logs and tracks visitors who enter and exit the building when employees work in the office.

With this in mind, companies will begin paying more attention to who’s going in and out of the office building. Reasons for this enhanced scrutiny of visitors is primarily due to caution surrounding COVID-19, with 83% of leaders and 84% of employees citing the risk of spreading COVID-19 as the top reason it is important to have a system in place that manages and tracks guests. Other reasons included protecting confidential information (65% of leaders and 55% of employees) and avoiding physical harm to employees (61% of leaders and 62% of employees).

Business leaders also agree that it is imperative to consider the intersection of data security and work from home standards. Fortunately, it appears that the introduction of hybrid work has resulted in a step in the right direction for workplace data protection. In fact, while 81% of leaders said their company has offered employees training on data security, the overwhelming majority (86%) said it was offered as a result of the COVID-19 pandemic, indicating a trend towards enhanced data security.

Unfortunately, while leaders are offering this training, only 61% of employees said their company offers this training, indicating a communication gap between leadership and their employees. By communicating these trainings to employees, leaders can help reduce the risk of security threats including phishing and ransomware attacks.

Naturally, while the Securing the New Hybrid Workplace data study takes a holistic look at the top trends of hybrid work, some individual countries presented data that is particularly intriguing. Some top findings of key international trends and takeaways include:

  • 65% of employers in Japan say they have offered data security training for the hybrid work model, but only 36% of employees agree, indicating a potential gap in communication or training execution.
  • Businesses in Saudi Arabia (89%) and the United Arab Emirates (87%) are by far the most willing to consider hiring talent that resides anywhere in the world. Businesses in the United States and Singapore are the next most likely to hire talent anywhere in the world, both with 73% of leaders indicating they would be willing to hire global talent.
  • Businesses in Indonesia are particularly likely to implement cutting-edge security technologies into their business practices, with 75% of employers saying they have utilized one-time passwords and 69% indicating they utilize biometric authentication.
  • Of the countries surveyed, respondents from Germany indicated the lowest productivity impact due to network access or login delays with 49% reporting that they have never had an issue, and 27% reporting only 1-3 incidents. By comparison, in the United Kingdom, only 25% reported no issues, with 34% reporting 1-3 incidents.

Physical security for data centres to hit $1bn by 2026

960 640 Stuart O'Brien

The data center physical security market is expected to grow at a CAGR of over 7.42% during the period 2020−2026, to hit sales of $1,045.9m by the end of the forecast period.

That’s according to a new report from Arizton Advisory & Intelligence, which says:

  • The global physical security market is growing due to an increase in data center investments owing to increasing digitalization and the adoption of cloud services by enterprises as a result of the COVID-19 pandemic.
  • The physical security market for data centers is highly fragmented, with multiple local and global vendors offering solutions, along with system integrators, who have expertise in design, installation, commissioning, and maintenance of physical security systems.
  • North America leads the market in terms of physical security systems, with around 45% of the overall market share followed by APAC and Europe.
  • Hyperscale data center operators prefer multiple layers of security, and majority of data centers are implementing a minimum of five-layer security design. There is a growing demand for multi-factor authentication and CCTV monitoring, as well as advanced BMS systems to monitor and manage hyperscale data centers.
  • With an increase in edge data center deployment that are mostly deployed in locations nearer to the customers and at rural locations, the requirement for physical security will also increase. Data center operators adopt increased physical security measures such as access point restrictions, use of fences, and trenches to protect against natural calamities, and careful selection of material for enclosures.
  • Asia faces significant natural calamities; hence, data centers in Asia need to develop disaster recovery and business continuity plans (BCP). It is imperative that robust physical security systems are installed in the region.

The report estimates that over 300 colocation facilities were under construction or opened in 2020, and this number is increasing as operators are finding higher demand from customers across verticals for colocating their data center needs.

The development of greenfield data centers by enterprises is moving toward modular deployments, which include prefabricated containment systems or containerized data center facilities.

The infrastructure vendors that dominate the modular data center space include Schneider Electric, Vertiv, Eaton, Huawei Technologies, and Rittal.

The majority of data centers are mostly restricted to urban locations and prominent sites such as Texas, New York, Virginia, London, Stockholm, Frankfurt, Paris, Dubai, Mumbai, Osaka, Sydney, Melbourne, and Auckland. In recent years, these locations have attracted considerable investments, and more data centers are planned for 2021 and beyond.

In terms of physical security, North America is a major location for investments in products and services. Many facilities boast five or six-layered physical security to protect data. For instance, CoreSite Realty’s Chicago data center (CH2) data center facility is equipped with CCTV’s, IP-DVR security officers 24/7, access key cards, biometric scanners.

Exotic programming languages making malware increasingly tough to spot

960 640 Stuart O'Brien

For defenders to maintain a competitive advantage over attackers, it’s important to recognize emerging trends by threat actors. One such trend BlackBerry has observed in 2021 is the practice by malware authors of leveraging new and uncommon programming languages to evade detection and hinder analysis.

Malware authors have a reputation for being slow to change what works for them. But with millions of dollars in corporate ransoms now up for grabs, this is no longer the case. Some malware groups have taken the opportunity to branch out and try new or “exotic” programming languages to address specific pain-points in their development process, or to try to evade detection by defenders.

A new BlackBerry white paper, Old Dogs New Tricks: Attackers Adopt Exotic Programming Languages, explores this trend and reveals the motivations and impact it may have on the threat landscape.

“Malware authors are known for their ability to adapt and modify their skills and behaviors to take advantage of newer technologies,” said Eric Milam, VP of Threat Research at BlackBerry. “This has multiple benefits from the development cycle and inherent lack of coverage from protective products. This paper looks into less prolific programming languages and their use in the malware space. It is critical that industry and customers understand and keep tabs on these trends, as they are only going to increase.”

The BlackBerry Research & Intelligence Team chose four uncommon programming languages of interest to examine: Go, D, Nim, and Rust.

This choice was due in part to BlackBerry’s detection methodology, which identified an increase in the use of these languages for malicious intent, and exposed an escalation in the number of malware families being identified and published using these languages. These four languages have also piqued our interest because they could be considered well developed and supported, with strong community backing. ­

While the trend of using exotic programming languages by threat actors is not new, BlackBerry aims to shed light on the state of the current threat landscape regarding these new and emerging languages. In this white paper, BlackBerry’s research team covers the reasons behind exotic language adoption, and provides valuable tips for detecting and preventing malware that takes advantage of these challenging new methods.

Read the full report: Old Dogs, New Tricks: Attackers Adopt Exotic Programming Languages.

Physical security market to grow 6.5% by 2027

960 640 Stuart O'Brien

The Global Physical Security Market size was estimated at $78.23 billion in 2020 and expected to reach $83.87 billion this year, followed by a Compound Annual Growth Rate (CAGR) of 7.54% from 2020 to 2026 to reach $121.01 billion.

A new report published by ResearchandMarkets, analyses the competitive landscape in terms of markets, applications and geographies, describing the optimal or favourable fit for vendors to adopt successive merger and acquisition strategies, geography expansion, research & development, and new product introduction strategies.

The report identifies the following market dynamics:

Drivers

  • Increasing instances of terror attacks
  • Shifting focus from traditional solutions
  • Protection to business assets, employee, and customer
  • Adoption of IoT and cloud-based data storage
  • Ongoing developed of smart cities
  • Enforcement of government regulations and compliance

Restraints

  • Limited use of advanced technologies
  • Integration issue among security solutions

Opportunities

  • Collaboration between contract security provider and physical security vendors
  • Technological development in video surveillance
  • Use of IP-based HD video for video surveillance
  • Emergence of automated drones for security patrolling

Challenges

  • Integration of logical and physical components
  • Device vulnerability and chances of system being hacked

Increased and evolving threats ‘heighten demand’ for port security

960 640 Stuart O'Brien

The shipping industry is responsible for about 90% of global trade by volume – Frost & Sullivan’s recent analysis on the global maritime port security market finds that governments are prioritising the safe and secure transportation of goods to ensure economic stability and growth.

The sector is being driven by increased threats to port operations, terminal expansions and new ports, soaring traffic, and the acceleration of digital transformation.

In addition, a rise in surveillance spending with a large number of new port developments, especially in the Asia-Pacific (APAC), Africa, and the Middle East regions, and technology upgrades in large and established ports internationally are propelling the demand for maritime port security solutions.

As a result, the industry is estimated to hit $9.10 billion by 2030 from $6.74 billion in 2020, a 3% upsurge in the compound annual growth rate (CAGR).

Among key technologies, cybersecurity is expected to generate the highest revenue—$4.08 billion, followed by screening and detection at $1.69 billion, by 2030.

“Ports remain a major safety concern as a critical component of global supply chains and commerce. Any disruption at ports would affect the interconnected transportation, energy production, and manufacturing industries and have far-reaching economic consequences across a country or even a larger region,” said Aravind Srimoolanathan, Industry Analyst, Aerospace, Defense & Security Practice, Frost & Sullivan. “As ports recover from the impact of the pandemic, vessel traffic is anticipated to recover within two to three years to cater to the global demand, thus encouraging ports to invest more in solutions for infrastructure safety and to handle congestion. Demand for additional software for screening equipment and its integration into the overall port security will intensify.”

Srimoolanathan added: “Port digitalization for tracking and coordination of vessels and cargo has the dual goals of lowering operational expenditure and improving efficiency, thereby unlocking opportunities for safety upgrades. Hence, security providers must consider the best ways to optimize cargo screening and detection, surveillance, and perimeter security by deploying data analytics and artificial intelligence (AI) as they enhance existing security systems’ accuracy in identifying and thwarting threats.”

Forrester says companies need to pursue groundbreaking ideas and develop novel cyber-resilient technologies to proactively counter the ever-evolving cyber threats. To achieve this, market participants should focus on:

  • Integrated systems for effective security operations: As new technologies and applications emerge, there can be uncertainty among end users. New technologies that integrate easily, with a clear and straightforward interface that requires minimal training for security employees, will appeal to the end users.
  • Managed services business model: Partnerships with governments and port operators in the nascent stages of port development projects to provide turnkey solutions and operational support services that bridge security capability gaps may prove beneficial.
  • Cybersecurity of physical security systems: Vendors should combine Physical Security Information Management (PSIM) and Security Information and Event Management (SIEM) applications so physical security staff can detect secret threats, and the cybersecurity team can comprehend risks associated with the physical security system.

A Dynamic Threat Landscape Propels the Global Maritime Port Security Market is the latest addition to Frost & Sullivan’s Aerospace & Defense research and analyses available through the Frost & Sullivan Leadership Council, which helps organizations identify a continuous flow of growth opportunities to succeed in an unpredictable future.

Financial, retail, healthcare and manufacturing suffer revenue losses following ransomware attacks

960 630 Stuart O'Brien

More than half of organisations have been the victim of a ransomware attack – In the UK specifically, 305 companies were contacted and 84% of businesses that chose to pay a ransom demand suffered a second ransomware attack, often at the hands of the same threat actor group (53%).

The research, conducted by Cybereason, also divulged that of the organisations in the UK who opted to pay a ransom demand to regain access to their encrypted systems, 43% reported that some or all of the data was corrupted during the recovery process.

These findings underscore why it does not pay to pay ransomware attackers, and that organisations should focus on early detection and prevention strategies to end ransomware attacks at the earliest stages before critical systems and data are put in jeopardy.

Key findings (UK-specific) in the research include:

  • Loss of Business: 47 percent of organisations reported significant loss of business following a ransomware attack. Of these individuals, 61% admitted to losing revenue.
  • Ransom Demands Increasing: 51percent of businesses that paid a ransom demand shelled out between £250,000 – £1 million, while 4 percent paid ransoms exceeding £1 million.
  • Brand and Reputation Damage: 63percent of organisations who admitted to losing business indicated that their brand and reputation were damaged as a result of a successful attack
  • C-Level Talent Loss: 45 percent of organisations who admitted to losing business reported losing C-Level talent as a direct result of ransomware attacks
  • Employee Layoffs: 31 percent of those who admitted to losing business reported being forced to layoff employees due to financial pressures following a ransomware attack
  • Business Closures: A startling 34 percent of organisations who admitted to losing business reported that a ransomware attack forced the business to close down operations entirely

Other key findings included in the full report reveal the extent to which losses to the business may be covered by cyber insurance, how prepared organisations are to address ransomware threats to the business with regard to adequate security policies and staffing, and more granular information on the impact of ransomware attacks by region, company size and industry vertical. In addition, the report provides actionable data on the types of security solutions organisations had in place prior to an attack, as well as which solutions were most often implemented by organisations after they experienced a ransomware attack.

“Ransomware attacks are a major concern for organisations across the globe, often causing massive business disruptions including the loss of income and valuable human resources as a direct result. In the case of the recent Colonial Pipeline ransomware attack, disruptions were felt up and down the East Coast of the United States and negatively impacted other businesses who are dependent on Colonial’s operations,” said Chief Executive Officer and Co-founder of Cybereason, Lior Div.

“Paying a ransom demand does not guarantee a successful recovery, does not prevent the attackers from hitting the victim organisation again, and in the end only exacerbates the problem by encouraging more attacks. Getting in front of the threat by adopting a prevention-first strategy for early detection will allow organisations to stop disruptive ransomware before they can hurt the business.”

2021 ‘refocuses priorities’ for physical security

960 640 Stuart O'Brien

The realities of COVID-19, and the subsequent shift to work at home, has emphasized the value of technology that can provide greater insight and control.

That’s according to results from Genetec’s ‘Physical Security in EMEA 2021’ report, based on insights from over 1,500 physical security professionals.

The report takes a closer look at how physical security teams across Europe, Middle East and Africa (EMEA) are leveraging technology to manage both short term needs and long-term priorities.

In the UAE, according to a recent report from Mimecast, 81% of respondents had received specialised work from home related cybersecurity training since the start of the pandemic – above the global average of 64%.

As a result, video analytics, access control and identity management were all identified as strategic technologies for 2021.

Cyrille Becker, Managing Director of Europe at Genetec, said: “Last year we saw a seismic shift in the way companies approach security. The access control boom within facilities, showed that the physical security industry is capable of streamlining innovative solutions—particularly when there’s a demand for enhanced safety. As we enter a new chapter, the industry must continue to adapt to changing requirements and invest in the latest enabling solutions to help make our workplaces safer, healthier and more secure.”

Cybercrime is primed to reach record heights in 2021, with the rise of work-from-home and the growing adoption of IoT, as 48% of MEA respondents believe in the prioritisation of the implementation of better business continuity plans. Against this backdrop, 67% of respondents are planning to prioritise the improvement of their cybersecurity strategy in 2021.

Christian Morin, Vice President of Cloud Services and CSO at Genetec, said: “The rise of cybercrime has highlighted cyber and physical security measures can no longer be treated as separate conversations. Physical security professionals must partner with their counterparts in IT to understand the true limits of the security perimeter and mitigate against risk. This requires solidifying a resilient cyber-physical security framework, to ensure trusted devices are integrated in the network and subsequently configured, updated and managed throughout their operational life.”

Physical security departments have traditionally been slower to adopt the cloud, however, the survey results indicate the situation is rapidly changing. With almost two thirds of respondents reporting the pandemic has somewhat (51%) or greatly (12.5%) accelerated their cloud strategy in relation to physical security. This can be linked to the move towards Smart Cities, a rapid transition which has been witnessed within the Middle East, a region investing greatly into a new age of digitalisation.

In January 2021 Genetec EMEA surveyed physical security professionals based in Europe, Middle East and Africa – you can download the full report here.

COVID pandemic increased the importance of physical security

960 640 Stuart O'Brien

75% of security and FM professionals say the COVID pandemic increased the importance of physical security in their organisations, while 60% say they either see a need for immediate cloud-based technology upgrades or are considering it in the near future. 

That’s according to a survey conducted by Brivo from November 2020 to January 2021 among more than 500 US-based physical security and facility management professionals, exploring the physical security impacts from COVID, specifically the challenges facing organisations as they look to reopen their doors.

The survey also took a look at the technology, cloud, and data utilization trends shaping the physical security landscape for 2021.

“Property technology has evolved rapidly in the past year with a major shift in how security and facility management leaders recognize the benefits that cloud technology can provide to them,” said Steve Van Till, CEO and founder of Brivo. “Accelerated by the trend toward working offsite during the pandemic, organizations need the ability to remotely manage security and access control, and see what’s going on in real time, without being on-site. This is accomplished through the cloud.”

The pandemic put security and facility managers in the position of needing to protect health and safety in addition to their usual responsibilities for people and physical assets. Businesses with a primarily remote workforce had to monitor and manage access to empty buildings that were more vulnerable than usual. Nearly 30% of respondents said they did not have centralized security solutions in place and struggled during the pandemic to manage day-to-day operations. 

Another critical weakness for many respondents was leveraging data for physical security — 70% admitted they have problems with data, ranging from too much, too little, or a lack of understanding how to use it. Brivo recognized the need for better analytics to interpret physical security data and launched its new Data Explorer business intelligence tool last year as part of Brivo Access, its 4th generation cloud platform.

Looking ahead, the survey found that technology integrations are a key area of focus for businesses in 2021. 61% of respondents agreed that integration was the most important goal for them this year. An additional 26% indicated that it is imperative to have technology that will assist in enforcing contact tracing, social distancing, and healthy building compliance requirements. These trends will likely continue as more organizations prepare to bring employees, customers, and students back to work and school in 2021. 

“Last summer we launched Facility Safety Features to help reduce the spread of COVID. We’ve since helped more than a thousand customers with their return-to-work efforts leveraging Brivo Visitor reporting, personnel control, contact reporting and self-screening,” said Van Till. “As the hybrid work force continues to become the norm, we’re launching occupancy tracking as well so that organizations can see how space is being used and adjust their plans accordingly.”

F24 and The BCI present the new Emergency Communications Report 2021

960 642 Guest Blog

The pandemic has driven organisations to adopt collaboration software in 2020 and this trend is expected to continue for 2021.

Previous reports have highlighted an overreliance on tools from the private environment for communication during emergency situations (e.g. WhatsApp). Organisations are moving away from tools from such as WhatsApp and using more collaborative tools such as Microsoft Teams, which is also being used in incident situations. Many organisations, who have been using collaborative tools/software for the first time in 2020, are now seeking to extend investment into specialist emergency communications technology solutions.

“2020 was a testing year for all organisations, but one which has transformed the way businesses communicate. This year’s report shows how organisations have been switching physical meetings to virtual settings, with most exploiting collaborative technology such as Microsoft Teams or Zoom more than ever before. The success in using such collaboration tools has driven many organisations to consider investing in more specialist tools for emergency communications for the first time: 49% of respondents who do not currently have tools are already actively trialling new tools or are considering it.”, summarizes Rachael Elliott, Head of Thought Leadership at the BCI.

As Europe’s leading provider for incident and crisis management, emergency notification, as well as business messaging, F24 is proud to exclusively present the BCI Emergency Communications Report and results of this year’s survey. This annual publication provides insight into how organisations communicate in an emergency, the key communication challenges organisations face, and how technology is helping to assist in communications processes.

Download your free copy directly from the F24 website.

Impact of COVID-19 on physical security market revealed

960 640 Stuart O'Brien

A new report delivers what it calls the best estimate of the global market for physical security products going forward to 2025, based on two scenarios.

In March 2020, The World Health Organization declared COVID-19 a global pandemic. Within a few weeks, it was clear that the pandemic was highly likely to cause the world’s worst recession in the last 100 years. In June 2020, the World Bank published a baseline forecast envisioning a 5.2% contraction in global GDP in 2020.

The report from ResearchandMarkets says that, at this time, COVID-19 has been having second spikes in Q3 / Q4 and several countries are experiencing rolling lockdowns and believes its 2nd scenario looks more feasible where global markets take around a year to return to some normality and mass global adoption of a vaccine is achieved within 18 months. The publisher believes this has a probability of 65%.

Based on its Scenario 2, growth will recover by Q3 2021, and by the end of that year it will have grown by nearly 3%. However, different rates of growth apply in each of the 3 businesses and geographic territories. The analyst forecasts the market will reach over $42Bn by the end of 2025 at a CAGR of 6% over the next 5 years.

China continues to increase its share of the physical security product market. The Chinese market has grown rapidly through a boom in new construction and ‘Sharp Eyes’ surveillance projects driven by the public sector. However very little of this vastly expanding market is accessible to overseas manufacturers, nor is it likely to be in the foreseeable future, with ongoing political and trade tensions between the US and China.

Key Impacts of Covid-19 Pandemic on Physical Security:

  • Above all the COVID-19 outbreak will force suppliers to radically rethink how they operate their business, in particular resilience to externalities. In parallel, there will be lessons to learn on having a more coordinated and resilient supply chain. The Video Surveillance business is too dependent on Chinese OEMs and component manufacturers. With many of these factories closed for the first two months of 2020, it caused temporary supply chain issues.
  • The pandemic has created a demand for new solutions to help control the spread of the virus. Physical security products have risen to the challenge, helping to implement social distancing protocols through existing access and video systems with AI-powered analytics. Thermal cameras have also been deployed to measure people’s temperature, with demand being strong. However, their usefulness has been questioned, with the World Health Organisation saying that on its own temperature screening “may not be very effective”.
  • The report estimates that the total value of world production of Physical Security products at factory gate prices in 2020 will be $31.7Bn, a decline of over 7.5% on 2019. Sales declined over the first 3 quarters of 2020 as a result of COVID-19. This has stopped 11 consecutive years of growth.