Posts Tagged :

Data

Voice biometrics demand to hit $2.8bn by 2024

960 640 Stuart O'Brien

The global Voice Biometrics Market size is expected to grow from $984 million in 2019 to $2,845 million by 2024, equivalent to a Compound Annual Growth Rate (CAGR) of 23.7%

That’s according to a new report from MarketsandMarkets, which says the key factors driving demand include an increasing need for robust fraud detection and prevention systems across the Banking, Financial Services, and Insurance (BFSI) industry vertical and a need for reducing authentication and identification costs.

North America is expected to account for the largest market size in the Voice Biometrics Market by region during the forecast period. The region is home to many key vendors, such as Nuance Communications, Verint, and Pindrop.

APAC is expected to grow at the highest CAGR during the forecast period with increasing investments in strengthening security infrastructure. An increasing demand for cloud-based solutions from retail and eCommerce and healthcare verticals is expected to drive the Voice Biometrics Market in the region.

Overall, the report identifies the key market players as Nuance Communications (US), NICE (Israel), Verint (US), AimBrain (UK), Voice Biometrics Group (US), Phonexia (Czech Republic), OneVault (South Africa), SESTEK (Turkey), LumenVox (US), LexisNexis Risk Solutions (US), VoicePIN (Poland), Uniphore (India), Pindrop (US), Aculab (UK) and Auraya (Australia).

Physical security services market to hit $191.7bn

960 640 Stuart O'Brien

The global physical security services market will expand at a CAGR of 11.7% by 2022 to reach $191.7 billion.

That’s according to the latest data from Transparency Market Research (TMR), which pegged the market at $110.3bn in 2017.

In its analysis, TMR says the physical security services market has a consolidative vendor landscape, with prominent players including Tyco International Limited, SECOM Company Limited, The ADT Corp, United Technologies Corporation, and STANLEY Convergent Security Solutions accounting for a lion’s share of revenue.

These players are adopting strategies based primarily on product innovations and new product launches.

Based on the type, the ACaaS segment dominated the global physical security services market and is expected to remain dominant in terms of revenue by accounting US$80.9 bn by the end of 2022.

Region-wise, North America dominated the global physical security services market and is expected to remain dominant over the forecast period from 2017 to 2022 by expanding at a 12.6% CAGR.

In general terms, TMR says the physical security services market is gaining traction due to the need for physical safety to mitigate and reduce crime and risks of the thefts.

Additionally, growing expenses for the physical safety of the infrastructure by organizations coupled with the growing adoption of the internet of things (IoT) devices are supporting growth.

Further, growing penetration of the cloud-based data storage and servers along with growing technological developments, mainly in video surveillance, are contributing toward faster growth of the global physical security services market.

Two thirds of employees don’t feel safe at work

960 640 Stuart O'Brien

Only one in three workers feel safe in their own workplace due to steps taken by their employer.

A survey, commissioned by Expert Security UK, polled 2,000 people with the question ‘has your employer taken actions to ensure you feel safe in the workplace,’ with an overwhelming response of no.

And a further 62 per cent admitted that their employer had taken some steps, but not nearly enough to make them feel ‘safe’ within the working environment.

So, what is a safer working environment? Danny Scholfield, managing director, Expert security UK, has provided tips for employers to learn from…

1. Car park

If your business has one, then your car park will be the first point of contact for your employees and customers, so it’s essential that it is secure. One of the best ways to deter crimes outside is by improving visibility, so that means ensuring that pathways, doorways and entrances are well illuminated. Eliminate as many shadowy areas as possible as these are ideal spots for attackers to hide. Consider installing emergency phone lines in easy to reach places; employees will feel safer knowing they can access help quickly and easily. 

2. CCTV

Of course, one of the biggest deterrents when it comes to any criminal activity is CCTV. Knowing they are being watched and that any footage could be used to identify and prosecute them can be a powerful way to discourage people from acting maliciously. They can also be huge tools in helping staff members feel safe.

Start by installing good quality CCTV cameras at entrances, exits, gateways and doors. A poor quality camera may do the same in terms of acting as a deterrent, but in the event that you need to use the footage, it’s important that details can be seen clearly.

3. Your business premises

Your next step should be to protect the premises of your business. Where necessary and applicable, use gates and fences to secure potential entry points and ensure that you have strong locks and fob systems in place where only staff members can gain access. You could also consider installing motion detectors and alarms that not only sound locally but can alert the authorities if a breach is detected.

4. Online safety

In today’s online world, cybersecurity is also an incredibly important step to take when ensuring that your employees feel safe as so many threats now exist digitally. You might consider investing in a training course for your staff that goes over the basics of cybersecurity, such as phishing scams, how to tell the difference between secure and insecure connections, making sure downloads are safe from viruses, and using strong passwords.

5. Workplace harassment

It isn’t just outside threats that employers should be aware of. A great deal of harassment and bullying can go on inside the walls of your business, even if you don’t know about it. Even verbal bullying can create tension between staff members and, if left unchecked, it could escalate to physical violence.

Start by making strong policies against workplace harassment and bullying a top priority for your business’ security policy, whether that means writing new policies altogether or updating existing ones. Consider sending your management team to training seminars that focus on anti-bullying and equality in the workplace, as these are the people who often see problems first but don’t necessarily have the skills to tackle them. Make sure your final policies are communicated to all staff members so they are aware of them, know what to do in the event of an incident, and feel confident that you will support them.

If all five points are prioritised and actioned, it is a great starting point to ensuring your workforce are well looked after, feel safe and work happy, so that you don’t run the risk of having only 1 in 3 feel 100% safe.

Physical security demand to hit $119bn by 2023

960 640 Stuart O'Brien

It’s been predicted that the global physical security market will to grow in value from $84.1 billion last year to $119.4 billion by 2023.

That’s equivalent to a Compound Annual Growth Rate (CAGR) of 7.3%, according to analysis from ResearchandMarkets.

Its report, The ‘Physical Security Market by Component and Services, Organisation Size, Vertical and Region – Global Forecast to 2023’ found that (deep breath) rising incidents of terror attacks, technological advancements and deployment of wireless technology in security systems, increasing use of IP-based cameras for video surveillance, implementation of mobile-based access control, and adoption of Internet of Things (IoT)-based security systems with cloud computing platforms are projected to drive the growth of the market across the globe.

However, violation of privacy related to physical security systems and services is expected to restrict the growth of the market across the globe in some instances.

The Services segment is projected to lead the physical security market during the forecast period. The report says physical security services play a vital role in enhancing the existing video surveillance system by integrating digital video surveillance with network and IT systems.

This integration enhances property safety and reduces loss from thefts. Moreover, the service segment is being continuously affected by the introduction of the integrated Social, Mobile, Analytics, and Cloud (SMAC) solution, which need proper monitoring.

The Large Enterprises segment is expected to lead the physical security market in 2018. These enterprises were the early adopters of physical security solutions and services, as they have larger revenue pool to spend and a larger infrastructure to be protected.

High spending on security, followed by the high need for securing large assets is leading large enterprises to contribute to a higher market share in the physical security market.

The residential segment faces the challenge to manage security without violating the privacy of their guests, comfort, and travel experiences. In residential premises, the implementation of access control and video surveillance security systems is growing.

The residential properties are installing access control systems to prevent invasion and burglary. Residential properties are increasingly adopting electronic lock-based access control systems. The demand for electronic products is growing with the increased home automation trend.

The APAC physical security market is projected to grow at the highest CAGR during the forecast period. This growth is primarily driven by the rising adoption of access control systems in Small and Medium-sized Enterprises (SMEs), hospitality businesses, airports, ATMs, banks, residential buildings, and religious places, among others are expected to drive the physical security market.

Security systems are expected to witness increasing adoption in APAC as the countries in the region are emerging economies with a growing number of manufacturing bases, and there is also a constant risk of terror threats in the region.

Code

GUEST BLOG: Securing SMEs for the future

960 640 Stuart O'Brien

By David Navin, Head of Corporate, Smoothwall

Cyber-attacks are nothing new, with a new threat, attack or breach making a regular occurrence on the news agenda. With a number of high profile attacks on large corporations such as Yahoo, Sony, TalkTalk and Camelot, it is easy to think that cyber criminals only go after the big fish.

In fact, security expert Dr. Emma Philpott recently stated: “There’s a lot of great talk, but most SMEs do nothing about cyber-security. It’s shocking.”

Although it may sound harsh, Philpott was actually simply confirming what the majority of the security industry will tell you; that SMEs rarely have clear, actionable measures in place which present a rather inviting opportunity to hackers and threat actors.

Research last year found that 48 per cent of SMEs fell victim to at least one cyber-attack in the past year, with 10 per cent targeted multiple times. It begs the question, therefore: why do SMEs not consider their cyber security as important an issue as large enterprises?

Last year in the UK there were 5.4 million SMEs, making up over 99 per cent of all UK businesses, making them absolutely crucial for the UK economy. With such importance placed on UK SMEs, it highlights the sheer importance as to why the security problem is so serious and needs to be addressed.

It isn’t that SMEs are over-confident or ignorant to the threat of cybercrime. The majority of SMEs suffer from an inferiority complex and believe they are not at risk because they are not big or important enough to be a target for hackers.

They could not be more wrong.

Consumers share their data with SMEs on a daily basis, with many large companies working with SMEs as part of their supply chain. This makes SMEs a very attractive proposition for criminals looking to get hold of valuable data – be it corporate or personal. By playing a part in the supply chains of larger companies, they can be exploited as back doors into their larger partners, providing cyber criminals with a passage to attack the ‘bigger fish’. Security is another issue as well. Aside from the value of the data they hold, SMEs provide a bullseye for threat actors as they tend not to have the same level of security in place as their larger counterparts. This means they are not only an appealing option to hackers, they are often an easy one.

Constant vigilance

With the increasingly common Advanced Persistent Threat (APT), there is more chance that a cyber-attack has been set out to steal data rather than to cause damage to the network or organisation.

Mitigating against such attacks is very challenging and larger businesses invest in highly complex security systems to protect themselves. It is often the case that SMEs don’t feel they can afford such investment, but the truth is that there are some security measures that can be taken without huge cost.

There are five fundamental security measures every business should have in place: web security with perimeter firewall, application control, network segmentation, IPS (Intrusion Prevention Systems) and email security. By implementing these, SMEs can begin to build a defence with these security pillars as their foundation. As the business grows, further investment can be then made and built on top of this. 

Go small to win big

SMEs can take no chances. If found to be the weak link in a large organisation’s security defence, it is likely that they will lose that partner and the hundreds of customers that come with them, and the reputational and financial damage that will result could be catastrophic to a small business. We have already seen how a cyber-attack can affect a company’s prospects, with Yahoo’s acquisition by Verizon cut significantly as a result of its 2014 hack, and SMEs can be subject to the same consequences as well.

This is why, alongside having the core five defences in place, SMEs must adhere fully to security regulation. We know compliance is a painful process for SMEs – it can be time-consuming and therefore costly. There is no avoiding compliance, even if it does not necessarily lead to better security, but what it will always do is protect relationships with larger partners. Coupled with at least a basic level of security, the SME becomes far less appealing to a hacker.

Companies, no matter their size, need to have all the measures in place so as to keep their data watertight and relationships safe. Reputation for any company is built from the bottom up: prevention before cure, or face the ignominy of a potential debacle, TalkTalk-style.

Total Security Summit logo

Crises, CCTV and Cyber Crime top the total security summit

800 450 Jack Wynn

The global landscape has experienced a rather monumental change over the last year, with security being more relevant than ever as we go into 2017.

The first Total Security Summit of the year is determined to address these issues and uncertainties in a bespoke two-day event for security professionals.

Meet, share, connect and debate business relevant to your current and future projects with matchmade face-to-face meetings, experience a day of dining, drinks and discussion as you network with fellow business professionals and attend seminars covering a range of relevant topics.

Reaching a landmark age in political global challenges and uncertainties, it’s vital to prepare for the future, protecting crowded areas, addressing terror threats and discussing counter-terrorism is Dr Anna Maria Brudenell, Lecturer in Military and Security Studies,
Cranfield Defence and Security for the first seminar on Global Security Strategy.

As terror threats continue to rise and evolve without warning, discussing and understanding the implications is crucial to develop your security in a crisis. Chris Phillips, Managing Director, International Protect and Prepare Security Office (IPPSO) is presenting seminar 2 on Crisis Management and Communications

Video surveillance is being used in greater quantity and with higher quality expectations, with Britain among the leaders in CCTV operation, but are the benefits worth the cost? With few resources and increasing legal parameters, Simon Lambert, Independent CCTV Consultants, Lambert Associates is discussing  CCTV and Video Surveillance in seminar 3.

axis-excell-4

John Marsden, Head of Fraud, Equifax, is discussing how to identify and tackle theft as it happens, assessing risk, detecting threats and ensuring on-going training in Seminar 4: Keeping your Business’ Cash and Assets Safe and Secure

Going into your second day, and following morning networking, James Willison, Founder, Unified Security Ltd goes digital. As our dependency on technology grows, many companies are more vulnerable than ever, between data and privacy risks to ransomware, hackers are becoming more sophisticated, and businesses need to adapt quickly for Seminar 5 on Cyber Crime – the United Security Response.

With a continuing rise in companies at risk of fraud, from physical fraud to high level hacking, security needs to be tight across the board, and the final seminar before more discussion and networking addresses these fears. Fraud Prevention with David Lee, Fraud Prevention Manager, Transport for London sees the summit almost to a close.

Taking place between the 13-14 March at the Radisson Blu Hotel, London Stansted, this year’s Total Security Summit is the industry go-to for professionals.

To secure a complimentary delegate place at either of the two annual Total Security Summit events, call Liz Cowell on 01992 374 072 or email l.cowell@forumevents.co.uk.

Or, to attend either event as a supplier, call Nick Stannard on 01992 374 092 or email n.stannard@formumevents.co.uk.

For more information, visit www.totalsecuritysummit.co.uk.

Residents in large cities expected to give up data

960 640 Jack Wynn

50% of citizens in big cities are predicted to share their personal data to benefit from ‘smart cities’ by 2019.

Analysts at Gartner believe the ‘hyperconnectivity’ of a smart city will mean residents will voluntarily give up information to benefit from government and commercial collaboration.

Data sharing is already constantly happening on a small scale, but it is expected to accelerate and expand due to demand for efficiency and convenience.

Many are already sharing their details with VPAs, or virtual personal assistants, who simplify the process by filling out long forms and paperwork for you.

Governments are already beginning to adapt to the change, and are expected to generate revenue from open data, with 20% of local government organisations expected to benefit from this by 2020.

“Open data portals in cities are not a new thing, but many portals today have limited machine readability and therefore limited business value,” said Gartner research vice president, Bettina Tratz-Ryan, “the city becomes ‘smart’ when the data is collected and governed in a way that can produce valuable real-time streams, rather than just backward-looking statistics or reports.”

Some cities have already begun to make changes to their interface. The Copenhagen Data Exchange is already making moves to connect citizen data, but the process isn’t yet real-time.

The most important part, according to Gartner, is to remodel the data to generate profit. The key to monetisation will be to create an automated and streamlined service in order to organise patterns.

“Users will have a number of options to ‘pay’ for data access depending on the use case,” said Ms. Tratz-Ryan. “A normal citizen may simply participate via data democracy and have free access in return for providing their own data, whereas commercial use may require sharing revenue with the data owner, or buying a license to access an enriched data source.”

Guest Blog, Ian Taylor: Public Cloud Migration – what you should know about shared security responsibility…

800 450 Jack Wynn

Migrating from a traditional data centre and embracing popular public cloud platforms such as Amazon Web Services (AWS) or Microsoft Azure is a growing trend for many businesses. In fact, according to Gartner, the worldwide public cloud services market is expected to reach $204 billion in 2016. There is a misconception, however, that making this move translates to a “hands-off” approach with no need to be an active participant in IT management.

This is especially the case when it comes to security and compliance. While public cloud platforms provide protection for computing processes, storage, database operations, networking and physical security of servers, users are expected to fulfill a “shared responsibility” for protecting data. They are obligated to secure a number of important elements including data, platforms, applications, identity and access management, operating systems, networks and firewalls.

It is important to understand that fulfilling compliance requirements such as the Payment Card Industry Data Security Standard (PCI DSS) does not equate to sound security. Instead, a reliable and repeatable security strategy must be in place to serve as the foundation for compliance that can consistently withstand the scrutiny of audits. Fortunately, the cloud offers an ideal forum to manage these processes.

While fulfilling compliance and security in the cloud can potentially be more demanding than one would expect, it can yield significant dividends in terms of flexibility and scalability. Despite this, many industries struggle to address the required technical and cultural shift to secure data and intellectual properly in the cloud. The primary challenge is a lack of resources and in-house expertise to assume this additional oversight.

In some cases, organisational goals for this endeavor are unclear. As a result, unqualified security personnel could be recruited, inappropriate security tools purchased, or the wrong cloud hosting provider selected.

Keys to success

Prioritisation for security and compliance is essential. It is impractical and cost-prohibitive to secure all data. For a successful security strategy, data needs to be classified according to low, medium and high-risk. And this breakdown has to align with organisational objectives.

Due diligence is required to identify security solutions that offer both comprehensive compliance and reliable security tools that match business operations. The ideal scenario is to choose a security expert, partner or service provider that will not only clearly define the lines of responsibility in correlation with compliance standards, but also offer counsel and guidance in terms of data protection.

Setting the course

A detailed “Responsibilities Matrix” that correlates with compliance and security standards is a recommended approach. There should be ongoing dialogue between business leaders and IT teams to ensure that appropriate resources are in place. After alignment is achieved internally, organisations will be better suited to engage security providers that can execute on these goals.

Companies should seek advice that lays out best practices for security and compliance, as well as documentation and data classification reviews, complete with access to expertise that can help identify aspects of a shared security that are most important. These components are fundamentally important to increasing the confidence level of both an organisation and its customers.

Security is absolutely a shared responsibility for using public cloud platforms and it is mistake to shy away from it. But it’s not just about who’s responsibility it is to do what.  A knowledgeable security provider should be expected to take a partnership approach to this critical task, communicate clearly, and take overall responsibility for the quality of service that is ultimately delivered.

Without a comprehensive strategy that executes sound shared security in concert with compliance adherence, the true ROI of public cloud platforms cannot be realised.

 

Ian Taylor is the EMEA service manager for Armor, a cyber security company that keeps sensitive, regulated data safe and compliant in the cloud. He possesses more than 12 years’ experience in the UK payment services sector with a focus on compliance adherence.

Guest Blog – Dr. Alex Vovk, Ph.D: 3 ways to improve hospitality data security…

800 450 Jack Wynn

The hospitality industry is a magnet for cyber criminals. Hotel chains have global networks, large workforces, as well as complex and often decentralised IT infrastructures. On top of all this, they regularly store and process high volumes of personal and financial data. This data can include customer credit card details, names, driving license numbers, addresses, passport numbers, phone numbers and other personally identifiable information (PII).

When these documents end up in the wrong hands, the regulatory, financial and legal consequences can be crippling; not to mention the reputational damage that you simply cannot afford in such a competitive industry.

This is why securing the integrity of customer and other business-critical data is a top priority in the hospitality trade.

Although the hospitality industry is similar to retail in many ways, it has been slower to adopt advanced security solutions.

Many large hotel chains — Trump, Hilton, Hyatt, Starwood, Mandarin Oriental and others — have recently disclosed problems with cyber-attacks. In many cases, the exact number of records breached has not been made public, nevertheless the overall impact has to be significant.

Despite the breaches, many hospitality businesses keep making the same basic security mistakes. Here are the main steps they can take to reduce the risk:

1: Data security applies across the board

Many smaller hotels operate as franchises or small independent businesses. Often data security is not as high on the agenda as it should be. In some cases, they do not comply with recommended industry security standards, or have IT security teams or even use basic data protection tools.

Actions

  • The reputation of the hospitality trade can only be improved if establishments take responsibility to protect customer PII seriously right across the board. This includes educating employees and adopting the right technology.
  • Compliance with the PCI DSS standard is the bare minimum required. Other essentials are a firewall, regular system updates and patches, encryption, a strong password policy, PCI-compliant applications and POS systems, restricted access to POS computers, and anti-virus, anti-spyware and anti-malware software.
  • IT systems also need to be regularly tested and assessed for vulnerabilities. When vulnerabilities are discovered, they need to be fixed immediately.

2: Insiders can be the biggest cyber security risk

Insider misuse is all too common in the hospitality sector. Contributing factors include high staff turnover rates, lack of appropriate security training, easy access to customer payment data, and lack of adequate controls and user behaviour monitoring.

According to Netwrix’s own 2016 Visibility Report, 65 per cent of organisations across various industries lack visibility into user activities in their corporate networks.

Insider wrongdoing does not always result in a massive data breach. It can take the form of a few individual thefts or many small thefts over long periods of time.

The overall outcome is the same as for external attacks: lasting damage to customer perception and lost trade.
Actions:

  • No matter how much you trust your workforce, make sure access to sensitive data is restricted to individuals who need it to perform their daily duties.
  • Monitor user activity — including privileged users – to see if they have tried to access critical files.
  • Follow up any suspicious activity, such as multiple failed access attempts, because they could be a sign of insider misuse or hacking of user accounts by attackers.
  • Implement a strong password policy.

3: Do not outsource everything

The hospitality industry is a highly competitive one that is always on the lookout for ways to cut costs.

It is hugely tempting to outsource parts of IT to external cloud services, and benefit from reduced hardware/software development costs and eliminating the need to retain a 24/7 in-house IT department.

But organisations who transition their business-critical data to a third party often forget to put strong security controls in place. For example, the 2016 Visibility Report found that as many as 75 per cent of organisations from various industries have no visibility into what is happening to their data in the cloud.

Actions

  • Before outsourcing any sensitive data to the cloud make sure that data will be remain secure in its new environment.
  • Carefully vet the cloud provider, holding them to the same standard as your internal security policies.
  • Also implement user behaviour monitoring, strong multi-factor authentication, remote session monitoring and advanced encryption.
  • Unless you have these security measures, you are not ready to move your critical data to the cloud.

In summary, hospitality businesses are responsible for all of the customer data they collect. Inevitably, this is a challenge, but there is no need to reinvent the wheel; numerous standards, solutions and best practices are available to help.

A lot of security mistakes happen because changes and anomalies in the network have gone unnoticed.

Use tools that help you stay aware of any abnormal or malicious activity in your IT network and in the cloud. Only by having clear insight into what is happening can you detect threats, minimise the risk of data exfiltration and secure your most valuable assets.

 

Dr. Alex Vovk, Ph.D has gained an impressive 15-years’ experience in software expertise, leadership and operational management. Prior to Netwrix, he worked at Aelita Software, where he served as the architect for the company’s key technologies. Dr. Vovk holds a master’s degree and a Ph.D in information security.

Kaspersky Lab: Brit residents ‘top targets’ of ransomware attacks…

800 450 Jack Wynn

New data released by security software company, Kaspersky Lab, claims that British residents are constantly being targeted in a wave of ransomware attacks.

The research suggests that mobile ransomware is becoming more commonplace, and reveals that the company put a stop to 136,532 ransomware attacks between March 2015 and March 2016; an almost four-fold increase on the 35,413 attacks in the previous 12 months.

In addition, Kaspersky’s data shows that UK citizens are among the most likely to be targeted by mobile ransomware; with an estimated 16 per cent of all mobile ransomware attacks hitting users in this country.

Read more on the research here

  • 1
  • 2