Posts Tagged :


Employees responsible for half of industrial networks cybersecurity incidents

960 640 Stuart O'Brien

52% of incidents affecting operational technology and industrial control system (OT/ICS) networks last year were caused by employee errors or unintentional actions.

A Kaspersky report, State of Industrial Cybersecurity 2019, found this issue to be the result of the growing complexity of industrial infrastructures and a shortage of professionals who understand how to detect new threats as well as low awareness among existing employees.

According to the survey, digitalization of industrial networks and adoption of Industry 4.0 standards are a priority for many industrial companies. Four out of five organizations (81%) consider operational network digitalization to be an important or very important task for this year.

A majority (87%) of respondents confirmed that OT/ICS cybersecurity is becoming a top priority for industrial companies. However, to achieve the necessary level of protection, they need to invest in dedicated measures and have highly qualified professionals to make them work effectively. Despite stating it as a priority, only just over half of companies (57%) have allocated budget for industrial cybersecurity.

In addition to budget constraints, there is also a question over skilled staff. Organizations are not only experiencing a lack of cybersecurity experts with the right skills to manage protection for industrial networks, but also are worried that their OT/ICS network operators are not fully aware of the behavior that can cause cybersecurity breaches.

These challenges make up the top two major concerns relating to cybersecurity management and directly correlates as to why employee errors cause half of all ICS incidents such as malware infections and more serious targeted attacks.

In almost half of the companies (45%) surveyed, the employees responsible for IT infrastructure security also oversee the security of OT/ ICS networks. Although operational and corporate networks are becoming increasingly connected, OT and ICS specialists can often have different approaches (37%) and goals (18%) when it comes to cybersecurity.

“This year’s study shows that companies are seeking to improve protection for industrial networks. However, this can only be achieved if they address the risks related to the lack of qualified staff and employee errors,” said Georgy Shebuldaev, brand manager for Kaspersky Industrial Cybersecurity. “Taking a comprehensive, multi-layered approach that combines technical protection with regular training of IT security specialists and industrial network operators will ensure networks remain protected from threats and skills stay up to date.”

In addition to a technical and awareness boost for industrial cybersecurity, organizations must consider specific protection for Industrial IoT which can become highly connected externally. Almost half of companies (41%) are ready to connect their OT/ICS network to the cloud using preventive maintenance or digital twins.

“As this ARC Advisory Group survey conducted on behalf of Kaspersky reflects, the growing interconnection between IIoT edge devices and cloud services continues to stand as a security challenge,” said Dr. Jesus Molina, chair, IIC Security Working Group and director of business development, Waterfall Security Solutions. “It was a major driver for the creation of the IIC Industrial Internet of Things Security Framework as well as the subsequent best practices documents and recent IoT Security Maturity Model.”

Image by Michael Gaida from Pixabay

Physical security equipment market to hit $64bn

960 640 Stuart O'Brien

The global physical security equipment market will be worth nearly $64bn in revenue in 2022, equivalent to a staggering expansion at over 10% CAGR.

That’s according to a report from Future Market Insights (FMI), which pinpoints demand for surveillance equipment a sa key driver of the growth.

FMI says a major trend in the market is the emergence of thermal cameras, which it says are quickly becoming an indispensable part of physical security equipment in monitoring unique/large-scale outdoor environments.

The firm points out that several institutions and critical infrastructures are being offered grants by governments for purchasing efficient surveillance equipment.

In addition, the requirement for sophisticated security systems that help in ensuring safety of data has led the organisations to adopt data analytics, along with cloud-based data storages.

The report points out that the nature of the global physical security equipment market is highly fragmented, with presence of various large- as well as small-scale vendors competing for market share.

These vendors, it says, are concentrating on providing innovative and highly-efficient security solutions coupled with customised security services. In addition, they are also providing integrated systems – Global leaders in the market are adopting strategies such as M&A, and are acquiring niche players, in a bid to enhance their product portfolio.

Other key factors from the FMI report include:

  • Asia-Pacific excluding Japan (APEJ) is anticipated to remain the fastest-growing market for physical security equipment. By the end of forecast period, APEJ will become the second most lucrative region for growth of the market. Government agencies in APEJ are increasingly deploying physical security equipment in public and transportation security, especially in China and India. In addition, a soaring IT sector, coupled with rapid industrialisation in APEJ countries will further drive the market growth.
  • Sales of physical security equipment in the government vertical segment are projected to register the highest CAGR through 2022. In addition, although the healthcare vertical currently accounts for relatively lower revenue share of the market, it will exhibit an impressive expansion over the forecast period. BFSI is expected to remain the second largest vertical in the global physical security equipment market.
  • Consumer video surveillance will continue to be the most attractive physical security equipment, followed by thermal cameras and wireless infrastructure. Revenues from consumer video surveillance, thermal cameras and wireless infrastructure will collectively account for nearly two-thirds of the market throughout the forecast period.

Security demands on SMEs ‘increasingly a barrier to success’

960 640 Stuart O'Brien

UK SMEs are potentially losing out on a third of all enterprise contracts due to cyber fraud and cyber security credentials not being to a recognised standard.

That’s according to research from cyber security awareness platform, CyberSafe, which revealed 37 per cent of organisations have been required to achieve a recognised cyber security standard over the past 12 months by their enterprise customers before successfully securing contracts.

That’s a rise of 9 per cent from 2017’s study results, when only 28 per cent were obliged to prove their proficiency in cyber security.

The research also highlights an increasing scrutiny of cyber security in supply chain organisations by enterprise customers who, due to increases in regulations and high-profile data breaches, are more concerned than ever about protecting their data.

Forty per cent of respondents have been asked by an enterprise customer to add cyber security precautions to contracts or RFP processes in order to win contracts in the past year.

Oz Alashe, CEO and founder of CybSafe, said: “The study has revealed how enterprise customers are increasingly prioritising cyber security when tendering for supply chain businesses. While lax cyber security precautions may have gone relatively unnoticed a few years ago, businesses are now losing out on lucrative deals with their biggest customers because of them. Due to tighter regulations and an abundance of high-profile breaches, organisations have had to re-review and reinforce their entire IT estate, including third party suppliers.

“The study demonstrates that SMEs are actively taking measures to make themselves cyber secure to meet the terms of new contracts. This is because it is no longer enough for an enterprise organisation to ensure that its own network is secure, any supplier must also demonstrate it’s cyber secure too.” 

Image by TheDigitalWay from Pixabay

Video pushes value of global physical security to $32bn

960 640 Stuart O'Brien

The total value of world production of Physical Security products at factory gate prices in 2018 was $31.55bn, an increase of 8% in 2017.

That’s is an increase of approximately 1% over the Compound Annual Growth Rate (CAGR) of 6.87% during the last 4 years, according to the latest data from ResearchandMarkets, which is forecasting the market will reach $51.38bn by 2023.

Of this, the world market for Video Surveillance products should grow at a CAGR of 13.43% to 2023.

The reason for this, says the firm, is the demand for AI Video Analytics that should gradually be taken up over the next 5 years and has the potential to add a further $2.3Bn to the video surveillance market in 2023.

AI Video Analytics will be the number one game changer over the next 10 years in the video surveillance business, influencing the growth of most products that make up the market.

In addition, the developed markets of North America and Europe are losing global market share to Asia and particularly China. This is expected to continue to at least the end of the decade, which Researchand Markets says is bad news for western manufacturers of Video surveillance products because they have failed to establish a solid business base and significant share in China – whilst two Chinese manufacturers have sales of more than $5 billion between them and now have the kind of scale that allows them to reduce prices to the levels that most western manufacturers can’t compete against.

VSaaS (Video Surveillance as a Service) has at last broken through the $1Bn barrier and is forecast to reach the $1.2Bn sales by the end of this year. Strong growth over the last 12 months has pushed hardware sales up by at least 50% and most forecasts predict demand will grow at a GAGR of 20% to 2023. There are a number of reasons for this, says ResearchandMarkets

The first is that the supply side has put more effort and investment into providing VSaaS and ACaaS (Access Control as a Service) services and technology have overcome many limitations and reduced service costs. At the same time, they are winning over system integrators to adopt cloud services and this has also provided a significant boost to growth.

Access Control is still a much smaller business than Video Surveillance and today is far less competitive, but the report says consolidation is creating a more competitive environment and with it comes the confidence to move forward and take up the challenge of embracing new technologies that will deliver better performing products necessary to continue cranking up demand.

ResearchandMarkets says that if manufacturers prefer to continue to be insular and proprietary, it will not be good news for continued growth, for traditional proprietary systems mean limited options for the customer and restricted possibilities for integration and scalability.

Image by riko000 from Pixabay

Government staff losing too many devices, creating security headaches

960 640 Stuart O'Brien

Government staff in the UK lost 508 mobile and laptop devices between January and April 2018, highlighting that mobile device security remains as important as ever for public sector organisations in the UK.

The data comes via MobileIron, which made a Freedom of Information (FoI) request via nine ministerial departments from within the UK Government – all nine of the departments contacted responded with the relevant data.

The FoI request also found that only 10% of devices lost by public sector employees are ever recovered. MobileIron says with the average enterprise using up to almost 1,000 cloud-based applications, the security risks presented by the volume of data that might be exposed when a device is lost or stolen becomes clear.

In fact, a recent Bitglass breach report found that lost and stolen devices account for one in four breaches in the financial services sector. To reduce the risk of being breached, MobileIron says companies need to implement an ‘always verify, never trust’ approach that establishes complete control over their business data, wherever it lives.

David Critchley, MobileIron’s Regional Director, UK&I, said: “As the amount of business data that flows across devices, apps, networks, and cloud services continues to increase, it is essential that organisations have the right security protocols in place to minimise risk and prevent unauthorized access to sensitive data if a device is lost or stolen. Even one lost or stolen device provides a goldmine of readily accessible and highly critical data to potential fraudsters and hackers.

“All organisations should move beyond standard password-based security protocols and implement a mobile-centric zero trust model. This approach validates the device, establishes user context, checks app authorization, verifies the network, and detects and remediates threats before granting secure access to a device or user. The zero trust model allows organisations, including government departments, to significantly reduce risk by giving them complete control over their business data – even on lost or stolen devices.”

Image by William Iven from Pixabay

Video surveillance system market to hit $96bn by 2024

960 640 Stuart O'Brien

The global video surveillance system market has been valued at $40.37bn in 2018, and is expected to reach a value of $95.98 billion by 2024, equivalent to a CAGR of 15.53% over the forecast period.

A new report by ResearchandMarkets says use of video surveillance in business is growing significantly, owing to the increasing need for physical security, coupled with the use of cloud-based services for centralised data.

The firm says video surveillance is primarily adopted in manufacturing, banking & financial services, and transportation and retail industries.

This incorporation is higher in countries, such as the United States, the United Kingdom, China, and Brazil, owing to the large size of the concerned industries and higher awareness among consumers.

Globally, the drive to enhance the safety and security across different industries is adding to the market growth. With rapid developments in cloud computing and video surveillance software, the surveillance market has transformed, in comparison to the previous decade.

VSaaS has been increasing over the recent years, owing to the market penetration of IP camera sales. Significant factors, such as IT cost containment by major IT organizations, the emergence of data centers, and improving functionalities associated with centralized data, are aiding the VSaaS segment.

ResearchandMarkets say the growth of the video surveillance market is expected to be fueled by the introduction of new IP-based digital technologies, to detect and prevent undesirable behaviours, such as shoplifting, thefts, vandalism, and terror attacks.

Image by Peggy und Marco Lachmann-Anke from Pixabay 

Security concerns of Brits among the lowest in the world

960 640 Stuart O'Brien

Brits are maintaining their characteristic ‘stiff upper lip’ in the face of adversity, according to the latest findings from the 2019 Unisys Security Index survey.

Globally, UK consumers registered the fourth-lowest level of concern of the 13 countries surveyed on a range of security issues, with a notable dip in British concerns over national security in relation to war or terrorism – lower in 2019 with 50% seriously concerned as compared to 55% in 2018.

The 2019 Unisys Security Index surveyed more than 13,000 consumers in 13 countries, including more than 1,000 in the UK, in February and March 2019, with additional supplemental research in April 2019.

The survey gauged attitudes on a wide range of security-related issues and created an index based on their feedback. The index is a calculated score from zero to 300 based on concern about eight specific issues within the categories of national, financial, internet and personal security. 

On a scale of zero to 300, with 300 representing the highest level of concern, the UK index is now at 147 – down from 149 in 2018 – which is one of the lowest of the countries surveyed.

The global average stands at 175, with The Philippines scoring highest with an index score of 234 and the Netherlands registering the lowest concern ratings with a score of just 115. 

“The 2019 Unisys Security Index shows a typical British resolve that, while security concerns remain high across the globe, U.K. citizens are registering lower levels of concern relating to security than many,” said Salvatore Sinno, global chief security architect, Unisys. “Political upheaval, the value of the pound and growing international tensions are front and centre in the news, yet the overall Unisys Security Index score has decreased in the UK Britons really are ‘keeping calm and carrying on’ as the old slogan suggests.” 

The 2019 Unisys Security Index surveyed the public on a number of security issues relating to large-scale events. In the UK, 45% expressed serious concerns that a criminal might attack and harm event attendees, and 39% recorded serious concern that criminals might target them on street near event venues. Serious concern was also recorded in relation to the theft of credit card (45%) or personal data (43%) via mobile devices and public WIFI services at events. 

In addition, 51% of UK respondents say they have not changed plans to attend large-scale events due to security concerns, but some have taken extra precautions to secure their mobiles or wallets (28%); look out for threatening or suspicious behaviour (18%); protect their data or location (12%); or check the latest security alerts from the authorities (11%). And 9% say such threats make no difference to their plans and they take no additional precautions.

Also, 30% of those surveyed in the UK eported they will ‘think twice’ about attending large scale events due to data or physical security issues, and 21% have changed their plans to attend certain events or certain locations. 

For more results and information on the 2019 Unisys Security Index, visit

Image by Free-Photos from Pixabay

Global physical security market to hit $136bn by 2024

960 640 Stuart O'Brien

The global physical security market is projected to grow from $ 83 billion in 2018 to $ 136 billion by 2024 on account of increasing incidents of terror attacks.

That’s equivalent to a CAGR of over 8% during the forecast period, according to a new report from Reportlinker, which which defines the market as any measures designed for the protection or prevention of unauthorised access to equipment, facilities or resources and other properties from damage and unauthorised physical access.

The forecast includes video surveillance and access control, with the authors asserting that technological advancements, increasing implementation of mobile based access control and growing deployment of wireless technology in security systems are expected to drive the global market.

Hardware segment accounted for the largest market share in 2018, on the back of growing deployment of security systems across various end users. Video surveillance is the leading segment in the hardware component and the segment is poised to grow at a high rate during the forecast period, owing to rising implementation of video surveillance systems such as camera, monitor and storage devices in various verticals.

North America dominated global physical security market in 2018 and the region is expected to maintain its leading position during the forecast period as well, on account of a growing need for safety against increasing criminal activities and technological developments, in addition to preventing illegal immigration. Moreover, presence of leading players in the region is likely to positively impact the market.

Over the coming years, physical security market in Asia-Pacific is anticipated to register strong growth, owing to increasing development activities in economies such as China and India.

The report identifies major players operating in global physical security market as Hikvision Digital Technology Co., Ltd., Johnson Controls International plc, Robert Bosch GmbH, ADT LLC, and Honeywell International Inc.

Major companies are developing advanced technologies and launching new products in order to stay competitive in the market. Other competitive strategies include mergers & acquisitions and new product developments.

In the end of 2018, Johnson Controls introduced the next generation of INTEVO integrated security platform. The COMPACT and INTEVO integrated security platforms were upgraded with better processors, improved graphics and additional IP camera licenses.

Image by Free-Photos from Pixabay 

Consumers wary of biometric security systems

960 640 Stuart O'Brien

Over half of consumers (56 per cent) are worried that the shift to biometrics to authenticate online payments will dramatically increase the amount of identity fraud.

The research from Paysafe also revealed that 81 percent of consumers still favour passwords for making payments online due to concerns about the security of new biometric options.

The data also found that 66 percent of consumers worry about being able to pay for goods or services without being asked for a password, and only 37 percent believe that biometrics are more secure than other authentication methods.

Those consumers who didn’t feel comfortable using biometrics identified a lack of trust as their primary reason for avoiding them. The research also revealed further fears around the use of biometrics with 45 percent stating they did not want companies to have access to their personal biometric details, 35 percent din’t know enough about Biometrics to trust it, 31 percent were concerned that their fingerprints could be cloned and 28 percent said that they didn’t feel biometrics were safe.

Daniel Kornitzer, Chief Business Development Officer at Paysafe Group, said: “Biometrics are a huge opportunity for the payments industry to combat the increasing risk of card not present fraud. However, it’s not surprising that there is reluctance among consumers to use biometrics as a form of payment authentication when passwords and PINs have been the central pillar of financial data security for at least 20 years. 

“News headlines are also dominated with fraud and hacking scandals so the public are aware of the risks involved when it comes to adopting new services. To overcome this, consumer education is imperative and with SCA coming in September, consumers will need to be aware of the benefits to ensure acceptance and adoption. We’ve lived in a password-driven world for many years now and consumers aren’t fully prepared to let go of what they know.”

Despite the worries over biometric transactions, adoption continues to grow with more than half (54 percent) of British consumers having used biometrics to make a payment. Nearly two thirds (61 percent) of consumers also agree that using biometrics is a much quicker and efficient way of paying for goods and services.

When asked what biometrics they had used, fingerprint technology was most commonly used biometric (38 percent) and 17 percent having used facial recognition, along with 11 percent voice-activated technologies.

Kornitzer added: “Consumer acceptance of biometrics is being driven largely by smartphone usage and adoption, and this will only increase. However, payment providers will need to do their bit to get consumers on board. Ultimately, SCA should lead to smoother and more secure payments – a win for businesses and consumers alike.”

Image by ar130405 from Pixabay

‘Growing security gap’ amid mass digital transformation

960 640 Stuart O'Brien

There’s a growing physical and cyber security gap among European businesses – almost a third (29%) of enterprises experiencing a breach last year, and only a little more than half (55%) believe their digital transformation deployments are very or extremely secure.

These findings are detailed in the 2019 Thales Data Threat Report – Europe Edition, with research and analysis from IDC.

Across Europe, more than 84% of organisations are using or planning to use digitally transformative technologies including cloud, big data, mobile payments, social media, containers, blockchain and Internet of Things (IoT).

Sensitive data is highly exposed in these environments: in the UK, almost all (97%) of these organisations state they are using this type of data with digital transformation technologies.

“Across Europe, organizations are embracing digital transformative technologies – while advancing their business objectives, this is also leaving sensitive data exposed,” said Sebastien Cano, senior vice president of cloud protection and licensing activity at Thales. “European enterprises surveyed still do not rank data breach prevention as a top IT security spending priority – focusing more broadly on security best practice and brand reputation issues. Yet, data breaches continue to become more prevalent. These organisations need to take a hard look at their encryption and access management strategies in order to secure their digital transformation journey, especially as they transition to the cloud and strive to meet regulatory and compliance mandates.”

However, not everyone is confident of the security of these environments. Across Europe, only a little more than half (55%) claim their digital deployments are very or extremely secure.

The UK is the most confident in its levels of security with two thirds (66%) saying they are very or extremely secure. In Germany, confidence is much lower at 49%.

The most common use of sensitive data within digital transformation is in the cloud. Across Europe, 90% of organisations are using, or will use, all cloud environments this year (Software as a Service, Platform as a Service and Infrastructure as a Service). These deployments do not come without concerns, however. The top three security issues for organisations using cloud were ranked as:

  • 38% – security of data if cloud provider is acquired/fails;
  • 37% – lack of visibility into security practises; and,
  • 36% – vulnerabilities from shared infrastructure and security breaches/attacks at the cloud provider.

Businesses are working hard to alleviate these concerns. Over a third (37%) of organisations see encryption of data with service provider managed encryption keys, detailed architecture and security information for IT and physical security, and SLAs in case of a data breach tied as the most important changes needed to address security issues in the cloud.

Despite more than 100 new data privacy regulations, including GDPR, affecting almost all (91%) organisations across Europe, compliance is only seen as a top priority for security spend in the UK by 40% of businesses.

Interestingly, 20% of UK businesses failed a compliance audit in the last year because of data security issues. When it comes to meeting data privacy regulations, the top two methods named by respondents working to meet strict regulations are encrypting personal data (47%) and tokenising personal data (23%).

One of the most jarring findings of the report is that almost two thirds of organisations across Europe (61%) have encountered a data breach at some stage.

The UK fares slightly better than the average for Europe with just over half (54%) of organisations saying they have encountered a breach. However, across Europe 29%, of organisations who have faced a data breach did so in the last year; a shocking one in 10 have suffered a data breach both in the last year and at another time.

For more key findings and security best practices, download a copy of the new 2019 Thales Data Threat Report – Europe Edition.

Thales also will host a webinar on Thursday, 13 June at 3:00 PM BT about “The State of Data Security in Europe.”

Image by Andreas Samuelsson from Pixabay