THE REGION’S LEADING GOVERNMENT AND CORPORATE SECURITY MAGAZINE | www.asiapacificsecuritymagazine.com
November 2013
Special features on CCTV and Cyber SecurityWHAT YOU NEED TO KNOW
Understanding space and security
FEATURE INTERVIEW
PLUS
TechTime Mini-Mag inside
Al-Qaida: Why it won’t go away
Jeffrey BleichOutgoing USA Ambassador to Australia
Alloys have partnered with D-Link, giving you all the piecesto the IP Security puzzle to deliver end-to-end business solutions. Talk to Alloys today about Wireless Solutions, Switching, IP Surveillance, Network Storage and Security.
Melbourne Showroom128-140 Wellington StreetCollingwood VIC 3066
Sydney ShowroomTalavera Business CentreUnit 5, No.1 Talavera RoadNorth Ryde, NSW 2113
For more info, speak to Tony on 1300 368 348 or email [email protected] reserve the right to change incorrect prices/speci�cations resulting from printing or typographical errors. *Selected D-Link products come with a Limited Lifetime Warranty. Refer to http://�les.dlink.com.au/Warranty/LifeTimeWarranty.pdf for full terms and conditions.
THE ALLOYS DIFFERENCE
Exclusive high-margin IP Security range
High stock levels across the range
Market-leading Lifetime Warranties*
VIP Partner Program with local pre-sales support and real rewards
BECOME A D-LINK NETWORK DESIGN ASSOCIATE TODAY FOR FREE!
CALL NOW FOR YOUR FREE ACCESS CODE
YOU DON’T HAVE TO BE A GENIUS TO
SOLVE THEIP SECURITYPUZZLE
SAVE
MINI RUBIXCUBE KEY
CHAIN
$100AND GET A FREE
Tony DobranAlloys IP Security Specialist
NETWORKDESIGNASSOCIATE
www.alloys.com.au1300 368 348
Satisfaction. The Yarra Honda four-story dealership in Melbourne, Australia focuses on customer service with help from
Milestone XProtect® Enterprise. Staff use the video surveillance software to identify showroom customers who need help
and receptionists monitor if employees are at their desks before transferring incoming calls. Proving
again Milestone can solve problems that are more than security.
Milestone XProtect® is the world’s leading IP video surveillance management software and is reliable, future proof and easy to use. It supports the widest choice in cameras and seamlessly integrates with business and security solutions such as video analytics. Which means your possibilities are unlimited and you can keep your security options open. See our new products and the new ways to use XProtect at: www.milestonesys.com
Milestone Systems AustraliaТеl: +61 3 9016 7877
Australian_Fullpage_English_Honda.indd 1 13-09-2013 14:59:29
2 | Asia Pacific Security Magazine
International
SmartAir is an electronic Handle Set or
Escutcheon, which provides a completely
autonomous single door access control
and electronic master key system feature.
SmartAir’s special design and technology
offer important benefits especially in
comparison to mechanical key & cylinders or
a wired online access control system.
Utilising Battery operation and Wireless
technology, Smartair provides up to 4
different solutions in one package, depending
on customer requirements and budget.
Smartair also produce a range of products to
suit specific applications including electronic
Escutcheons, Wall Readers and Cabinet
Locks, all operating on either Mifare, iClass or
NFC technology.
Together with an optional Management
Software package, SmartAir provides a host
of opportunities.
Operating Modes include Stand-Alone,
Offline, Update on Card and Wireless Online,
each offering their own unique and specific
set of features and benefits.
One lock, a world of possibilities
NSW Northmead: (02) 9890 5300
NSW Alexandria: (02) 9693 5144
VIC Mt Waverley: (03) 9558 8455
VIC Tullamarine: (03) 9338 2427
QLD Kelvin Grove: (07) 3552 5966
SA Marleston: (08) 8297 5555
WA Malaga: (08) 6462 8080
Security Merchants Australia Pty Ltd, an ASSA ABLOY Group company
Asia Pacific Security Magazine | 3
International
3rd Annual Personal Data Protection
Addressing the future perfect of data compliance
9th & 10th December 2013The Royale Chulan Hotel Kuala Lumpur
10101010101010101010
1010101010101010
1010101010101010
1010101010101010
Stephen K.M. LauImmediate Past PresidentHong Kong Computer Society(Former Privacy Commissioner for PersonalData of Hong Kong)
John PaneRegional Lead Privacy Compliance & DataProtection - Asia Paci�cJohnson & Johnson
Dr. Suresh RamasamyPrivacy O�cer/Principal StrategistDiGi Telecommunications
Professor Dr. Ida MadiehaAhmad Ibrahim Kulliyyah of LawsInternational Islamic University Malaysia
Barry OoiPresidentThe Marketing Research Society of Malaysia(MRSM)
Your Expert Speakers
Media PartnerPast Endorsers & Sponsors
For hundreds of generations, privacy has been recognised as a fundamental human right. Organisations create contents, products and services that are valuable to customers and business by compiling information and data all the time. Now with the implementation of the Personal Data Protection Act, it is increasingly important that they are aware of privacy requirements applicable to their customers’, employees’ and suppliers’ data. The challenge is even greater with the increased level of awareness amongst the data providers.
3rd Annual Personal Data Protection aims to the review the preparedness of the industry players in light of the impending enforcement of the PDP Act as well as getting ready for the challenges with the rise of data privacy awareness.
For more details contact us at 03 - 2333 9350
4 | Asia Pacific Security Magazine
International
7�� An�u�� HT��A
Asia PacificTraining Conference
2-4 DECEMBER 2013HARBOUR GRAND KOWLOON, HONG KONG
2 DECEMBER - MANAGEMENT TRACK3-4 DECEMBER - THE TRAINING SERIESTHE OFFICIAL LANGUAGE OF THE EVENT IS ENGLISH
THE HTCIA ASIA CHAPTER CONFERENCE
The premier event for those in law enforcement and private industry who investigates in high technology crime. Re-connect with your colleagues, network with your peers, exchange best practices and preview technology and services from leading providers in the industry.
One of the most profound conferences in the industry, this event o�ers a unique mix of pertinent content and opportunities for extensive networking amongst peers alike. You will learn from subject matter experts and business leaders from both public and private sectors, who have the information you need to do your job. Over 10 lab and lectures sessions per day will be o�ered to support you in all aspects of your job; not only the job you are doing today, but the new jobs you may be asked to do tomorrow.
For any enquiries, please contact us at +852-3978-9900 or [email protected]
Computer Day 1 Sponsor Lucky Draw Sponsor Lanyard Sponsor
Tee-Shirt Sponsor Show Bag Sponsor Gift Sponsor
Exhibitors
Supporting Organizations
C
M
Y
CM
MY
CY
CMY
K
Asia Pacifc Security Magazine.pdf 1 2013/9/30 14:43:25
Asia Pacific Security Magazine | 5
International
6 | Asia Pacific Security Magazine
Acknowledgements
Executive Editor / Director Chris Cubbage Director / Co-founder David Matrai Senior Editor Loreta Cilfone Art Director Stefan Babij
Correspondents Sarosh Bana, Sergei DeSilva-Ranasinghe, Jaya Prakash, Kema Rajandran, Adeline Teoh
Contributors Brett Biddington, Anthony Caputo, David Harding, Dr Carolyn Patteson
Copyright © 2013 - My Security Media Pty Ltd 286 Alexander Drive, Dianella, WA 6059, Australia T: +61 8 6465 4732 | E: [email protected]
All material appearing in Asia Pacific Security Magazine is copyright. Reproduction in whole or part is not permitted without permission in writing from the publisher. The views of
contributors are not necessarily those of the publisher. Professional advice should be sought before applying the information to particular circumstances.
Systems and Infrastructure Tender. The WA Police Security Licensing Enforcement Division (SLED) has confirmed it is investigating breaches of the WA Security & Related Activities Act.
From national issues to even more concerning international issues, as the Syrian conflict dominated headlines, alongside significant Egyptian, Lebanese and Iraqi events, it is worthwhile revisiting last year’s analysis provided by Lt Col (res) Dr Dany Shoham, published in our Asia Pacific Security Magazine (August 2012). Dr Shoham points out that Syria’s vast arsenal of operational-level chemical and biological weapons, based on lethal and incapacitating agents, is diverse by any standard. Syria also possesses many sophisticated launch platforms and dispersion equipment, including missiles, rockets, aircraft, artillery shells, cluster warheads, and unitary ammunition – most of which are of high quality. Syria has Scud missiles capable of carrying chemical warheads that can strike anywhere in Israel, even when launched from deep behind Syria’s front lines.
This explains why warning lights first flashed in American intelligence agencies when they discovered last year that the Syrian army had removed an unspecified number of chemical weapons from their storage sites. The US was deeply concerned that the Assad regime might employ such weapons against its opponents if conventional weapons fail and Assad senses that the end is approaching; a last-ditch apocalyptic act of après moi le deluge. There has also been a precedent: Bashar Assad’s father, President Hafez Assad, ordered the massacre in 1982 of approximately 18,000 Sunnis in Hama with cyanide gas.
In May 2012, Jordan and the US held a large-scale, nearly month-long, military exercise with more than 12,000 special forces from the United States and other countries, including Arab states – focused on military preparedness for emergency situations involving chemical and biological weapons in Syria. A follow-up study found, however, that 75,000 troops would be needed to secure Syria’s chemical arsenal. Outright
bombarding of Syrian chemical or biological arms stockpiles could result in significant environmental pollution. Iranian leaders and commanders have also issued stark warnings to the United States and its allies, saying any military strike on Syria would have lead to a retaliatory attack on Israel fanned by ‘the flames of outrage.’
From these events in the Middle East and recent attacks in North Africa, we need to continue our understanding of our immediate region, the Asia Pacific. Whilst the South China Sea remains central to maritime trade routes, it holds massive oil and natural gas reserves. It is the site of territorial disputes between China and nations such as Taiwan, Vietnam, Malaysia and the Philippines. Add to this, Japan and China are involved in a separate dispute in the East China Sea and signs of increasingly more nationalistic political rhetoric by Japanese leaders.
As the potential for significant military conflict continues to emerge, during September I toured US facilities of global security and aerospace company, Lockheed Martin, including those in the Space, Aerospace, Maritime and Cyber Security domains. I look forward to providing specific reports about these facility visits in subsequent issues.
Stay tuned with us as we continue to explore, educate, entertain and most importantly, engage.
Yours sincerely,
Chris CubbageCPP, RSecP, GAICDExecutive Editor
Welcome to the Asia Pacific Security Magazine which is published alongside our new sister publication,
Australian Security Magazine. Having explored the Asia Pacific during the past year, we return to re-focus on the Australian security industry, whilst maintaining a regional presence.
There is a collective community interest in reforming the Australian security industry. There is also an urgency for reform to occur within the next term of Tony Abbott’s new Federal Government. The complaints briefly outlined herein, but detailed in a letter written to Federal and State Governments and which will be covered in greater detail in future issues, provide alleged Government facilitated breaches and common legislative issues which have been on the industry’s agenda for reform for a decade. The goal may now be to see the security industry benefit from the Coalition’s promoted 5 Pillar Economy and develop into an ‘advanced service industry’, with an initial focus on ‘reducing red tape and business costs’, caused by multi-jurisdictional, separate regulatory models. A situation that cannot continue unabated.
Whilst Australian organised crime is recognised as a growing and significant national security risk, costed at $15 billion, an increase of $5 billion since 2008, the private security sector, worth collectively in 2011 at about $4.6 billion and employing 50,000 people, continues to be poorly regulated due to inaction or inability to draft appropriate and consistent State legislation.
To highlight the issues, I’ve previously written of my exhaustive experience with NSW Police Security Licensing Enforcement Division and NSW Road and Maritime Services. Then my Queensland licence was under threat because of a mandatory requirement to travel to Queensland for fingerprinting, and with concern, there has been alleged breaches of the Security and Related Activities Act facilitated by the WA Public Transport Authority. In August 2013, the WA Public Transport Authority (PTA) announced the award to five companies for contracts installing CCTV and security systems subject to Transport
Editor's Desk
Like us on Facebook and follow us on Twitter and LinkedIn. We post about new issue releases, feature interviews, events and other topical discussions.
OUR NETWORK
Asia Pacific Security Magazine | 7
www.cioleadersbrisbane.com
11 February 2014 Brisbane Convention Centre
Are you an IT service provider looking to reach the right decision maker?
This is the boarding pass for your journey to the decision making CIOs...
FIRST CL
ASS
8:00am
IT Suppl
iers
11 Febru
ary 2014
To new c
lients
Next to
CIOs & C
TOs
Next to
CIOs & C
TOs
Land of
frustrat
ion
Land of
frustrat
ion
CIO Lead
ers Summ
it
CIO Lead
ers Summ
it
Mr. IT O
pportuni
st
Mr. IT O
pportuni
st
IT Suppl
iers
Leaders Summit
IT Suppliers 11 February 2014
8 | Asia Pacific Security Magazine
With a remarkable career spanning 30 years and holding extensive qualifications, Raymond Andersson fittingly holds the number one position on the Security Professionals Registry of Australasia, established by the Australasian Council of Security Professionals.
How did you get into the security industry?
In the mid 1980s, whilst serving in the ADF, I joined the internet revolution that provided me exposure to the international movement towards a professional security management model that caught my interest. I was providing protective security advice as part of my duties and saw a need in Australia for the industry to become a profession, through licensing, quality training, ongoing professional development and improved selection traits and behaviour standards for guards and managers. I continued this interest after discharge from the Army, working my way up in the industry, gaining experience in guarding, commercial security, industrial security, hospital security, retail security, security consultancy and high value diamond mining operations security. During this period I sought training and professional development opportunities wherever I could find them.
How did your current position come about?
After an absence of six years while working in Canberra, my family believed that it was time to return home to Darwin. The position that came available with the Department of Human Services in Darwin was most opportune.
What are some of the challenges you think the industry is faced with?
At the basic level, in Australia, licensing, training and individual selection standards remain fragmented and contribute to the difficulty of the security industry gaining the level of credibility it needs to have public and business confidence to move forward. This is an issue that needs to be addressed at COAG level to harmonise training and licensing along with establishing a robust system of QA to ensure training requirements are being met and those working in the industry meet and retain applicable standards of knowledge and behaviour standards.
Another challenge for Australia is at the consultant level where individuals with limited
experience in the field of security and minimal qualifications required for licensing, obtain state licenses, offering their services as security consultants to business in areas where they have little or no expertise, bringing discredit to the consultant profession. This is an area where input from the Australasian Council of Security Professionals, working with the states and territories may be beneficial.
Where do you see the industry heading?
Internationally, the industry is currently undergoing many changes as we adapt to the new threat environment created by cyber attacks and the ongoing terrorist threat. Industrial and national security espionage continues behind the scenes, with industries being targeted on a regular basis. Crime, both in Australia and internationally continues to grow, with organised crime continually working to disrupt our safety and security in an attempt to profit from their crimes. Media reporting and court
cases involving hospitality industry security staff continues to raise questions of appropriate training and the integrity of those who are employed in the industry. There is a real need for the industry to become professional in all it does.
What do you do when you’re not working?
I continue to focus on security and crime prevention in my own time, through active membership to a number of security and crime prevention organisations. In between this, I am researching my family history, to provide a record for future family generations to carry on the stories that are often lost to time. Lastly and probable most important, I am catching up on six years of being away, catching up on house maintenance and spending quality time with my wife.
....with Raymond AnderssonCorporate Security Adviser North Australia/North Queensland, Department of Human Services
www.cioleaderssydney.com
19 February 2014 Sydney Harbour Marriot Hotel, Circular Quay
Are you an IT service provider looking to reach the right decision maker?
This is the boarding pass for your journey to the decision making CIOs...
FIRST CL
ASS
8:00am
IT Suppl
iers
4 Novemb
er 2013
To new c
lients
Next to
CIOs & C
TOs
Next to
CIOs & C
TOs
Land of
frustrat
ion
Land of
frustrat
ion
CIO Lead
ers Summ
it
CIO Lead
ers Summ
it
Mr. IT O
pportuni
st
Mr. IT O
pportuni
st
IT Suppl
iers
Leaders Summit
IT Suppliers 4 November 2013
10 | Asia Pacific Security Magazine
Bruce Blythe
Bruce Blythe, internationally acclaimed crisis management expert, is pleased to announce that he has acquired Supportive Solutions, Inc (SSI). This acquisition adds another important set of crisis response and senior management consultation services to his comprehensive ‘ready, respond, recover’ continuum of crisis management businesses. Blythe is Chairman of Crisis Management International (Atlanta), Crisis Care Network (Michigan) and Behavioural Medical Interventions (Minneapolis) – a network of companies providing end-to-end services ranging from crisis preparedness, crisis response, and accelerated return-to-work respectively.
Founded in 2004, SSI has contributed important innovations in the comprehensive crisis response and crisis leadership arenas. SSI president and founder, Tonya Teal Slawinski, PhD, developed a revolutionary crisis response approach that has been widely adopted by corporate managers and employee assistance program providers across the United States.
“We are excited about the addition of Supportive Solutions and Dr Slawinski to our team,” says Scott Alfieri, CEO over all four companies. “Our organisations share a history of high-quality crisis consultation and service delivery. SSI will expand our network of experienced crisis response specialists and broaden our ability to respond on-site and immediately to client requests over 1,000 times every month.”
The combined talent of SSI with CMI, CCN and BMI will continue to span the one-stop ‘ready, respond, recover’ crisis management continuum by helping organisations prepare for and respond to crises, while providing comprehensive return-to-work outcomes.
Brett McCall
After 37 years as a family owned business, McCall Security has been acquired by another
long-standing family security business – SNP Security. SNP Security is a large Sydney based security firm celebrating its 90th birthday this year. They have a significant national footprint in both the Protective Services (Manpower) and Electronic Security sectors, therefore with their additional scope and experience SNP can significantly enhance the service delivery experience already provided by McCall’s for almost four decades.
After 23 great years in the cockpit of McCall Security, Brett McCall, will now be taking on a new role with the SNP management team to help build the business and ensure a seamless transition with McCall clients and staff.
Larry Berg
Larry Berg has been appointed to the board of directors for Avigilon – a company specialising in high-definition (HD) and megapixel video surveillance solutions. In Berg’s most recent position as president and CEO of the Vancouver Airport Authority (VAA), he was instrumental in the redevelopment and expansion of the Vancouver International Airport (YVR) in Vancouver, Canada. The airport was named Best Airport in North America at the Skytrax World Airport Awards in April 2013.
Prior to his position at the VAA, Berg was vice president of administration at Luscar Ltd, a major Canadian energy company. In the past, Berg served as chair on the Business Council of British Columbia, the Greater Vancouver Gateway Council and the Canadian Airports Council. He has held directorships on the boards of Seacliff Construction Company, Canada Line Rapid Transit Inc., and VGH-UBC Hospital Foundation. He is also past President of Airports Council International Asia-Pacific Region. Berg is currently on the board of the Vancouver Symphony Orchestra Society and a director of
Vantage Airports Group, a subsidiary of VAA which operates 12 airports within Canada and internationally.
President and CEO of Avigilon, Alexander Fernandes, says, “Larry brings extensive experience in executive management positions, proven business leadership skills, and a unique understanding of the airport industry. We look forward to his contributions as we continue to grow our business.”
Berg comments, “Avigilon is a remarkable technology company with a proven track record of success. I look forward to applying my experience and contributing to the company’s rapid growth.”
7th Annual Global Security Challenge 2013 Summit
Since its conception in 2005, the Global Security Challenge Summit has been bringing together innovative startups and industry stakeholders for pitches, panels and networking.
Held in the UK, in September, this year’s finalists presented innovative cyber security technologies, and travelled from around the world for the chance to be named this year’s winners. Australian Security Magazine Executive Editor, Chris Cubbage, was proud to be part of the online judging panel. In the pre-revenue category, British startups ExactTrak, SQR Systems and Abatis Ltd were joined by Canada’s WhiteNoise Laboratories and Sweden’s Kikusema. In the post-revenue category, American firms Neurologix Security and Cohesive FT were challenged by Australia’s Serval Project Inc, Israel’s CheckMarx, and Spanish firm Agnitio SL.
Both morning and afternoon sessions featured lively panels and an engaged audience, exploring how to successfully partner, how to raise funds, how to avoid typical mistakes, and importantly, unmet cyber needs. Keynote Nick Coleman, IBM’s Global Head Cyber Security Intelligence, rounded the day off with his insights and experiences working in and with startups, Government and big industry.
The winner in the pre-revenue category was British startup SQR Systems, who impressed the judges with its strong team and smart technology. Serval Project Inc received an honourable mention for its disruptive mesh network offering. In the post-revenue category, Cohesive FT was named winner. Judges particularly noted Cohesive FT’s clever market strategy and projections.
If you have an entry for Movers & Shakers please email details and photo to
Asia Pacific Security Magazine | 11
Let us be your ladder to the Cloud.
We have the solution…
Are you an IT service provider
looking to reach the right decision
maker?
www.ciopacificseries.com
1-2 April 2014 The Ritz-Carlton, Hong Kong
12 | Asia Pacific Security Magazine
BE Summits is a leading business intelligence firm which specialises in hosting senior management forums and
summits across the globe. After its successful event on Cloud computing, ‘The Global High on Cloud Summit’, BE Summits is ready with its next event ‘BYTE into BIG DATA Summit’, which is now officially supported by the Ministry of Communications and Information Technology, Government of India. It is taking place on 21 and 22 of November, 2013 in Mumbai, India.
Some officials of the Ministry associated with BYTE into BIG DATA Summit are; Shri Rajiv Gauba, Honorable Addl. Secretary, e-Governance Group, Department of Electronics & IT, Govt. of IndiaSmt. Renu Budhiraja, Sr. Director & HOD SDC Division, Department of Information Technology, Govt. of India Smt. Uma Chauhan, Director SDC Division, Department of Information Technology, Govt. of India.
The ministry officials will be discussing the advancement and development of technology in India. There will be discussions on the future road map of technology in India and the progress in it, and as BIG DATA is the most sought after technology in the market, it’s therefore relevant in the growth of technological advancement in the IT sector of India.
This event will see some top-notch individuals who represent leading companies in India and will be speaking and sharing their expertise on the Big Data arena. To name a few; Lakshmi Narayan
Rao (Lux Rao) Chief Technologist - Cloud, Big Data & Mobility - Technology Services, Hewlett Packard, Ahmed Aamer - Executive Director, SKY Computing, Vijay Sethi - Vice President & Chief Information Officer, Hero MotoCorp Ltd., N Jayantha Prabhu - Chief Technology Officer, Essar Group.
Along with this elite list of individuals, the event has partnerships with some of the leading Big Data solution providers; SAP India: One of the top IT companies in India offering solutions across various industry verticals. Diyotta: Diyotta is leading the Big Data Integration movement by giving you the ability to readily integrate and
BIG DATA event has big officials’ supportmake available high value information across your internal and external data sources. Arista: Arista offers a broad portfolio of Gigabit Ethernet solutions including 1, 10 and 40 GbE switches that redefine network architectures, bring extensibility to networking and dramatically change the price/performance of data center networks.
This is a must attend event to gain knowledge in Big Data, data analysis, and management. For further information, contact Harsha Samtani, phone +91-80-4115 4921, email [email protected] or visit http://www.byteintobigdatasummit.com
BYTE into BIG DATA Summit
14 | Asia Pacific Security Magazine
Digital technology has changed the world – for the good. It has enhanced our day-to-day living in our business
and personal spheres in allowing us to do things never before imagined possible. In keeping up with digital technology though, we’ve also had to keep up with defending the unlawful attacks made to our devises. And thus was born the necessity of cyber security.
The threat of cyber attacks is more prevalent today as hardware and software becomes cheaper and more accessible with cyber attacks rampant throughout business and personal usage alike. Consequently, the demand for cyber security is increasing significantly and remains high on the priority list for Governments world-wide.
The 7th Annual Global Security Challenge Summit (GSC) was held in September this year in the UK, with its chosen subject as cyber security.
The cyber security field is able to utilise technology to provide protection for our data and ourselves – detecting threats and processing intelligence to ensure our online and physical safety. It is for these reasons cyber security was chosen as the subject of this year’s GSC.
About the Global Security Challenge
The principle is simple; most innovation comes from start-ups and SMEs, but keeping tabs on emerging companies and their technologies can be very difficult for Government and industry, particularly as threats and solutions continue to diversify. The GSC addresses this by attracting and recognising innovative security start-ups and SMEs from around the world, bringing them together with academia, Government and industry.
In a testament to the quality of companies that GSC attracts, and the opportunities it affords its winners and finalists have subsequently raised more than $120M since taking part.
Challenge Requirements
GSC 2013 aimed to discover the most promising young companies, university spin-offs and concept projects from around the world, capable of providing the next generation of cyber protection and leading the charge against some of the biggest threats of today and tomorrow. Areas of particular interest were:
Cyber intelligence, examples;• Automated technologies that can prevent or mitigate cyber-attacks or perform real-time malware analysis• Visual analysis environments dedicated to cyber intelligence (eg, situational awareness or network/attack visualisation)
Access and identity management, examples;• Secure wireless payment systems• Cryptography and secure cloud computing• Biometric authentication
The use of social media in disaster management, examples;• Crisis observation and relief prioritisation tools• Emergency broadcasting services• Creation and exchange of user-generated content and spontaneous, context-specific mobile applications
GSC recognises that sometimes the best ideas lie in the places you would least expect to find them and that’s why exemplary, disruptive technologies in related fields were also considered.
The Event
GSC attracts a large number of submissions from around the world, which are first screened online by a panel of expert judges. Top entries are then invited to pitch at the global finals to an audience
of Government, industry and investors who come to preview the best emerging security innovations.
Finalists each had six minutes to pitch their innovation as well as a private Q&A session with the final judging panel. The event included talks and panel discussions from prominent academics, Government officials and industry leaders from both sides of the Atlantic, discussing the latest trends and developments in the cyber field.
Q&A with Dr Nithin Thomas, CEO, SQR Systems:
How did you get involved with the current technology you are doing?
SQR Systems is a multi-award winning cyber security company that develops encryption technology for secure communication over low bandwidth networks. The company was founded in late 2010 to commercialise some technology I developed during my PhD at the University of Bristol, funded by the Engineering and Physical Sciences Research Council (EPSRC). I had been researching techniques to protect video data at a time when the term cyber security was not recognised and digital and online piracy was a major threat to the entertainment industry. The challenge was to protect the data in a way that does not interfere with the user experience while ensuring that illicit access was prevented from all parts of a fragmented ecosystem that included a variety of digital formats, devices and methods
Global Security Challenge
Nithin Thomas of SQR Systems (left) receiving the award by judge Andrew Powell, UK MoD
The Challenge of Cyber Security
CONTINUED >>
Asia Pacific Security Magazine | 15
16 | Asia Pacific Security Magazine
of delivery. The networks used to deliver content were often the weak points that were abused to get hold of the content illegally. A means of protecting video data from the instant that it is created to shut out illicit access while ensuring the users got the best user experience for the content they pay for was needed. I developed a technology that allows video data to be adapted in encrypted form, which meant that the content owners could encrypt the data at the source and the content delivery system could adapt the data for each user without any access to the unencrypted data.
By the time I finished my PhD, I realised that there was far greater value for this technology in the defence sector. I setup the company with Rockman Law, a long term friend from my University days, and went about addressing the issues with secure video streaming over unreliable networks used in defence and security operations. The use of public networks and commercial hardware has a lot of financial benefits in these sectors but the challenges in ensuring data security need to be overcome. These challenges are often very similar to those faced in the entertainment industry and the technology I developed for a completely different application suddenly became relevant here. By protecting the data from the instant it is created, we can remove many of the weaknesses in a communications system that are exploited by cybercriminals and malware. This new approach to security was picked up by the
UK Ministry of Defence and we developed the technology further with the Defence Science and Technology Labs in the UK. We are now seeing a lot of opportunities outside of defence, where protection of personal and corporate data is becoming more and more essential.
How did you get involved in the Global Security Challenge?
When the company first started, there were very few sources of funding as the global financial crisis had a major impact on startup and early stage funding in the UK. The Global Security Challenge was one of the very few funded competitions, made even more exciting by its focus on the industry we were building our company in. It is the only competition in the UK that is specifically targeting defence and security startups. Although I was not involved in the challenge then, I saw the calibre of judges and competitors and was pleased to hear that it was re-launching in 2013 and grabbed the opportunity to take part.
How did you find the Challenge assisted you?
The Challenge was a great platform to showcase our technology in front of a panel of industry experts and interact with some of the leading figures in the industry. Winning the Challenge has opened up several opportunities for us in the UK
and overseas. Having competed with some truly innovative startups from the cyber security space, the Challenge has given us a lot of credibility and exposure to potential partners.
What are the implications of winning the Challenge - what is next?
Our work at SQR Systems has always been focussed on enabling trust over potentially untrusted networks. This is a powerful way of thinking about security because we concentrate on protecting the data instead of the systems that handle it. As the threats from cyber crime continue to grow and the risks to our data continue to increase, more innovative technologies are needed to address the problem. We aim to continue to develop our technology and continue to invest in new ideas to become a de facto standard for secure communications.
Q&A with CohesiveFT
How did you get involved with the current technology you are doing?
CohesiveFT enables enterprises to run business operations in the cloud. Its solutions help migrate, transform and extend both customer facing systems and internal operational platforms. CohesiveFT lets enterprises build on existing IT resources, save money on a single, upfront migration and focus on an application-centric view of integration, governance and security. Its solutions provide cloud infrastructure products and services allowing enterprises to safely migrate through a logical set of steps. CohesiveFT products allow enterprises to use existing resources, software components and operating systems to target public, private, and hybrid clouds.
After decades in enterprise IT and financial services management, founders Patrick Kerpan, Craig Heimark, Dwight Koop, and Ryan Koop founded CohesiveFT started the company with venture backing and originally focused on providing virtual appliance solutions for the financial services industry. Soon after the company’s start, the global recession and the emergence of the public cloud helped re-shape CohesiveFT into a more broadly enterprise-focused company.
The founders’ backgrounds in networking, enterprise IT, and financial services technology allowed them to watch the industry ‘grow into cloud’ from concept to reality. The first network virtualisation software product CohesiveFT created was originally called vCubev, thenVPN-Cubed and is now rebranded as VNS3. VNS3 was created as a solution to support the company’s image management product, Server3. VNS3 connected the Chris Purrington of CohesiveFT (left) receiving the award by judge and sponsor Nick Kingsbury, C5 Capital
judges for the Awards. Their insights were incredibly helpful. It is always great to get insights, thoughts and impressions from non stakeholders and non customers.
What are the implications of winning the Challenge - what is next?
As more organisations consider and move to the cloud, customers will need an honest guide to cloud migration connectivity, and security. Customers will worry about vendor lock-in and existing resources, so enterprises will need advisors and solutions with an approach that focuses on their systems and applications.
Every recognition, especially from globally known publications such as Asia Pacific Security Magazine, adds to CohesiveFT’s industry credibility and reach. In a market where many companies are simply adding ‘in the cloud’ or ‘cloud-enabled’ to their services and products, the Global Security Challenge is a mark of authenticity for CohsiveFT customers and partners to instantly know that our customers’ successes are genuine and meaningful.
servers Server3 created, and joined them together as if they were one logical group of resources.
VNS3 was based on OpenVPN, and allows users to connect multiple servers (both physical and virtual) located in various data centers and cloud providers into a single address space. Customers began using VNS3 to connect networks to the cloud for internal and partner solutions. VNS3 allows applications to run unmodified as if they were all running on hosts behind a single switch. It works even when hosts are behind very restrictive firewalls, so it was a perfect fit for industries with regulation and data security concerns.
Since 2008, CohesiveFT has seen year over year, customer growth rate of about 18 percent. As the cloud infrastructure becomes more reasonably priced, more customers have sought out CoehsiveFT through cloud providers’ marketplaces and forums. VNS3 has helped users secure more than 60 million virtual device hours in public and private clouds. From a handful of users in 2008, VNS3 has more than 500 customers in 20 countries.
How did you get involved in the Global Security Challenge?
CohesiveFT CTO, Chris Swan, knew of
the competition from GSC founder Simon Schneider. Schneider and our PR firm, Groshelle Communications, suggested we apply and pitch at GSC considering our long history in the cloud computing industry.
Swan pitched at this year’s Summit as part of a large lineup of innovative cyber security technologies from around the world. CohesiveFT was named the 2013 winner in the post-revenue category by the panel of judges.
How did you find the Challenge assisted you?
Presenting to a wide range of technical people helps the company hone the message. The different perspectives give us feedback from the judges, panel and organisers. The Global Security Awards was a perfect opportunity for both feedback and recognition.
Swan had only seven minutes to convey the company’s mission and focus, the market context, and what customers use VNS3 to accomplish. In those seven minutes, Swan had to both tell the company’s story and connect with leaders in a variety of technological fields.
After the pitch competition, the UK team also had the opportunity to meet with the panelists and
★★★★★ TEACHING QUALITY★★★★★ GRADUATE SATISFACTION
the good universities guide 2014reachyourpotential.com.au
E: [email protected] Tel: 134 ECU (134 328) ★★★★★ TEACHING QUALITY
★★★★★ GRADUATE SATISFACTION
the good universities guide 2014reachyourpotential.com.au
E: [email protected] Tel: 134 ECU (134 328) ★★★★★ TEACHING QUALITY
★★★★★ GRADUATE SATISFACTION
the good universities guide 2014reachyourpotential.com.au
E: [email protected] Tel: 134 ECU (134 328) ECUSRI
Edith Cowan UniversitySecurity Research Institute
303LOWE ECU10511 CRICOS IPC 00279B
2-4 December 20132013 SRI SecuRIty congReSS
Over three days ECU’s SRI Security Congress will bring together all areas of security professions and disciplines as part of a holistic engagement for the wider security community. This congress will explore how to reduce the efficacy, persistence and abilities of
advanced threats that jeopardise our critical systems stability. It will also examine methods, tools, techniques and frameworks in dealing with some of the serious problems that our increasingly interconnected, digitised systems are producing that threaten our economic
and social well being. All submitted papers will undergo a double blind peer review process.
The 2013 SRI Security Congress will host 6 security based conferences over 3 days
14th Australian Information Warfare 11th Australian Information Security Management
11th Australian Digital Forensics
6th Australian Security and Intelligence 4th Australian Counter Terrorism
2nd Australian eHealth Informatics and Security
Venue
Edith Cowan University 270 Joondalup Drive, Joondalup WA 6000
Tel: +61 8 6304 5176
Contact details
Congress Coordinator - Emma Burke Tel: +61 8 6304 5176 E: [email protected] W: http://conferences.secau.org/venue.php
Key dates
Paper Submission Deadline - 30 September 2013 Acceptance Notification - 28 October 2013 Camera Ready Papers - 11 November 2013 Early Bird registration - 11 November 2013
18 | Asia Pacific Security Magazine
Non-Conventional Threats in Asia and World-wide
Countries from Central Asia to the Pacific are increasingly threatened by CBRNe agents, WMD proliferation, natural
disasters and terrorism. In the recent past, the Asian region has been the theatre of gradually escalating regional conflicts, catastrophic natural disasters and a source of pandemics; the bird flu pandemic recently killed dozens of people in East Asia, and the Fukushima Daiichi Nuclear Incident in 2011 proved that non-conventional threats are far from abstract challenges to our modern societies.
NCT CBRNe Asia 2013
IB Consultancy is committed to supporting society in the prevention, preparation and response to non-conventional threats. After the inaugural NCT CBRNe Asia 2012 event in Bangkok, this year’s forum in Kuala Lumpur provided an outstanding platform for the exchange of first-hand information about fundamental CBRNe issues in the Southeast Asian region. Therefore, IB Consultancy assembled relevant decision makers, experts and first responders ranging from Turkey to Japan to discuss this enduring threat to international security, including high-ranking Malaysian
speakers such as the Honourable Dato’ Sri Dr. Hj. Ismail bin Hj. Ahmad, Secretary General at the Malaysian Ministry of Defence, who opened the conference with an impressive presentation on CBRN threats and response in Malaysia.
Live CBRNe Demonstration
An eventful live CBRNe demonstration at the Fire and Rescue Academy of Malaysia and the outstanding NCT CBRNe Awards Gala 2014 set the stage for the four-day event and deeply impressed the international delegates with a high-level of proficiency, entertainment and recognisable efforts to bring together experts from all around the world in order to establish an international CBRN community.
The CBRNe live demonstration, led by Col Jamal bin Malik from the Royal Malaysian Armed Forces, simulated a peace keeping operation patrol, during which the usage of chemical weapons was reported. While first responders patrolled the suspected area, a series of roadside bombing took place. Immediately, the Malaysian CBRNe Responder Team, consisting of several small sub units, arrived and initiated the whole response, rescue and decontamination processes for personnel and locals. Watching the entire scenario just meters away from wads of smoke, rushing CBRN response vehicles and personnel carrying out decontamination
procedures, the attendees of the demonstration were able to witness firsthand first response strategies and approaches in Malaysia.
NCT CBRNe Awards Gala 2013
After the intense experiences of the afternoon, everyone dressed up in the evening in order to attend the spectacular and sophisticated NCT CBRNe Awards Gala – the official ceremony of the NCT CBRNe Awards 2013, the new industry prizes rewarding excellence of CBRNe products, solutions and developments in the international CBRNe Community. Being presented by an international professional jury comprising CBRN experts and end-users, this year’s inaugural awards definitely rewarded excellency; the Reward Project won the Innovation Award for the most innovative research project and the US Second Line of Defense’s Megaports Initiative won the Capability Award 2013. The two most prestigious Awards were handed out to Bruker Daltonics’ RAID M-100 Detector, chosen through online voting and live by the Gala attendees for the Community Award 2013; and to DxTerity for their REDI-Dx biodosimetry product, which won the most esteemed Award, the NCT CBRNe Product Award 2013. With a clear end-user benefit, economic efficiency and an excellent match between requirements and the offered solution, DxTerity definitely convinced the jury.
NCT CBRNe Asia 2013: The conference
The following two-day conference included - inter alia - presentations from high-level ministers and generals from the Southeast Asian region on national CBRNe response capabilities and requirements, while promoting the need for international cooperation and capacity building in this field. Most notably was the presentation of Dr Aung Kyaw Myat, Deputy Minister of the Ministry of Science and Technology in Myanmar, a country that hardly has elaborated on its CBRNe capabilities before. Also other renowned experts such as Maj Gen JK Bansal, Union Minister of State in India, highlighted in a stirring manner the importance of events such as NCT CBRNe Asia to strengthen international exchange of information, best practices and approaches.
Further speeches from Lt Gen Yugala from the Royal Thai Army’s Chemical Department, Laurent Olmedo from the French CEA, as well
NCT CBRNe Asia 2013
Building bridges
The NCT CBNRe Gala 2013
as Prof Levent Kenar from the Turkish Gulhane Medical Military Academy and Brig Gen Chan-Sup Kim, Commander of the ROK CBRN School in South Korea, initiated highly interesting debates on the most important threats, challenges to R&D and response approaches in the field of CBRN. Together with the professional live demonstration and the prestigious NCT CBRNe Awards 2013, the conference achieved the goal of exchanging thoughts, experiences and solutions between the various stakeholders within the Asian and international CBRN community.
NCT CBRNe Asia 2014 in South Korea
Next years’ IB Consultancy flagship event, NCT CBRNe Asia 2014, will take place in October in Seoul, South Korea – a country that has CBRNe defence high on its political agenda. This will contribute to the significance of this series of NCT CBRNe Asia events, providing a bridge between Asia and the rest of the world. Check out www.ib-consultancy.com as well as www.cbrneportal.com for news and event updates.
1300 656 188 www.widebay.tafe.qld.gov.au40 - 44 Johnson Road, Browns Plains, Queensland 4118
Training for a better future in...
Our highly respected industry specialists provide Security Operations training and advice to leading security businesses around the state. Let us help you secure the skills you need to become an effective security operator.
Call Wide Bay Institute of TAFE’s Brisbane Security Training Centre on 3806 9633 for further information.
• Defensive Tactics • Edged Weapons• Introduction to Terrorism• Private Investigator - Certificate III in Investigative Services (CPP30607)• Certificate IV in Security and Risk Management (CPP40707)• RPL available
Brisbane Security Training Centre
Security at
Live CBRNe Capability demonstration at the Fire and Rescue Academy of Malaysia, Kuala Kubu Bharu
20 | Asia Pacific Security Magazine
Oil & Gas ICS Cyber Security Forum
The feedback from the nearly 200 participants from around the world who recently attended the Oil & Gas ICS
Cyber Security Forum, which was held 7 to 10 October was extremely positive. In addition to the two-day Forum, several workshops on specific issues of concern were delivered and one of these workshops on ‘ICS Security’ was delivered by Dr Christopher Beggs of Security Infrastructure Solutions (SIS) who is based in Melbourne, Australia.
The two-day Forum covered a number of different issues related to automation and control security and of particular interest was the panel session on ‘ICS/SCADA – In Depth Review’ led by Dr Eric Byres of Tofino Security. The discussion in this session covered a wide range of
issues of concern given the fact that IT systems are designed with security in mind whereas IC systems are not.
Several international speakers participated in the Forum including: Howard Schmidt, Former Cyber Security Advisor to President Obama; Ayman Al Issa, DOF Cyber Security Advisor, ADMA-OPCO; Jay Abdallah, CISSP Senior Network Security Consultant, Invensys; Greg Day, VP & Chief Technology Officer – EMEA, FireEye; Ibrahim Hamad, Corporate Information Security Officer, Dolphin Energy; Jamal Al-Balushi, PCD IT Security Leader, PDO; Riemer Brouwer, Head of IT Security, ADCO; Justin Lowe, Energy Cyber Security Specialist, PA Consulting; Professor Paul Dorey, Director, CSO Confidential; and Paul Wright, Manager
– Professional Services and Investigation Team – MEIA, AccessData;
All of whom made an invaluable contribution to crucial issues that are uppermost in the minds of the international oil and gas community when it comes to protecting their assets from cyber attack.
Participants came from far and wide including the USA, Canada, Netherlands, Germany, Russia, France, Italy, UK, Spain, Japan and across the Middle East.
Koichi Arimura from JPCERT/CC was not alone when commenting on the many benefits of attending the Forum.
Plans are underway for the 3rd International Oil & Gas ICS Cyber Security Forum to be held in 2014.
Event a great success
Asia Pacific Security Magazine | 21
www.asisonline.org/macau
CONTACT US asiapacifi [email protected].+32 2 645 2674
6 Reasons to Attend ASIS Asia-Pacifi c 2013!1. Industry leaders from important
companies and organisations will speak about the latest developments, trends and innovations in security.
2. Apply lessons learnt from other industries to your own sector.
3. Connect with high-level security professionals from all over the Asia-Pacifi c and beyond.
4. Get motivated by new ideas and information.
5. Form new partnerships and reconnect with familiar faces in the industry.
6. Get social and join discussions on Facebook, LinkedIn and Twitter
FEES Early Rate until 4 November 2013
Regular Rate after 4 November 2013
ASIS Member USD 995 USD 1,150
Non Member USD 1,295 USD 1,500
Group Rate (as from 5 delegates)
USD 875 USD 875
KEYNOTE SPEAKER
DR. TIM SUMMERSSenior Consulting Fellow, Asia ProgrammeChatham HouseHong Kong
Speakers will include
CHRIS CUBBAGE, CPPDirector & Principal Consultant, AmlecHouse Pty AustraliaCity CCTV Surveillance Systems and the Prospects for Integrating Social Media Into CCTV OperationsGEOFF BROWNAsia Group Investigations Manager, MicrosoftThailandInvestigating Workplace Violence in AsiaLAWRENCE J. FUTALegal Attaché, Legal Liaison O� ce, US Consulate GeneralHong KongMajor Theft - A Gateway Crime With National and Economic Security ImplicationsSCOTT MACMILLAN, CPP, PSPLoss Prevention Superintendent, Phu Bia MiningLaosAn Integrated Approach To SecurityDR. DENCIO SEVERO ACOP, CPPAssociate Director, Head of Security and Intelligence, Wyeth NutritionPhilippinesIntelligence: The Neglected Better Half of Security
ENTRY TO THE EXHIBITION IS FREE
OF CHARGE FOR PRE-REGISTERED
VISITORS
7TH ASIA-PACIFIC SECURITY FORUM & EXHIBITION
www.asisonline.org/macauMACAU, CHINA | 3–5 DECEMBER 2013
22 | Asia Pacific Security Magazine
Cover Story
I would like to start by asking you about the present state of the bilateral relationship, particularly in relation to its challenges. It is widely understood that the US and
Australia enjoy strong relations, but having said that, every relationship also has its difficulties. What would these be in relation to the US and Australia?
Right now, Australia and the United States are in a very strong place. Both agree on challenges in the Asia-Pacific region. Although we may differ on some tactical issues, by and large, we share a common perspective on important world issues, so I don’t see too many challenges in the relationship. The biggest fear down the road is that we may take this relationship for granted and assume we will always work well together. Relationships between countries can change over time – bad relationships can improve dramatically, but great relationships can weaken if you don’t pay enough attention to them. After the global financial crisis and the Iraq war, which was unpopular in Australia and quite controversial in the United States as well, a generation here has became sceptical of US leadership in economic and security matters. One of our goals is to not only remind people of the successful aspects of our relationship in the past, but also to restore confidence and demonstrate a visionary and common approach on the issues that affect this region. The US economy is recovering, which is helpful. We have completed our mission in Iraq, created a timeline to exit Afghanistan,
and rebalanced and refocussed our global priorities. But I worry about the generation that needs to be reassured – so they can feel confident like their parents and their grandparents – that the US-Australia relationship is worth their personal investment.
On the topic of challenges, does the depreciation in Australia’s defence spending and defence industry pose any particular long-term concern?
The United States and Australia have been working closely for more than 70 years. So one year’s defence budget cannot be taken as a major change in long-term commitment. The percentage of GDP for the 2013 budget mainly reflects writing-off some under-spends in the past couple of years. But the long-term effect of the United States with its allies around the world is that there is greater burden to be shared. The US taxpayers and families can’t have their young men and women and tax dollars being spent disproportionately for the security of the world, so we’ve had to identify areas of vital and non-vital interest to the United States. We’ve also had to encourage our allies to assume greater responsibility for those non-vital interests and cooperate more in areas of similar and compatible interests.
We are seeing some very positive developments in the defence sector in terms of Australian capability. Australia has significant facilities and a number of subcontractors working
After more than a decade since the 9/11 terrorist attacks reinvigorated the United States-Australia
alliance, both countries today maintain closer ties more than ever before. In one of his final interviews,
outgoing US Ambassador to Australia, Jeffrey Bleich, spoke to Sergei DeSilva-Ranasinghe about the
challenges in the relationship; developing economic and people-to-people relations; what the US
Asia-Pacific rebalance means for Australia and the region; US policy to the Indian Ocean region; the
importance of Western Australia and the future of bilateral ties.
Evolution of United States-Australia Relationship
By Serge DeSilva-Ranasinghe
Correspondent
2013Biometrics Institute
Technology ShowcaseAustralia26 November, Hotel Realm, Canberra
The independent Biometrics Institute proudly presents the TECHNOLOGY SHOWCASE AUSTRALIA on the 26th November 2013 followed by the Biometrics Institute’s End of Year Dinner at the Boat House by the Lake in Canberra. The one-day conference will present the latest developments in biometric technologies. It is a unique opportunity for the Biometrics Institute Vendor Members to showcase their products and services to a special forum made up of over 140 of our members, many of them government departments. Don’t miss out on this opportunity to gather with senior biometrics users and technologically driven supplier.
SPEAKERS INCLUDE:> Andrew Rice, Director, Biometrics Institute
> Unho Choi, Senior ICT Security Offi cer, UNHCR – The UN Refugee Agency
> Robyn Miller, National Manager, Passenger Policy & Practice, Australian Customs and Border Protection Service
> Richard Kemp, Associate Professor, School of Psychology, University of New South Wales
> David White, Postdoctoral Research Fellow,School of Psychology, University of New South Wales
> Michael Lynch, Director Passport Identity Section, Australian Passport Offi ce, Department of Foreign Affairs and Trade, and Chair, FaBCoE
> David Chadwick, Director of Biometric Projects, Department of Immigration and Citizenship
> Alastair MacGibbon, Director, Centre for Internet Safety
> Arron Baker, Chairman, Biometrics Institute
> Stephen Mundell, Fraud Analyst, Enterprise Services, Bank of New Zealand
> Andrew Sipos, Inspector, Fingerprint Operations Branch, New South Wales Police Force
> Stephen Wilson, Managing Director, Lockstep Consulting
> Kim Terrell, General Manager, Service Delivery Projects, Department of Human Services
> Andrew Solomon, Director of Privacy Law and Practice, Offi ce of the Australian Information Commissioner
Sponsors include:
The Biometrics Institute’s annual End of Year Dinner takes place at the Boat House by the Lake following the conference at 6.30pm. Registration for this event includes pre-dinner drinks, 3 course meal and beverages. This event will prove to be a night of good food and conversation in a relaxed and casual atmosphere.
Sponsorship is still available for this event. Please email Jamie at [email protected] or call +61 2 9431 8688 for informationon the remaining sponsorship packages, including the End of Year Dinner.
REGISTRATION FEES IN AUSTRALIAN DOLLARS:
Member Non-Member UniversitySubscriber
UniversityNon-Subscriber
Biometrics Institute Technology Showcase Australia 201326 November 2013 AU $340 AU $680 AU $220 AU $330
End of Year Dinner6.30pm 26 November 2013 AU $150 AU $200 Includes 3 course dinner, canapés, drinks.
REGISTER NOW AT www.biometricsinstitute.org
Not a member??? Be part of the Biometrics Institute’s expansive membership base and get free access to quarterly member meetings, discounts to our member driven conferences and exhibitions, access to online information and resources, e-newsletters, annual industry surveys and much more. See http://www.biometricsinstitute.org/pages/membership.html
BIOMETRICS INSTITUTE INTENSIVE COURSE 19 - 22 November 2013 | Waldorf Restaurant & Conference Centre, Canberra, Australia
Facilitated by Professor James L. Wayman, Leading International Biometrics Expert, Offi ce of Graduate Studies and Research, San Jose State University, USA.
This 4 day intensive course will give an overview of biometric identifi cation technologies with specifi c emphasis on algorithmic approaches, performance analysis, and international applications, both successful and unsuccessful. Members who register for this 4 day course receive FREE entry into the Technology Showcase Australia.
24 | Asia Pacific Security Magazine
To determine the current status of al-Qaida, it is appropriate to first identify the five conceptual theatres of operations that al-Qaida is currently
conducting operations in. The term conceptual is used, as al-Qaida is not only an organisation composed of fighters, but also a network of individuals, and an ideology. Al-Qaida’s five conceptual theatres of operations are composed of the core group of operatives; al Qaida’s affiliated group, allied groups, networks of individuals, and inspired individuals.
Al-Qaida centralAl-Qaida central is based within the border region of Afghanistan and Pakistan. The group consists primarily of senior operatives providing a leadership and operational support to al-Qaida operations. This group is responsible for special tasks including tactical attacks, media representation, financial control, strategic direction and guidance to al-Qaida affiliates and allies. Since the death of Osama bin Laden, the role as Amir within this group has been moved to Ayman al Zawahiri.
Al-Qaida AffiliatesAl-Qaida affiliates are those groups that carry the name al-Qaida. Examples are al-Qaida in Iraq (AQI), al-Qaida in Arabian Peninsula (AQAP), which is based Yemen, al-Qaida in the Islamic Maghreb (AQIM) based in Algeria, and al Shabaab which is based in Somalia. These groups have formal lines of communication and financial flow to and from al-Qaida central, which also has a level of authoritative control over these groups. The leaders of these groups have sworn allegiance to al Qaida leaders in Pakistan.
Al-Qaida AlliesAllies of al-Qaida are those terrorist or insurgent groups that share a similar ideology, but do not have an allegiance to Zawahiri or al-Qaida. In some cases where interests converge, such groups will share, and at times combine resources for operational needs. For example, in the attack on the US Embassy in Libya in September 2012, two allied groups the Muhammad Jamal network from Egypt and Ansar al Sharia from Libya assisted AQIM in the attack. In general these allied groups keep their area of operations within their country of origin, but are linked to al-Qaida through personal contacts between operatives and not necessarily through al-Qaida itself.
Al-Qaida NetworksAl-Qaida has been able to enhance and diversify its operational portfolio by developing a network of core operatives within Western countries. These operatives utilise their own personal network of amateur Jihadists to assist with operational and tactical endeavours. Such groups include the 7 July 2005 London bombers, where Siddeque Khan was the trained operative who recruited other salafits, and Australian Jack Roche who was sent by al-Qaeda, through Jemaah Islamiah, to plan and prepare operations against the Israeli Embassy in Australia. In addition, and of growing concern to Western Governments in general, and Australia and some European countries in particular, is the growing number of individuals that travel from these countries to the present civil war in Syria. There have already been reported cases of these individuals returning to their home countries and commencing limited offensive operations against their
Why it won’t go away
By
David Harding
Al-Qaida:
Since its inception, al-Qaida has proven to be a resilient and difficult to defeat organisation and ideology. Here David Harding reviews al-Qaida as a group, its focus and potential future. Harding shows that although al-Qaida has had numerous setbacks, it still retains its intended focus and direction.
International
Asia Pacific Security Magazine | 25
26 | Asia Pacific Security Magazine
The children, from some of the poorest homes in one of India’s most backward states, were among those in a one-room school in the village of Dharmasati
Gandaman who fell violently ill as they lunched on a meal of rice and potato curry. They started vomiting and convulsing with stomach cramps and the poisoning effect was so severe and rapid that some of them died in the arms of their parents even as they were being carried to hospital.
The lunch was part of India’s National Programme of Nutritional Support to Primary Education (NP-NSPE), the official name of the mid-day meal scheme. It is the world’s largest such programme that provides cooked meals to some 120 million children in more than 1.27 million schools across the country.
This nation-wide effort was launched as a centrally-sponsored (Federal) scheme in 1995 and since 2008, covers all children studying in Government, local body and Government-aided primary and upper primary schools and EGS/AIE (education guarantee scheme/alternate innovative education) centres, including madrassas, or Islamic schools.
With food prices rising faster than workers’ wages, it was the free mid-day meals more than the education imparted that persuaded the poor to enroll their children in these
state-run schools. The scheme aims at enhancing enrollment, retention and attendance of children in schools and simultaneously improving their nutritional levels. The calorific value of the meals are revised from time to time, currently stipulated at a minimum 700 calories through the provision of 30 grams of pulses, 75 grams of vegetables and 150 grams of rice or wheat per child, per school day.
Initial forensic investigation into the children’s deaths in the Bihar village near the district town of Chhapra revealed that the poisoning was caused by cooking oil that had been stored in a used pesticide container, the contaminant having been monocrotophos, an organophosphate insecticide that is acutely toxic and in effect a nerve poison.
Monocrotophos is widely used and easily available in India, though the country had been urged in 2009 by the World Health Organisation (WHO) to consider its ban. It is already disallowed in countries like Australia, Cambodia, China, the European Union, Indonesia, Laos, the Philippines, Sri Lanka, Thailand, Vietnam and the United States. Besides, pesticide containers are often not discarded in India after use, but recycled and used for storing consumables.
The outraged villagers went on a rampage and in protest, buried the dead children in pits they dug on the grounds
By Sarosh Bana
Correspondent
The horrendous food poisoning tragedy that took the lives of 23 school children in the northern Indian state of Bihar in July 2013, has brought the national ‘mid-day meal scheme’ under a cloud.
Tragedy stalks
the hungry
International
Asia Pacific Security Magazine | 27
28 | Asia Pacific Security Magazine
The Coalition swept into power with a clear victory on 7 September 2013, pushing aside Prime
Minister Kevin Rudd’s recent comeback and the hung Parliament he and his predecessor, Julia
Gillard, had – sometimes uncertainly – steered for the past three years. Will the new Government
provide better security for Australia?
A Government with borders
National
Asia Pacific Security Magazine | 29
National
If you had listened to the election campaigning in soundbites you may well have believed that the polls hinged on one thing, ‘stop the boats’. Yet Operation
Sovereign Borders, the Coalition’s star policy, experienced a disastrous debut with the second-time Liberal candidate for the western Sydney electorate of Greenway, Jaymes Diaz, unable to name the Coalition’s six-point plan in an interview with Channel Ten reporter, John Hill. The YouTube recording of the train wreck interview went viral and Diaz became very hard for the media to pin down for the rest of the election campaign.
The Coalition did have a fully formed border protection policy, however, as well as a pledge to increase funding to the Department of Defence, which put them ahead of Labor in this regard. “Defence is just not a priority for Labor, they demonstrated this as they systemically cut $30 billion from the Defence budget since the 2009 White Paper, leaving us with a level of funding, as a percentage of GDP, not seen since 1938,” says Senator David Johnston, Minister for Defence.
Its law enforcement policy has also pledged money for federal security initiatives including $100 million for Customs and $50 million for nation-wide CCTV systems, and a better working relationship with the State and Territory Governments that traditionally look after crime prevention and law enforcement.
Attorney-General, George Brandis QC, has also promised a Coalition Government will bring balance and stability to the role after the chop and change of the last three years. Labor fielded three Attorneys-General – Robert McClelland, Nicola Roxon and Mark Dreyfus – since forming Government in 2010. “Having the same person with the same agenda in that job for a significant length of time would itself be a good thing,” Brandis says.
If you’re wondering what’s in store for Australian security in the next three years, start with the foundation of the Coalition’s policies.
Launching Operation Sovereign Borders
Border protection is a complex concept, particularly when it comes to the legality of seeking asylum. There’s no doubt that both major parties ran scare campaigns on the refugee issue, using suggestive language that conjured up the distasteful image of illegal immigration and queue-jumping in the minds of the general public. The fact is, seeking asylum is not illegal and arriving by boat is also not illegal, which is why the Coalition’s claim – ‘there is a national emergency on our borders’ – is best described as alarmist.
Operation Sovereign Borders is the Coalition’s policy to establish a military-led response to combat people smuggling and to protect our borders. People-smuggling is illegal, and has rightly been put at the centre of the policy, though the trickle of boats carrying asylum seekers, most of whom turn out to be genuine refugees, has hardly been a pressing reason to call it a national emergency.
Alarmist tone aside, one thing Operation Sovereign Borders does point out is that more than $10 billion ‘has been lost in border protection budget blowouts’ because more than 12 separate Government agencies are currently involved in
By Adeline Teoh
Correspondent
The 100-day promiseFrom the Coalition’s Operation Sovereign Borders policy:
“In the first 100 days of a Coalition government, Operation Sovereign Borders will undertake key initiatives including:
• Establishing the Operation Sovereign Borders HQ and creating the joint agency taskforce;
• Finalising and issuing protocols for Operation Relex II, to turn back boats where it is safe to do so;
• Increasing capacity at offshore processing centres; and• Lease and deploy additional vessels to relieve patrol vessels of passenger transfers.
We will respond with the urgency that this national emergency requires.”
30 | Asia Pacific Security Magazine
By
Brett Biddington
AM
Have you ever thought about the function that satellites play in our day-to-day lives? While many people work through the day using devices constantly, much has evolved during the years enabling this to happen so easily.
National
Space and Security: Dependence and Vulnerability
Space and Security: Dependence and Vulnerability
Opportunities to talk about Australia’s approach to outer space and the role that satellites play in our daily lives do not happen too often. As a
nation we are largely oblivious to how our high technology infrastructure works. We simply accept that it does.
For the most part, this is a perfectly reasonable position to adopt. Consumers simply want their devices to work, as advertised, cheaply and reliably. A proviso is that there is a sufficiently large number of skilled people who do understand how the system works, who can appreciate dependencies and associated vulnerabilities and who know what to do to mitigate the effects of failures, if and when, they occur.
There are in the order of 1,000 operational satellites in orbit around Earth today. Most perform one of three functions – 1) communications 2) Earth observation (EO) and 3) position, navigation and timing (PNT). Data from these systems when fused, in a timely manner, with data from other sources provide planners and decision-makers with unparalleled insight into the domains for which they have responsibility. That said, satellites are not a panacea. They have limitations and, for EO satellites especially, one size does not fit all. Some are optimised to provide environmental data, others to report the locations of cooperative targets, such as commercial ships and aircraft. Others gather intelligence
about competitors or adversaries because they can look into their backyards with impunity. Unlike aircraft, which need clearance to overfly foreign territory, the laws of physics and orbital mechanics mean that satellites overfly any and all territories that are below them.
In the 1980s, I was the Director of Policing and Security in the RAAF and later moved in Capability Development Division in Defence with broad responsibilities for command and control projects as well as those relating to intelligence, surveillance and reconnaissance (ISR). In these positions I worried about the protective security of air bases and I recall speaking about the need to link data from satellites to the noses of dogs. This suggestion raised eyebrows and seemed crazy in the 1990s but is now basically taken for granted.
Phrases such as ‘situational awareness’ and ‘multi-source data fusion’ are now common terms in the lexicon of all with protective security responsibilities. Fancy labels aside, people whose job it is to protect installations or the community more broadly now have access to information about static and dynamic features of their environment that was inconceivable even a decade ago. Much of this basic data comes from satellites.
The US Global Positioning System (GPS) has become a critical element of global infrastructure that benefits
Asia Pacific Security Magazine | 31
National
Book your place by: Web: www.intelligence-sec.com I Email: [email protected] I Tel: +44(0)1582 346706
For more information visit – www.intelligence-sec.com
Cyber Intelligence Asia 2014 11th - 14th March 2014, Singapore
Esteemed Speaker Line-up: • Major General Bunjerd Tientongdee, Deputy Director of Defense Information and Space
Technology Department (DIST), Ministry of Defence, Thailand • Yurie Ito, Chair, Asia-Pacific Computer Emergency Response Team (APCERT) • Phannarith Ou, Head, Cambodia Computer Emergency Response Team (CamCERT) Cambodia • Budi Rahardjo, President, Indonesia Computer Emergency Response Team (ID-CERT), Indonesia • Khamla Sounnalat, Deputy Head, Lao Computer Emergency Response Team (LaoCERT), Lao • Philip Victor, Director, Centre for Policy & International Cooperation, IMPACT • Inspector Allan Cabanlong, Chief, Web Services and Cyber Security Division, • Philippine National Police Force • Serupepeli Neiko, Section Head, Cybercrime Division, Fiji Police Force • Dr. Mingu Jumaan, Director, Sabah State Computer Services Department, Malaysia • Jack YS Lin, Senior Security Analyst, Japan Computer Emergency Response Team (JPCERT), Japan • Dr. Frank Law, President, High Technology Crime Investigation Association (HTCIA) • Ammar Jafri, President, Pakistan Information Security Association (PISA) • Andrey Komarov, Chief Technology Officer, CERT-GIB, Russian Law Enforcement Agency • Senior Representative, Ministry of Internal Affairs, Russia • Senior Representative, Infocomm Development Agency (IDA), Singapore • Kiran Karnad, Staff Engineer, MiMOS, Malaysia
Reasons to attend: Largest international gathering of cyber security experts in
ASEAN Opportunity to network with the leading firms who
provide defences to cyber attacks Analyse the latest cyber security challenges and issues in
the region Discuss international cooperation to combat cyber-crime Network with the leading decision makers in the
government's Determine the latest cyber-crimes taking place in ASEAN Gain a mix of policy, strategies and technical expertise in
one place
Associated Workshops : Strategic Co-operation amongst
CERT’s Led by: Asia-Pacific Computer Emergency Response Team (APCERT)
OWASP Top 3 - Injection, Session
Management and Cross Site Scripting: Hands-on with Kali Linux
Led by: MiMOS Malaysia
Organized By:
BOOK BY THE 31st DECEMBER 2013 AND RECEIVE UP TO 20% OFF REGISTRATION FEE
32 | Asia Pacific Security Magazine
By
Anthony Caputo
Wired or wireless? In today’s modern world filled with technology most would choose wireless, however, the key to optimum performance is in the architecture.
Mesh Magic and Real World Wireless Video
Throughout my experience, deep in the trenches, and or as a digital video surveillance architect, even though I’m considered a wireless video subject
matter expert, I’ve come to the conclusion that wired is always better than wireless and that my expertise comes from my willingness and perseverance to make those ‘trouble spots’ actually work. It’s not about setting up a wireless link, configuring the radios and recording the signal and bandwidth statistics. If the wireless link only needs 4Mbps for streaming video, and the radio bandwidth statistics register 11Mbps throughput, then you’re done, correct? This is where most integrators go wrong. If you’re using a 20Mhz channel OFDM, you should be getting maximum about 30Mbps - MIMO, you’d get upwards of 70Mbps, so 11Mbps indicates that there’s something wrong, and if left unchecked, it will degrade over time, with weather, interference and self-interference with additional installations. If you’re wondering where the ‘54Mbps’, ‘150Mbps’ and MIMO ‘300Mbps’ bandwidth numbers are, you’ll have to look at the product marketing materials, because this is about the real world.
Wireless networked video provides another option for data transmission, but cannot replace the basic need for power. No power. No camera. Wireless is a substitute under the following conditions;
1) there is power at a desired location, but no cost-effective access to data
2) the distance from the camera to the closest data port exceeds the cabling requirements
3) there is a cluster of cameras that could benefit from wireless mesh networking redundancy.
Wireless can work and work well, but unlike an insulated and protected copper wire, or fiber cable, wireless is RF technology that can be affected by outside influences such as interference from other radios, microwave ovens and even the weather.
It’s important to keep in mind that digital technologies continuously encode and decode analog signals. If you’re using an analog camera, linked to a digital video encoder, that camera is sending an analog waveform through the coaxial cable to the digital video encoder. The encoder then encodes and sends the signal via an Ethernet cable (low voltage bursts) to the wireless radio, which then decodes it into another analog waveform that is shot out the antenna. Up until that point, you have a level of quality control, but once the digital signal is decoded and spit out the antenna as an analog waveform, all control is lost. In the vacuum of space, a microwave signal will go on forever, and although there are environmental and atmospheric factors that deteriorate, reflect and dwindle microwave waveforms, they do not stop at the outer circle in a conceptual design diagram. The only true element of control is architecturally. Architecting a wireless network infrastructure requires forward thinking beyond the point-to-point or point-to-multipoint links. There is limited bandwidth that is constantly changing in a fluid environment. Architecting for asynchronous applications fits better in that scenario, but synchronous security video, where every frame could be the crucial frame, it’s far more challenging.
Design to control the signal, using directional antennas, not 360 degree Omni-directional antennas, which will pick up interference from everywhere, reducing power, bandwidth and performance. I once registered another radio using an overlapping frequency over two miles away, in the opposite
Special Feature - CCTV
Asia Pacific Security Magazine | 33
security & risk management specialistsPTY LTD
Security, Risk & Resilience
Independent, Specialist, Professional
T | + 61 8 6162 9920E | [email protected] | www.amlechouse.com
LEADING INDEPENDENT SECURITY CONSULTANTS
Imagine if you could predict future crimes and prevent them. This is the premise of TV show Person of Interest in which a genius billionaire builds a supercomputer that uses
mass surveillance information for the purposes of preventing terrorist activity, which the Government buys. The machine, however, also starts to predict ‘ordinary’ crimes as well, the kind overlooked every day, and in response the genius assembles a team of vigilantes to prevent them.
The current crop of CCTV products are not quite at crystal ball level, but the increasing sophistication of the technology, paired with the kind of intelligence security professionals have been seeking for years has turned a fictional drama series into a kind of, if not probable then at least plausible, reality.
The upside of the current crop is that innovation appears to be more affordable than ever. In the next year you will notice a lot of technology developed for high level military and Government purposes coming into the commercial market at budget friendly prices. Not only is this process faster than previous public-to-private and specialist-to-mainstream transitions, the efficiency gains from an operational perspective, which result in lower ongoing
costs and increased environmental benefits, makes change irresistible and inevitable.
State of surveillance
The CCTV and video surveillance market will be worth US$23.5 billion by the close of 2014, according to the ‘Global CCTV Market Forecast to 2014’ report researched by RNCOS. While much of the increase between now and the end of next year will come from a switch from analogue to digital, and the burgeoning markets in Asia – particularly China and India – and the Middle East, a great deal will be fuelled by equipment that can aid analytics whether contained within the CCTV systems themselves or in peripheral products that have become mainstream – and valuable – enough to enhance a standard system.
The use of CCTV has also expanded from a focus on security and safety to other purposes throughout industry, ranging from traffic flow to manufacturing. Companies like video surveillance and access control solutions technology company, Genetec, provide products and services to markets as diverse as transportation, education, retail, gaming and
Today’s solutions, tomorrow’s surveillance
Today’s solutions, tomorrow’s surveillance
By Adeline Teoh
Correspondent
Surveillance and CCTV products are no longer just an extended eye for security professionals. Instead, these increasingly sophisticated tools are becoming essential for 360-degree crime prevention and situation monitoring across a variety of industries.
Special Feature - CCTV
34 | Australian Security Magazine
Government. This has led to the evolution of the equipment from an ‘eye’ to a system that can gather other intelligence to aid analysis and monitoring.
On the security front, this gives professionals the ability to analyse images and monitor unfolding situations with clearer detail and more supportive evidence, leading to fewer false alarms and better response times for incidents. The technology’s ability to provide more accurate information for incident diagnosis allows the system to be used for resource management as well as standard security operations.
Melinda Halstead, spokesperson for FLIR Systems, says the brand’s thermal imaging systems provide simultaneous threat detection and assessment. Thermal security cameras make pictures from heat not light, so are perfect for total darkness and obscured visual fields such as in smoke, dust, fog and blinding sunlight.
“Video is sent – even to mobile devices – for inspection to ascertain the need for further investigation. The crisp images allow for verification as to what has tripped the alarm, saving on unnecessary guard callouts,” she explains. “A turnkey system offers a unique combination of thermal security cameras, video analytics software and other intrusion
detection sensors for integrating and displaying feedback from all of a facility’s perimeter security sensors on one display.”
Complementary security
In many cases, the technology comes not from the CCTV system itself, but from complementary equipment that assists information gathering. One such case is Raytec, a specialist lighting manufacturer, which supplies infrared and white-light LED lighting for CCTV systems and general illumination.
Cat McElroy of Raytec says the company’s VARIO IP, the first network CCTV illuminator in the security industry, helps CCTV cameras capture better images. Operators can control the lighting in the same way they control the IP cameras, to ensure the system works together to give the best information to the user. “Users have full control over their lighting at all times to respond to live events or security risks in real time, deter crime, perfect CCTV image quality and alter settings in response to operational changes,” she says.
Genetec provides CCTV enhancement for the security industry in a complementary fashion also. By allowing
Special Feature - CCTV
Australian Security Magazine | 35
“...technology comes not from
the CCTV system itself, but from
complementary equipment that
assists information gathering.”
36 | Asia Pacific Security Magazine
Special Feature - CCTV
Broadband becomes crime buffer
When the US city of Cleveland, Ohio, installed a publicly funded broadband network, it wasn’t to download the latest episode of Game of Thrones but to increase protection of the city via a high-speed wireless video network. Home to more than half a million residents, and hub to twice that during the week, the city worked with the Department of Homeland Security and Motorola Solutions to develop a network that would guard against national security threats, help reduce crime, and enhance citizen safety.
Cleveland used Motorola’s wireless mesh video surveillance network as part of a pilot program to monitor and protect the downtown area. The goal of the Cleveland Shared Security Surveillance (CS3) program is to provide team members with a shared security presence and enhanced awareness. The cameras can tilt, pan and zoom in on a particular area to follow the activities of an ongoing situation or help predict a dangerous situation. This was put to the test at the St Patrick’s Day Parade, one of the city’s most popular annual events.
“To monitor activities and provide security for all those folks is very difficult, especially on foot,” says Mike McGrath, Cleveland’s Chief of Police. “The cameras allow officers to monitor activities in real time so they can quickly identify potential threats and respond faster and better.”
With the cameras clearly visible, the system enables citizens and visitors to feel secure. They also form part of Cleveland’s Computer Aided Dispatch system to assist emergency services prior to arriving on the scene. “We want a dispatcher to be able to say, ‘those guys just ran to the west, one’s in blue, the other’s in red’,” explains Larry Jones II, CS3 project manager.
The network began with nine cameras positioned around the public square area downtown, which has now expanded to other areas of the city, the port area, the west side market and the arena district, and the surrounding neighbourhoods. The benefit of having the infrastructure in place is that cameras owned by residents and businesses can join the network and act as a force multiplier.
For more details on Motorola’s cities projects, see www.motorolasolutions.com/SaferCities
security professionals to customise their system through its software, a unified security platform called Security Centre 5.2. Omnicast, the IP video management system can be used for intelligent monitoring.
Genetec’s Jaime Li, says Omnicast enables users to set threat levels that will tell the system to instantly trigger a mode of operation to respond a change in security conditions. “New security-oriented features allow customers to better mitigate risk and respond to changing security conditions in real-time. Operators can command a rapid response in the event of a threat, by instantly modifying system settings based on preset configurations.”
This may include stepping up privacy controls, where system administrators can restrict access to live and recorded cameras based on user security levels to prevent the viewing of sensitive data.
The price is right
One result of the growing CCTV industry is increased competition and a reduction in price for sophisticated technology. This comes from a number of avenues such as increased efficiency during the production and operation of a product as well as advancements in technology bringing down the cost of innovation and increasing product availability.
Li says Genetec aimed for greater operational efficiency ‘through product simplification and enhanced collaboration capabilities between security desk operators’ for its platform. The software’s automated features also enables flexibility and scalability without the need to add more personnel, because it allows current personnel to diagnose and focus on real security issues rather than false alarms.
For FLIR Systems, the lower cost of innovation brings top technology into the budget range of non-traditional customers. “Advancements in thermal imaging systems and software, once solely for the domain of military and defence, are now seeing technological innovations in commercial security and surveillance,” says Halstead.
Having a commercial market also allows suppliers to identify different benefits, she adds. “The security industry is faced with the challenges of finding ways to cut expenses, without jeopardising the integrity of a product or service; thermal imaging security technology arms it with the means to reduce costs related to power consumption, nuisance and false alarms and carbon pricing.”
The environmental advantages are also evident in Raytec’s products, where performance is enhanced by sustainability initiatives. “All Raytec illuminators have a long life, a low
“New security-oriented features allow customers to better
mitigate risk and respond to changing security conditions in
real-time. Operators can command a rapid response in the
event of a threat, by instantly modifying system settings based
on preset configurations.”
power consumption and require zero maintenance, leading to huge energy and cost savings,” says McElroy. “Triggering lighting on detection of a subject also provides a more dynamic installation intended to deter crime.”
The multifaceted use of CCTV systems and the new intelligence now available over physical surveillance has changed dramatically in the past few years and will continue to serve a market hungry for more than just a network of cameras. The cost and environmental benefits will continue to play a role in product selection as innovation pushes technology towards other sources of information gathering in security as well as employing a range of uses for CCTV across other industries. Watch this space.
Frontline
www.cctvbuyersguide.comwww.cctvbuyersguide.com
For all the latest in CCTV products and news.
www.cctvbuyersguide.com
38 | Asia Pacific Security Magazine
The cyber threat comes from a range of sources, including individuals, issue-motivated groups, organised criminal syndicates, and the intelligence
services of some foreign governments. The motives for cyber incidents include corporate attack, illicit financial gain, political and protest issues, personal grievance (a disgruntled employee or customer), and issue motivated hactivists.
A cyber attack can be very disruptive, having a huge financial impact on a business and also harming its professional reputation. As the national computer emergency response team, CERT Australia in the Australian Attorney-General’s Department, is the single point of contact for cyber security issues affecting major Australian businesses.
In 2012, there were close to 7,300 incidents reported to CERT Australia. By mid-August 2013, around 8,500 incidents had already been reported. Many of these are categorised as less severe, such as scans of firewalls or websites. However, at the higher end, there are both broad-based and targeted attacks.
For example, there have been an increasing number of businesses under pressure from distributed denial-of-service (DDoS) attacks, where the instigator demands payment to stop the attack or ‘cease fire’. This method of extortion is not new – but it is becoming more frequent. This is due to the ease with which people can access attack tools and services from online criminal groups. It is also due to the growing reliance of companies on their customer facing web services, now an essential part of business.
Another common method of attack is to target senior executives, often through their direct support staff. This generally involves a well-crafted email message – one that is topical without any tell-tale mistakes. It is the links and attached files in the emails that are the first point of entry into a target network. This is particularly effective in businesses where cyber vigilance is not part of the culture – and where busy executives and their assistants are barraged by a large number of emails every day. These businesses are targeted for their intellectual property or financial information. They may also be targeted as a way to compromise a third party, who has a trust relationship with
the business and is the ultimate target. By using this form of attack, the perpetrator leverages the relationship between businesses, as an email embedded with malware is less likely to be treated as suspicious from a trusted party.
Trends in cyber securityOne of the challenges that CERT Australia faces is gaining a better understanding of the impact of malicious online activity and how well businesses are placed to respond. While there are an increasing number of cyber crime and security incidents, the true extent of these threats is difficult to determine. To help understand what is happening on this front, the inaugural CERT Australia Cyber Crime and Security Survey was conducted in 2012.
The survey report provides a picture of the cyber security measures businesses had in place, the recent cyber incidents they had experienced, and their reporting of them. The findings indicated a shift in cyber attacks away from being indiscriminate and random to more coordinated and targeted, often for financial gain. They also revealed the theft of mobile devices to be a major concern, with many organisations lacking security policies and plans for protecting these physical assets. As the cyber picture is constantly changing, CERT Australia is conducting annual national surveys to look for trends over time.
The 2013 Cyber Crime and Security Survey has recently been conducted. It aims to build on the baseline findings from 2012, and seek a more comprehensive understanding of how cyber incidents are affecting the businesses that partner with CERT Australia. The findings from the 2013 survey will be released later in 2013. Importantly, they will provide a better picture and understanding of the impact of cyber incidents, which will assist CERT Australia in providing the best possible cyber security support and advice to Australian businesses.
Cyber security mitigationsSo what are the top cyber security mitigations? Firstly, businesses need to be prepared before an incident occurs. It is important for each business to know how its network
Cyber security – the facts
Cyber security – the facts
The cyber threat is real and ever present – and every business is at risk. Australia’s security and intelligence agencies have stated publicly that we are experiencing increasingly sophisticated attacks on networks and systems in both Government and business.
By
Dr Carolyn Patteson
Special Feature - Cyber Security
No business or government organisation survives in a vacuum. Sharing knowledge is fundamental to the development of successful security planning and implementation.
That is the role of our magazine: sharing knowledge of developments in security management for public and private sector organisations, both for internal management and for external obligations in public safety and security.
MY DETAILS
Salutation: __________First Name: __________________________________________
Surname:______________________________________________________________
Job Title: ______________________________________________________________
Company: _____________________________________________________________
Postal Address:__________________________________________________________
Suburb: _____________________State: _________ Postcode: ____________________
Country: ______________________________________________________________
Email: ________________________________________________________________
Interested in our e-news service?
PAYMENT
Please find enclosed my cheque/postal order (made payable to MySecurity Media )
for $ __________________ or debit my:
Expiry Date:________________ Todays Date: ______________________
Card Holders Name: __________________________________________
Signature: _________________________________________________
Yes! I wish to subscribe to the Australian Security Magazine, 6 issues (1 year).
☐ AUSTRALIA A$ 88.00 (inc GST) 1 YEAR
☐ INTERNATIONAL A$ 158.00 (inc GST) 1 YEAR
SUBSCRIBE TODAY... DON’T MISS AN ISSUE
Phone:+61 (8) 6465 4732during business hoursAWST (Australia Only)
PRIORITY FAXCredit Card DetailsAustralia +61 (8) 9467 9155
FREE POSTMy Security Media286 Alexander Drive, Dianella. W.A. 6059
GSTThis document will become a TAX INVOICE for GST when payment is made. My Security Media Pty Ltd ABN 54 145 849 056
1 YEAR SUBSCRIPTION TO THE AUSTRALIAN SECURITY MAGAZINE
6 print issues per year for only $88.00
Available online!
See our website for details
Yes! As an additional bonus I wish to receive direct to my inbox the Asia Pacific Security Magazine (emag), 6 issues (1 year).
Asia Pacific Security Magazine | 39
No business or government organisation survives in a vacuum. Sharing knowledge is fundamental to the development of successful security planning and implementation.
That is the role of our magazine: sharing knowledge of developments in security management for public and private sector organisations, both for internal management and for external obligations in public safety and security.
MY DETAILS
Salutation: __________First Name: __________________________________________
Surname:______________________________________________________________
Job Title: ______________________________________________________________
Company: _____________________________________________________________
Postal Address:__________________________________________________________
Suburb: _____________________State: _________ Postcode: ____________________
Country: ______________________________________________________________
Email: ________________________________________________________________
Interested in our e-news service?
PAYMENT
Please find enclosed my cheque/postal order (made payable to MySecurity Media )
for $ __________________ or debit my:
Expiry Date:________________ Todays Date: ______________________
Card Holders Name: __________________________________________
Signature: _________________________________________________
Yes! I wish to subscribe to the Australian Security Magazine, 6 issues (1 year).
☐ AUSTRALIA A$ 88.00 (inc GST) 1 YEAR
☐ INTERNATIONAL A$ 158.00 (inc GST) 1 YEAR
SUBSCRIBE TODAY... DON’T MISS AN ISSUE
Phone:+61 (8) 6465 4732during business hoursAWST (Australia Only)
PRIORITY FAXCredit Card DetailsAustralia +61 (8) 9467 9155
FREE POSTMy Security Media286 Alexander Drive, Dianella. W.A. 6059
GSTThis document will become a TAX INVOICE for GST when payment is made. My Security Media Pty Ltd ABN 54 145 849 056
1 YEAR SUBSCRIPTION TO THE AUSTRALIAN SECURITY MAGAZINE
6 print issues per year for only $88.00
Available online!
See our website for details
Yes! As an additional bonus I wish to receive direct to my inbox the Asia Pacific Security Magazine (emag), 6 issues (1 year).
and are tailored to the needs of a spectrum of users, from individuals to small businesses and right up to enterprise and Government level. Here’s an overview of the threat landscape and some of the methods used to counter attacks.
Up in the air
Cloud computing services, long touted as the answer to storage and scalability issues, is not without its problems, says Melinda Marks of cloud security provider Qualys. “While cloud computing can deliver significant economic, business, and technical advantages including cost efficiency and rapid ability to scale, outsourced IT management, and flexibility, it comes with some security challenges.”
Established organisations that have transitioned, or will transition, from onsite data storage to cloud services need to reassess the threat environment. “Adopting cloud services often requires that an organisation transfer responsibility for implementing security controls to the cloud service provider, while the organisation is still accountable for the security of their information,” says Marks. “Many organisations have strengthened their third party risk management programs
How do you prevent data from falling into the wrong hands? With the advent of cloud services, bring-your-own devices and social media, organisations are finding that they need to defend a broad range of entry points.
By Adeline Teoh
Correspondent
Data lockdown key
to cyber security
Special Feature - Cyber Security
When Edward Snowden, formerly employed at the USA’s National Security Agency (NSA), decided to tell the world about how the Government
was eavesdropping on its citizens and allies – as well as its enemies – it was surprising to few, but the news suddenly trained a very large spotlight onto cyber security measures.
In addition to Snowden’s declaration and the activities of the NSA, recent events such as the highly publicised breach of the Reserve Bank of Australia and the Australian Taxation Office, plus the establishment of the new Federal Cyber Security Operations Centre, have also highlighted the importance of cyber security in Australia.
Phil Vasic, Regional Director for Australia and New Zealand at cyber defence company FireEye, notes that the recent cyber attacks on leading Australian enterprises have highlighted the fact that distance can’t shield our digital assets from global threats. “As a prosperous, connected nation, we are a prime target and need to take serious action to bolster our defences,” he says.
Although cyber security has been at the top of the agenda for some years now, it is only in recent times that the market has responded with products that evolve with the threats
40 | Australian Security Magazine
Australian Security Magazine | 41
Special Feature - Cyber Security
in response to this challenge to ensure the organisation can effectively evaluate the risk using a specific cloud service provider for a specific IT function.”
Unfortunately, cloud computing does not magically store your data in the sky, out of reach of attacks. Without adequate security, in fact, cloud storage may expose your data to more attacks because of increased accessibility. John Ellis, the enterprise security director for Asia-Pacific and Japan at cloud platform provider Akamai, asserts that the attack surface has increased dramatically because of the uptime of our data. “Cyber adversaries have a wealth of attack vectors to attempt to infiltrate an organisation. With the distributed, highly connected computing world we live in, we don’t ‘go online’, we are online 24/7, making it easier for cyber adversaries to advance their cause.”
The uptake of cloud storage has shifted data from the control of the organisation to the provider, says Ellis, which is why it is imperative for users to focus on protecting the data, not forming useless borders around the corporate network. “Sensitive data is now stored, processed, and collected beyond the corporate firewall, resulting in the death of the security perimeter,” he says. “Organisations need to transition to away from a network-centric security model to a security model where controls are centred around the data, wherever it may live.”
Friendly fire
In the old days it was pretty easy to detect where a cyber security breach occurred because the IT manager had visibility over the whole network. With the advent of bring-your-own devices (BYOD), in which staff connect not only their work device/s but also their personal smartphones, tablets and laptops to the system, it’s easy to see how cyber security issues in the modern office can escalate out of control.
The problem with BYOD is the sheer number of entry points a cyber adversary now has the opportunity to attack, says Grenadine Lau, Business Development Manager for data security pioneer Imperva. “With the record number of devices being added to corporate networks, creating, sharing and consuming data, cyber security is now posing a challenge for organisations of all sizes. Additionally, automated cyber security attacks allow cyber criminals to easily scan the internet for vulnerable entry points into networks and launch devastating data attacks.”
Vasic adds that smaller screens often deceive the user into thinking they are smaller targets. “A smartphone is the equivalent of carrying a laptop in your pocket, yet a much smaller percentage of executives and technicians identify smartphones as vulnerable entry points, when arguably they
are just as vulnerable or even more vulnerable than laptops.”Without a comprehensive security policy and
corresponding settings, organisations leave gaps says Lau. “Software that has been deployed on an ad hoc basis without adequate security settings will continue to be cyber targets until security measures are put in place.”
Cyber security also needs to evolve with the attacks, advises Vasic. “Sophisticated malware has eroded the effectiveness of traditional signature-based defences, leaving a hole in the network. Designed to use signatures to block known threats, traditional and next-generation firewalls, IPS [incident prevention systems], AV [access verification], and gateways are no match against zero-day and targeted APT [advanced persistent threat] attacks.”
Vasic says, “Advanced cyber attacks necessitate a new model of security that can protect against unknown malware that is targeted and stealthy and delivered over multiple threat vectors.”
As for why a number of organisations continue to ignore the need for a thorough security audit, analysis and plan, Lau believes many put it in the ‘too hard’ basket because the cost and complexity of providing data security is a significant resource drain. “Businesses deploy infrastructure security solutions – such as internal firewalls and anti-virus products – to achieve data protection, yet find these do not provide the necessary visibility and control over data usage needed for effective data security. As a result, enterprises often turn to manual processes based on native auditing tools for data protection. This approach proves to be expensive, unable to scale, and cannot deliver the separation of duties needed to satisfy auditors.”
In the past, the solutions have always been centred on the organisation, not its data. Lau says this mindset needs to change. “For true data security that protects high-value
In defence of e-commerceSchneider Versand is Europe’s largest specialist for promotional gifts and commercial products. Its website traffic increases at more than 1 million visitors a year, representing double-digit growth.
In December 2011, Schneider Versand experienced a distributed denial-of-service (DDoS) attack where the website received thousands of HTTP queries, peaking at 500,000 requests per minute, which caused a massive traffic jam in front of the firewall. The firewall could no longer distinguish the attack traffic from legitimate customer requests. Countertactics such as a rewrite rule in Apache (reject requests and sit out) or the diversion of all traffic to the Amazon cloud only enabled short-term availability of the shop.
The attack lasted for a week and forced Schneider to go offline for three days, compelling the company to look for a strategic security solution. The company chose to rely on a distributed infrastructure, selecting Akamai and its Kona Site Defender solution. Kona offers more than 100,000 distributed servers and features enterprise architecture that can ward off online attacks already at the point of entry by providing the necessary bandwidth and capacity to absorb requests and filter out malicious traffic before it hits the corporate data centre.
“Security controls must adapt to focus on securing the data, rather than just securing
the perimeter. As a result, endpoint security has become a focus for many organisations,
as well as a new focus on not just preventing security incidents, but rather improving the
organisation’s ability to detect and respond to security incidents.”
42 | Australian Security Magazine
business data and addresses compliance requirements, enterprises need a layer of security positioned close to the data that can identify, prioritise and help mitigate risk.”
Marks agrees and says, “Security controls must adapt to focus on securing the data, rather than just securing the perimeter. As a result, endpoint security has become a focus for many organisations, as well as a new focus on not just preventing security incidents, but rather improving the organisation’s ability to detect and respond to security incidents.”
Socially inept
The benefits of social media have been widely touted as a good way to improve customer engagement, facilitate collaboration and improve networking. However, social platforms can come at a cost, warns Marks. “These new technologies increase the risk of inadvertent and or intentional disclosure of sensitive organisational information.”
Andrew Mamonitis, Managing Director for Kaspersky Lab Australia & New Zealand, says, “The use of social media
has also exposed companies to new security gateways along with cloud services and BYOD.
“Not only have these trends greatly increased business exposure to IT security threats, but they have also introduced new platforms on which company security policies now apply.”
And it’s not just limited to its use through official channels. “This applies to both private use of social media by employees, as well as formal company use of social media and other social networking tools,” he says.
In response, “many organisations have implemented enhanced security awareness training programs to ensure their employees understand how to properly use these technologies,” says Marks. This training covers the threats to the confidentiality that social media presents.
All this serves to tell us that it’s a big, bad world out there and the only way to survive is to be prepared, comprehensive in that preparation, and ensure that the solution you select is agile enough to apply mitigation strategies as new threats emerge. Awareness is the first step.
Counting the costsResults from a recent survey conducted by B2B International and Kaspersky Lab found that staff-related security breaches occur most often in the Asia Pacific region. The ‘Global Corporate IT Security Risks: 2013’ survey found that the percentage of companies in the Asia Pacific region experiencing targeted cyber-attacks against employees stands at nearly double the global average.
Moreover, 91 percent of the companies surveyed had had at least one external IT security incident and 85 percent reported internal incidents in the 12 months preceding the survey. A serious incident costs a large company an average of $649,000 and a small-to-medium business about $50,000.
“These new technologies increase the risk of inadvertent and or intentional
disclosure of sensitive organisational information.”
Special Feature - Cyber Security
Rackspace’s new 3D Cloudphone See page 53
To have your company news or latest products featured in our TechTime section, please email
Latest News and Products
44 | Asia Pacific Security MagazineInformation presented in TechTime is provided by the relevant
advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
Do-it-yourself security monitoring company
Swann has released a range of high definition
security systems, known as Platinum-HD. The
new systems are capable of allowing home and
business owners to monitor their premises over
the Internet via their smartphone or tablet in
high definition video.
The Swann Network Video Recording (NVR)
systems are capable of full high definition video
with real-time live viewing and video playback.
Initially there will be two versions, one with four
channels and four cameras and the other with
eight channels and four cameras.
Swann Vice President-Marketing, Jeremy
Stewart, says that the new systems are
the next generation of do-it-yourself video
surveillance systems.
“Where HD security systems in the past
have required a trade-off between resolution
and video frame rates, these new systems
are unique in that they combine 1080p video
resolution with real-time (25 frames per second)
live viewing and video playback allowing end-
users to see every detail, colour and activity,”
he says.
The systems include four of the latest
NHD-820 surveillance cameras, each capable
of producing 1080p HD video or, using security
industry terminology, 1,000 TV lines (2.1
Megapixels) lines; image quality far in excess
of typical security cameras. The cameras also
have powerful night vision up to 35 metres and
can be used indoors or outdoors.
The new Swann Platinum-HD NVRs area
is easy to set up because the cameras do not
require a separate power connection, instead
they are powered via the network cable.
The Platinum-HD also allows viewing of live
or recorded video in high definition on HDTV,
LCD and Plasma screens with an HDMI cable
included in the pack. The user interface means
that the user can monitor and record multiple
cameras on a split screen, as well as select
any camera for full screen real time viewing or
playback of pre-recorded footage.
With a 2TB hard drive, users have the ability
to record approximately 45 days of continuous
surveillance or even longer when using the
motion detection settings. The system has
easy to use menus allowing users to easily
locate incident video and then transfer it to the
network or a USB drive.
The free SwannView app offers convenient
remote viewing on a mobile device. The set-up
is simple with Swann’s customisable network
configuration.
Swann’s Platinum-HD Full High Definition
Security Systems are available from Bunnings
special orders, Dick Smith online, Harvey
Norman and Masters. The 4 Channel 4 Camera
versions (Swann code SWNVK-472004) have a
recommended retail price of $1,499.99 and the
8 Channel 4 Camera version (SWNVK-872004)
has an RRP of $1699.95.
For more information on Swann visit
www.swann.com
Swann releases new range of high definition security systems
The peephole goes digitalThe peephole in a door is a very useful product
that has been around for years and allows
you to see who is at the door while remaining
behind the security of a locked door. But is has
now gone digital with a new version from home
security experts Swann Security that activates a
camera every time the doorbell is rung and gives
you a clear high resolution colour image of who
is at the door on a 7mm LCD screen. Not only
that, it also records up to 100 colour images.
The camera is able to operate day and night,
is weather resistant and has a 60 degree viewing
arc. It has a white gloss finish that will suit any
home décor and the monitor supports up to
a 2GB SD card for recording the images. All
recorded images can be transferred to a PC via
the USB cable supplied with the pack and which
also serves as the battery recharging source.
It is called the Swann DoorEye™ and it is
an easy to install DIY product that is available
nationally for $119 from Dick Smith Electronics
and Bunnings.
For more information on Swann visit
www.swann.com
Asia Pacific Security Magazine | 45 Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
FLIR Systems is proud to announce the launch
of the new Site Protection Solution, or SPS, that
provides an extremely affordable video security
solution for a wide range of applications.
“Our new Site Protection Solution is a
powerful combination of thermal cameras and
intelligent, adaptive analytics from VideoIQ that
provide reliable video security of perimeters
and large open areas at any time of the day or
night,” says Bill Klink, FLIR’s Vice President of
Security and Surveillance.
FLIR’s unique WDR thermal video provides
reliable threat detection and visual alarm
assessment even in the most challenging
conditions. The SPS couples the high-contrast
thermal video signal with VideoIQ’s intelligent,
adaptive analytics. These include exclusive
FLIR Mode algorithms specifically designed to
work with the output of FLIR thermal cameras,
virtually eliminating nuisance alarms in both
perimeter security and wide-area coverage
applications.
“This powerful solution delivers intelligent
prevention unlike any other combination of
technologies on the market,” says Dr Mahesh
Saptharishi, President and CTO for VideoIQ.
With more than 50 lens and sensor
resolution combinations to choose from, the
SPS is sure to have just the right combination
of coverage, range, and detail needed to create
a reliable virtual perimeter at a surprisingly low
cost. Perimeter protection solutions like fence
lines can be secured with SPS for as little as $5
per linear foot of coverage. Wide area coverage
applications, like rooftops, car impound lots,
and athletic fields can be secured for as little
as $0.10 per square foot. All of this without the
need to install the typical lighting infrastructure
needed for visible cameras to work.
For sites with a lighting infrastructure that
is already in place, or that needs the added
reactive or forensic information provided by
visible cameras, many of FLIR’s all-weather,
high-definition 2.1MP colour cameras can be
included in the SPS as well.
In addition to sending automated alarms
via email and mobile devices, VideoIQ’s Rialto
IP and analog encoders also provide up to
500GB of on-board storage, for reliable, zero-
bandwidth recording.
More information on FLIR’s exciting Site
Protection Solution is available at flir.com/security
FLIR and VideoIQ join forces for new site protection solution
Bitdefender Mobile Security, the cutting-edge
Android security app by the leading internet
security provider, achieved perfect scores
across the board for a second time straight in
testing by independent security analysis firm
AV-TEST.
Bitdefender, the creator of innovative
global antivirus solutions, scored 6 out of 6 in
Protection, 6 out of 6 for Usability and AV-TEST
approval for extra security features such as anti-
theft and remote wipe in July/August testing,
repeating its perfect performance of the May/
June trials.
The elite Android security solution caught
100 percent of the malware samples thrown
at it throughout the month of testing and gave
of zero false warnings, according to AV-TEST
results. Testing also showed the app doesn’t
impact battery life, does not slow the device
during normal use and doesn’t generate
excessive traffic.
“Bitdefender is proving as reliable in the
mobile arena as it is in its other endeavors,”
comments AV-TEST CEO, Andreas Marx, noting
Bitdefender’s top scores in testing on Windows
8 and Windows 7 this year. “A perfect score on
protection, maximum ease of use and the array
of other features is exactly what mobile security
software creators aspire too. Bitdefender has
achieved it.”
The results for Bitdefender Mobile Security
beat 28 of the 29 other companies tested.
Only Kaspersky Mobile Security, which lost to
Bitdefender’s perfect score in May/June testing,
managed a tie in July tests.
“Mobile security is becoming increasingly
important with the proliferation of both mobile
devices and the malware that targets them for
data theft, SMS scams and other costly fraud,”
adds Bitdefender Chief Security Strategist,
Catalin Cosoi. “While the need for mobile
security is relatively new, Bitdefender is not. The
latest AV-TEST results prove that we can take a
decade of experience and the industry-leading
quality of our traditional software lines and
translate that to the mobile arena.”
Bitdefender Mobile Security achieves perfect score in AV-TEST trials
46 | Asia Pacific Security MagazineInformation presented in TechTime is provided by the relevant
advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
UXC Connect secures contract to deliver to LNG project UXC Connect has secured a contract to provide
a converged IP surveillance and security
solution to a major liquid natural gas (LNG)
project located in Western Australia. The initial
contract worth $4.1 million, supports UXC
Connect’s entry into the IP Video Surveillance
Sector and the decision to grow its West
Australian team considerably over the last 12
months, continuing its trend of growth and
providing world class solutions to the mining, oil
and gas industries.
UXC Connect has begun the delivery and
roll-out of the solution to the remote site which
will house up to 4,300 construction workers.
The solution consists of IP CCTV, Public
Address & General Alarm and Access Control
infrastructure being installed in external and
internal areas throughout the campsite including
cafeterias, laundries, communal areas and 14
other facilities.
The fully architected solution will use
industry leading technology to manage and
improve the safety and security of the workers
on the remote work site, with a view to
protecting staff and property from unauthorised
access and other OH&S issues. The solution
will also enable greater emergency response
and ensure that site managers will be able
to identify historical events of interest and
provide indisputable evidence of activities
using Panasonic high-definition cameras and
Geutebrück video management systems.
UXC Connect has invested significantly in
its IP Video Surveillance solution, developing
strong alternatives to the current options in the
resources market, particularly for enterprise
organisations looking for a converged
surveillance and security system, says Richard
Ellison, Solution Manager, IP Video Surveillance.
“UXC Connect is the first IT solutions
provider in APAC to partner with world class
technology vendors to bring a converged
solution to market. UXC Connect’s offering
exceeds many other IP Video surveillance
offerings available, both in terms of the
technology and support services.”
“Our investment in the IP Video surveillance
space, together with our extensive IT
infrastructure skills, strong technical expertise,
and a proven track record for delivering
high-quality solutions for remote regional
communities enabled us to create a truly robust
and secure end-to-end solution that includes
multiple delivery options,” Ellison outlines.
According to Ian Poole, CEO of UXC
Connect, the contract highlights the benefits of
further investment in the West Australian office
and the company’s ability to develop world
class solutions for some of the most challenging
environments.
“UXC Connect is thrilled to secure this
contract; it is further evidence of our successful
go-to-market strategy where we continue to
invest in the people and partnerships that
enable us to create market leading solutions.”
“The growth we have seen in Western
Australia and particularly in the mining, oil and
gas sector has meant that we have been able
to invest extensively in our WA team. This
has enabled UXC Connect to further diversify
its offerings and build on the successes
of our other specialised solutions such as
Entertainment and Content, which has been
deployed to over 12,000 accommodation village
rooms throughout Australia,” says Poole.
Asia Pacific Security Magazine | 47 Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
At Black Hat 2013 in Las Vegas late July,
Paul Stone, a senior consultant at Context
Information Security presented details of new
vulnerabilities and threats to security and
privacy as a result of HTML 5 features in the
latest generation of web browsers. His talk
entitled, Pixel Perfect Timing Attacks with HTML
5, showed how cross-browser vulnerabilities
in Chrome, Internet Explorer and Firefox can
be used to access browsing histories and read
data from websites after visitors have logged in.
While traditional browser timing attacks
involve cache or network timing, it is now
possible to use a number of new techniques
that perform timing attacks on graphics
operations involving CSS and SVG to extract
sensitive data from your browser including your
browsing history or text from other browser
sessions. In effect, hackers can use timing
information to read pixels from web pages,
allowing them to tell which links have been
visited and to read text from other websites.
“While HTML 5 offers developers a range
of new features such as improved animation
and graphics support, some of these new
capabilities have some unexpected side effects
with privacy and security implications,” says
Context’s Paul Stone.
Context alerted browser vendors as soon
as it discovered the vulnerabilities and they are
investigating ways in which the timing attacks
can be prevented. “Users concerned about
these vulnerabilities can mitigate the risks by
regularly clearing their browsing history or using
private browsing windows to separate their
browsing sessions,” adds Stone.
A detailed White Paper has also been
published and is available online at
http://contextis.co.uk/research/white-papers/
pixel-perfect-timing-attacks-html5/
Context presents dangerous side effects of new browser features
In a push to capture a slice of the burgeoning
world-wide electric vehicle charging
infrastructure market, estimated to exceed $3.8
billion by 2020, the Australian producers of
ChargeIQ electric vehicle charging solution have
established a partnership with a leading Silicon
Valley based technology supplier.
ChargeIQ, a Smart Grid friendly electric
vehicle charging solution proven to slash driver’s
charging costs in half, has been developed over
three years by Australian technology company
DiUS Computing.
ChargeIQ is set to make its debut in the
North American market by the end of 2013,
after DiUS established a partnership through
its commercialisation subsidiary Percepscion
with Global Network Resources, Inc – a leading
Silicon Valley based technology supplier.
The move establishes the beginnings of
an international sales and distribution channel
for ChargeIQ, as well as other products in
Percepscion’s innovative Smart Energy portfolio.
ChargeIQ is the world’s first Zigbee-certified
Electric Vehicle charging solution with intelligent
Smart Grid integration that allows electricity
utilities to communicate directly with consumers
to manage charging loads.
ChargeIQ, which features a web interface
and smartphone application, enables utilities
and consumers to cooperate in real-time
to shift electricity demand. A recent report
produced for the Victorian Government by
DiUS, in conjunction with United Energy and the
University of Melbourne, found ChargeIQ was able
to halve electricity charging costs for drivers.
DiUS Computing co-director Clency Coutet,
said the sales and distribution agreement with
Global Network Resources Inc recognised
ChargeIQ’s appeal to the growing number of
plug-in vehicle drivers globally. “In many parts
of the US, a plug-in vehicle is now cheaper than
its petrol counterpart.
“ChargeIQ represents the next generation
in electric vehicle charging. With ChargeIQ,
drivers save charging costs, without effort or
inconvenience. ChargeIQ makes electric cars
smarter,” says Coutet.
President and Founder of Global Network
Resources, Kurt Miyatake, says ChargeIQ and
Percepscion’s other Smart Energy products
were exciting additions to the company’s
portfolio. “We’re delighted to partner with DiUS
in bringing ChargeIQ to North America.
Electric cars are taking off in California
and we see huge potential for this innovative
product here and elsewhere around the world,”
says Miyatake.
The distribution deal is one of a number
of significant developments
surrounding ChargeIQ in
recent months. In May,
ChargeIQ was named
a semi-finalist in the
prestigious Australian
Cleantech Competition,
which discovers and fosters
Australia’s best clean
technology companies and
products. The winner will be
announced on 2 October and
goes on to represent Australia
in the global competition.
This followed ChargeIQ being
recognised as one of Australia’s most
innovative products for 2013 by Anthill
magazine.
For more information visit http://dius.com.au
New partnership to Propel ChargeIQ in to US
48 | Asia Pacific Security MagazineInformation presented in TechTime is provided by the relevant
advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
With a unique approach to automating physical
security operations focused on connecting
security departments with their customers,
Quantum Secure has launched its SAFE for
Mobile Solutions.
“The ability to control and manage
operations from a mobile platform has become
an essential security tool,” says Ajay Jain,
President and CEO, Quantum Secure.
“We have designed mobile apps with the
goal of customer-centric security, to ensure
simplicity, feedback and automation of physical
security operations.”
For security departments utilising SAFE for
Mobile Solutions, customer feedback is a key
component of every physical security request or
transaction. Customer centric apps include new
employee and contractor on-boarding, visitor
registration, access changes and approvals or
access audits, lost or stolen badge reporting,
access requests and more. Apps specifically
focused on the security department include
functionality for visitor management, mobile
badging, NDA signatures, alarm and identity
metrics, search and verify personnel and more.
Quantum Secure’s SAFE Software Suite
provides policy-based on/off-boarding of
identities and physical access levels across
multiple security systems. All SAFE for Mobile
apps leverage the reliable and secure SAFE
policy engine to ensure continual process
management and compliance for security
personnel, and are delivered on iOS, Android,
and Windows platforms.
Quantum Secure mobile apps deliver
Further simplifying and automating complex
security operations, Quantum Secure
announces enhancements to their SAFE
Software Suite. A simpler, faster reporting
engine provides security management with
insights needed to make better business
security decisions, while new out-of-the-box
templates automate a wide range of security
operations.
“With each generation of technology, we
bring greater simplicity to the user even as we
add more capabilities to our software,” says
Ajay Jain, President and CEO, Quantum Secure.
“Our continuing objective is to increase the
ease and convenience of maintaining the most
secure possible facility.”
The new, faster reporting engine for
the SAFE Software Suite delivers insights
by monitoring security activity, assessing
risk, measuring customer satisfaction and
tracking key security indicators. A wide array
of ready-to-use security dashboards can be
personalised to improve performance through
key performance indicators (KPI) that track
key metrics, assign goals, and compare
benchmarks. To enable improved automated
security operations, Quantum Secure has
added a number of out-of-the-box templates for
security operations including email templates,
business rules and policies, badge templates
and kiosk design templates.
Additional updates to the software include
newly enhanced contractor and tenant
management modules for their SAFE Software
Suite. The SAFE 4.7 enhancements deliver
greater flexibility to users, enabling employers to
manage identities across multiple contracts with
multiple individuals associated to each contract.
Users can issue CIV credentials, which function
like Government PIV credentials to further
improve control and security.
“This update improves security for
organisations with numerous tenants and their
employees who need access to specific areas
on the premises,” says Ajay Jain, President and
CEO, Quantum Secure.
“With SAFE, now identity management for
commercial and business deployments can be
implemented at a security level similar to what
we offer for government applications.”
Quantum Secure introduces enhancements for SAFE Software Suite
Asia Pacific Security Magazine | 49 Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
Altronix has introduced several innovative
products that deliver more than just power.
The new eBridge™4SK kit which allows
fourIP devices to replace a single analog
camera over legacy coax cabling, and the new
NetWay™4ESK kit that transmits IP data and
delivers PoE+ for up to four IP devices over
a single CAT5/6 cable. These new additions
from Altronix provide greater value and
flexibility when upgrading security, access and
surveillance systems.
“Our ongoing objective is to develop
new and better ways to improve system
performance,” says Alan Forman, President,
Altronix.
“Our new eBridge™4SK Ethernet over coax
and NetWay4ESK IP data and PoE transmission
solutions deliver more value, enhanced network
communications and greater flexibility.”
The new eBridge4SK kit allows you to
replace a single analog camera over legacy
coax with up to four IP devices. This kit consists
of the eBridge4SPT transceiver with an integral
four port managed PoE+ switch that transmits
IP data to the head-end, and an eBridge1SPR
receiver that passes system power up the coax
over 1500 feet (5X maximum Ethernet distance)
without the need for repeaters.
The new NetWay4ESK kit transmits IP
data and delivers power for up to four PoE+
cameras/devices over a single CAT5/6 cable.
NetWay4ESK consists of a four-port managed
NetWay4ES PoE+ switch and a NetWay1E
midspan injector. This kit provides an extremely
cost-efficient means of maximising IP
infrastructure while reducing overall equipment
and labour costs.
Both kits are UL listed in the USA and
Canada, and CE and C-Tick approved. All
Altronix products are made in the USA and
feature a lifetime warranty
Altronix introduces innovative transmission and PoE solutions
OnSSI has launched innovative new high
performance video delivery and control Web
and Mobile clients that extend the look and feel
of OnSSI’s award winning Ocularis desktop
interface above and beyond the control room.
The new Web and Mobile clients utilise
OnSSI’s High Definition Interactive Streaming
(HDIS) technology which delivers up to 16 HD
video streams at full resolution and frame rate
over low bandwidth networks. The solution
allows security personnel on-the-go to perform
live monitoring or synchronized playback of
multiple HD cameras from an iPad tablet,
approved handheld device or standard web
interface.
“Today’s security operations continue to
move beyond the control room. Our new Web
and Mobile clients support this trend with
powerful functionality and
cost efficiencies,” says Ken
LaMarca, Vice President,
OnSSI.
“It is an intelligent
security and
communications solution
that provides mobility
without compromise for
the most demanding
applications and users.”
Additional features
of the Ocularis Web and
Mobile clients include; the
ability to toggle between
single and multi-camera
views; on the fly creation
and configuration of custom camera group
views; continuous forward, backward and
frame-by-frame playback of single or multiple
cameras; access to recorded video using date/
time selector or Timeline feature; and support
for any combination of cameras including those
with different compressions and resolutions in
the same view.
The HD video capture, transmission and
control capabilities enabled with OnSSI’s Web
and Mobile clients provide law enforcement
and security management professionals with an
invaluable tool for situation assessment and real
time mobile management. The ability to deploy
bi-directional real-time HD video and audio in
the field gives first responders and dispatchers
a whole new perspective on emergency
response services. This insures appropriate
levels of response, reduced operating expenses
without compromising public safety and
ultimately helping to save lives.
OnSSI debuts video delivery and control solution
50 | Asia Pacific Security MagazineInformation presented in TechTime is provided by the relevant
advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
Arecont Vision, an industry leader in IP
megapixel camera technology, has launched
a unique 12 megapixel (MP) 360° panoramic
camera with true Wide Dynamic Range
(WDR). The new SurroundVideo® 12MP WDR
360° panoramic camera produces superior
quality images of wide areas even in the most
challenging lighting conditions without the
aberrations produced by single sensor fisheye
panoramic cameras.
Arecont Vision’s WDR technology delivers a
dynamic range of up to 100dB at full resolution
without lowering the frame rates. By combining
long and short exposures in the same field-
ofview, WDR maximises the amount of detail
in both bright and dark areas of a scene. The
WDR performance of Arecont Vision cameras
represents an up to 50dB improvement (300X)
in dynamic range compared to conventional
cameras.
Also new for Arecont Vision is the
MegaVideo® Compact Dual Sensor Day/
Night Camera. The megapixel camera features
a colour 3megapixel (MP) image sensor with
Wide Dynamic Range (WDR) along with a
monochrome 1.3MP image sensor with superior
low light performance. Together the dual
sensors ensure that the camera captures highly
detailed images in changing lighting conditions
by switching from colour WDR to monochrome
when light levels fall below a specified threshold
or by streaming both sensors simultaneously.
Arecont Vision’s new Compact Dual Sensor
Day/Night Camera features dual H.264 (MPEG-4
Part 10) and MJPEG encoders, fast image rates,
up-scaling on the 1.3MP monochrome sensor to
3MP, bit rate control, multi-streaming, forensic
zooming and PoE.
The new MegaView® 2 and MegaBall® 2
series of all-in-one Day/Night H.264 megapixel
cameras have also been released. Both camera
series feature remote focus and remote zoom
P-iris lenses to ease installation, and optional
true Wide Dynamic Range (WDR) at 1080p and
3 megapixels (MP).
The MegaView® 2 cameras are available
in resolutions of 1.3MP, 1080p, 3MP, 5MP
and 10MP. They offer optional built-in infrared
(IR) illuminator LEDs. MegaView® 2 cameras
come with a junction box and an easy to
adjust 3-axis wall mount to further simplify
installation. Their bullet-style enclosures are
IP66 environmentally rated. The spherically
shaped MegaBall®2 cameras are available
in 1.3MP, 1080p, 3MP and 5MPmodels, and
come with an integrated cable management
structure to simplify installation.
A surface mount option for the new
ultra low profile MicroDome™ cameras
has also been launched. The new line of
multi-megapixel cameras is designed for
applications where both high-resolution and a
minimal footprint are required.
MicroDome™ cameras are available in
resolutions of 1.3 megapixels (MP), 1080p, 3MP
and 5MP with an option for true Wide Dynamic
Range (WDR) imaging at 1080p and 3MP. In
its surface mount housing, the Arecont Vision
MicroDome™ camera is IP66 environmental
rated to resist dust and water. The domes on all
MicroDome™ cameras are IK-10 impact resistant.
Also debuting is a unique new addition to its
highly touted line of SurroundVideo® cameras.
The new SurroundVideo® Omni Cameras
feature four multi-megapixel sensors that can be
individually adjusted to capture different fields
of view within a full 360° range. This allows a
single camera to provide detailed coverage of a
wide area including the ability to provide views
directly under the camera or multiple fields of
view using a variety of different lens options.
Arecont Vision’s SurroundVideo® Omni
Cameras feature the company’s Wide Dynamic
Range (WDR) technology in the 12MP
configuration which delivers a dynamic range of
up to 100dB at full resolution without lowering
the frame rates. By combining long and short
exposures in the same field-of-view, WDR
maximises the amount of detail in both bright and
dark areas of a scene. The WDR performance of
Arecont Vision cameras represents an up to 50dB
improvement (300X) in dynamic range compared
to conventional cameras.
For more information visit
www.arecontvision.com
Arecont Vision releases a host of new products
Asia Pacific Security Magazine | 51 Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
Galaxy Control Systems has presented its
comprehensive line of innovative solutions at
this year’s ASIS show in Chicago. Featured
introductions included new Systems Galaxy
Software and a new dual serial interface that
deliver innovative features and integration
for new and legacy access control systems
while protecting users’ investments in existing
hardware and infrastructure.
“Satisfying the needs of customers with
superior performance, support and cost-
efficiency has always been our first priority. This
philosophy drives our business model and has
been the foundation of our success for over 30
years,” says Robert Laughlin, President, Galaxy
Control Systems.
“Our latest introductions here at ASIS 2013
have been engineered with customers’ past,
present and future needs in mind so that we can
most effectively meet both their technical and
financial objectives.”
Leading the new products introduced
at ASIS is Galaxy’s System Galaxy Software
(v.10.3). The new software, which features
a wide range of innovative capabilities, is
backwards-compatible and interfaces with
legacy Galaxy systems.
System Galaxy Software enables users
to add the latest functionality available while
maintaining their existing investment in access
control infrastructure, and without having to rip
and replace entire systems.
Galaxy also introduced the 635 Dual
Serial Interface (DSI) for its 600 series Access
Control Panel. Engineered to improve third
party integration, enhance user convenience
and ensure interoperability with a multitude of
manufacturers’ current and legacy hardware,
the new DSI board is another example of
Galaxy’s commitment to their customers.
The 635 DSI supports wireless reader
technology, relay controls, LCD displays
and Galaxy 485 Remote DPI modules, with
added support for multidrops and more power
connections.
For Government applications, Galaxy also
featured its CAC Enrollment Solution, which
captures information from the Common Access
Card (CAC). Galaxy offers support for PIV I,
PIV II, TWIC and CAC (Legacy, Transition and
Endpoint) cards, along with FIPS 201-compliant
controllers configured to accept data formats
from 18 to 256 bits, providing unprecedented
versatility within the PIV II specification. Galaxy
Control Systems are also certified under the
DIACAP provisions, are pre-cleared to operate
on the DOD network and have an active
DIACAP ATO for both hardware and software.
With every product made in the USA and
carrying an unconditional two-year warranty,
Galaxy upholds its charter to meet and exceed
customers’ expectations. All Government
products are also available on the Galaxy GSA
schedules 70 and 84.
Galaxy Control Systems expands access control portfolio
Ollo Mobile has been named the winner of the
inaugural Rackspace Australia Small Teams Big
Impact Down Under competition.
The startup has developed a 3G
cloudphone, which aims to reinvent the
monitored telehealth industry and improve
the safety and communication of families
world-wide. It is a specialised cellular phone,
seamlessly integrated with a cloud based
service platform, which helps notify families
when seniors fall or need assistance.
Ollo Mobile:
• Replaces the call centre with smart
software, lowering the cost of monitored
telehealth services by 80 percent
• Is a matchbox sized phone, waterproof, and
wearable on a pendant or keyring
• Has a variable volume speakerphone, voice
control, long battery life (10 days+), automatic
fall detection, and indoor geolocation
• Charges on a dock, and has no cables or
plugs
• Has a SIM card, and can be called like a
regular phone.
Rackspace launched the competition to find the
best small team making a big impact, judged on
the scope of innovation, the highest disruptive
potential, and the greatest potential impact to
the largest number of people or businesses.
Co-Founder of Ollo Mobile, Hugh Geiger
says, “We applied to the Rackspace Small
Teams Big Impact competition because we
know we are tackling a huge problem, and we
just needed to get some global attention to
help make it a reality.
“We’ve been trying to get Robert Scoble’s
ear for a while, so when it came about that he
was going to come to Australia, we were really
excited about entering the competition.
“We’re thrilled to be chosen as the winner
from this star-studded panel. Ollo Mobile
is tackling a global problem, and we truly
believe our idea can save lives.
“The Ollo Mobile cloudphone technology
will reinvent monitored telehealth services for
seniors and those with chronic health conditions.
We lower the cost of service delivery by 80
percent and make the service socially engaging
and desirable, without compromising safety.
“We think this award can serve as a great
launch-pad to help get our startup in front of a
very broad audience.”
Startup Liaison Officer of Rackspace,
Robert Scoble commented, “Ollo Mobile caught
our eye because it could potentially save our
parents’ lives.
“The startups overall in Australia were of a
very high quality, and could definitely compete
on the world stage. I can’t wait to come back
to Australia.”
(See image page 45).
Rackspace announces winner of Small Teams Big Impact Down Under competition
52 | Asia Pacific Security MagazineInformation presented in TechTime is provided by the relevant
advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
Android vulnerabilities, increased online
banking threats and availability of
sophisticated, inexpensive malware toolkits
are among the growing concerns cited in
Trend Micro’s (TYO: 4704; TSE: 4704) Q2 2013
Security Roundup Report.
The report is a quarterly analysis by the
Trend Micro Threat Analysis Team that describes
cyber security threats from the previous
quarter combined with analysis to evaluate and
anticipate emerging attacks.
Android devices are directly in the
crosshairs of hackers as threats proliferate and
the user-base expands with little thought given
to security. The Security Roundup Report shows
the number of malicious and high-risk Android
apps has grown to 718,000 in the second
quarter – a massive increase from the 509,000
high-risk apps found in the previous quarter.
These malicious apps are on track to
exceed one million by year’s end, as predicted
by Trend Micro in the 2013 forecast. By way of
comparison, it took a decade for PC malware to
amass this number.
This fact, Trend Micro warns, combined with
the Android network’s systemic problems leave
a large number of Android devices exposed to a
risk that will continue to spread.
“Due to the fractured nature of the Android
network, it is very difficult for patches to reach
all users in an effective timeframe. In some
cases, users will never get patches as vendors
leave their customers at risk of attack,” says
Jonathan Oliver, Software Architecture Director
ANZ, Trend Micro. “Until we have the same
urgency to protect mobile devices as we
have for protecting PCs, this very real threat
will continue to grow rapidly. At the rate this
malware is accelerating – almost exponentially
– we appear to be reaching a critical mass. To
fight this, Android users need to take great care
when using their devices and take the simple,
but effective, step of adding security software to
all mobile devices.”
Online banking: The Trend Micro report also
warned of increasing hazards to online banking,
which saw malware increasing 29 percent
from the previous quarter – from 113,000
to 146,000 infections. The US was the top
target of malware, with more than one million
instances amounting to 28 percent of global
compromises, followed by Brazil at 22 percent
and Australia at five percent. Preventative
measures, such as closely monitoring account
activity and using third-party security solutions,
will help mitigate this growing threat.
Malware toolkits: Adding to this onslaught
of cyber-security risks, the Trend Micro report
found that the methods for selling malware
toolkits have evolved. Sophisticated malicious
tools are now being sold via inexpensive, free or
bundled pricing schemes, such as two-for-one
packages. The ease of access to these effective
malware toolkits increases the hazards Internet
users will face going into the remainder of 2013
and beyond. For more information visit
www.TrendMicro.com.au
Trend Micro’s Q2 warns of increase in online banking malware
RBC has announced its RBC Secure Cloud
mobile payments service (patent-pending). This
new technology, a first in Canada, will allow
clients to more safely and securely pay for
purchases using their mobile devices. Keeping
sensitive client data secure with RBC in the
cloud, not on the phone, makes RBC Secure
Cloud a safer, faster, more flexible solution.
RBC will bring RBC Secure Cloud to market by
the end of the year with debit and credit on a
number of smartphone platforms.
“We have designed a mobile payment
solution that offers a better client experience
and increased security than has been previously
available, while meeting industry standards,”
says Linda Mantia, executive vice-president,
Cards and Payment Solutions, RBC. “The result
is a solution that offers benefits and options to
everyone in the payment ecosystem.”
With RBC Secure Cloud, the financial
institution assumes the security burden, since
sensitive client data remains with the bank,
as opposed to keeping it on the phone, as
is the case with other models. The data is
transmitted encrypted and decoded locally on
the client’s mobile device at point of sale through
partnerships with mobile service providers. While
the solution thoroughly protects client financial
data by leaving it at its source, clients are also
protected by the existing Zero Liability Policy for
Interac, Visa and MasterCard.
“We understand the importance of security
to our clients and make safeguarding their
personal information our highest priority,”
says Paul Gerics, Vice-President, Information
Security at RBC. “RBC Secure Cloud is being
built with the highest security standards in mind.
We employ a diverse range of technologies
and security mechanisms to help ensure the
safety, confidentiality and integrity of our client’s
information and transactions.”
Initially focused on Near Field
Communication (NFC), the RBC solution is
flexible and can support new technologies such
as bar or QR codes, or other standards, and
allows offline transactions. Other benefits for the
client include;
• simpler and faster provisioning of account
information
• seamless card lifecycle management
including card replacement for lost,
stolen and expire cards as well as setting
preferences
• an ‘open wallet’ architecture (meaning
the ability to support non-RBC payment
methods and inter-bank access to payment
information in future).
“This is a critical advancement for mobile
payments in Canada,” says Mark O’Connell,
President and CEO, Interac Association and
Acxsys Corporation. “We are excited about
RBC’s announcement and our participation in
the evolution of mobile payments.” For more
information visit www.rbcroyalbank.com/mobile
RBC announces secure cloud – the first cloud-based mobile payments solution
Asia Pacific Security Magazine | 53 Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
Raytec’s award winning family of VARIO
illuminators is now complete with its own
high-end range of dedicated power supply
units. Designed to correctly power all VARIO
illuminators including VARIO IP, the power
supplies provide a range of advanced features
and the easiest, quickest and safest wiring and
installation platform.
As a full product family, there is a PSU to
power any VARIO illuminator; purpose designed
to work together as a high performance
system. VARIO PSUs provide the option to run
multiple lights from one PSU, and offer CAT5
connectivity for VARIO IP network illuminators.
The ‘Fast-Connect’ wiring system also allows
the quickest and easiest wiring of all VARIO
input and output connections.
VARIO PSUs provide a high quality and
robust IP66 enclosure making them suitable for
all environmental conditions. Innovative status
LEDs are also provided to indicate correct
voltage and to provide internal illumination
support for during night-time installation.
All VARIO PSUs require a 100-230V AC
input and provide 24V output. 20W, 50W and
100W PSU options are available to provide a
solution for all VARIO low voltage lighting
installations. VARIO PSUs are also provided
with a 3 year warranty.
For more information on the VARIO series
of PSUs and the award winning VARIO family of
illuminators, please visit www.rayteccctv.com
Raytec’s award-winning VARIO lighting family now complete
HID Global®, a worldwide leader in secure
identity solutions, continues its drive to help
financial institutions secure online banking
services that nearly half of all their customers
prefer for convenient account access. Through
its forward-looking Identity Assurance portfolio
and channel partnership initiatives, the company
is fuelling adoption of layered authentication
as part of a cost-effective security strategy for
protecting online and mobile transactions from
anywhere, and from any device, more frequently
than ever before.
“Because the explosive growth in online
banking has attracted more sophisticated fraud
attacks and increased regulatory oversight,
it has become increasingly critical to move
end users beyond simple, static passwords to
strong, adaptive authentication that ensures
accounts can only be accessed by authorised
individuals, without intruding on the online
convenience,” says Christy Serrato, Solutions
Marketing, Identity Assurance, with HID Global.
“We are seeing and serving accelerating
demand for seamless, risk-based solutions that
enable banks to tailor authentication choices for
a wide variety of customers using their on-line
and mobile services.”
One of HID Global’s key focus areas is
to make it easy for financial institutions to
understand and interact with its ActivID®
authentication solution. In its retail banking
and cards practice technology analysis,
CEB TowerGroup awarded HID Global the
best-in-class Customer Engagement rating,
highlighting that its authentication factors,
the broadest in the market, offer experience
consistency across service channels and its
customer self-service capability delivers intuitive
management of credentials. “By combining
Customer Engagement functionality with
malware detection capabilities, HID provides
authentication that is both foundationally
sound and forward-looking,” says Jason Malo,
Research Director, Retail Banking and Cards
at CEB Towergroup. “The solution’s ability to
support external authentication credentials
provides flexibility for firms that have different
implementations or multiple legacy systems.”
HID Global has also broadened and
strengthened its banking partnership initiatives
with its Identity Assurance Technology Partner
Program, which fosters deeper collaborative
solution development engagements. Partners
such as Temenos participate in the program
to leverage layered authentication capabilities
based on HID Global’s ActivID® Appliance and
ActivID® Threat Detection Service for its highly
flexible internet and mobile banking solutions.
This and other partnerships play a key role
in meeting customer requirements and the
increasing demand for secure next generation
online financial services, with CEB TowerGroup
expecting online transactions to grow by a
multiple of 1.5 between 2009 and 2013 and
mobile transactions to grow 10-fold during the
same period.
HID Global’s ActivID authentication
offering promotes five critical layers for true,
multi-factor authentication to enable trusted
online transactions; strong user authentication
advanced device authentication, browser
malware protection, transaction-level
authentication/pattern-based intelligence,
and application hardening. This multi-layered
approach enables institutions to conveniently
layer online fraud protection with secure access
to online services and cloud-based applications.
HID Global’s unified approach is delivered
via an integrated authentication platform so
organisations can easily manage credentials
across a broad range of users and device types,
while delivering consistent yet convenient
protection to combat the latest fraud concerns
that financial institutions are facing world-wide.
For more information visit www.hidglobal.com
HID Global to Protect Online and Mobile Banking Transactions
54 | Asia Pacific Security Magazine
New guidelines are being introduced in all forms, all the time. But every now and then,
there are those that should cause one to pause and take notice. For those in security, here is one such set of new guidelines which provide specific advice on the active shooter threat.
In August 2009, police arrested four men in association with a terrorist plot targeting the Holsworthy Army Barracks in NSW, where several Australian Defence Force units involved in overseas deployments are based. The perpetrators planned to infiltrate the barracks and shoot as many people as possible.
Historically, Australia and New Zealand have not been immune from active shooter events. Several significant incidents have occurred at Government buildings, shopping centres, universities and public spaces during the past 25 years. The Port Arthur, Hoddle Street, Strathfield, and Queen Street incidents in particular, demonstrate that active shooter mass casualty attacks in Australia remain a real and persistent threat to the community.
Common elements of active shooter incidents include:
1. Occurs in confined or controlled areas – for high target concentration
2. Involves soft targets like shopping centres, schools and other public mass gatherings
3. Incident will occur rapidly and most likely be over within 10-15 minutes
4. Shooting will continue until offender(s) are confronted by law enforcement personnel or another type of intervention, or they commit suicide
5. Generally, incidents are not resolved through negotiation or other peaceful means.
Therefore, for all first responders, and most likely security and police officers, the primary objective of any initial response planning should be to minimise the offender’s access to victims. All site owners and operators should develop and practise strategies aimed at evacuating or isolating people or the offender. Courtesy of US Department of Homeland Security, the Active Shooter: How to Respond guide outlines three key areas of focus.
Evacuate: Building occupants should evacuate the facility if safe to do so. Evacuees should leave behind their belongings, visualise their entire escape route before beginning to move, and avoid using elevators. Maintaining concealment or cover while moving is also important.
Hide: If safely evacuating the venue is not
possible, occupants should seek to hide in a secure area where they can lock the door, blockade the door with heavy furniture, cover all windows, turn off all lights and remain silent. Mobile phones should also be turned to silent.
Take action: If the option of hiding in place is adopted, individuals may also need to consider options to disrupt and or incapacitate the active shooter in the event they are located. This can include using or throwing available objects or using aggressive force when confronted. Such action should only be taken as a last resort and in order to protect Key recovery considerations following an active shooter incident will include;
• public information and community confidence
• scene preservation and investigation activities• business continuity challenges.
These guidelines have been endorsed by the Australia-New Zealand National Counter-Terrorism Committee (ANZCTC) and will be maintained by the National Security Resilience Policy Division (NSRPD) of the Attorney-General’s Department.
Importantly also, guidance material on the threat posed by IEDs (improvised explosive device) will form the basis of a separate set of ANZCTC guidelines.
ACTIVE SHOOTER GUIDELINESFOR PLACES OF MASS GATHERING
Australia-New Zealand Counter Terrorism Committee.
By Chris Cubbage, Executive Editor
Have you recently published a security related book? Or have you just read a new,
great security book? Please email us at [email protected]
www.businessprotectionsummit.com4-5 December 2013, Dubai
MENA Business Infrastructure Protection 2013 Summit…Risk Management and Security Intelligence for Companies in MENA
Join us for this high-profile meeting that will provide a comprehensive platform for practitioners involved in the protection of critical infrastructure across the Middle East and North Africa.
Topics of discussion will include:
» Preventing and mitigating physical attacks » Cutting edge techniques and technology » Updates on guidelines and policies » Vulnerability analysis on critical infrastructure » Cost analysis of new technology for security operations » Post attack and disaster recovery strategies » Best practices for business continuity planning » Mitigating hostage situations
…and much more
Speakers inlcude:
Major Eng. Arif Mohammed Al Janahi, Head of CCTV and Surveillance, Department of Protective Systems, Dubai PoliceCengiz Mogul, Project Security Manager, Muscat International Airport ProjectMark Rodgers, Global Director of Security, DP World (including Jebel Ali Port)Huda Belhoul, Acting Director of Risk Management, Federal Customs Authority, UAEDavid Rubens, Director for International Development, The Security InstituteChris Holley, Security Systems Engineer, Samsung SDSMustapha Harkouk, Security Manager, GDF Suez AlgerieTareque Choudhury, Chief Security, BT Middle East and AfricaWallace Koenning, Head of Business Continuity & Disaster Recovery, Saudi AramcoHarry Harper, Ports Security Officer, Abu Dhabi Ports CompanyPeter Lehr, Professor of Critical Infrastructure Protection and Terrorism Studies, University of St AndrewsJohn Hamilton, Director, Cross-Border InformationDr. Theodore Karasik, Director of Research, Institute for Near East and Gulf Military Analysis (INEGMA)Chris Phillips, Former Head of Counter Terrorism, CPNI (MI5)/ Managing Director, International Protect and Prepare Security Office Representative from Frost and Sullivan
Orga
nised
by: For more information on
the Summit please contact:Ben HillaryT: +44 (0) 207 111 [email protected]
Book by30th Octoberand get a15% discount*
*Limited availability
Special Feature - CCTV
www.lockheedmartin.com.au
Providing national Security
BY THE TERABYTENational security extends beyond the battlefield, and so does Lockheed Martin. Our best-in-class
security capability is hard at work protecting Australia’s most vital data — in government and industry. Our NexGen Cyber Innovation & Technology Centre in Canberra is already providing leading-edge cloud IT and cyber security solutions. And with new investment in an innovative Security Intelligence Centre,
Lockheed Martin is continuing to meet the security challenges of today — and tomorrow.
300-66591_ByThe_APSM.indd 1 9/10/13 4:56 PM