Take The Poll: What Are The Biggest Security Challenges You Face?
Please take our online poll and provide valuable feedback. We will announce the results during the ASIS show in Las Vegas in a session co-sponsored by Verint Systems Inc. Click here to take the poll....
VoIP May Make Eavesdropping Easier
A leading member of the Jericho Forum security group has criticized the security of voice over IP technology after researchers revealed that it was possible to eavesdrop on VoIP conversations, according to ZDNet UK.
An eavesdropping vulnerability was revealed on the Full Disclosure mailing. Vulnerability researchers Humberto Abdelnur, Radu State and Olivier Festor claimed the exploit could allow a remote attacker to turn a VoIP phone into an eavesdropping device, citing a Grandstream SIP phone as an example....
SIA Offers Networking Opportunity With Australian Delegation
The Security Industry Association (SIA) announced it will co-host a Sept. 18 reception at the Australian Embassy in Washington, D.C. for SIA members to network with a visiting delegation of leading-edge Australian security companies. The 4:30 -- 8:00 p.m. event is available to the first 30 SIA members who register.
"SIA is continuing its efforts to present international market opportunities for our members," says Richard Chace, executive director and CEO, The Security Industry Association. "We view this networking event as the beginning of a new relationship with these companies as well as the Australian Security Industry Association."...
Surveillance Vs. Privacy: A War People Aren't Fighting
Largely unmonitored and apparently ineffective in solving any crimes, the video surveillance cameras in San Francisco housing projects have become symbols of futility and waste. The intrusive Big Brother implications of cameras peering into the daily lives of its citizens were ominous enough. But for many who responded to news of the cameras, the real crime is the money spent on something that simply doesn't work, reports The San Francisco Chronicle.
However it plays out, the controversy opens a window on a much larger truth: Americans are being closely and constantly watched, carefully scrutinized and meticulously monitored as never before. From government wiretapping, to Google cameras that offer up street-level views of private houses around the world, to mighty digital data banks that record and store everything from real estate loan applications to pizza purchases, the machinery of observation and analysis has become powerful and pervasive....
Survey Says Corporate Security Policies Often Not Enforced
What keeps security administrators awake at night? It could be the latest attack, or a newly-discovered vulnerability in the systems. But according to a report by Forrester Research and RSA Security, creating a security policy is still the biggest nightmare for most chief security officers.
Sixty-two percent of respondents consider the enforcement of existing company policies to be their most pressing driver in ensuring that data is properly secured. However, controlling the rising costs of ongoing compliance with those policies is becoming a burden, and 33 percent of the respondents -- the majority response to this question -- said compliance costs are too high.
Security policy issues have been around for years -- and that's part of the problem. Fifty-five percent of respondents have data security policies that are either outdated or require significant changes to bring them in line with regulatory and company mandates, the study says....
A New Dawn: Using CCTV As Infotainment
As protesters gathered outside the Security and Prosperity Partnership summit in Montebello, Quebec, to confront George Bush, Felipe Calderón, the Mexican president, and Stephen Harper, the Canadian prime minister, Associated Press reported this detail: "Leaders were not able to see the protesters in person, but they could watch the protesters on TV monitors inside the hotel ... Cameramen hired to ensure that demonstrators would be able to pass along their messages to the three leaders sat idly in a tent full of audio and video equipment ... A sign on the outside of the tent said, 'Our cameras are here today providing your right to be seen and heard. Please let us help you get your message out. Thank You.'"
Like contestants on a reality TV show, protesters at the SPP meeting were invited to vent into video cameras, their rants to be beamed to "protest-trons" inside the summit enclave. It was security state as infotainment. ...
Survey Finds Top Concerns for Network And Security Managers
Q1 Labs, Waltham, Mass., a network security management company, finds that today's IT managers are plagued with insider threats and internal issues, according to a new survey.
Responding to these concerns requires more complete internal monitoring that integrates with identity and access frameworks to identify who, not just what, is responsible.
A survey of more than 9,000 network and security managers from various industries and organizations found that more than 53 percent of respondents cited security mishaps originating from employees' careless or malicious behavior as their top issue. ...
School Districts Nationwide Get Help From GE Security
GE Security Inc., Bradenton, Fla., is providing a new strategic planning model designed to help make schools safer and more secure.
The company is collaborating with school districts in Lynn, Mass., and elsewhere around the country, to develop and execute strategic security plans designed to create safer and more secure learning environments while maximizing return on security infrastructure investments. In addition to Lynn, these include the School District of Manatee County, Fla., and Scottsdale Unified School District, Ariz....
Canadian Security Personnel Face Stricter Rules
Ontario's private security industry quietly entered a new era when legislation governing private security guards and investigators came into force, reports The London Free Press.
Designed to better define the role of a growing number of security personnel and ensure stricter standards of training, the new act overhauls rules that had been in place since 1966.
The new legislation, the Private Security and Investigative Services Act, requires all private security practitioners to be licensed, including in-house security staff, such as those working for retailers and bars, who were previously exempt....
CCTV And Recorded Footage Take On Casino Criminals
When Ah Tung was fighting a Macau casino to honor a $95,000 jackpot she won on a slot machine, the 16-year-old had reason to thank the CCTV cameras, reports Agence France-Press (AFP).
The video footage helped the teenage Hong Kong native win the money after Sands casino in the southern Chinese city refused to pay her, arguing she was too young to be there.
The unprecedented case, which made headlines worldwide in February, was decided when Macau's gaming watchdog promised whoever won a game "without cheating" would receive their payouts. ...
Business Management Botching Access Control, Survey Says
Polled about their organization's approaches to identity and access management, audit and compliance professionals in industry and government expressed a high level of frustration with how their IT and business management units are managing IAM.
Almost half (45 percent) of the 845 respondents questioned by the Ponemon Institute for the research study released today said their own organization does not effectively focus its IAM policies and controls on areas of business risk.
The compliance professionals, 68 percent of whom said IAM products were in use in their organizations, also expressed frustration that IT and business management groups weren't collaborating well in deploying IAM....
Biometric Software Secures Credit Card Purchases
Trying to remember dozens of Personal Identification Numbers (PINs), passwords and credit card numbers could soon become a thing of the past, thanks to a unique face recognition software developed by a University of Houston (UG) research team, reports the Hindustan Times.
The software uses a 3-D dimensional snapshot of a person's face to create a unique identifier or biometric.
The software development team, led by Eckhard Pfeiffer Professor Ioannis Kakadiaris at the Computational Biomedicine Lab (CBL), says URxD could be used for everything from gaining access to secure facilities to authorizing credit card purchases. ...
Colleges Plan For Security As School Starts
As colleges welcome back students for another academic year, they'll also be putting some new security measures in place -- some high-tech, some old-fashioned.
In the wake of the Virginia Tech shootings in April, college officials everywhere fielded calls from parents and students, reviewed emergency plans and systems, and added new tools to improve campus safety, reports the Spokesman-Review.
The most common approach seems to be two-pronged: a combination of siren or speaker systems and new text-messaging networks. That combination is in place at Washington State University (WSU), and it's on the way at Whitworth University, Spokane, Wash....
Study Reveals Insight for Mobile Wireless User Protection
A global third-party study commissioned by Cisco Systems Inc. and the National Cyber Security Alliance (NCSA) reveals behavioral findings among mobile wireless workers that spotlight the human side of security, as businesses and IT organizations empower more and more employees to remain connected outside of their offices.
Conducted this spring by InsightExpress, an independent market research firm, the study explores what is at stake for businesses striving to become mobile, and, therefore, more agile and efficient. It reveals findings gleaned from more than 700 mobile employees in seven countries that have adopted wireless technologies widely: the United States, United Kingdom, Germany, China, India, South Korea and Singapore. ...
Smart Technology In The Office Opens Back Doors
Information is routed in huge amounts through networked printers, copiers and scanners every day, moving hard-copy data into information technology systems and putting digital data onto paper. And although most federal agencies have been working hard to secure their systems, little thought has been put into securing these devices, according to Government Computer News.
The potential problem of smart peripherals has developed gradually, as stand-alone scanners, faxes and copiers have been integrated into online printers. Not only are these peripherals privy to sensitive information, they often have their own IP addresses and can be vulnerable to network attacks. ...
Bank Employs New Security Tactics
Once inside First Mutual Bank's main branch in Bellevue, Wash., people might wonder where the windows are....
Day-Care Centers Look To Security
Biometrics is being used in at least two Broward County day-care centers, reports the South Florida Sun-Sentinel.
"Parents love it," says Renee Johnson, district manager of Tutor Time Child Care, which uses the biometric system in its centers in Pembroke Pines and Plantation, Fla. "The parents say, 'This is technology beyond belief.' When we get phone call inquiries or give tours, the biggest question parents ask, 'Is my child safe?'"
Security is a growing concern at day-care centers, which confront issues ranging from custody disputes to the threat of child abductions and terrorism. Today, many day-care centers monitor or restrict access to their buildings by using digital keypads or swipe cards, door buzzers and surveillance cameras, features rarely seen a decade ago....
China Reveals Security Strategy For 2008 Olympic Games
The Security Industry Association (SIA) has released its China Olympic Security Update, a comprehensive analysis of China's investment in security products and services for the 2008 Olympic Games in Beijing. Created in collaboration with SINOTRUST, SIA's Olympic Update examines the myriad security challenges and the technologies being deployed to safeguard both Beijing and the many Olympic venues.
"This report underscores that the Olympic Games not only showcase world-class athletes, they showcase world-class security technologies and services from our industry," says Richard Chace, SIA executive director and CEO. "People across the globe will be wondering how one of the world's premier events will deal with security threats and issues. SIA's China Olympic Security Update goes a long way toward answering those questions."...
Study Finds Internal Theft Biggest Issue
Most major retailers perceive wrongly that shrink is a bigger problem for their competitors than for their own organizations, according to a new research report by the Loss Prevention Research Council, sponsored by IntelliVid.
According to the study of more than 100 major U.S. retailers, only 10 percent characterized their shrink as high compared to their competitors, while 65.5 percent said it was average. Twenty-four and half percent said their annual shrinkage was lower than average. One reason for this misperception may be there is no agreed-upon shrink measurement method, according to the survey.
While 42.9 percent of respondents said their companies measure shrink "at cost," some 57.1 percent reported their companies measure shrink "at retail price." The differences exist within and between retail segments....
Security Favored Over Privacy
With the eyes of big brother following Americans, the debate grows over security versus privacy in the United States. Critics question the high costs and privacy issues that come with such heavy surveillance.
An ABC/Washington Post poll says 71 percent of Americans favor the increased use of surveillance cameras....
Keynote Speaker Highlights Infosecurity NY And ISC East
This year's co-located ISC East and Infosecurity events will kick-off on Sept. 11 with keynote speaker Anthony Reyes. The former NYPD computer crimes detective, who now serves as president for the High Technology Crime Investigation Association and chairs the Education and Training Group for the National Institute of Justice's Electronic Crime Partner Initiative, is well equipped to address professionals in all sectors of security. Reyes will provide a perspective on today's most pressing security concerns for all security professionals.
"We're thrilled to have Mr. Reyes provide the keynote presentation," says Dean Russo, group vice president, Life Safety and Security portfolio, Reed Exhibitions. "We couldn't have found a better person given Mr. Reyes' experience in both law enforcement and information technology. He truly understands modern security threats. His expertise, along with his personal connection to New York, makes him an ideal keynote." ...
How Vulnerable Are Access Card Systems?
According to a researcher who spoke and demonstrated his methods at the DEF CON hacker conference last weekend, a range of access card readers designed to grant or deny entry to office buildings, airport terminals and other sensitive areas are inherently insecure and easy to hack, reports The Washington Post.
Researcher Zac Franken showed how to use an ordinary proximity card -- a common ID access card that transmits encoded data as a radio frequency signal when waved in front of a reader -- in combination with a tiny programmable chip to gain access to restricted areas protected by any card reader that uses a Wiegand communications standard, according to The Washington Post....
Schneider Electric "Extremely Pleased" With Pelco Acquisition
"Schneider Electric is an ideal partner for Pelco. Both companies share the same commitment to people, innovation and customer service that will make our combined enterprise an even stronger, more competitive player in the industry. We look forward to the unique benefits this partnership will bring to our customers and employees," says David McDonald, president and chief executive officer of Pelco.
The comment is in response to the recent acquisition of Pelco Inc. by Schneider Electric of Rueil-Malmaison, France. Acquisition of the supplier of video security systems will further strengthen Schneider Electric's Building Automation offering....
Pelco To Be Acquired By Schneider Electric
Officials of Clovis, CA based Pelco announced today that the company has reached an agreement to become acquired by Schneider Electric of Rueil-Malmaison, France. Schneider Electric is the world's power and control specialist. With 112,000 employees and operations in 190 countries, Schneider Electric generated sales of $17.2 billion in 2006. The price to be paid for this transaction is $1.22 billion expressed as an enterprise value on a cash-free, debt-free basis. In addition, Schneider Electric will pay to the sellers the net present value of a tax benefit resulting from the step-up of Pelco's assets, representing $320 million. As a consequence, the total price paid in cash at closing will be $1.54 billion. The transaction is subject to anti-trust and other regulatory clearance and is expected to close by October 2007....
New System Identifies Handwriting
Whether its perfect penmanship or chicken-scratch, handwriting could provide an effective form of online security.
With a new authentication program called Dynahand, users are not required to remember passwords or invest in costly biometric devices, such as a fingerprint scanner. They just need to be able to recognize their own handwriting.
"I know it's my handwriting, but I don't know how I know. I can't explain to somebody else how I do it," says Karen Renaud, a computer scientist and lecturer at Glasgow University in the U.K....
