classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 
This Week's Editor's Pick
News
Conferences & Events
Training & Education
Associations
Access Control & Identity Management
Asset Management, EAS, RFID
CCTV, Surveillance & Remote Monitoring
Cyber Security
Fire & Safety
Integrated Solutions
IT infrastructure
Perimeter Security, Alarms & Intruder Detection
Security Services & Risk Management
Products
Handbooks
Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2018



Security by design
March 2019, Cyber Security, Integrated Solutions

By Marius Brits, Johnson Controls, regional sales manager – Africa, Integrated Solutions – Fire & Security.

Cyber threats are growing, and they are coming from every direction. Access control, CCTV, perimeter and intrusion detection solutions – because they are connected to the IT domain and to sensitive IP and data – are an attractive target. The strength of the security platforms on which they are built will thus increasingly impact the purchase decisions of users, and market positions of vendors.

The companies that will lead the security industry in future are those that understand the risk and invest in building security into the entire lifecycle of their products, from initial design concept, through product development, deployment and rapid incident response to meet evolving cybersecurity threats and the needs of evolving environments.

Marius Brits.
Marius Brits.

Opening the door

Consider the security risk that a hacked access control system may present: it opens the door to people’s credentials, identities, access card and even biometric data, not to mention sensitive video footage and other company data assets, such as personnel records. It may also open the door, physically, to company facilities. As the digital environment continues to expand and evolve, so do security threats. This means the security of these solutions must continually evolve too.

For C-level and IT/security leaders three factors are top of mind:

• Mitigating the risk of hacktivism and malicious or criminal insiders,

• Protecting data access in-transit and in-storage, and

• Exposure, liability and compliance.

Properly configured software and hardware infrastructure is vital to protect a company from cyber-attacks and ensure compliance with security controls.

Johnson Controls’ Cyber Protection Programme

At Johnson Controls, a dedicated Global Product Security team leads the Cyber Protection Programme (CPP). Many of the solutions we provide to customers, which include access control, CCTV solutions and intrusion protection, are critical to operations, directly impacting safety, security and compliance with industry regulations.

Disruption is not an option. Operational technologies often provide critical functions which, if disrupted, can impact not just operational efficiency and profits, but also result in disclosure of sensitive information.

We address this by ensuring that every Johnson Controls product that is developed meets the standards of the CPP and complies with its policies. Each product is subject to extensive testing, has the CPP software loaded and will receive regular security upgrades throughout the life of the product.

Having engineering teams trained in cybersecurity has given Johnson Controls an advantage in developing products that consider cybersecurity within its core design. Our certified cybersecurity experts (CISSP, CSSLP, CEH, CCSP, etc.) work to validate designs using the latest recognised industry standards and practices. Expert driven cybersecurity designs provide the forethought required to reduce risk.

Three pillars

Johnson Controls’ CPP is built on three pillars: secure development, deployment services and rapid response.

• Secure development: Baseline design requirements that address core cyber threat categories for elevated security. Dedicated in-house cybersecurity test labs focused on discovering and neutralising concerns before they reach customers. Extended testing, including bug bounty programs and third-party penetration testing, provides verification and validation assurance. Solution designed features that enable easier compliance with corporate policies Certified and trained experts driving design decisions.

• Deployment services: We apply a multi-pronged approach: customer education to help drive more secure installation, compliance assistance to help our customers comply with industry and organisational policies, and provision of security documentation for IT acceptance.

• Rapid response: A product that is secure today may not be secure tomorrow. Through the rapid incident response service, our cybersecurity team quickly assesses new threats and vulnerabilities and advises customers on how they may reduce their cybersecurity exposure.

Future-secure

Security is a shared responsibility. Every organisation is responsible and accountable for protecting the business, its shareholders and its customers. Choosing secure products that protect against evolving risk is an important part of ensuring ongoing security. This means that building security into products and software must, now and in the future, be standard core policy and protocol for vendors. One thing is sure: the strength of the security fundamentals built into products will become a key driver of product purchases and will impact the market share of solutions.

For more information contact Johnson Controls, +27 11 921 7129, marius.brits@jci.com, www.johnsoncontrols.com
Credit(s)

Tel: +27 11 921 7100
Fax: +27 11 921 7202
Email: marius.brits@jci.com
www: www.johnsoncontrols.co.za
Articles: More information about Johnson Controls

Share: Share via email   Share via Twitter   Share via LinkedIn   Print  print  

Further reading:

  • 2019 Internet of Things (IoT) Barometer
    March 2019, This Week's Editor's Pick, Integrated Solutions, IT infrastructure
    A majority of businesses that use IoT technology agree that it has either disrupted their industry or will do so in the next five years.
  • Halt, who goes there?
    March 2019, Technews Publishing, Wolfpack Information Risk, This Week's Editor's Pick, Cyber Security
    As long as organisations treat their physical and cyber domains as separate, there is little hope of securing either one.
  • Using security to enhance the customer experience?
    March 2019, Axis Communications SA, Fidelity ADT Security, ISDS, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, Security Services & Risk Management, Retail (Industry)
    Customer experience will overtake price and product as the key retail brand differentiator by the year 2020. Will the security industry be part of this transformation?
  • Intelligent video transforms the ­in-store experience
    March 2019, Hikvision South Africa, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
    The customer experience is more important than ever as retailers are striving to ­differentiate themselves in a challenging and crowded market.
  • IoT is convergence in action
    March 2019, Gijima Electronic and Security Systems (GESS), NEC XON, Technews Publishing, Axiz, G4S South Africa, This Week's Editor's Pick, Cyber Security, Integrated Solutions, IT infrastructure
    The Internet of Things gains more than enough attention these days, but the IoT demonstrates the reality of the convergence between the physical and cyber worlds, and physical security is part of it.
  • Stop hacking of access control ­systems
    March 2019, This Week's Editor's Pick, Access Control & Identity Management, Cyber Security
    Think someone hacking your access control system not a big deal? Scott Lindley suggests that you think again.
  • New cybersecurity pavilion for Securex 2019
    March 2019, Securex South Africa , This Week's Editor's Pick, Cyber Security, News, Conferences & Events, Training & Education
    Securex South Africa 2019 has announced that 4Sight Technologies, a subsidiary of an international holdings company focusing on investing in Industry 4.0 companies, has signed on as the official sponsor ...
  • ISDS focuses on distribution
    March 2019, ISDS, News, Integrated Solutions
    David Heenan, MD of ISDS, told Hi-Tech Security Solutions that the company has restructured and will now focus on distribution and supporting its channel partners.
  • MIPS EMEA 2019
    March 2019, Milestone Systems, News, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
    Milestone Systems will kick off Community Days 2019 (MIPS) in Copenhagen, with more than 1500 participants and input from leading industry professionals.
  • A multifaceted approach to security
    March 2019, Bidvest Protea Coin, Retail (Industry), Integrated Solutions, Security Services & Risk Management
    The modern shopping centre can only be secured via a multifaceted approach to the security solutions deployed.
  • A logical solution for cyber solutions
    March 2019, Suprema, Cyber Security, Access Control & Identity Management, Products
    BioMini Slim 2 is a thin, FBI PIV and FBI Mobile ID certified FAP20 optical scanner with a large platen for easy capturing of fingerprints.
  • Managed IT security solution
    March 2019, Cyber Security, IT infrastructure, Products
    The LanDynamix fully managed IT security stack ensures that all the main attack vectors typically used by hackers to breach a network are protected and proactively monitored.
 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa		 Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)		 Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.