Cybersecurity is not enough
March 2019, Cyber Security
Cyberattacks targeting IoT devices and consequently video systems as well are growing more frequent at an unprecedented rate. The things users should consider in their security strategy are highlighted in an information package from the Regensburg-based video equipment manufacturer with information and specific recommended measures. They show that the essential aspects extend beyond the classic instruments of cybersecurity.
Security specialists at many banks in several different countries were undoubtedly completely blindsided in 2013 when Russian hacker groups stole a sum totalling more than a hundred million euros in the course of the Carbanak campaign.
In these attacks, surveillance cameras inside the financial institutions were compromised, allowing the perpetrators to secretly view screen contents and keyboard entries and identify employees as spear phishing targets from their name tags or employee IDs, for example. Video systems also make excellent targets in Denial-of-Service attacks, as was demonstrated by the infamous Mirai and Persirai campaigns.
From planning to trust in the manufacturer
If a company wants to protect itself successfully from attacks of this kind, it is essential to implement a fully comprehensive strategy. Dallmeier identifies five crucial aspects which must function in harmony: consideration of security issues as early as the planning phase, integration in the IT strategy, cybersecurity functions in the systems, data protection, and the credibility of the manufacturer.
Due consideration of security questions should be included in the planning stage, for example by intelligent use of 3D technology. Secondly, it is important to ensure that the planned system is consistent with the company's IT strategy: More and more often, essential resources such as server capacities, or even the entire video security system fall within the purview of the IT department.
For the actual core function of cybersecurity, it is important that systems are equipped with all the requisite IT security functions, from hardened operating systems to capabilities for separating networks and up to and including encryption technologies and attack detection capabilities.
The fourth aspect should really be practically self-evident since GDPR came into effect, that is to say consideration of data protection issues. Finally, customers should also think very carefully about the manufacturer itself: What steps are taken to safeguard the systems during development and production, is the manufacturer potentially exposed to political pressure, and what provisions are made for security aspects when integrating the systems with each other and integrating third party systems?
The manufacturer's information package is intended to provide answers to these and other questions and with a Best Practice Guide, offers an extensive collection of practical tips and configuration notes for IT and security officers and administrators.
Those who are interested can find the information package by following this link: https://www.dallmeier.com/ls/cybersecurity
- When cybercrime affects health and safety
April 2019, This Week's Editor's Pick, Cyber Security
The threat of a category-one cyber-attack is that everything could seem right – the readings on the meter could be fine, checklists would be followed, and equipment would work – yet danger could still unfold.
- New service to fight cybersecurity threats to African banks
April 2019, Cyber Security
Foregenix is launching a service to combat the new and growing breed of cyber-attacks on African banks.
- Cyber/physical perils in hospitality
April 2019, Wolfpack Information Risk, This Week's Editor's Pick, Cyber Security, Entertainment and Hospitality (Industry)
How can we prepare for our holidays and avoid becoming the victim of a scam or data breach?
- Cloud and mobile deployments are the weakest links
April 2019, Check Point South Africa, Cyber Security
Report highlights the cloud and mobile attack vectors used to target enterprises: nearly one in five organisations experienced a cloud security incident in the past year.
- Rethink security priorities
April 2019, News, Cyber Security
Cryptocurrency mining is up 237%, phishing attacks increase by 269%, business email compromise attacks have gone up by 28%.
- New supply chain attack
April 2019, Kaspersky Lab, Cyber Security
Kaspersky Lab has uncovered a new advanced persistent threat (APT) campaign that has affected a large number of users through what is known as a supply chain attack.
- Overcoming the 2019 cyberthreat
April 2019, IT infrastructure, Cyber Security
The flexibility of remote working is good, however, the wider a network perimeter has to stretch, the more scope exists for security breaches.
- Halt, who goes there?
March 2019, Technews Publishing, Wolfpack Information Risk, This Week's Editor's Pick, Cyber Security
As long as organisations treat their physical and cyber domains as separate, there is little hope of securing either one.
- IoT is convergence in action
March 2019, Gijima Electronic and Security Systems (GESS), NEC XON, Technews Publishing, Axiz, G4S South Africa, This Week's Editor's Pick, Cyber Security, Integrated Solutions, IT infrastructure
The Internet of Things gains more than enough attention these days, but the IoT demonstrates the reality of the convergence between the physical and cyber worlds, and physical security is part of it.
- Stop hacking of access control systems
March 2019, This Week's Editor's Pick, Access Control & Identity Management, Cyber Security
Think someone hacking your access control system not a big deal? Scott Lindley suggests that you think again.
- New cybersecurity pavilion for Securex 2019
March 2019, Securex South Africa , This Week's Editor's Pick, Cyber Security, News, Conferences & Events, Training & Education
Securex South Africa 2019 has announced that 4Sight Technologies, a subsidiary of an international holdings company focusing on investing in Industry 4.0 companies, has signed on as the official sponsor ...
- Security by design
March 2019, Johnson Controls, Cyber Security, Integrated Solutions
The security of the platforms on which physical security products are built will increasingly impact purchase decisions and market positions.