Intelligent insights into a high-risk digitally transforming world Issue 4 2023 Regal Security partners with Genetec to provide world-class surveillance and VMS solutions
Our clients can count on our long-standing experience and performance in security guarding. These security services are developed and adapted to the needs and requirements of their specific business. Securitas delivers world-class electronic security solutions, priority service response and full project deliveries to maintain a security program that is customised to the client’s unique requirements and standardised to meet local and global needs. Our Remote Video Solutions (RVS) are standardised, cost-effective and remotely based video surveillance services combining specially trained security officers with innovative technology. Securitas helps you ensure the security of your aviation business. We understand that your highest priority is the safety and security of your passengers, employees, and aircraft. Combining cutting-edge technology with top security intelligence, our global network of experts covers every risk. We help make your world a safer place 0861 100 900 | [email protected] | www.securitas-rsa.co.za Security Guarding Electronic Security Remote Video Solutions Aviation Security Corporate Risk Management
www.securitysa.com Issue 4 2023 1 VOLUME 29 | ISSUE 4 | 2023 Women in Security Sector Focus: Industrial Securex 2023 Preview Local Innovation This month we commandeer time with the woman who is spearheading our national conversation on Women in Security, to get to know the lady herself a little better. What to expect from Securex, Fireexpo and the other concurrent events at Securex South Africa 2023, including the launch of Smart Security Solutions. Industrial and manufacturing companies use unique devices that create an uncommon risk that must be assessed and understood to fully protect against incoming attacks. Smart Security Solutions takes a quick look at what is happening in the local manufacturing arena, including the software and integrator side of local innovation. Editor’s Note.....................................................................2 News & Events................................................................4 Fire & Safety ..................................................................28 Integrated Solutions.................................................30 Product News ..............................................................32 Regal distributes Genetec Leading security distributor, Regal Security has recently been appointed as Genetec’s South African distribution partner. Genetec’s Security Centre 5.11 is game-changing technology enabling the Regal Projects Team to provide a unified platform for physical security activities, functions and data retrieval for any size project. Intelligent insights into a high-risk digitally transforming world Issue 4 2023 Regal Security partners with Genetec to provide world-class surveillance and VMS solutions 10 REGULARS FEATURES OUR COVER 08 12 16 25
2 Issue 4 2023 www.securitysa.com Andrew LETTERS TO THE EDITOR Letters to the Editor should be addressed to Andrew Seldon at [email protected]. Sending material to this publication will be considered automatic permission to use in full or in part in our Letters column. Be sure to include your name, e-mail address, city and postal code. We reserve the right to edit all letters. Disclaimer While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements, inserts and company contact details areprinted as provided by the advertiser. Technews Publishing(Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material. All rights reserved. No part of this publication may be reproduced, adapted, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of Technews Publishing (Pty) Ltd, Reg No. 2005/034598/07 Editor Andrew Seldon: [email protected] Contributor Lesley-Anne Kleyn Advertising sales Tracy Wolter: [email protected] Heidi Hargreaves: [email protected] Subscription Services For address changes, orders, renewal status or missing issues, e-mail: [email protected] Design and layout: Technews Production Department Published by Technews Publishing (Pty) Ltd Wild Fig Business Park, Block B, Unit 21, 1494 Cranberry Street, Honeydew Tel: +27 11 543 5800 ISSN 1562-952X Subscribe online: www.technews.co.za SMART SECURITY SOLUTIONS ISSUE 4 2023 Welcome to the fourth issue of Hi-Tech Security Solutions for 2023, which is also the first issue of Smart Security Solutions. As noted in previous issues, Hi-Tech Security Solutions has been rebranded to Smart Security Solutions as the publication evolves to incorporate more of what makes up the security industry today. When looking back over the years, I can recall when the move from analogue surveillance to IP was all the rage, with the demise of analogue predicted (many times). Then there was the megapixel race as cameras started ‘seeing more’ and analytics appeared on the scene. There have also been developments in many other security technology areas over the years. Today, IP is the standard, and cloud services, together with AI are making their mark in the industry (and who hasn’t noticed how important cybersecurity is, everywhere). But while the end users still want the cheapest solutions that do it all, users have also evolved to the point where they are not too concerned about megapixels or wired/wireless connectivity and all those, dare we call them, legacy issues. Of course, these do still play a role in decision-making, but only a small part of the decision. The ‘solution’ is what counts these days. Just as in IT, where almost any leading brand of PC, laptop or server will do the job, users want a solution, preferably a cheap Get Smart one (cheap is the constant in all industries it seems). You don’t differentiate your server according to processors or storage, it’s the software that matters in terms of what makes a server better at its job, be it backup, or speed, and reliability of storage etc. Obviously the processing power matters, but what the system does for the buyer is more important. The security market is similar. If someone buys 20 cameras, they will get the cheapest if all they are getting is 20 pictures on screens. They will pay more if there is additional value to be gained from the solution as a whole, both for security and other areas of the business. Perhaps the time has come when two words we have thrown around for years actually matter more than anything else: integrated solutions. This is the market Smart Security Solutions aims to address. It’s a combination of technologies, but also processes from security, cybersecurity, risk management and information technology. One could sum it up by saying Smart Security Solutions now focuses on resilience. The Oxford dictionary describes resilience as “the capacity to withstand or to recover quickly from difficulties”. This neatly sums up cyber and physical security as well as risk processes; they are meant to withstand (or prevent) attacks, but when they do get through, the same processes need to ensure that you can recover in the shortest possible time. FROM THE EDITOR’S DESK The easiest example is a ransomware attack, if you can’t prevent it, you need to get up and running quickly. In physical security, if your perimeter is breached, you need to react and deal with the situation and restore your security, while making sure that vulnerability is dealt with more efficiently in future. Smart Security Solutions is a work in progress, and I would welcome any comments and criticisms on how we’re doing. They will help us tailor the publication to the real needs of our readers. You can reach me at [email protected].
4 Issue 4 2023 www.securitysa.com Matt De Araujo is an expert in the field of security system sales, starting his career 15 years ago. Previously he managed sales and business development for a manufacturer and distributor of security systems in the African region. He has now joined Ajax Systems as Head of Sales in sub-Saharan Africa. “Ajax is changing the industry with its dynamic leadership, clear understanding of industry-leading innovation, and quality technology solutions. I want to be a part of this process. My goal is to strengthen our local team to exceed expectations and provide the next generation of solutions to an industry with excellent growth potential,” says De Araujo. “Sub-Saharan Africa is one of the target markets for Ajax. We have a big local team and with Matt’s experience in team management, market knowledge, and leadership skills, we will soon become number one in the region,” added Dmytro Shchebetenko, Cluster Director MEA, APAC at Ajax Systems. Ajax Systems officially entered the African market in 2018, and since then it has become one of the company’s top 10 focus markets. Due to the high demand for high-quality security products in sub-Saharan Africa, Ajax Systems enjoys a significant advantage in this market. In addition, it is developing several products specifically tailored to meet customer needs in the region. For more information, contact Ajax Systems, +27 73 373 2748, [email protected], www.ajax.systems Matt De Araujo joins Ajax Systems Elvey Group, the exclusive HALO Europe distributor to Africa, offers a range of body-worn cameras and DAMS software designed for the needs of tomorrow, including an IP68-certified body camera and a 4G-connected device. Horizon series body camera Designed for the future of public safety, the HALO customisable Horizon Body Camera allows you to tailor the solution to suit your requirements. With a three-year product warranty, the body camera has a full-shift battery life, enabling you to capture footage back-to-back. Key features include: • 16-hour continuous recording. • Super-fast charge. • Fixed cost data usage and storage. • Starlight lens technology. • Free setup and support. HALO Vault: Digital Asset Management Software (DAMS) HALO Vault is Halo’s bespoke digital asset management software for storing, viewing and streaming multimedia types all in one secure cloud-based environment. Key features include: • Ingest a wide range of multimedia types including mobile phone footage. • Play and download videos from the sharing portal at no extra cost. • Evidence can be viewed on any device or modern browser. • Redact video clips and other media with the built-in redaction engine. • All video access is audited with usernames, times and actions. • Easily mark and identify evidential video and media files. HALO NanoCam The HALO NanoCam is revolutionising retail loss prevention and providing enhanced security measures for retail clients. Body cameras have become business critical for capturing first-hand evidence, recording in-store footage and protecting customer facing staff. Features include: • 12 hours continuous recording. • AES-256 encryption. • Compact and lightweight. • 1080P full HD resolution. • Livestream capable via Wi-Fi. • Clear evidence. HALO Aware geo-fence technology Using a holster sensor, HALO Aware has been specifically designed to automatically switch on any HALO body cameras into active recording mode within a 9.1 m radius, once a police officer draws their firearm, baton or taser. HALO’s geo-fencing technology triggers supporting officers’ body cameras as they arrive on the scene to capture a chained series of body camera footage, providing complete situational awareness. The long-lasting battery and one-month standby time allow for back-to-back shifts as the HALO recharges in 1.5 hours via the USB Type-C fast-charge port, allowing officers to focus on what really matters, getting back to serving communities in less time. For more information, contact Elvey Security Technologies, +27 11 401 6700, [email protected], www.elvey.co.za Elvey partners with HALO Local electronics manufacturer, RDC, recently acquired a new SMT (surface mount technology) machine to boost its manufacturing output. With the growing demand for its products locally and abroad, RDC has made this investment to meet the needs of its customers. RDC’s commitment to quality, innovation and customer satisfaction has been the driving force behind its success. With the new SMT machine, it can now increase production output while maintaining high standards. The installation of the new SMT machine proved to be a challenging logistical exercise. It required additional compressor and extraction points to be installed, which added to the complexity of the task. Furthermore, the assembly plant is located on the first floor of the manufacturing facility, making it difficult to transport the machine into the building. To overcome this obstacle, a specially made opening was used in the side of the building to fit in the new SMT machine. Despite the challenges, the installation was successful and the new machine is now fully operational. The investment is a significant development for RDC as it continues to expand and meet the demands of customers. For more information, contact RDC, +27 11 452 1471, [email protected], www.radiodata.co.za RDC expands its production capabilities NEWS & EVENTS
www.securitysa.com Issue 4 2023 5 New research from Accenture finds that generative AI and other rapidly evolving technologies are ushering in a bold new future for business as physical and digital worlds become inextricably linked. The Accenture Technology Vision 2023, When Atoms Meet Bits: The Foundations of Our New Reality, explores the technology trends underpinning the convergence of the physical and digital, as businesses look to accelerate enterprise reinvention in the here and now. “The next decade will be defined by three mega technology trends - cloud, metaverse and AI – which collectively will collapse the distance of our digital and physical worlds,” said Paul Daugherty, Group Chief Executive of Accenture Technology. “While generative AI will have a far-reaching impact, leaders must dive in now to achieve its full promise, as it will require significant investments in data, people, and customising foundation models to meet organisations’ unique needs. The meteoric rise of ChatGPT has captivated the world’s attention on the power of generative AI to augment human capability. Accenture estimates as much as 40% of all working hours will be supported or augmented by language-based AI. Among business leaders, 99% of South African respondents agree that AI foundation models will play an important role in their organisation’s strategies over the next three to five years. Accenture’s Technology Vision 2023 identifies four trends that are key to unlocking this new shared reality: Accenture Technology Vision 2023 • Generative AI: Advancing human capability as a co-pilot, creative partner or advisor, nearly all South African executives agree that generative AI will spark significant creativity and innovation (98%) and usher in a new era of enterprise intelligence (97%). • Digital identity: The ability to authenticate digital users and assets – the foundation for traversing digital and physical worlds – is now seen by 79% of local executives as a strategic business imperative, not just a technical issue. • My data, your data, our data: AI cannot reach its full potential until companies figure out data. That means breaking down data silos and modernising their data foundations. In fact, 93% of South African executives believe data is becoming a key competitive differentiator within organisations and across industries. • Our forever frontier: Feedback loop between science and technology is getting faster, with each accelerating the advancement of the other, in ways that 67% of South African respondents believe could begin to unlock the world’s grand challenges. “The next wave of business transformation will create the foundations of a new reality – a shared reality that seamlessly converges the physical lives we’ve been leading with the digital lives we’ve been rapidly expanding,” said Kgomotso Lebele, Technology Lead for Accenture in Africa. “Looking at generative AI, right now scores of people are using it to generate purely digital images and content, NEWS & EVENTS Kgomotso Lebele. but we already see how it’s poised to shape the future of science, enterprise data, how we design and manufacture products, and so much more.” Building on years of research and client work, Accenture has established a company-wide team, the Generative AI and Large Language Model (LLM) Centre of Excellence, bringing together 1600 professionals dedicated to generative AI and leveraging the depth and experience of more than 40 000 AI and data professionals across Accenture. To help guide and inform business leaders, Accenture has published A New Era of Generative AI for Everyone, an in-depth study of generative AI/LLM that provides actionable insights on how leaders can best use this disruptive technology. For more information on this year’s report, visit www.accenture.com/technologyvision Sophos released its Active Adversary Report for Business Leaders, an in-depth look at the changing behaviours and attack techniques that adversaries used in 2022. The data, analysed from more than 150 Sophos Incident Response (IR) cases, identified more than 500 unique tools and techniques, including 118 ‘Living off the Land’ binaries (LOLBins). Unlike malware, LOLBins are executables naturally found on operating systems, making them much more difficult for defenders to block when attackers exploit them for malicious activity. In addition, Sophos found that unpatched vulnerabilities were the most common root cause of attackers gaining initial access to targeted systems. In fact, in half of investigations included in the report, attackers exploited ProxyShell and Log4Shell vulnerabilities – vulnerabilities from 2021 – to infiltrate organisations. The second most common root cause of attacks was compromised credentials. Cyber attackers used over 500 tools and tactics in 2022 “When today’s attackers aren’t breaking in, they’re logging in. The reality is that the threat environment has grown in volume and complexity to the point where there are no discernible gaps for defenders to exploit. For most organisations, the days of going at it alone are well behind them. It truly is everything, everywhere, all at once. However, there are tools and services available to businesses that can alleviate some of the defensive burden, allowing them to focus on their core business priorities,” said John Shier, Field CTO, Commercial, Sophos. More than two-thirds of the attacks that the Sophos IR team investigated (68%) involved ransomware, demonstrating that ransomware is still one of the most pervasive threats for companies. Ransomware also accounted for nearly three-quarters of Sophos’ IR investigations over the past three years. While ransomware still dominates the threat landscape, attacker dwell time decreased in 2022, from 15 to 10 days, for all attack types. For ransomware cases, the dwell time decreased from 11 to 9 days, while the decrease was even greater for non-ransomware attacks. The dwell time for the latter declined from 34 days in 2021 to just 11 days in 2022. However, unlike in past years, there was no significant variation in dwell times between different sized organisations or sectors. “Organisations that have successfully implemented layered defences with constant monitoring are seeing better outcomes in terms of attack severity. The side effect of improved defences means that adversaries have to speed up in order to complete their attacks. Therefore, faster attacks necessitate earlier detection. The race between attackers and defenders will continue to escalate and those without proactive monitoring will suffer the greatest consequences,” said Shier. To learn more about attacker behaviours, tools and techniques, read the Sophos Active Adversary Report for Business Leaders on www.sophos.com.
6 Issue 4 2023 www.securitysa.com The continuing uncertainty of the global economic outlook is reflected in the striking spread of responses to the latest Chief Economists Outlook (www.securitysa.com/*wef1). In a survey featured in the report, experts are evenly divided on the prospects for the global economy, with equal shares of 45% saying that a global recession this year is likely or unlikely. Chief economists expect both growth and inflation dynamics to vary widely across regions, while on the economic policy front, 72% predict proactive industrial policy to become an increasingly widespread phenomenon over the next three years. Although a majority do not see recent financial-sector disruption as a sign of systemic vulnerability, further bank failures and turbulence are considered likely this year. Divergent regional dynamics There has been a notable strengthening in growth expectations since the Chief Economists Outlook: January 2023, but the outlook differs sharply across regions. The most buoyant activity is expected in Asia, with China’s reopening expected to drive a significant rebound for the country and to bolster activity across the continent. More than 90% of the chief economists expect at least moderate growth in both East Asia and Pacific and South Asia. At the other end of the spectrum, threequarters of the chief economists still expect weak or very weak growth in Europe. In the United States, respondents were more optimistic in March-April than in January but are still divided on the outlook, with US growth prospects clouded by heightened uncertainty Economists divided on global economic recovery Suprema recently participated in ISC West 2023 in Las Vegas, the largest annual security exhibition in the United States, where a range of integrated security solutions were showcased. At the event, Suprema exhibited a number of security solutions comprising access control devices managed by BioStar 2, an integrated security software platform. BioStar 2 links all of Suprema’s access control terminals and supports multiple credentials seamlessly including RFID and mobile, QR codes, barcodes, facial recognition, and fingerprint recognition. BioStar 2 offers a very flexible system architecture where the NEWS & EVENTS Suprema showcases integrated security solutions system can be deployed in both a traditional panel-based topology in a centralised system with its intelligent controller, the CoreStation; and a distributed system by connecting the edge readers directly to the server. Officially launched at ISC West was the BioStation 3. Apart from being an access terminal that supports multiple credentials such as facial recognition, RFID, mobile and QR codes, this device also supports VoIP Intercom and real-time video monitoring features to make it a truly multi-functional reader. Its state-of-the-art facial recognition is processed by a deep learning AI-based engine inside a Neural Processing Unit (NPU), making it the most powerful engine in an embedded device with the strongest anti-spoofing detection technology. In addition, Suprema demonstrated how it will build its partner ecosystem by enabling integration of Suprema devices with third-party systems through Open APIs and SDKs. Also, a newly introduced cloudbased integration option offers a simple way for any cloud-based thirdparty platforms to make use of Suprema hosted, managed devices over the cloud. For more information, contact Suprema, +27 11 784 3952, [email protected], www.suprema.co.za on financial stability and the likely pace and extent of monetary tightening. On inflation, there was a marked uptick in all regions in the proportion of respondents expecting high inflation in 2023, and 76% of chief economists said they expect the cost of living to remain acute in many countries. Headline rates have begun to ease, but core inflation has been stickier than many expected. The dynamics are particularly stark in Europe and the US, where large majorities of the chief economists (90% and 68% respectively) expect high or very high inflation this year. China remains an outlier on inflation, with only 14% expecting high inflation this year. Financial sector tremors In the wake of recent bank collapses and financial market turbulence, chief economists expressed confidence in the systemic integrity of global markets. However, two-thirds highlighted the likelihood of further bank failures and disruption, while more than 80% said they expect businesses to find bank loans more difficult to secure as a result of tightening lending criteria. They also pointed to the knock-on effects of high interest rates, notably in the property sector, where two-thirds expect high rates to cause significant disruption in 2023-2024. Changing face of globalisation The chief economists were unanimous in anticipating further changes in the structure of global supply chains. When asked which business strategies they expect to contribute to this reconfiguration, they highlighted adaption to geopolitical fault lines (94%), the prioritisation of resilience over efficiency (91%), diversification of suppliers (84%) and an increased focus on environmental sustainability (77%). They also pointed to the increasing significance of proactive industrial policy, with almost three-quarters expecting it to become a widespread approach to economic policy around the world. Respondents were divided on whether industrial policy will act as an engine of innovation, but they highlighted several potential concerns, including a deepening of geo-economic tensions (91%), the stifling of competition (70%) and a problematic increase in sovereign debt levels (68%). “The latest edition of the Outlook highlights the uncertainty of current economic developments,” said Saadia Zahidi, Managing Director, World Economic Forum. “Labour markets are proving resilient for now, but growth remains sluggish, global tensions are deepening, and the cost of living remains acute in many countries. These results confirm the urgent need for both short-term global policy coordination as well as longer-term cooperation around a new framework for growth that will hardwire inclusion, sustainability and resilience into economic policy.”
8 Issue 4 2023 www.securitysa.com WOMEN IN SECURITY Success in business process best practices This month we commandeer time with the woman who is spearheading our national conversation on Women in Security, to get to know the lady herself a little better. Lesley-Anne Kleyn is a business analyst, consultant and coach, working across a range of industries, and within all sectors of the South African economy. When we caught up with her, she was wrapping up a series of Direction Setting workshops for a national retailer, regularly coaching several C-Suite Executives, and tackling research into Responsible Leadership. Her involvement within the security services sector is two-fold: working with the users of security solutions in an advisory role and working with the providers themselves to build their businesses into profitable and resilient entities. We wonder about the buzz around ‘responsible leadership’ and asked Kleyn for some insight. More than financial profit “Leading a business is no longer about profit alone. Rather, modern leadership is about the societal, environmental, and economic impact that business is so perfectly poised to bring about. There is nothing wrong with being profitable. Profitability is the point. But responsible leadership is about Profit Plus.” For Kleyn, flourishing businesses could make a real dent in South Africa’s desperate unemployment situation. And it is unemployment that is her personal passion. As for the security services sector, Kleyn initially worked directly with the end-users of security solutions as an independent consultant. “How I went from being a business analyst outside of this industry, to an independent security consultant within it, is a long story,” she giggles. “But nowadays I don’t do very much of that type of consulting anymore.” Instead, Kleyn has been working with security service providers themselves. “That’s been really gratifying.” “My role as an analyst, consultant and coach is to work on the business together with my client and his/her management team, not to throw my weight around. I keep continually in mind that it is a privilege to be invited through the front door, and that asking for my help entails vulnerability on the part of the leader and his/her team.” Kleyn helps business leaders to harness the potential of the people they lead, build high performing, collectively accountable management teams, and create a clear roadmap for the future, with powerful action plans to get there, whilst simultaneously developing operational excellence in every area of the business. In the security services space, operational excellence is particularly critical. Operational excellence “Security companies sell the concept of proactive security solutions to end-user clients, yet they themselves typically operate in a reactive state of crisis management. Over the years, the industry has come to accept this for itself as normal.” We wonder if it might be high time that the industry make a few fundamental changes? Kleyn ponders this question. She relates how thought-leader Jim Collins identified 18 visionary companies, pairing each one with a nearest leading competitor. What he found was that a dollar invested in a visionary company in 1926, would have grown to over six thousand dollars in 1990. In comparison, a dollar invested in the comparison company in 1926, would have grown to just about nine hundred dollars. “These visionary companies outperformed both the overall stock market and their nearest competitors,” says Kleyn. “My point is that Collins discovered that these firms displayed an interesting internal paradox: On the one hand, they had this unbudging core ideology – call it an anchor. Yet, on the other hand, they were continually driving to stimulate change and progress.” “Also,” she notes, “they had a clear handle on their current position at any given time. For any business to become resilient, all three aspects are pivotal, no matter what the business or the industry.” Kleyn is convinced that for many security services providers it has become imperative that they lay correct foundations in order to scale up fast, like it or not, because many are landing large contracts only to find it impossible to truly deliver on promised outcomes. “If the business is scaling, whether that be purposefully or fortuitously, then the management team needs to be equipped and upskilled to be able to keep up, as do the teams reporting to each manager.” The result of any business growing reactively instead of proactively, she says, is the deep-seated malaise that characterises the security industry, which the value chain is painfully aware of, but that end-users only come to realise many months and many millions of (often wasted) rands on their security solutions later. Speaking of end-users, we ask Kleyn about her work consulting to the users of security solutions themselves. It takes a village “My approach has always been to audit and field-test the existing solution, document results, educate my client, conduct a comprehensive risk determination exercise with the entire
www.securitysa.com Issue 4 2023 9 WOMEN IN SECURITY decision-making team with the results of the audit as a springboard, and then roadmap a five- to tenyear security strategy,” she says. “Once the strategy is in place, I engage the entire industry value chain, around the same boardroom table: the network infrastructure architect, the security technology manufacturer, its distributor, the appointed system integrator, the guarding provider, the control room expert, the tactical response provider, and the client. In fact, anyone and everyone who may be relevant to the client site. “It takes a village to produce a security solution that will add value. The ideal, end-to-end solution cannot realistically be implemented by one service provider, though many claim to be able to. My role is to make sure that all parties focus on their own areas of expertise, whilst at the same time making sure that all are engaged with each other and co-ordinated.” Security finds you We ask her how she ended up working in risk, safety and security in the first place? “I certainly did not set out to become involved in the sector, but over the years it kept finding me,” she explains with a laugh. As a young manager working a duty shift at a Holiday Inn, Kleyn co-ordinated her hotel’s role in aiding the survivors of the sinking of the Oceanos off the East London coast. “The hotel didn’t have a process in place to deal with this level of emergency. My team and I made one up that night. I guess that was my baptism into risk, safety and security.” After this experience, Kleyn was headhunted by Sun International, where risk, safety and security found her again. Her role was to recruit and facilitate training for various divisions within the group, and the security and surveillance teams were among those. “Surveillance in the gaming industry in the early 1990s was state of the art. I remember being fascinated.” Then, in the early 2000s, a monitoring and armed response provider contracted her to undertake a business change project. “The company had been losing market share and within 18 months we had turned that business around, surpassing all expectations. Twenty years later and the company has remained extremely profitable and is actively involved in its local community.” Indeed, after that project, Kleyn had gone on to work within an entirely different sector, completing a business recovery project for an NPO. The security sector was not top of her mind. But then the industry came calling again. This time, she was approached by a system integrator on the look-out for an intrapreneur to join its national team. Kleyn politely turned the offer down. Twice. “On the second occasion, I told the company that it would take a crane to move me out of my consulting practice,” she laughs. “I just wasn’t interested.” A few days later she answered a third call: “So exactly how big a crane do we have to build, to get you to join us?” Kleyn relented. “It was a combination of the persistence, the humour, and the vision that the company had for the levels of professionalism that it wanted to introduce to this sector, that finally persuaded me.” Best practice passion It wasn’t long before Kleyn had gained a wealth of experience within all critical aspects of risk, safety and security, going on to become accomplished at the art of integrating manpower and technology through the process of command and control, and a certified technical architect in her own right. But her real passion was for introducing general business best practice principles into security challenges. “Business principles work. I figured they must surely also be the only way to tackle something as critical as a security solution, so I adapted my generalist approach, to work for the security solutions environment.” Eventually, in 2018 Kleyn moved back into her own consulting practice full-time, with the security services sector now added to her company’s portfolio of industries. Her typical client is any firm, in any industry, operating in the R50 m to R200 m turnover per annum bracket, although she also works extensively with multinationals, and volunteers time with start-ups. Kleyn is particularly comfortable working with successful entrepreneurs. She has started-up and sold numerous enterprises, so she knows first-hand what it takes to lead and grow a business. One of her earlier endeavours was in Fintech, co-founding and running the company that conceptualised and commercialised the first bank statement analysis tool in South Africa, which she sold to a leading financial institution. That tool was endorsed by Microsoft and is still in use today. “I’ve always had a tenacious knack for opening business doors and getting to exactly the right decision maker. One of us did the coding, the other (me) got us in front of the right crowd.” We ask her what she most enjoys about the security services sector, and she bubbles with enthusiasm over clients, colleagues, learning opportunities, and women in the industry. “I have consulted to incredible end-user clients across the country. I have also been invited to coach some visionary leaders of security services companies. I have been fortunate to have been able to hone my own risk, safety and security skills through learning from many of the best in the business. And let’s not forget the wonderful women working in the space. We are an encouragement to each other, and I am so looking forward to introducing more of these ladies to Smart Security’s readers.” As for interests in her spare time, Kleyn replies, “What spare time? My entire family is currently studying. I am completing my Masters, my daughter is completing her Masters, and my son is a mechanical engineering candidate. It feels like all I do is study, but I waited 15 years to be able to do this so there has not been one day that has gone by that I have not been ecstatically happy to be here. If I make it through this intact, you might find me back on my surfboard or my guitar in the near future.” Lesley-Anne Kleyn is a consultant working across a range of sectors, assisting clients to build their businesses into profitable, impactful and enduring entities. With many clients in the security services sector too, she is a member of the board of ASIS International, heading up Women in Security. To join the conversation, contact her on +27 64 410 8563, or reach out on LinkedIn: https://www.linkedin.com/in/lesleyannekleyn Lesley-Anne Kleyn.
10 Issue 4 2023 www.securitysa.com COVER STORY Having a bird’s eye view of your surveillance data, with the capability to drill down to the details obtained via connected security solutions, is a game changer for security operators, companies and even officers on the ground. The technology behind Genetec, which has just appointed Regal Security as its distribution partner for South Africa, provides the means to do just that. Genetec is the undoubtedly the world leader in video management systems. In addition to this partnership being another feather in their rather large hat, it allows Regal to expand its Projects Team solution offering. With its unique capability to unify physical security activities, functions, and data, and bolstered by the technology behind Regal’s existing partners, Genetec levels the playing field between criminal and guardian. As an overall security solutions provider, Regal can provide unified high-end security solutions with the likes of Hanwha Vision, DMP, IDEMIA and OPTEX, as well as high-quality data storage from Seagate, with Genetec’s powerful VMS, Security Centre 5.11. This same platform offers advanced features such as video analytics, intrusion detection and incident management, empowering security systems, officers and managers to proactively respond to potential threats before they escalate. And more than physical security, Genetec also provides strategies to prevent Regal announces new game changing partner for its Projects Team. Regal announces new partnership cyberattacks on security systems. These include at-the-edge security, encryption, authentication and authorisation. “With over 30 branches across South Africa from which you can access over 4500 security products, and a highly skilled, knowledgeable technical team to call on, the Regal Projects Team is the security brains trust for any size project,” says Michael Collier, Head of Product Management at Regal Security. “Whether you’re looking to secure a golf course, a commercial business park, or even a residential estate, we can tailor-make a solution that answers current needs, addresses risk, and remains scalable for whatever may happen in the future. “Regal’s latest partnerships, Hanwha Vision and Genetec, puts us in the enviable position of being able to service new projects, assist in the evolution of existing projects and ensure old projects are upgraded to peak performance,” adds Collier. “Our commitment at Regal is to help our customers succeed, and in doing so, our Projects Team is committed to providing comprehensive, cost effective and fit for purpose security solutions for a wide range of projects.” Through Genetec’s real-time unification platform, false alarms are reduced, efficiency is improved, and security becomes data-driven with critical role-based information available at the click of a button. In addition, Hanwha Vision’s powerful AI technology keeps a watch on what’s happening on the ground, detecting and classifying people, vehicles, faces and licence plates, also in real-time. The Hanwha Vision system sends this data back to Genetec’s Security Centre for interpretation and analysis, putting the power of protection and prevention into the project owner’s hands. Nine reasons to choose the Regal Team for your next project The Regal Projects Team has a host of services that are tried, trusted and perfected. These include: 1. Pre-sales consultation. 2. Site assessments. 3. Product demonstrations and proof of concepts. 4. Integrated system design. 5. Pre-delivery configuration. 6. On-site commissioning. 7. Unrivalled technical support. 8. Training and product certification. And finally, reason number nine: as an industry-leading, end-to-end solutions partner, Regal prides itself on developing relationships with like-minded companies who are as committed to the success of a project as Regal is. Get the Regal Projects Team, together with our partners on your side, call +27 11 553 3300 or email [email protected].
Now in partnership with Regal Security, Genetec provides a unified platform for physical security activities, functions and data retrieval. Flexible, scalable and reputable solutions for all your projects.
12 Issue 4 2023 www.securitysa.com SECTOR FOCUS: INDUSTRIAL Addressing the SCADA in the room By Charles McFarland, Trellix. Industrial and manufacturing companies use unique devices that create an uncommon risk that must be assessed and understood to fully protect against incoming attacks. The industrial and manufacturing spaces are critical to the global economy. They produce the goods and services we rely on every day, from food and clothing to cars and electronics. Disruptions to this space can have far-reaching effects as proven by recent COVID effects on the supply chain. Much like other sectors, they are targeted by cybercriminals for monetary or destructive purposes. However, few other spaces command the breadth of purpose-built and custom devices necessary to function, as the industrial and manufacturing industries. These unique devices create an uncommon risk that must be assessed and understood to fully protect against incoming attacks. Such attacks can have massive implications, as seen during the Khuzestan Steel Co. attack in June 2022. Khuzestan Steel Co. and two other manufacturers were targeted to disrupt steel production, crippling services across Iran. The attackers who took credit for this attack go by Gonjeshke Darande or Predatory Sparrow. They did so by comprising the Industrial Control System (ICS) Siemens PCS7 Process Control System, manipulating the hydrogen gas density causing structural integrity and massive fires. Their ability to disrupt steel production is only half the story though. Notice this attack was enabled in part through compromising an ICS system, systems that are easily overlooked in a typical threat assessment. Most OS have routine patching cycles such as ‘Patch Tuesday’, and many major software packages have easy or automated patching mechanisms. On the other hand, ICS are typically not front-andcentre like desktop software but are mounted somewhere within the facility – making them much more troublesome to update and patch Continued on page 14 regularly. This attack is just one example showing how the impact of ignoring such ICS systems can be catastrophic. Assessing the current threat landscape In order to understand what risks are unique to industry and manufacturing, our team curated 120 different publicly disclosed vulnerabilities in the Supervisory Control and Data Acquisition (SCADA) or ICS space. We specifically looked at those that were disclosed since the beginning of 2023, enabling us to narrow the focus on current systems that are in production or in planning for implementation. Some systems may in fact be older, but generally the approach had the intended effect. There are two great sources of vulnerability information that the team used as primary sources: • National Vulnerability Database (NVD, https://nvd.nist.gov/). • CS Advisories from CISA (https://www.cisa.gov). We first used NVD for its simple-to-use search functionality. To ensure that we only had information relevant to industry and manufacturing, we filtered our results to only include instances of SCADA and then ICS. This filter is only a text matching filter, so the team then manually reviewed each result so that only the desired results remained. CISA Advisories have similar value, albeit more tailored. Again, not all ICS systems are typically found within the industry and manufacturing space, so we manually reviewed each advisory to keep the results relevant. There is a lot of overlap between NVD and CISA Advisories; duplicates were removed leaving the examined vulnerabilities. Results Since there are a variety of different solutions within the space, we organised the results into five main categories: 1. Communication. 2. Device management and monitoring. 3. Facility management. 4. Software. 5. Other. By and large, at 38%, the software category takes up the largest percentage of disclosed CVEs. These CVEs are specifically comprised of software-only based solutions that do not lend themselves to other categories. The most prevalent technology within this category is asset tracking software used to manage goods, equipment, and/or personnel across the facility. HMI or Human-Machine Interface is also among the top contributors, representing the software used for a human to interact with a device, or to design such user interfaces. From a research perspective, it is easy to understand why software solutions have the most CVEs disclosed. They are typically easier for an attacker to understand and interact with – which makes them more straightforward targets for cybercriminals. Device management and monitoring follows significantly behind at 23% of disclosed CVEs. The majority of these are device management solutions, with 15 CVEs disclosed from a single vendor. The remaining CVEs are scattered among management of different devices such as industrial robots, PLCs, and automotive factory devices. One potential reason for so many disclosed CVEs in this category is that device management and monitoring solutions
14 Issue 4 2023 www.securitysa.com Continued from page 12 SECTOR FOCUS: INDUSTRIAL inherently communicate to other devices. Exploiting communications leads to lateral movement making them a higher priority target. The next category coming closely behind at 20% of disclosed CVEs was facilities management, which also included ‘plant management’ for lack of a better grouping. The largest representative sub-category is access control with 11 CVEs, while plant automation only included five CVEs. Other more traditional sub-categories include HVAC management, energy management, access control, and remote management. Facility management has gained interest among researchers in recent years, including Trellix with our access control research in 2022 (www.securitysa.com/*trellix1). The communication category covers devices that are purpose-built for communicating, with disclosed CVEs sitting at 13% of the total. These are nearly exclusively routers. The few exceptions are relays and a wireless communication framework. The wireless communication framework CVEs also happen to have public proof-of-concept code available, which was rare among other CVEs. In fact, we only discovered three other proof-of-concepts among the others. We did expect a higher representation from this category as network devices tend to get a lot of scrutiny from both researchers and cyber criminals. It will be interesting to see if the remainder of the year sees similar results. The other category, composed of generic SCADA solutions for services like geolocations or telemetry that did not easily fit into another category, only accounts for 6% of disclosed CVEs. Surprisingly however, the breadth of vulnerability types was quite large. We’ve based these categories on the standard Common Weakness Enumeration (CWE) but grouped similar ones for brevity. Not many could be grouped together easily. The remaining breadth is so large in fact that the second largest category of vulnerability, out-of-bound read, only took up 8% of the population. The largest, at 34%, was authentication. This included lack of authentication, clear text storage of passwords, improper permissions, hard coded credentials, and similar issues. We’ve seen similar issues with authentication vulnerabilities in other spaces such as the medical industry. The differing vulnerability types often diverged into smaller groups of one or two representing less than 1% each. This is why the other category is so large at 45% of the overall population. A reasonable question is why are authentication issues so common in our findings? This is a difficult question to answer but we believe there are two major factors. The most straight forward factor is a there is a lack of priority for security and/or training among the developers of these devices. The developers are tasked with getting devices to communicate together, manage machinery, or other industrial tasks. If security is not prioritised appropriately, then even simple security measures can be overlooked. Another factor is that we see more authentication issues because it happens to be the first line of defence. When these systems get tested for vulnerabilities, authentication is usually the first defence to be challenged and therefore the most discovered. Is the industry and manufacturing space at risk? The short answer is yes, these systems are under threat and actively attacked. There have been some major attacks in the last few years indicating so. A prime example is the Khuzestan Steel Co. attack mentioned before, which used ICS systems as part of its attack chain; this is strikingly similar to a 2014 attack against an unnamed German steel company also targeting ICS systems. Both examples resulted in physical damage to the facilities. Some groups opt for more traditional attacks such as with ransomware as was the case in the Colonial Pipeline attack of 2021. Manufacturing accounted for 12% of Ransomware campaigns publicly reported in 2022 from the Trellix Advance Research Centre’s 2023 Threat Report. We also found that the Industrial Goods & Services accounted for 32% of the ‘leaks’ resulting from ransomware extortion. (www.securitysa.com/*trellix2). An insecure conclusion So, what can you take from these findings? First and foremost, software-based solutions are the low-hanging fruit for vulnerability discovery. Fortunately, they are also easier to keep up to date in terms of versioning and patching. Ensure the business is using automated patching if possible. Device management and monitoring systems should be the next priority. Things can get rather difficult if these are purpose-built devices without robust central management. For anyone running these systems, it’s paramount to keep them up to date, if possible, and within vendor support. That may prove difficult or impossible for ICS systems if they don’t come with some form of user update method – in which case the documentation from each vendor can provide more information. Proper network segregation and monitoring is important to provide some protection while security teams work out how to properly update and patch these systems. It’s certainly easier to focus on traditional attack vectors such as OS and web server vulnerabilities. But these findings make it clear that ignoring the potential impact of more domain specific solutions such as SCADA and ICS is not an option. It’s important that security teams work with their vendors and partners to ensure that each device is securely implemented, and the patching process works in a sustainable way for their business.
RkJQdWJsaXNoZXIy MjEzMjU=