The year 2015 was the deadliest year for terrorist violence in Europe in nearly a decade. That s according to the Aon1 Terrorism and Political Violence Map 2016, produced with The Risk Advisory Group2. That was largely due to the so-called Islamic State mounting attacks on crowded public spaces. The map this year marks the first net increase in global risk ratings since 2013, with more countries (18) worsening in risk than improving (14). In 2015, shooting incidents overtook bombings as the most common form of terrorist attack in western countries for the first time since 2007, when Risk Advisory first partnered with Aon to produce the Terrorism and Political Violence Map. The targeting of civilians in public spaces, rather than attacks on state targets, has also become more common. In 2015, three in ten, 31 percent of all attacks in the west or against western interests in other regions targeted private citizens, with the most lethal and disruptive aimed at public spaces, most notably transport hubs, shopping areas, entertainment venues, hotels and tourist resorts.

The global threat posed by Islamic State dominates the findings of the map this year, say the map researchers. The terrorists activities have contributed to sustaining or increasing risk levels in dozens of countries, with the group entering a new phase of inciting and directly mounting mass casualty attacks beyond its immediate areas of control. The United States, France, Belgium, Tunisia and Russia have all borne the brunt. Risk rating increases in Europe have also been driven by far-right activism and civil unrest risks stemming from the European migrant crisis as well as the increasing influence of extremist parties on both the right and left.

In terms of the volume of terrorist attacks, the Middle East was by far the most affected region in the past year, with 80 per cent more attacks (1,114) than the next most affected region of South Asia (799). Henry Wilkinson, Head of Intelligence & Analysis at The Risk Advisory Group, says: The Aon Terrorism and Political Violence Map 2016 map reflects the changing risks affecting countries and businesses. Terrorism and civil disquiet in the West looms large, but war and sudden changes in government in emerging markets are also key risks this year. The terrorism threat trends we have identified in Europe, and the instability and conflict risks we have recorded in Africa and Asia that are driving the refugee crisis, come at a critical juncture for the European Union.

As for where this leaves businesses he says they need to be flexible and robust in how they anticipate and manage risks in the fluid world that the map depicts. Adaptiveness and resilience require effective risk management capabilities, which is why leading global businesses rely on Risk Advisory s intelligence and analysis services to help them grow whilst protecting their people, their assets and their brands. Scott Bolton, Director of Crisis Management at Aon Risk Solutions, adds: The threats highlighted in the map should encourage business leaders with global footprints to adopt a more strategic risk management approach to limit the impact of attacks on their people, operations and assets.

Understanding how they are exposed to the peril is key to achieving this outcome. Findings from the 2016 Risk Map

Countries with increased risk ratings for 2016:

Angola, Belgium, Bosnia and Herzegovina, Burundi, Guyana, Moldova, Morocco, Nepal, Ghana, South Africa, Sweden, Tunisia, Turkmenistan, Uzbekistan, Zambia, Zimbabwe and Mongolia. Most active regions for terrorist attacks in 2015:

Middle East (1114 attacks) Down from 2014

South Asia (799 attacks) Down from 2014

North Africa (491 attacks) Up from 2014

Sub-Saharan Africa (331 attacks) Down from 2014

Eurasia (298 attacks) Up from 2014

Latin America (212 attacks) Up from 2014

Asia Pacific (188 attacks) Down from 2014

The West (35 attacks) Down from 2014

Most active countries for terrorist attacks in 2015:

Iraq (845)

Afghanistan (312)

Pakistan (290)

Egypt (257)

Turkey (214)

Colombia (189)

India (170)

Nigeria (132)

Thailand (131)

State of Palestine (102).

Top six targeted business sectors in 2015:

Transport 131

Retail 115

Extractives 87

Critical Infrastructure 83

Financial 29

Tourism (primarily hotels and resorts, and civil aviation) 25

References

1. ^ Aon (www.Aon.com)
2. ^ The Risk Advisory Group (www.riskadvisory.net)

Genetec1, the Canadian IP security product company, has begun shipping the new version of its Turnkey Network Security Appliance, the SV-32 v2, pictured. The firm describes it as a turnkey solution that enables users to deploy a unified or standalone IP-analogue video and access control system while maintaining their existing analogue equipment.

With built-in analogue encoder cards, the SV-32 v2 offers a way to integrate legacy analogue cameras as part of an IP transition plan. Pre-installed with the Genetec Security Center software, the
v2 appliance allows for the consolidation of multiple remote sites within a single security environment, while supporting a range of future-proof IP cameras and door controllers to suit various deployments, the company says. It s suited the firm says for sites that have already made investments in analogue cameras such as banking and retail. The SV-32 v2 can support up to 32 analogue or IP cameras and 100 access control readers on each unit.

The product doubles as a client workstation, providing a unified view of video and access control events locally on up to two monitors. Operators can verify cardholder pictures against live or recorded video associated to access control events for doors within the system, and automatically trigger alarms based on video and access control events. Using the Security Center Mobile application, v2 users can view their system and receive real-time alarms on their Android, Apple and Windows Phone devices.

Security users can view live and recorded video, control PTZ cameras, lock and unlock doors, and receive real time alarms and access control events.

References

1. ^ Genetec (www.genetec.com)

Smoke detectors around the University of East Anglia s (UEA1) student accommodation have been replaced with Nittan2 s Evolution EV-DP Dual Wavelength Photoelectric smoke detectors. This was for UEA to remove issues with false alarms caused by steam. Some 4500 Nittan devices, including more than 2500 Nittan EV-DP smoke detectors, have been installed by Global Fire Services Ltd in the 24 accommodation buildings spread across the 320 acre Norwich campus. The university was seeing around 20 false alarms a week caused by steam escaping from the bathrooms and activating the smoke alarms. Each alarm event has to be checked and verified by security personnel before Fire and Rescue Services will attend.

A reduction in false alarms is thus not just convenient, but saves in cost and time. UEA ranks among the best universities in the country for student satisfaction, with its accommodation provision a part of this. Reducing false alarms and disruption within living areas was regarded as having a role to play in the quality of the rooms. Greg Smith, Director of Global Fire Services, says: Originally the plan was to relocate the existing detectors further away from the bathrooms. Whilst this would provide the same level of fire protection, it would be quite a costly solution as it would not only involve moving the devices and cables, but also redecorating afterwards to cover up where the alarms had been previously.

We were also concerned that the steam would affect these devices in the new location. As the existing alarms were coming to the end of their lives anyway, we recommended instead swapping to Nittan s EV-DP smoke detectors which easily cope with steam. Nittan says that its Evolution EV-DP smoke detectors have been designed to reduce false alarms caused by non-combustion products such as steam, dust and aerosols. Unlike other industry standard (single optical sensor) smoke detectors on the market that claim to distinguish between smoke and non-combustion products, the EV-DP measures the actual particle size in the chamber via its combined IR and blue LED the makers say. As steam and dust are much larger particles than smoke, the detector won t false-alarm.

This is the first time Nittan smoke detectors have been installed at UEA. An initial on-site demonstration by Global Fire Services in one of the student rooms compared manufacturers alarms with Nittan s EV-DP alarms in a real setting. When steam was deliberately built up in the room to test and compare the alarms, only the Nittan EV-DP alarm stayed silent, whilst the existing one went into false alarm. However once even the smallest amount of smoke was introduced, the Nittan detector reacted and went in to alarm as intended. Global Fire Services replaced the smoke alarms in the student rooms with the EV-DP detectors in the summer holidays. The installation was completed ahead of schedule. The existing wiring and panels were used.

A year on on and, according to Steve Edwards, Electrical Design Engineer, Estates and Building Division at UEA, there have been no false alarms due to steam. All accommodation blocks now have Nittan alarms installed, with further alarms being fitted in to 531 bedrooms. Security is very satisfied with the results.

Visit www.nittan.co.uk3.

References

1. ^ UEA (www.uea.ac.uk)
2. ^ Nittan (www.nittan.co.uk)
3. ^ www.nittan.co.uk (www.nittan.co.uk)

People are still carelessly sharing private information over the internet, despite the consequences, according to a study by an IT security product company. Some 28 per cent of people share confidential data by accident, while 16 per cent willingly disclose secrets about themselves despite the fact that information shared online can cost them a relationship or a job. The survey, by Kaspersky Lab1 with B2B International, questioned more than 12,000 people worldwide and found that many people risk sharing personal data through online communication channels, even though there are security risks in doing so. This might include: a photo of themselves (45 per cent), their contact details (42 per cent), a photo of another person (32 per cent), sensitive personal details (30 per cent) and work-related data (20 per cent) online. Further, and potentially even more seriously, one-in-six shared a secret about themselves (16 per cent), while nine per cent communicated private information about another person and eight per cent shared sensitive financial details.

This is despite the fact that half are deeply worried about the damaging impact of such information being made public both in terms of financial loss and emotional distress. A third was worried that it could damage relationships, embarrass or offend someone and one-in-six (15 per cent) was afraid that it could harm their career. This level of concern is often justified, Kaspersky adds.

28 per cent admitted they have accidentally shared confidential data and one-in-ten have suffered as a result. Of those that suffered, the consequences included losing friends (20 per cent), being bullied (17 per cent), suffering financial loss (15 per cent), the end of a relationship (13 per cent) and being dismissed from their job (13 per cent). However, 13 per cent still don t take any precautions to keep their online activities and information safe, and a mere four-in-ten keep interactions with close family and friends separate from other activity (43 per cent) or double-check all messages and posts before sending (39 per cent).

A quarter try to avoid sending or sharing information when they ve had a drink and a guilt-ridden 29 per cent opt for the largely ineffective measure of hastily deleting their Internet history after sharing something. David Emm, pictured, Principal Security Researcher from Kaspersky Lab says: Many consumers still struggle to translate risk awareness into caution when it comes to online activity. With so many devices and online channels at our fingertips it s never been easier to post an unguarded message or accidentally share information with the wrong people. If you are not cyber-savvy enough and you don t have the proper security and privacy safeguards in place, you could be left with shattered friendships and careers. Once it s online it s there forever so if in doubt, keep it to yourself.

You can check your own cyber-savviness here: https://blog.kaspersky.com/cyber-savvy-quiz/2.

References

1. ^ Kaspersky Lab (www.kaspersky.com)
2. ^ https://blog.kaspersky.com/cyber-savvy-quiz/ (blog.kaspersky.com)

When choosing fresh accessories and painting over faded walls when spring cleaning about the house, don t forget the most important improvements you should be making. Dr Steffan George, pictured, Development Director of The Master Locksmiths Association a trade association for locksmiths provides guidance on reviewing your home security for the longer days ahead. External storage buildings where you keep all your highly valuable warm weather essentials such as bikes and garden furniture are prime targets for thieves. Whether it s a garage or a shed it s vital to secure your storage building, so invest in Sold Secure tested and correctly specified padlocks and hasp and staples. If you ve just bought a new outdoor furniture set ready for summer, you ll want to show it off, but it s important not to leave it on show overnight. Many do so but this makes for an easy target for a would-be thief, so tidy it away in your secure storage building. Keep ladders, bins, and gardening tools stored out of sight and under lock & key too, as they can be used in opportunist crime to gain access to the home itself.

One third of burglars enter homes through windows so double check that all on the ground floor and any that are accessible on higher levels have secure key operated window locks. And when you re in and out during the hot summer months, make sure you shut and lock the windows! As simple as it sounds, leaving the house with windows wide open is a common occurrence during the warmer months. Other security measures such as door chains, spy holes, top/bottom bolts and even CCTV are worth considering, as these can all boost security, prevent break-ins and give you extra peace of mind. Although the days are getting longer, there will still be dark nights when your home becomes vulnerable.

As well as helping you gain access to your home at night, sensor lights or dusk-to-dawn lighting can work as deterrents. Opportunist thieves often approach houses that look like nobody is at home, so invest in light timers to give the impression that someone is home. A fake TV is also a good idea this device emits light that mimics that of a TV and can give the impression somebody is watching something in an upstairs room. Finally, be sure to lock up your house and set the alarm every time you leave. It almost goes without saying, but you would be surprised by how many people that don t do this or simply forget. Don t leave keys on show, particularly near doors or indeed in the lock on the inside, and never leave valuables such as laptops or jewellery on display as they can tempt potential burglars.

By taking these simple security measures and investing in secure fittings, you can ensure your property isn t vulnerable to thieves and your possessions are protected from the threat of crime. A third party accredited, licensed locksmith, such as an MLA member, will be able to assist in reviewing a property s security and install effective security measures, helping to save money in the long term. To review a list of independently tested and approved security products visit the Sold Secure website at: www.soldsecure.com1. Security guidelines for domestic properties can also be downloaded free from http://www.locksmiths.co.uk/security-advice/security-guidelines-for-domestic-dwellings/2.

Go to www.locksmiths.co.uk3 to find your local MLA licensed locksmith and www.locksmiths.co.uk/homesecurity4 for more about lock and security guidelines.

References

1. ^ www.soldsecure.com (www.soldsecure.com)
2. ^ http://www.locksmiths.co.uk/security-advice/security-guidelines-for-domestic-dwellings/ (www.locksmiths.co.uk)
3. ^ www.locksmiths.co.uk (www.locksmiths.co.uk)
4. ^ www.locksmiths.co.uk/homesecurity (www.locksmiths.co.uk)

The recent Egypt to Larnaka airport hijack passed without injury; however this incident, and the Brussels terrorist attacks of March 2016, highlights the need for consistency in technology to help airports respond to emergencies, according to an airport web-based emergency operating centre product company. Crisis emergency incidents at airports are mainly unanticipated, usually unprecedented, and sometimes, catastrophic; ranging from severe weather, to a terrorist or criminal incident with injuries and fatalities, says Intermedix1. Kim Frierson, VP Corporate Business Solutions at Intermedix, said: Airport emergency situations require rapid responses across multiple organisations and by multiple teams to be implemented simultaneously, amid what can often be a chaotic and confusing environment. This is where specially developed software takes over, acting automatically yet intelligently, to ensure that everything that needs to happen, does happen. Such preparedness tools do already exist, and it is possible to plan ahead for a wide range of possible scenarios.

Intermedix offers crisis incident management tools for the airline and airport sector. Its web-based tool, WebEOC, allows multiple airport personnel and external agencies to share status updates and recovery information in real-time. Frierson said: When you have to coordinate multiple airlines and government organisations and when the responsibility can fall on different parties, tools that can expedite this ensure any situation is handled as efficiently and safely as possible. The ability to set plans and checklists, track actions and provide a secure communications medium for staff and outside agencies are essential for airport operations or emergency management leaders. WebEOC is used by five out of ten of the largest airlines in the world, the product firm adds. Kim Frierson said: It s clear that an information management system is vital during an emergency. However, can it also aid in daily airport operations and special events?

The answer is a resounding YES! A tool that allows users to manage daily processes in a configurable environment and doesn t limit functionality to emergency response, offers users the highest rate of success when the inevitable something does occur. Intermedix launched a new UK and Europe base in 2016, headed by Ian Carr, Market Development Director.

Visit www.intermedix.co.uk2.

References

1. ^ Intermedix (www.intermedix.co.uk)
2. ^ www.intermedix.co.uk (www.intermedix.co.uk)

Over 650 security people gathered for the ASIS1 15th European Security Conference and Exhibition at the Business Design Centre in London2 from April 6 to 8. They took in more than 50 sessions across five tracks, covering the spectrum of security management topics such as the terrorism risk outlook, internet of things, insider threat, cyber, duty of care, organisational resilience and many others. The opening keynote came from Supt David Roney, UK National Counter Terrorism Policing HQ. He outlined the UK s counter-terror approach and the police s prepare and protect strategies, highlighting the need for partnership between law enforcement, businesses and security service providers.

With conference delegates primarily in senior management positions, the dedicated sessions from the ASIS CSO (Chief Security Officer) Roundtable and the keynote address on leadership from Juan Carlos Pastor Phd, Professor of Organisational Behaviour at IE Business School, provided debate for those responsible for large operational teams. A closing keynote speech was from Aimen Dean aka the Spy Who Came in from Al-Qaeda who provided an insider view on the origins and state of a range of Islamic extremist groups operating across the Middle East, Europe and Africa. He concluded that ISIS s strategy is to weaken the European Union by causing turmoil and tension within member states. According to Dean, ISIS view the UK s EU membership referendum as an opportunity to advance that aim by targeting the UK in the run up to the polling day, hoping to cause panic, reinforce the chances of a vote to exit the EU, and ultimately claim the UK s exit from the EU as a victory in their propaganda.

The social hub of the event was the exhibition floor where 34 exhibitors displayed technology, services and products. Exhibitors also presented analysis and research in the technology and solutions track, a new feature in this year s event, which was standing room only for many sessions. Event sponsors were Tyco Integrated Fire & Security, Axis Communications, Securitas, HID Global, Nedap, Prosegur, QCC Global and The S2 Safety and Intelligence Institute. Three evening receptions extended the networking time outside the main venue; the Welcome Party at the Leadenhall Building, the President s Reception in the Egyptian Sculpture Gallery of the British Museum, and a closing reception hosted by the ASIS UK Chapter at the House of Lords. Baroness Harris of Richmond stepped down as ASIS UK Chapter patron at the end of the event, having entertained and charmed her guests on the terrace of the House of Lords.

ASIS Europe 2017 will run in Milan, Italy from March 29 to 31, 2017.

References

1. ^ ASIS (www.asisonline.org)
2. ^ London (www.asisonline.org)

Paul German, VP EMEA, Certes Networks1, goes through some common IT security misconceptions in the education sector. Three common misconceptions, he insists, need to be put right to stop these hacks being repeated month after month. The year 2016 hasn t begun in a very positive way for education institutions. January 2016 saw data on 80,000 students, faculty, and staff at UC Berkeley compromised in the university s third data breach disclosure of the past 15 months. This was followed by a breach of 63,000 names and social security numbers of current and former students and staff at the University of Central Florida in early February 2016 obtained when hackers attacked the school s computer system.

Data breaches and security hacks aren t new to this industry. In fact, one of the earliest books written about computer hacking featured hacking at universities. Arguably, universities are a breeding ground for next generation of hackers cutting their teeth by creating new malware and probing for vulnerabilities. So why are these breaches continuing to occur? Misconception one: I can have an open IT environment, or secure IT environment, but not both open and secure.

With an ever-expanding attack surface encompassing personal devices, widely shared applications, a culture of open access and often no well-defined perimeter, university environments repeatedly become the perfect playground for hackers to exploit. Yet, having an open IT environment does not mean that it can t be kept secure. What s more, simply reducing the number of users on the network or limiting the number of applications available to those users, won t meet the expectations of students and staff in fact, it will result in your institution operating much less efficiently. A more effective strategy is to focus on reducing the attack surface of the most sensitive applications through application segmentation and isolation that tightly controls access to those most sensitive applications, while leaving other applications in a more open stance. One segmentation technique is to use strong encryption for segmenting the sensitive applications and then applying role-based access control. This blocks hacker lateral movement so that if they compromise one of the open applications, they cannot access the more sensitive ones. This way, IT environments can be kept open, with more devices, applications and users than ever, and still be secure.

It doesn t have to be one or the other. Misconception two: Breach protection and detection policies are enough to keep the hackers at bay. The Verizon Data Breach Investigation Report 2015 showed that the education sector has by far the most malware incidents of any sector, coming in at 2332 incidents compared to a mere 350 incidents in the financial sector. What s more, the report also shows that educational institutions take the slowest time to fix all measured sectors. In general, industry data shows that after much innovation in the breach detection and response areas, the typical breach still is not detected for more than 200 days on average.

While an improvement from previous average detection lag of more than a year, this is still too long. These facts alone demonstrate that breach protection and detection policies are no longer enough, by the time a breach has been detected, the damage will have already be done. With a software-defined breach containment approach to security it is possible for organisations to confine the scope of a breach to a small, defined area, rather than creating a system wide disaster. As well as mitigating damage, breach containment strategies allow security teams to base segmentation on business applications and grant access based on user roles, as opposed to focusing solely on physical or infrastructure based segmentation. Misconception three: I know which users and applications can be trusted.

This is fairly simple: in reality, no user or application should be trusted. The multiple hacks that have already caused damage for education institutions this year alone show that these institutions, and other organisations alike, must adopt a No Trust security model. This assumes that there is no such thing as a trusted network or IT environment. Instead, every user, device, network and application must be treated as untrusted, and all systems should be considered already compromised. Following this mind-set, sensitive data should be isolated with strong cryptography and access to it should be tightly controlled based on user roles. This segmentation should then be applied consistently across all silos, for all users in the enterprise to keep the open environment under control.

Conclusion

It s clear that something needs to change. The education sector recognises that an issue exists; yet many are still not putting the proper measures in place.

It has never been clearer that now is the time to act, and by thinking of security in a different way and overcoming the common misconceptions outlined above, education institutions can quickly begin the journey from security chaos to security harmony.

References

1. ^ Certes Networks (www.Certesnetworks.com)

The telecoms firm BT says it s recruiting 900 people to work in its cyber-security business in the next 12 months. BT already employs over 2500 cyber-security people and has security operations centres around the world, with annual revenues growing at a double-digit rate, the telco says. It says it addresses consumer, business and governmental security needs from antivirus and parental controls in the home, to complex managed security as used by multinational companies, banks and national governments. BT expects to take-on and train 170 graduates and apprentices, as part of that 900 recruitment intake into cybersecurity and related support services roles. Graduates and apprentices will undergo training in BT s Security Academy in physical security, penetration testing, threat intelligence, risk management, security operations and sales.

As well as hiring from universities, BT takes part in a number of hackathon-style war-game competitions, such as Cyber Security Challenge UK and the international Cambridge 2 Cambridge cyber security challenge, to identify talent. Contestants take part in simulations of cyber-attacks pitting their skills against other participants, to see who has the strongest cybersecurity skills. While most roles will be in the UK, many at the company s security operations centres in London, Sevenoaks and Cardiff, BT is also looking to hire across Continental Europe, the Americas, the Middle-East and Asia-Pacific.

Mark Hughes, President of BT Security, pictured, says: A number of high-profile security and data breaches have dominated the headlines in recent months, and this has led to a surge in interest from both consumers and IT departments wanting to know how best they can protect themselves in the digital world. BT plans to remain at the forefront, innovating in cybersecurity, by hiring some of the best talent while training up the next generation of experts at our BT Security Academy. The firm is holding an apprentice open afternoon in central London; potential recruits can apply at http://bit.ly/1UVt4qJ1.

References

1. ^ http://bit.ly/1UVt4qJ (bit.ly)

Skyhigh Networks1, a Cloud Access Security Broker (CASB), has announced its certification to the ISO 27018 standard by BSI Group.

ISO 27018 is a standard that outlines guidelines for protecting Personally Identifiable Information (PII) stored in the cloud. Since the publication of ISO 27018 in 2014, only a handful of cloud service providers have achieved certification such as Microsoft, Amazon and Box. As Skyhigh says, customers can have greater confidence over how their data is managed in the cloud. Jeff Haskill, chief information security officer for AstraZeneca, said: Personal privacy of our employees, collaborators and patients is our primary concern. We believe that the ISO 27018 standard is an important differentiator when comparing differing cloud service providers, so its great news that Skyhigh is certified. And Carla Arend, Research Director Cloud Practice at IDC, said: ISO 27018 is an important standard giving enterprises confidence that cloud providers are a safe place for personal information. According to IDC s cloud research, security and compliance concerns remain top of mind for European organisations looking to use cloud services and IDC suggests that every organisation should be looking carefully at the security and privacy standards that their suppliers conform to.

ISO 27018 covers:

Control: Customers control how their data is used by the cloud provider
Transparency: Disclosure of policies relating to third party access, data residency and the return, transfer, and deletion of PII
Investigation: The prompt and thorough examination of any breach that may have led to the loss of sensitive customer information
Communication: Notification of all security incidents and law enforcement requests
Compliance: Yearly third party audits of the on-going conformance to standard guidelines. Balaji Thiagarajan, senior vice-president of Engineering and Operations at Skyhigh said: We have a history of adopting global standards that matter to enterprises in every vertical and the ISO 27018 certification is just the latest example of us placing customer needs first. As the market leading CASB, Skyhigh enables organisations to embrace cloud services with unparalleled visibility, compliance, data security, and threat protection.

Skyhigh has also been certified for ISO 27001, FIPS 140-2 and TRUSTe.

References

1. ^ Skyhigh Networks (www.skyhighnetworks.com)

Police and Crime Commissioners (PCCs) are here to stay, but the Home Affairs Committee of MPs warns of a lack of competition for chief constable vacancies and the need for more transparency. Better transparency and accountability of PCCs should include a central register of PCCs interests and a centrally maintained list of PCC office costs, the committee says in a report1. Chair of the Committee, the Labour MP Keith Vaz, said: PCCs are here to stay. A series of measures would consolidate their role and effectiveness in local communities. This must begin with a central register of PCCs interests and a centrally maintained list of PCC office costs, so they can be better scrutinised by their electorate. We did not anticipate that the creation of PCCs would have such a dramatic effect on the appointment of Chief Constables. The pool of talent in policing is in danger of drying up, with so few applications for the most senior jobs in Policing.

PCCs must ensure applicants for Chief Constable roles have served at least two years in another Police Force at a senior rank, and not allow close working relationships with their Deputy Chief Constables to deter external applicants.

We should take care not to burden newly elected office holders in May with too many additional responsibilities. They are already due to be given more powers for Fire and Rescue Services and police complaints, and an even broader remit on top of this may prove overwhelming and these proposals should be paused. PCCs who will be elected in May must prioritise consolidating the work of their predecessors before considering further expansions of their role and powers, according to the committee.

References

1. ^ report (www.publications.parliament.uk)

Manchester Airport ought to consider whether the deployment of staff and dogs in the customs channels has become predictable and therefore less effective against experienced smugglers; and should ensure the detector dogs are targeted against the commodities identified as high priority in the Border Force Control Strategy. So say Government inspectors. The inspection analysed Home Office staff survey results, talked to staff during 130 hours of onsite observation plus interviews and focus groups, and found that many Border Force staff felt undervalued and saw management as inflexible and unfair. Customs checks had detected a range of illicit goods, but had been less successful against high priorities, such as Class A drugs. There were questions about whether detector dogs were being used to best effect.

Some officers believed that their customs experience was not being put to best use; they risked losing their specialist skills, as they were mostly being deployed to the immigration controls. The deterrent effect of the detection dogs was difficult to measure, but seizures alone represented a low return on investment, given 1.25m spent on new kennels and the costs of operating the unit. A national review had recommended dynamic and flexible deployment of dog units, but while senior managers supported this, it had yet to filter down to front line. For the 64-page report visit the website of the Independent Chief Inspector of Borders and Immigration: http://icinspector.independent.gov.uk/1. For the Home Office response, visit gov.uk2. Border Force fully accepted all six of the inspection recommendations. As for use of detection dogs, the Home Office said that Border Force dogs are trained to detect a range of commodities in line with the priorities in the Border Force Control Strategy, including tobacco, cash, products of animal origin and drugs.

They are deployed against these as and when needed or in response to targets identified by intelligence and/or during joint operations.

References

1. ^ http://icinspector.independent.gov.uk/ (icinspector.independent.gov.uk)
2. ^ gov.uk (www.gov.uk)

Insurance industry staff should beware of approaches by unscrupulous fraudsters looking to get access to customer data, warns the City of London Police1. Officers are also reminding insurance staff about the serious consequences of passing on or selling customer data to third parties, which could lead to a criminal conviction and possible jail term. Officers from the Insurance Fraud Enforcement Department (IFED) received recent reports that criminals are targeting insurance staff in pubs, caf s or through social media in their bid to gain access to sensitive customer data and information. Instances have also been reported where staff have been watched leaving their workplace and approached while walking to their car or public transport. The alert by the National Fraud Intelligence Bureau also comes after IFED detectives investigating claims management companies suspected of illegally obtaining customer data found evidence of this practice by more than one suspected criminal group.

Once the customer information is acquired, it is used to make nuisance calls to customers who are harassed and bullied by claims management companies. These companies then make bogus or exaggerated insurance claims on behalf of the customer, who would never have submitted the claim otherwise. Sensitive customer data can also be used by fraudsters to go on and commit other identity fraud offences. Within three weeks, IFED officers have been investigating four separate cases where claims management companies are suspected of bribing insurance workers in exchange for customer data have arrested or questioned five people, including two former employees of insurance companies. To help minimise the chance of being targeted by criminals in this way, IFED is urging insurance staff to:

Be careful talking about work in public places, such as pubs, caf s or on public transport
Try not to identify yourself as working in the insurance industry on social networking sites
Remove any identifying objects, such as lanyards, badges, company clothing etc. when leaving your office building
Make sure you re aware of your employer s policies around data handling

Anyone who gets approached in this way, or suspects company data is being passed on to criminals should report it either to their line manager, through their company s whistle-blowing procedure or direct to police on 101. Alternatively, suspicious activity can also be reported via the Insurance Fraud Bureau s2 confidential Cheatline3 on 0800 422 0421.

Detective Chief Inspector Oliver Little, the Head of the Insurance Fraud Enforcement Department, pictured, said: We re issuing this alert to make sure that those working in the insurance industry are fully aware of the lengths that criminals are prepared to go in order to get access to customer data. Insurance staff need to be mindful of this and think about how they can protect themselves from being targeted or what they should do if they are approached. Staff should also know that if they re tempted to get involved in this activity, then they could be facing extremely serious criminal charges and the prospect of time in prison if convicted.

Fraudsters target all kinds of companies and organisations to try and get hold of customer and personal data, so this problem is neither confined to the insurance industry nor to any particular insurer. However, we re working closely with the insurance industry to share intelligence and information so that staff and companies can do as much as possible to prevent it happening. And Mark Allen, ABI s (Association of British Insurers4) Manager, Fraud and Financial Crime, said: This highlights the importance of insurers continuing to take the security of customers personal data very seriously, through following guidance from the industry regulator, the FCA and Data Protection Act requirements, and having systems and controls in place to minimise the risk of data theft.

Staff must be aware that they risk a criminal record and losing their jobs if involved in fraud or data theft. It s equally important that action is taken to remove the financial incentives to bring frivolous claims. We welcome the Government s recent announcement of tougher regulation of claims management companies, which should reduce the scope for rogue firms to target insurance company staff.

References

1. ^ City of London Police (www.CityofLondon.Police.uk)
2. ^ Insurance Fraud Bureau s (www.insurancefraudbureau.org)
3. ^ Cheatline (www.insurancefraudbureau.org)
4. ^ Association of British Insurers (www.abi.org.uk)

Scan-X Security, who offer security screening, security x-ray machines and metal detection archways, have taken an extra five new x-ray machines from the manufacturer Nuctech. The Midlands-based security firm reports that it operates globally and has invested over 250,000 over the last 12 months after year on year growth with turnover increasing by 30pc in the last year. The company s new x-ray machines are NUCTECH CX6040BI a dual-energy x-ray inspection system, as installed at airports, mass transit stations, critical infrastructures, post offices, and big events. Due to its high image resolution and X-ray imaging, the machine is claimed to be suitable for security and customs requiring inspections of hand-held baggage, small checked luggage and parcels at airports, rail transportation stations, government offices, stadiums, and courts. Rob Wallader, Managing Director at Scan-X Security said: Our clients are always impressed with the quality of the machines that we provide.

The image quality of Nuctech machines is second to none, and we are proud to work with them. Investing in five new machines, takes our total fleet to 30 x-ray machines all with varying capabilities this combined with our large stock of metal detection archways and handheld detection devices, means that we are well placed to supply any level of security screening rental requirements a company/event may have.

Although we are well placed in our market and regularly supply security machinery for the likes of: government contracts, facilities management, asset protection and large scale events, we are proud to provide very a personal service to our clients there aren t many business out there do that any more. Scan-X s most recent client, a sporting event in South West London, were the first to use the firm s new x-ray machines, made available to rent in March 2016.

Scan-X have supplied machines to some of the UK s largest sporting events, AGMs and conferences.

New from Sony is the UMC-S3C, described as the first video camera that offers the highest sensitivity with 4K video recording simultaneously, allowing users to capture details even in low-light, the makers say. This follows the recent launch of the 4K network camera, model SNC-VB770. Roger Lawrence, Video Security Product Manager at Sony Professional Solutions Europe, said: At Sony, we focus on enhancing high resolution and high sensitivity. With this approach, we have been expanding our current 4K product line-up and are confident that we can tap into new markets with the all-new UMC-S3C. The latest video camera is also a testament of Sony s relentless efforts to provide our clients with solutions that meet their business requirements.

Capable of achieving both sensitivity and resolution with colour video recording in 4K, the UMC-S3C provides illuminance as under 0.004lx, ISO 4096001. This is made possible by incorporating Sony s consumer and professional technologies the full-frame 35mm Exmor sensor and image processing engine. The camera uses a 35mm full-frame sensor to deliver high sensitivity with high light condensing efficiency, and an image processing engine which enhances noise reduction. With the inclusion of compatible E-mount lenses that are optimised to maximise the performance of the 35mm full-frame 12MP sensor, resolution is kept high across the entire image area from the centre to the lens periphery. The camera delivers clear images with less noise thanks to the 35mm full-frame sensor, which captures it s claimed more light with lower noise than conventional camera sensors, combined with the use of area-specific noise reduction which is able to selectively apply noise reduction to areas based on image content.

Detail reproduction allows video recording in near pitch-black beyond the capabilities of the human eye. This helps to deliver optimised images in various scenes and ensures a more natural sense of dimension. The high sensitivity also allows higher shutter speeds to be used even in low light, allowing users to capture moving objects clearly, retaining detail of text and faces. Weighing about 400g, the camera is the most compact camera among Sony s line-up in the full-frame camera market. With mounting points on the camera body to enhance mobility, the stand-alone camera allows users to attach it onto moving objects, such as vehicles, with ease. In addition, users can control the camera via multi terminal2, remote controller or compatible software. The UMC-S3C is suitable the makers say for a variety of applications, including disaster responses; wildlife monitoring; mapping or surveying of landscape; surveillance; inspections and investigations; live camera and dashboard/professional point-of-view ( POV ) cameras.

Supporting multi camera systems, the UMC-S3C can fit into any existing infrastructure and also allows various playback functions with the use of a PC as well as Live View via HDMI. Long duration video recording is also possible as the stand-alone camera comes with a memory card slot on the camera body, instead of network cabling feature. For example, with a 64GB memory card, users can record up to 125 minutes of 4K footage with standard quality (30 fps/60 Mbps). Furthermore, with 4K resolution, where image resolution is four times higher than full HD, users can cover larger areas with outstanding image quality. The camera also accommodates the XAVC S format, enabling high quality recording with 100Mbps high bit rate3.

The product will be available in Europe during summer 2016.

The security contractor Securitas1 will broaden its scope beyond guarding services and electronic security to focus more on fire and safety, as well as corporate risk management, the company s President and CEO Alf Goransson, pictured, said in the multi-national s 2015 annual report. He said: We see strong operational synergies in these areas and are confident that such an expansion will increase the value we can deliver to our customers by optimising their total security and safety spend. The firm has 330,000 employees in 53 countries. In October 2015, Securitas agreed to acquire Diebold Electronic Security in North America, making Securitas unique in the US market thanks to its ability to offer complete security solutions to customers, according to Goransson. He said: This was a major acquisition in fact, it was the
largest acquisition Securitas has made in 15 years, since we acquired the security company Burns in the US in 2000.

He added that Securitas achieved organic sales growth of 5 per cent, and the firm estimated that it s growing faster than the security market in the US and Europe, mainly supported by our strategy of security solutions and technology . As in previous reports, the firm stressed the move from pure manned guarding to use of technology, which is reshaping the industry. During 2015, Securitas launched the Group Vision 2020 project, detailed in the report. Securitas is organised into three business segments: Security Services North America, Security Services Europe (the largest) and Security Services Ibero-America. Generally speaking, the mainly mature security markets in North America and Europe have moved from growing 1 2 percent faster than GDP to growing at the same pace as GDP. Growth rates in emerging markets in Latin America, Africa, the Middle East and Asia still tend to outpace GDP. Growth is generally higher in emerging economies, but volumes and large contracts are still limited to relatively mature markets.

It names its main competitors as G4S, Prosegur and Allied Barton.

To read the report visit http://www.securitas.com/en/investors/financial-reports/annual-reports/2.

References

1. ^ Securitas (www.securitas.com)
2. ^ http://www.securitas.com/en/investors/financial-reports/annual-reports/ (www.securitas.com)

The exam awarding body IQ Verify1 has gained approval from the United Kingdom Accreditation Service (UKAS) to certificate to ISO27001:2013, the standard for Information Security Management Systems (ISMS). The awarding body says that provides a framework of policies and procedures that include a range of legal, physical and technical controls for an organisation s information risk management process. As information security is becoming increasingly paramount in businesses, this standard is vital to proving a business protects client data. Raymond Clarke, Chair of IQ Verify, said: We have placed Organisational Resilience at the heart of IQ Verify and Information Security Management is now an integral aspect of business continuity. He added that IQ Verify intends to runs a series of workshops on ISO27001:2013 with the Institute of Administrative Management (IAM) and other industry partners.

This approval follows recent UKAS accreditation for BS7958:2015 and authorisation from the Security Camera Commissioner to audit to the Surveillance Camera Code of Practice. Clarke said: We expect to make further significant announcements on the development of the IQ Verify Organisational Resilience and Security suites of standards in the coming months. Visit www.iqverify.org.uk2.

References

1. ^ IQ Verify (www.iqverify.org.uk)
2. ^ www.iqverify.org.uk (www.iqverify.org.uk)

Vista1 has released their new 5MP fisheye camera, the VK2-5MP360INT. This fisheye has an extreme wide angle view (360 by 182 degrees) providing full coverage of an area with no blind spots, the firm says. Using Sony s Starvis back illuminated pixel technology; the camera will produce quality video even in low light the firm adds.

This VK2-5MP360INT works with the newly launched Vista VIPER network video recorder (NVR). The addition of DWDR (wide dynamic range) allows the camera to show detail across scenes of high contrast lighting and, as the camera footprint is based upon previous Vista VK2-VFD internal domes, it is unobtrusive and able to fit on Vista s standard range of brackets, the firm says. Features include:

5 MegaPixel resolution
1.05mm lens
Starvis low light technology
DWDR
Alarms and audio
SD card slots
True Day/Night. Bob Forehand, Vista Product Manager, says: We are thrilled to announce the launch of this exciting new 360 camera to the Vista range. It complements our existing range and also works with our new VIPER NVR.

The camera gives full 360 extreme viewing capability, so all angles are covered. In addition, it produces high quality detailed images even in high contrast lighting conditions. Contact info@vista-cctv.com.

References

1. ^ Vista (vista-cctv.com)

The security contractor Lodge Service1 is inviting installers and property managers to view its new visitor facility at the Lodg:IC intelligence centre at Redditch, Worcestershire, on April 26 and 27. Visitors can see the Cat 2 ARC (alarm receiving centre) and demonstrations of new monitoring and communications technologies and have their questions answered on issues of connectivity, compatibility and testing. The centre offers 24-7 fire and security monitoring, as well as two-way communication for signal verification and reporting. A feature is the technical assistance available to users, to ensure a prompt response to all enquiries, says Lodge Service.

Services include 24-7 control and centralised management of security, power and other building resources. Almost any web-enabled system or service can be supported, the firm points out, with real-time monitoring and alerts to a smartphone, tablet or other selected device. The contractor says that its intelligence network combines control of on-site security systems as well as guarding, investigations, staff screening and other personnel services through a single source. To book, contact asmith@lodgeservice.com or call Abi on 01527 587153.

References

1. ^ Lodge Service (www.lodgeservice.com)

Some 60 per cent of security professionals say spend on information security is not keeping pace with growing risk, according to the Institute of Information Security Professionals (IISP1) from its 2016 member survey2. With over 2500 members working in security across a range of industries and roles, including a significant proportion at Senior/Lead/CISO level, the results of the IISP provide a snapshot of the state of the UK cyber security landscape from those working on the front line, the association says. The survey suggests that for over two thirds of members, information security budgets have increased, while a further 15pc said that they had stayed the same. These are encouraging figures, the IISP says, but they have to be examined alongside increasing risk and the survey also found that 60pc of respondents felt that budgets were still not keeping pace with the rise in the level of threats. Only 7% reported they were rising faster than the level of threat.

Piers Wilson, Director at IISP, said: In times of financial pressure or instability as we have seen in recent years, security is often seen as a supporting function or an overhead. Security budgets are hard won because they are about protection against future issues, so are a good indication of the state of risk awareness in the wider business community. While it is good news that businesses are increasing investment, it is clear that spending on security is still not at a level that matches the changing threat landscape. The survey also found that when it comes to recruitment, there is still a skills shortage but the problem doesn t just lie in the number of people. Respondents point to a shortfall in the level of skills and experience, making staff training, development and retention crucial to the future of the industry.

The question: As an industry are we getting better or worse at defending systems from attack and protecting data? saw only 10pc thinking that protection is declining. With growing recognition that despite every control and safeguard, a determined attacker will always be able to find a chink in the armour, the survey looked at incident response. Some 49pc were reporting improvement. Overall, the results of the member survey show that there are growing challenges, the IISP says, from more types of attack, more sources of threats, greater reliance on increasingly complex IT systems, shortage of effective security staff and a regulatory environment that is both fluid and challenging.

However, the heightened awareness of security risks and the impacts of a breach are driving an increase in investment, skills, experience, education and professionalism.

References

1. ^ IISP (www.iisp.org)
2. ^ 2016 member survey (iisp.informz.net)