BEWARE OF GSX LIST AND HOUSING SCAMMERS – view the official ASIS/GSX vendors

 ASIS International

Exhibitor Profile: Vanderbilt Industries (Booth #2865)

The Rise of Networked Access Control

By Lynn Wood, Product Portfolio Manager, Vanderbilt

We’ve seen the rapid development and expansion of the cloud and Internet of Things (IoT) impact almost every aspect of the security industry; from surveillance technology to video management systems to data storage, the opportunities presented by increasing interconnectivity and communication between devices have revolutionized the way users handle security operations. And the access control market is no exception: according to research by Security Sales & Integration, 71 percent of companies were deploying a networked access control system in 2017.

The once-trusted, traditional mechanical lock-and-key access control systems may still function adequately in some instances, but these technologies can be less secure than newer door solutions. Complications can easily arise, such as in the case of a lost key or if access to a facility needs to be restricted. Security, building management and privacy concerns are likely to develop, as a company may not know who’s entering and exiting the building at all times.

Today’s access control users expect more of an integrated system than a one-size-fits-all solution that is cumbersome to operate and expensive to scale. The shift to networked access control systems takes the hardwiring and complicated installations out of the equation, while also enhancing security and flexibility. A single interface that integrates multiple points of entry and can be accessed through a connected smart device anywhere at any time provides the ultimate simplicity and convenience.

Networked access control technology enables users to achieve two critically important components of a security system: remote and instant accessibility. Deciding whether access to a building should be granted or denied must be an immediate process, and this can quickly be accomplished through a central, networked hub rather than at the door. In the event of a security incident, real-time reporting capabilities facilitate streamlined response and all access can be restricted quickly.

Other useful functions of networked access control systems include the ability for technical queries to be diagnosed and resolved on the go, enabling site issues to be dealt with efficiently, thereby minimizing disruption. Users can also view real-time muster reports to aid in tracking all employees or students in the event of an emergency.

Networked access control solutions, such as Vanderbilt ACT365, take advantage of the increasingly valuable cloud and IoT to supply end users with the freedom they desire through a secure, easy-to-use interface. Features such as remote monitoring, real-time muster reporting and central management contribute to the expanding growth of networked access control and allow users to save time and money while achieving peace of mind.

Can You Be Liable for Your Vendor’s Data Breach?

By Kathy Winger, Attorney at Law

Kathy WingerAs a business attorney, one of my most important obligations is to help clients manage their legal risks, which these days include exposure in the cybersecurity/data breach arena. One expanding area of concern is liability for a third-party vendor’s data breach. If your business shares confidential information with third-party vendors in its line of work, you are now obligated to ensure that those vendors keep that information secure. If the vendor fails to do so, your business could be liable for the damages that flow from a data breach involving your information. Luckily, there are a several ways to help protect your business on this front.

First, be crystal clear about the details of your contract with any third-party vendors. The contract should address your liability versus the vendor’s liability and require indemnification in the event of a vendor data breach. You should also research your vendor’s data security standards and practices to confirm that they are as good or better than your own and are being followed and updated. This should be done at the beginning of the relationship and periodically throughout the contract term. Since you will be depending on your vendor’s security to protect the information you share, it makes sense for you to be mindful of their standards, to make certain that they are followed and to be compensated if you suffer a loss.

Finally, your third-party vendors should confirm that they have adequate and appropriate cyber insurance to cover you in the event of a breach. In fact, if and where possible, the vendor should name your business as an additional insured on its cyber insurance policy.

If you’d like to learn more about this topic and other legal risks that business owners and technology professionals face in the world of cybersecurity and data breaches, join me at Global Security Exchange at 11 am on Tuesday, 25 September for Session #5333, Cybersecurity and Data Breaches from a Business Lawyer’s Perspective.

The information presented here is for general educational purposes only. It does not constitute legal advice and does not create an attorney-client relationship.

6 Ways to Make the Most of Your GSX Xperience

The industry’s flagship event only comes around once a year. With only six days left until GSX, follow these six simple pieces of advice and you’ll be well on your way to making every minute count…

  1. Make a Game Plan

    • Download the GSX 2018 mobile app to browse our record-breaking 350+ session education lineup, speaker bios, build a personalized schedule, locate the most talked about exhibitors, map your route, and more. Search “GSX 2018” on Google Play and the App Store.
  2. Sign Up Ahead of Time

    • Save time and money onsite at GSX 2018 by registering ahead of time. Expo-only passes increase to $75 onsite for non-members. Register today at GSX.org/register.
  3. Get Up Close and Personal

    • The GSX Exhibit Hall is the best place to experience the latest security technologies and innovations. Don’t miss the X Learning Stages, the GSX D3 Xperience, the Con-X-tions Lounge, or the Fireside Chats in the ASIS Hub.
  4. Bring a Friend

    • Adventures are always more fun when you have a friend. Explore the exhibit hall together or divide and conquer to make sure you don’t miss a thing! Spread the word on social media with those who couldn’t attend by using the hashtag #GSX18.
  5. Make Connections

    • Be prepared to meet new people! Don’t forget to bring extra business cards. If you plan to take advantage of the career fair, don’t come empty handed. Bring a few copies of your resume to share to help you score your next big career move!
  6. Pack Accordingly

    • There’s so much to see you don’t want to miss a beat. Make sure you pack the most comfortable shoes to get you through the day. And don’t forget, it might be warm outside, but it can get chilly in the convention center. Don’t forget to bring a sweater to keep you warm.

Drones and College Football Stadium Surveillance

By Richard Ham

Unmanned Aircraft Systems (UAS), commonly referred to as “drones” are changing the face of security surveillance. While some form of autonomous systems has been flying since 1918, the level of expertise and skill required often made them impractical. New sensors and cameras, as well as new safety technology and a workable regulatory environment, have made them not only practical, but the preferred method for large venue surveillance. Three areas of rapid advancement may be the tipping point to your ability to use UAS technology to improve your security posture:

  • A mature regulatory environment with practical waiver processes. Just a few years ago, waivers for operations or controlled airspace could take up to a year. The most recent automated systems allow some airspace waivers instantly and the advent of a remote pilot certificate with training standardized requirements and reduced confusion.
  • New sensors and software improve long distance surveillance without detection. New cameras can read license plates from distances exceeding half a mile and can incorporate facial recognition. Infrared cameras for night flying can detect and differentiate biological forms and are the standard for search and rescue missions covering large areas
  • User friendly UAS platforms with easy to learn programs for autonomous flights. My young students have no pilot skills to compare to UAS flying, but they are very adept at software. With sensors to avoid collision to reduce risk, the remote pilot can program the entire flight and operate it with the push of a button and monitor previously programmed flight plans.

During special events such as NCAA Division I football games or other large events, these three advancements have tipped the scales to reduce risk and improve capability. Nearly all large scale events can improve security surveillance by retaking “the high ground.”

Please join me at GSX for Session #4116, Using Drones for College Football Stadium Surveillance, on 24 September at 10:30 AM.

9 Education Sessions You Don’t Want to Miss

GSX’s largest-ever education program has something for everyone. From workshops to simulations, our 350+ education sessions are bursting with the latest industry knowledge and are designed to deliver actionable takeaways that help shape your security strategy today and in the future.

With just nine days left until GSX begins, we wanted to share with you nine sessions sure to draw a crowd. Make sure you set aside time to check out these valuable discussions.

Register Today

9. The Nightmare that Won’t End: A Negligent Security Mock Trial

Session 4218   |   Monday, 24 September   |   2:15 – 4:15pm   |   N113-114

The scenario: A criminal who was not supposed to be on site commits a horrible act on company property. A letter arrives. The company is being sued. Soon the director of security is in a courtroom with a lawyer, second guessing every decision. In a mock trial, lawyers and security personnel present patterns of testimony that show how to and how not to deal with the dreaded lawsuit. The result will help others learn not only how to get through such a lawsuit, but also what steps to take beforehand to prevent the initial tragedy.

8. Facility Security Design from Conception to Completion

Session 4222   |   Monday, 24 September   |   2:15 – 4:15pm   |   N201-204

Developing physical security systems requires professionals to have a solid understanding of the design process. Come away with a basic understanding of the process by completing a real-world project. Learn how to conduct risk assessments, develop functional requirements, and identify mitigation measures that are the basis of design. Understand how to translate the requirements into construction documents and apply the tools and techniques into a virtual facility. The process and skills discussed are reinforced through interactive learning and the sharing of knowledge among the participants.

7. How to Adapt Your Security Posture to the Infusion of Drones

Session 4203   |   Monday, 24 September   |   2:15 – 3:30pm   |   N209–212

With the rapid deployment of small drones across the globe, security organizations are scrambling to become familiar with the threat they represent as well as with ways to use this new technology as a force-multiplying asset. Learn from drone industry professionals and a physical security design engineer about the realistic applications of drone systems and counter-drone solutions that can protect organizations and facilities. Come away with answers to various questions, such as How can drone flights be detected? Are drones trespassing? Can drones be stopped in the air?

6. Innovations in Soft Target Protection

Session 4313   |   Monday, 24 September   |   3:45 – 5:00pm   |   N109-110

An increase in attacks on soft targets around the world challenges security professionals to deploy innovative security measures capable of deterring, detecting, and preventing terrorist and idiosyncratic attacks. At the same time, the measures used must accommodate critical business requirements. Review highly-effective security strategies, proven methods, and the proper design of security operations that minimize the potential for attacks but recognize the functional needs of a typical soft targets. Examine examples of proper security designs at publicly accessible facilities and venues.

5. School Emergency Preparedness Using a Tabletop Exercise

Session 4306   |   Monday, 24 September   |   3:45 – 5:00pm   |   N205-208

During any emergency, security professionals must be able to draw from all available resources. The special skills, training, and capabilities of staff play a vital role in coping with the effects of any disaster as well as its aftermath. Working in teams, participants take on specific roles (spokesperson, scribe, stakeholder). After an emergency scenario is introduced, participants draw on the experiences of their team members then share responses as the scenario unfolds.

4. Defending Against Vehicle Ramming Attacks

Session 5118   |   Tuesday, 25 September   |   11:00am – 12:15pm   |   N119

Vehicle ramming attacks are on the rise. As security measures have become more sophisticated and effective, violent extremists have responded with attack methods that require little preparation and can be carried out by a single individual. Working together, local governments and the private sector can devise mitigation strategies to help protect lives. Join representatives from two public-private security partnerships, Hennepin County Sheriff’s Office Shield in Minneapolis and NYPD SHIELD in New York City, to discuss how cities are addressing this deadly threat.

3. Manage Your Security Organization Through ESRM

Session 5207   |   Tuesday, 25 September   |   2:00 – 3:00pm   |   N113-114

Are you a C/ISO or security executive having a difficult time developing a career map for your team? Are you a security Manager or Director having a difficult time communicating the “vision of security” from your level to your reports? Are you a line supervisor struggling to lead a guard force? Come learn how Enterprise Security Risk Management, or ESRM, can help provide performance expectations to all career levels across a security organization. You will also learn how ESRM can help security personnel understand how to elevate themselves in this dynamic and ever-changing industry.

2. Building a Security Program from Scratch

Session 6220   |   Wednesday, 26 September   |   2:15 – 4:15pm   |   N111-112

Imagine that a newly-hired director of security has been asked to create a security plan by the organization’s C-suite. The director knows that a successful physical protection program includes the effective integration of people, policies and procedures, and technologies, but can the plan help determine the best choices for this new organization? How can the findings be presented effectively to the C-suite? Come away with the basics needed to prepare a security plan that includes threat identification and risk mitigation. From selecting the right technology, to creating a balanced budget, to integrating ESRM, learn how to create a tailor-made security program for an organization.

1. How to Position Yourself for the Careers of the Future

Session 7003   |   Thursday, 27 September   |   11:30am – 12:30pm   |   Career Center

Available with a FREE Expo-Only Pass. Register Today!

We are bombarded with news reports and studies about how some jobs will disappear in the future or be done by robots. How do we position ourselves for careers with longevity and for the new careers of the future? Our panel will share their insights on the careers of the future and provide guidance on how you can position yourself for future success and ensure you are gaining the skills needed to have a resilient career.

Top 10 Reasons to Get Your FREE Expo-Only Pass

We’re officially within 10 days of Global Security Exchange (GSX) 2018! As the industry’s flagship event for more than 60 years, the newly rebranded GSX—formerly the ASIS International Annual Seminar and Exhibits—will deliver exciting updates to its annual conference at the Las Vegas Convention Center this year.

With an expected 22,000 registered attendees, GSX is one of the largest gatherings of security professionals in the world—bringing together cyber and operational security professionals, vendor partners, media, students, and allied organizations for enhanced learning, career development opportunities, and access to the innovative technologies shaping how business gets done.

Not sure whether a free expo-only pass is worth your time? Here are 10 reasons why…

1. To check out the interactive GSX D3 Experience – *New this year!*

Join us in this new feature area for education and hands-on demos exploring unmanned and interactive robotics. If you are looking to implement a drone program within your organization, need to hire a drone-as-a-service company to augment security, are concerned about how to counter the threat of rogue operators, seek to understand how to harden your facility to prying eyes or more dangerous incursions, or just want to learn about the latest cutting edge technologies, the GSX D3 Xperience will open your eyes to new possibilities!

PLUS— have the chance to take your own turn at the commands to pilot a drone through the “gauntlet”—our own UAV obstacle course where the winning time will take home a DJI Phantom Pro system.

The GSX D3 Experience is a brand-new exhibit hall feature brought to GSX 2018 with the support of the Association for Unmanned Vehicle Systems International (AUVSI).

2. To immerse yourself in one of our three X-Learning stages

Each X-Learning stage has its own style and content and is designed to offer the security practitioner something unique. Those stages include:

The X Stage (Booth #4042) –Discussions at this stage cover topics such as frontier technology, innovation, and the future of security. Dynamic and  leading-edge educational tracks, panels, and discussions focused on embracing technology to find effective solutions to security challenges make the X-Stage a must-see stage.
The Xperience Stage (Booth #141) – This stage is all about case studies, evidence of effectiveness, and the argument for efficiency. Here, you’ll find showcases of tried-and-true best practices and conversations that are focused on underlining success factors, rather than the value of a specific product.
The Xcelerated Exchange Stage (Booth #151) – At this stage, enjoy town hall-style discussions, debates around current security challenges, and various applications of technology and procedure. This stage provides a forum for the discussions that need to take place between practitioners and solution providers to propel the industry forward.

3. To mingle with your fellow professionals at the Con-X-tions Lounge

Continue the conversation from the X Stages, while also recharging, relaxing and networking with peers. The Con-X-tions Lounge is THE place to be as our industry-leading speakers socialize with GSX-goers after their X Stage presentations.

4. To beef up your career game at our Career HQ

Be sure to stop by Career HQ, where you’ll find FREE resume reviews, a professional Headshot Studio with award-winning photographers and makeup artists, one-on-one career coaching sessions, professional development sessions, and networking opportunities with leading employers and industry professionals.

5. To scope out your next career move at the Career Fair

As we speak, organizations like the Department of Homeland Security and Apple are looking to hire talent like you, and they know that the best talent around will be at the Career HQ Career Fair.

Register in advance to increase your opportunity to interact with employers before, during, and after the event!

6. To catch the illuminating address by Thursday’s keynote speaker, K.T. McFarland

McFarland will close out the conference on Thursday, 27 September with her address, which will take attendees on a fast-paced geopolitical tour around the globe. As the first deputy national security advisor in the Trump Administration, she will share an insider’s perspective on critical foreign policy and defense issues. The Thursday is open to all GSX registrants—including those with Expo-Only registration.

7. To get exclusive access to the International Trade Center

GSX 2018 is proud to be a participant in the U.S. Department of Commerce International Buyer Program (IBP), which recognizes the event’s worldwide importance in the security industry. All attendees and exhibitors are invited to stop by the International Trade Center, where you’ll find:

• Private conference rooms for meetings
• Interpreters
• Export counseling by U.S. Department of Commerce trade specialists
• Matchmaking services for international attendees and exhibitors
• Export directory of exhibitors
• Relaxing lounge to relax and recharge

8. To get the skinny about the latest industry resources at the ASIS Hub

ASIS International thrives on providing its members with the resources, tools, and connections to grow professionally. Visit the ASIS Hub, Booth #3557 to learn more and take advantage of all that we have to offer, including:
• Fireside Chats
• Council Pods
• Passport Prize Drop Off
• Charging Lounge

9. To get access to the FREE ASIS Happy Hour on the show room floor

Join us for happy hour in the exhibit hall to celebrate the end of the first day of the show! Enjoy complimentary drinks as you network with your peers and colleagues and explore essential solutions at this interactive happy hour, designed to increase your connections.

10. Networking, Networking, Networking

Connections are made all throughout GSX—in exhibit hall sessions, receptions, lunches, and the exhibit hall—you never know who you’ll meet next! And there’s no better place to network with the global security community than these must-attend events. Don’t miss this once a year opportunity!

 

Register for your Expo-Only Pass Today

Protecting Enterprises from External Threats

Mark Brown3 Perimeter Protection Technologies Large Enterprises Should Implement

By Mark Brown, Director of Security and Surveillance, FLIR Systems, Inc.

Enterprises face many physical security challenges, from monitoring multiple sites simultaneously to preventing unauthorized entry. Designing a system to meet the needs of a property can be a complex and costly undertaking, which is why the automation and reliability of wide-area monitoring and perimeter systems are critical. By combing thermal imaging cameras and radar technology through command and control software, organizations can find themselves better protected and prepared to handle threats.

Detect
Frequently used by the DoD market, surveillance radar is a proven technology with varying coverage ranges. Radars work simply by utilizing radio waves, and can detect an object’s location, movement, speed and direction. When strategically placed at a protected site, radars can detect, track and even classify moving objects in real-time. Because there is no video component, radar technology works rain or shine, and does not require light to function optimally, allowing for 24/7 continuous coverage.

Assess
Once a target is detected by radar, thermal imaging cameras can slew to the cue of the radar to view the target for further assessment. Much like radars, thermal cameras allow for 24/7 coverage since they to do require visible light to produce images. Thermal cameras utilize heat emitted by all objects, enabling them to “see” in total darkness as well as in light rain or fog. They provide superior image contrast for classification analytics performance in outdoor environments, allowing for more reliable alarms. Dual sensor solutions with both thermal and visible light cameras can provide even more situational awareness. While the thermal camera with built-in analytics can accurately classify whether an approaching target is a human, the optical camera allows security personnel to identify the intruder.

Respond
Command and control software is the piece of the perimeter security puzzle that brings everything together, providing users with a way to combine technologies in a scalable and flexible system. By providing static and dynamic GIS maps of protected sites, security officers can watch in real-time as objects approach their perimeter. Configurable zones allow for both “restricted” areas and high trafficked zones, cutting down on false alarm rates and saving security efforts for true events.

Join me at Global Security Exchange at 11 am on Tuesday, 25 September as I explore the future of perimeter protection technologies for education session number 5111, Protecting Enterprises from External Threats through Intrusion Detection.

Exhibitor Profile: Vistacom (Booth #2967)

The Command Center of the Future

Vistacom Control Room SolutionsBy Dan Gundry, National Control Room Sales Director, Vistacom

At the center of an enterprise organization’s security operation stands its nucleus, arguably one of the most important pieces for overall functionality and efficiency: a command center or Security Operations Center (SOC). A place where a variety of systems and solutions come together, the command center exists to provide a common operational picture, mitigate threats, and promote enhanced communication during an incident.

The goal of any command center is to monitor, assess, and respond to a variety of threats and incidents. As technologies advance and trends develop, so too do the strategies in place to meet this goal. Looking ahead, we can expect to see the following elements shape the command center of the future:

Convergence

  • Systems. Command centers today combine a number of security components, such as video, audio, video management, access control, intrusion, and more. But as end users demand an emphasis on the full umbrella of security rather than small silos, we’re starting to see facilities include additional pieces, such as risk and threat assessment, employee travel, and social media monitoring.
  • Data incorporation. Almost all of the latest devices and applications are driving big data; the amount of information available to command centers will only continue to increase, and as analytics improve, effective data aggregation must follow. The command center of the future will include dashboards that can make sense of a large amount of information and put it in a digestible format to drive streamlined decision-making.
  • Network. The wall between cyber and physical security has begun to come down, as stakeholders realize the need for collaboration to protect the entire enterprise. Visualization platforms in command centers, such as video walls, will take advantage of the growing and valuable network architecture, resulting in less hardware, more redundancy, and more reliability.
  • Communication. No longer are the days when all decision makers are in the same area as the command center. They are spread out across buildings, campuses, or even farther. Communications must include the ability to send a shared perspective of real-time content about a situation from within the four walls of the command center and beyond to first responders and stakeholders no matter where they may be to make informed decisions and implement responses.

Artificial Intelligence
Today’s security threats require a predictive and preventative stance, and emerging technologies such as analytics and machine learning allow security operators to stay ahead of the game. Artificial intelligence (AI) enables the ability to learn behaviors, making the detection and communication of anomalies easier and responsiveness more comprehensive. Tools that automate situational awareness and integrate platforms can provide operators with more timely and accurate information upon which they can base their decisions.

Virtual and Augmented Reality
The command center of the future will likely contain fewer brick-and-mortar aspects and more virtual concepts throughout. Forms of augmented reality will facilitate the merging of video with big data for an even more enhanced operational landscape, improving overall collaborations and responsiveness.

Enterprise organizations rely on their SOC for business operations and in times of an emergency, and as risks become more severe, a complete situational picture is necessary. Convergence, AI, and virtual reality will allow operators in command centers to achieve this by promoting automation, awareness, and rapid responses.

To see the Command Center of the Future at GSX 2018 by ASIS International, visit Vistacom at Booth #2967.

Introducing the GSX 2018 Community

By Joe McDonald, CPP, PSP

Hello, everyone! On behalf of the Las Vegas Chapter of ASIS International, we look forward to welcoming you to the industry’s flagship event, Global Security Exchange (GSX).

I am especially pleased to be able to kick off the GSX Community site today. This platform provides a terrific opportunity to connect with colleagues, keep updated on program news and updates, learn about exhibit hall promotions, and to share your experiences onsite – those “ah ha” moments and key educational takeaways. There will also be the occasional surprise along the way so be sure to check in daily.

I invite all GSX attendees to take advantage of this community. If you have any questions about getting around Las Vegas or just need a tip for planning a business dinner, please don’t hesitate to post them there.

I look forward to seeing you in a few weeks!

Bradley D. Spacy and K.T. McFarland Announced for Global Security Exchange Keynote Lineup

ASIS GSX Keynote Speakers - Air Force Major General Bradley D. Spacy and former Trump Administration Deputy National Security Advisor K.T. McFarlandAir Force Major General Bradley D. Spacy and former Trump Administration Deputy National Security Advisor K.T. McFarland are joining CNN host Fareed Zakaria and futurist Scott Klososky in next month’s GSX keynote lineup.

As Commander of the Air Force Installation and Mission Support Center, General Spacy is responsible for mission support capabilities to 77 Air Force installations, nine major commands and two direct reporting units with an annual budget of approximately $10 billion.

His Sept. 26 keynote, kicking off Military and Law Enforcement Appreciation Day at GSX, will examine the changing security landscape, both in the U.S. and around the world.

In addition, Spacy will provide details on the new AFWERX innovation and tech hub in Las Vegas and how the Air Force is looking to collaborate with the private sector to bring new security product ideas to market. Attendees will also learn about the evolving AFWERX/ASIS partnership and will be the first to hear a special announcement about the AFWERX Challenge.

McFarland will close out the conference on Sept. 27 with her address, which will take attendees on a fast-paced geopolitical tour around the globe. As the first deputy national security advisor in the Trump Administration, she will share an insider’s perspective on critical foreign policy and defense issues. McFarland’s presentation is open to all GSX registrants—including those with Expo-Only registration.

With a keynote lineup featuring recognized experts in global affairs, technological innovation and industry transformation, GSX delivers a truly comprehensive global event.

Visit our keynotes page to view complete session descriptions for each day’s address.

An Australian Perspective on a Security Systems Installation Project

By Paul Ducker

Integrating security projects within a large public transport department in a state the size of Texas with just one law enforcement agency is challenging at the best of times. There are so many hurdles to negotiate whilst managing competing priorities. When you involve public assets, using public money, it’s multiplied tenfold. It all comes down to negotiation and experience in dealing with challenges such as:

  • The suspicion that comes with people tasking you to secure ‘their’ asset
  • The always present ‘time and budget’ restraints
  • Integrating the project to complement the day-to-day operations of the asset
  • Obtaining the best outcome for the organization, the staff, and the asset

Taking the easy way, just to get the project completed, is never the right way. We operate in a business where the key factor is integrity. My name is on every project, and I stand behind each one. It’s not easy. It’s frustrating and time consuming. But that’s why we are in this business.

At the ASIS International Global Security Exchange (GSX), I will present a case study detailing the sometimes ‘Australian’ methods in ensuring a project is completed on time, on target, and on budget, including:

  • Red teaming and getting in the mind of the offender (breaking down the Westminster Bridge Attack)
  • Providing benefits to asset managers, staff, and the organization that they never thought possible
  • Reducing cameras to increase security
  • Increasing protection to an asset by removing 30 bollards from a proposed construction project (installing only two) and saving $800,000

I hope you will come to session #5116, An Australian Perspective on a Security Systems Installation Project, at 11:00 am on Tuesday, 25 September. Learn a little more about our security environment, how we assess each project, and learning through mistakes and successes. You will have a few laughs and come away with some different ways looking at what you see every day.

Cybersmart Buildings: Investments in Connectivity and Automation

By Jason Rosselot, CPP, CISSP

Your building is talking.

Can you quiet it down before hackers hear?

“Door held open.” “Object left behind.” “Access granted.” Building systems—from security and life safety systems to building automation and controls—generate and process data 24/7/365. Today’s buildings and the people, assets, and information protected by them are comprised of systems of systems and networks of networks. Unfortunately, most security professionals don’t speak the language of IT and cyber, and as a result, those buildings and everything in them is left vulnerable.

Is the answer to have IT take over building systems? Should the security department focus only on mechanical keyed locks and physical barriers? Do we even have keyed locks anymore? The answers are resoundingly “no”, “no”, and “yes”. While building systems are becoming increasingly connected and often leverage much of the IT infrastructure that the rest of the organization relies on, there is no reason the security department shouldn’t evolve to effectively manage their own systems and devices. Everyone in the security department doesn’t need to run out and get a Cisco certification, but clearly there is a need for at least one person on the team to take on the mantel of “security technologist.”

When Booz Allen Hamilton, who staffs a tremendous amount of the U.S. offensive cyber capability, and Johnson Controls, who helped launch the building controls industry, began discussing the cybersecurity posture of critical building systems, it was apparent to both companies that from the manufacturer to the integrator, and finally sitting with the customer, the need to raise awareness and educate was at a critical juncture. The tremendous benefits of connectivity and automation in building systems are increasingly becoming at risk as the key stakeholders in the ecosystem of building are unaware of how their action or inaction to design, develop, and deploy systems with cybersecurity built in are increasing their risk. In the case of security and life safety systems, the very systems purchased to protect assets may actually be putting those assets at risk.

Join me at 3:30 p.m. on Tuesday, September 25th at Global Security Exchange (GSX) for Session #5326, Cybersmart Buildings: Investments in Connectivity and Automation.