By Steve Reinharz

The artificial intelligence (AI) revolution brings new technologies into daily life. We’ve seen AI usage in diagnostic applications within the healthcare industry and in the emergence of self-driving cars, and with the growth experienced in these areas, it’s become hard to avoid AI’s massive implications around the world.

But how can security move beyond Siri and Alexa and harness the power of AI to enhance security operations? There are several ways:

• Advanced video analytics: Video analytics is one of the first major domains within the security industry that is being radically transformed by AI – and this is already in practice in many organizations today. AI enables video analytics to do much more than just alert users when a person or object has crossed a barrier.
• Operational efficiencies: Smart security solutions, such as video management systems or networked access control and visitor management, now can take the data being collected and correlate it with patterns in behavior for employees and visitors to a facility. This data, in turn, can be used to find ways that an organization can increase efficiencies and save valuable resources.
• Connecting devices through IoT: AI brings multiple data points together to be analyzed and transformed into actionable intelligence that can be used to solve real-world problems. AI makes it possible to take these multiple streams of information and make it meaningful and useful.
• Robotics: Robotic technology has taken the world by storm, but it isn’t possible without the power of AI at the heart of the technology.
• Decision-making: AI-enabled technology has the potential to take the guesswork out of answering alarms by determining which events require a call to law enforcement and which are false alarms. While much of this technology is still in prototypes, the potential is real.

As part of the upcoming GSX Conference hosted by ASIS International, I will be joined by other experts in the field to talk about how to incorporate the best of AI technology, including video analytics, robotics, and license plate recognition, into today’s security operations procedures. Attendees can gain insight into the latest AI-powered technologies that can streamline operations, increase efficiency, and enhance security across an enterprise, and will be able to take this knowledge into their own organizations to drive leaders to innovate security operations procedures.

Join us for “Update Security Operations Procedures with the AI Technology” at 2 p.m. Tuesday, Sept. 25, at the Global Security Exchange (GSX), powered by ASIS International.

By Christopher Frenz

With the pandemic ransomware attacks of both WannaCry and NotPetya devastating companies around the globe, ransomware was a prominent headline in 2017. It’s estimated that in 2017, companies recovering from these and other ransomware attacks incurred $5 billion in damages.

One of the hardest hit industries was healthcare—as readily demonstrated by the UK’s National Health Service, Erie County Medical Center, and other hospitals that fell victim to various types of ransomware. WannaCry in particular exposed just how devastating a ransomware attack can be on the healthcare industry, as it not only impacted systems that store patient data, it also resulted in the encryption of medical devices. WannaCry concretely demonstrated that vulnerabilities in medical devices have the potential to impact patient care and patient safety. This attack established a wholly new and wholly unacceptable meaning for the term denial of service.

Comprehensive guidance for preventing, mitigating, responding to, and recovering from ransomware attacks can be found in the OWASP Anti-Ransomware Guide, and security guidance for protecting medical device deployments can be found in the OWASP Secure Medical Device Deployment Standard. One particularly effective control present in both guidance sets is that of network segmentation—as a segmented network can help to isolate threats and prevent them from spreading throughout an organization.

Join me on Wednesday 26 September at GSX 2018 for Session 6133, A Zero Trust Approach to Information Security, to see how network segmentation can be taken to the next level and a zero trust network created to stop the spread of malware and other threats throughout any organization.

By Tim Crockett

In today’s world, the health and well-being of your employees across the globe is an increasingly important focus. In the face of terrorist threats, natural disasters and health epidemics, the increasing duty of care obligation for employers is undeniable. The question then becomes: what is the best way to pro-actively ensure the safety of your employees, travelers and expats?

When an incident occurs, time to react is critical and four factors are essential: 1) know where global employees are located 2) determine if any employees are impacted by the incident 3) communicate with them and 4) assess their safety needs.

Technology undoubtedly plays a key role in this. Location-based data and knowledge of where your employees are or where they’re going to be is critical. However, technology alone cannot meet an organization’s duty of care needs. Once you know who might be affected by an incident, what happens next? How do you reach those people, and what do you do if they need help? The fact is that it doesn’t matter how technologically advanced the world becomes, nothing can take the place of human interaction and insight. Your employees should have access to relevant information before they travel, empowering them to avoid many of the hazards faced today. This same system should provide the employee the ability to pick up the phone and talk to an expert. Whether they require advice, assistance or find themselves in danger, the knowledge that they have immediate access to medical and security professionals can make a world of difference.

This human element is also critical for risk program managers and other stakeholders. Access to real-time information and guidance on how best to communicate with executives and family members can be the deciding factor in whether an incident is managed successfully or not.

Join me on Monday, September 24^th at GSX 2018 for Session #4102, Managing a Global Workforce in a Crisis. We will be discussing the critical combination of technology and human interaction in next generation crisis management and sharing a case study of the 2017 London Bridge Terror Attack.

By Ron Martin, CPP

It is important to note that security is a business function, not a subset or spin-off of the criminal justice system. Therefore, security management is a distinct field of academic study, separate and apart from criminal justice. Entrants to the industry seek internships, cooperative or work study programs, and entry level positions with employers.

The industry needs a more diverse community of entry level analysts and technicians. This session will provide a summary of security career opportunities along with the supporting career competencies. The essence of this session is the career competency model developed from the United States Department of Labor Model. Many entrants are not aware of the industry’s career opportunities. Nor do they know the competencies required.

In the security industry, as well as in all industries, there are three distinct actors in the career development process-the employer, institutions, and the individual. The employer’s role is to provide employment opportunities and establish competencies for their employees. The second actor is “the institution”. An obvious example is the school system, but industry associations play an important role as well. They can provide a baseline competency for the industry they serve. Finally, there is the individual. He/she must obtain the requisite knowledge, skills, and abilities to apply and compete for many career opportunities the industry will offer.

This session will cover the “What and the How” of security management. The “what” are career opportunities. The “how” are the core career competencies an individual will need to satisfy the employer’s workforce requirements.

Join me on September 26^th for Session #6122, Security Careers: The What and the How.

By Brent Barker

Criminals are early adopters of new technology. They use it to create new crimes and improve old crimes. Law enforcement and the laws are always playing catch-up. This is especially true for cryptocurrencies.

In 2017 the value of cryptocurrencies exploded. At its high, they had a total value of $823 billion USD. The rising value attracted investors and criminals. Bitcoin was the first cryptocurrency but now there are over 1,600. Most are legitimate, but some are scams. One cryptocurrency was even called ponzicoin.

The single largest theft of cryptocurrencies took place in January 2018. Hackers stole $530 million from the cryptocurrency exchange Coincheck. Several people who became rich from cryptocurrencies have been kidnapped and forced to hand over the private key that accesses their cryptocurrencies. Once someone has your private key and steals your cryptocurrency, it is gone. There is no way to get it back.

Countries are using cryptocurrencies. Venezuela introduced the petro earlier this year to avoid U.S. sanctions. And North Korea is suspected of secretly mining cryptocurrencies to earn hard cash.

Companies are using cryptocurrencies as a new way to raise investment money. Most are legitimate, but one study found that over 18% of them were suspicious and likely involved fraud.

But there is good news. Cryptocurrency transactions are not as anonymous as previously believed. They can be tracked, and owners identified. Law enforcement is learning how to “follow the virtual money.”

Today, the attention is on the cryptocurrencies, but many see the greatest potential from blockchains, the software that powers cryptocurrencies. Many believe blockchains could change the world as much as the internet. In the future, every business will use blockchains in some manner including the security industry.
Join me on September 24^th at GSX 2018 as I explore the criminal use of cryptocurrencies, law enforcement investigations and examine the enormous potential of blockchains to fight crime in the future. Join me for Session #4309, Bitcoins, Blockchains and Crime.

By Tim Sutton, CPP

In more states than not and in an increasing number of countries around the world, medical cannabis security has become a unique new challenge. In the U.S., twenty-nine states and the District of Columbia have enacted laws legalizing medical cannabis. Cultivation, processing, and dispensing organizations present both shared and unique risks and each state has its own set of rules, regulations, and governing bodies. Join us as we move through all phases of medical cannabis security, beginning with the permit application and continuing through to patient sales. Explore how to demonstrate compliance with varying rules and regulations while providing a safe and secure environment for employees and patients. Study factors in operating multiple sites in multiple states across multiple levels.

At GSX, we’ll explore the complexity of securing the medical cannabis industry and the many challenges faced by Security. The permit application process and security plan are unique to each state’s rules and regulations. Explore how to meet some of the more difficult requirements for compliance and learn about some examples of noncompliance. Learn also about the commonalities and differences across different locations.

We will discuss case studies from several states. There is no cookie-cutter template that will ensure success. The security plan is weighted as 25-30% of the total scoring of permit applications and is much more than cameras, locks, and security personnel. Discover how to integrate ASIS ANSI Security Standards throughout the process as we discuss the core elements of a security plan in the medical cannabis industry used today in operations across multiple states.

Join me on Tuesday 25 September for Securing the Medical Cannabis Industry from Seed to Sale.

Tim Sutton has nearly 30 years experience in loss prevention, safety, and security with more than 20 of those years in management. He has worked in both operations and administrative capacities for some of the largest and most prestigious regional and international companies. His experience in retail, manufacturing, chemical, public and government housing, schools, and hospitals and their specific safety and security needs has helped build his unique perspective and skill set. As Director of Security for GHG Management, Tim is responsible for any and all security concerns including the designing of electronic security systems and all physical security programs within the company’s 12 Medical Cannabis Dispensaries, and Medical Cannabis Cultivation and Processing Centers in IL, MD, and PA.