Security Systems News

MAY 2018

Security Systems News is a monthly business newspaper that reaches 25,100 security installers, product distributors, central stations, engineers & architects, and security consultants. Our editorial coverage focuses on breaking news in all major se

Issue link: https://ssn.epubxp.com/i/972885

Contents of this Issue

Navigation

Page 20 of 82

www.securitysystemsnews.com May 2018 SECURIT y S y STEMS NEWS Commer C ial & systems integrators 14 briefs Cloud Security Alliance publishes annual State of Cloud Security report SEATTLE and SAN FRANCISCO— The Cloud Security Alliance (CSA), an organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, released in April its State of Cloud Security 2018, which lays out some of the latest cloud practices and technologies that the enterprise infor- mation security practitioner must be aware of as organizational data expands beyond the traditional perimeter. The report, authored by the CSA Global Enterprise Advisory Board, examines such areas as the adoption of cloud and related technologies, what both enterprises and cloud providers are doing to ensure security requirements are met, how to best work with regula- tors, the evolving threat landscape, and goes on to touch upon the industry skills gap. "The state of cloud security is a work in progress with an ever-increasing vari- ety of challenges and potential solu- tions. It is incumbent upon the cloud user community, therefore, to collabo- rate and speak with an amplified voice to ensure that their key security issues are heard and addressed," Vinay Patel, chair of the CSA Global Enterprise Advisory Board and managing director at Citigroup, said in the announcement. "We hope this document will serve as a roadmap to developing best practices in the establishment of baseline security requirements needed to protect organi- zational data." PSA announces its new Board of Directors WESTMINSTER, Colo.—PSA, one of the world's largest electronic security coop- eratives, recently announced changes to its Board of Directors. The following PSA owners were elected to positions on the board: Regional directors: Central: Carey Boethel, president and CEO, Securadyne Systems; Midwest: Skip Sampson, pres- ident, KST Security; Northeast: Terry Rivet, president and CEO, Securitronics. Incumbents remaining on the board are: chairman: Paul Thomas, presi- dent and COO, Northland Controls; vice chairman: Dan Budinoff, presi- dent and CEO, Security Specialists; western regional director: Christine Lanning, president, Integrated Security Technologies; southern regional direc- tor: Darryl Keeler, CEO, Tech Systems Inc.; and Director: Bill Bozeman, CPP, president and CEO, PSA. PSA TEC brings industry together By Paul Ragusa DENVER—What is really unique about PSA TEC, which was held here March 12-16, is that it brings together so many security integra- tors—from all over the country and in all shapes and sizes—to network, learn, train and educate. Organized by PSA, one of the world's largest security and systems integrator cooperatives, this annual conference provides a great forum for the entire industry to share common challenges— and ways in which to overcome them—as well as an opportunity to better understand new trends, technology and regulations on the horizon from top leaders and subject matter experts across many key topic areas. As many pointed out at the conference, this is an exciting time in the industry with all of the new technology that is driving innovation and advancements in video surveillance, access control and managed services. During a State of the Industry p a n e l t h a t i n c l u d e d Ti m Palmquist, VP, Americas for Milestone, Matt Barnette, presi- dent of Mercury Security, Don Erickson, CEO at SIA, David Labuskes, CEO of AVIXA, and Bill Bozeman, president and CEO of PSA, as moderator, these influential security professionals shared their thoughts on some of the prevailing topics of the day, including cybersecurity and AI. Erickson started things off by pointing out, "The state of the industry is phenomenal. Based on the outreach that we do to our members and just anecdotally, spending is projected to be up … new workforce hires are going to be up and that is a big topic … there are a lot of great indicators, positive indicators for the indus- try; it really is exciting and I am proud to be a part of this com- munity." He also pointed to the continued growth of ISC West. Cybersecurity Moving on to cybersecurity, which dominated many of the panels and discussions at PSA TEC, Erickson explained that the topic is so important to the security industry that it com- pelled SIA, PSA and ISC Security Events to join forces and launch Cyber:Secured Forum, a cyberse- curity summit focusing on inte- grated systems, which will be held June 4-6, 2018, in Denver. He also stressed the importance of the NIST cybersecurity framework that was put together in 2014 following an executive order from the president "to provide info to the private sector about how to harden systems, identify threats … prevent cyber attacks from occurring." He noted that cyber is "about that shift from under- standing the threats to looking at cybersecurity as an opportunity for integrators." Palmquist said that he is seeing "much more due diligence from end users as to what products are going on the system and where there are vul- nerabilities and hardening measures." He brought up an interesting point about l o o k i n g a t how "we can certify the way products are built … for hardware that makes a lot of sense, and for software we at our organization are looking at ISO certifications, but not only how we make our software but where we make it and to profile the pro- cess around how we do that in a secure fashion to deliver a proper product into the marketplace." Driving home the relevance of cybersecurity today within security, Barnette referred to Mercury's consultant event ear- lier this month in Miami that included 50 security consultants. "[Cybersecurity] really was the only thing they wanted to talk about because that is what their customers are asking them," Barnette said. "If you are not concerned about cyber, it really is time to get on board. I know a lot of companies are working hard on cybersecurity in their current generation of product." Although manufacturers are getting better, a lot of products that integrators may have installed several years ago—before cyber was a concern—"are significant holes in their network," Barnette said. "I was talking with some for unclassified confidential infor- mation, so it is all of the security drawings that you have, all of the documentation in regard to your equipment, and all of that stuff has to be treated, almost, as if it is classified; it can't be on your system where everyone has access to it … there are a lot of controls that go into it." She continued, "I have started seeing certain cyber requirements in a lot of bids … to see that in an actual write-up for a bid was something new to us in the last six months and I would imagine you are going to see a lot of that. So, if you are not compliant from a cybersecurity standpoint, you are just not going to be able to bid on that type of work, and I would say the same thing for … any regulated industry like finance, healthcare, critical infrastructure." On the equipment and manu- facturer side, she pointed out that there is no standard like you see in the IT world. "Just like in the integrator community, you will begin to see a division between the manufacturers who can change and adapt and do these things that we are request- ing of them and those that don't will fall by the wayside,"she said. In another compelling ses- sion, "How Do I Actually Make Money on Cyber Security Solutions," Andrew Lanning, Christine Lanning's husband and co-founder of Integrated Security Technologies, said, "You really need to crawl first. For me, that is partnering, so go get a partner who knows; a partner you can trust. Bring them in internally to your organization, get your cyber hygiene squared away, get your cyber maturity squared away. And make sure you understand what that is for you so when you talk to your customers, you talk about what you know, about what you've done, and then you can ask them what they have done—get the conversation to begin." Figuring out which services a company can sell and support technically is the next step in learning how to walk when it comes to offering cybersecurity training, services or products, he said. "There is a learning curve that lawyers recently and they were saying that cybersecurity is going to be their new 'slip and fall' for the next generation, so they are making a lot of money on what they perceive to be lawsuits sur- rounding cybersecurity." PSA Leadership also took the topic on in a "Future State of the Industry" panel moderated by Sandy Jones, founder and princi- pal of Sandra Jones and Company; Bill Bozeman, president and CEO of PSA; Matthew Ladd, president/ CEO for The Protection Bureau; Christine Lanning, president of Integrated Security Technologies; and Paul Thomas, president and COO at Northland Controls. Bozeman pointed out that although PSA has created an incred- ible wealth of resources and products for integrators to take advan- tage of, very few have. "Without pointing fin- gers or nam- ing names, I think a lot of our integrators are ill-prepared currently," he said. He continued, "We have the tools for you and very few of you have chosen to use the tools that we have created. Andrew Lanning has been absolutely incredible assisting us and leading our community with that, but yet I go down the list to see who has downloaded the information … I can't believe how few are doing so. We have 12 products right now that you can resell to make a profit. Very few are using these products." Christine Lanning astutely pointed out how much cyber- security compliance is already being required of security inte- grators bidding for jobs. "In the federal government space, there is a regulation that came down at the end of last year 800-171, and I am sure they will talk a lot about it at the [Cyber:Secured] event. That is a mandatory regulation for all government contractors in the cybersecurity realm, and there are a series of a bazillion controls that you have to follow, and it is Brivo CEO Steve Van Till gives a presentation at PSA TEC. P SA TEC see next page

Articles in this issue

Links on this page

Archives of this issue

view archives of Security Systems News - MAY 2018