Subscribe to RSS - SecurityNext conference

SecurityNext conference

TSA’s quest to merge cybersecurity and information technology

 - 
Wednesday, January 15, 2020

We’re about two weeks into the new year, and suffice to say, gearing up for travel is top of mind for security professionals. The “big” industry shows always seem so far away at this point, but before we know it, ISC West will be here in March, followed by ESX in June; GSX in September; ISC East in partnership with ASIS NYC in November; and more. In addition to these, are the smaller, boutique-type events, such as our SecurityNext conference in February (It’s not too late to register, btw!), not to mention all the companies that host events throughout the year. This puts you and your personal data in quite a few airports’ computer systems, screening technologies, etc., which can be a hacker’s paradise. 

Fortunately, while you’re on your yearly security quests, TSA is on a “quest” of its own: “to merge cybersecurity and information technology,” according to a special notice issued on January 7, 2020. And, they aren’t going at it alone. The agency has the support of America’s airport facilities, working together to create a cybersecurity culture by adopting the requirement “cybersecurity by design” to ensure cybersecurity is at for forefront, as opposed to being an add-on or afterthought. 

In addition to merging cyber and information technology, there are other “requirements for the information security and security screening technologies industry to ensure everyone is working towards a common goal,” it said in the notice. Other requirements include: 

  • Implementation of adequate access control and account management practices by enabling multi-level access to equipment sources and the ability to restrict users;
  • The ability for airport operators to change system level passwords;
  • Use of unique identification of individuals, activity and access to security equipment; 
  • Protection of screening algorithms form compromise, modification and rendering equipment inoperable, and provide immediate alert when algorithms have been accessed;
  • Covering USB ports are covered and access to ports, cables and other peripherals are protected from unauthorized use;
  • Employing automated measures to maintain baseline configurations and ensure systems protections;
  • Proper management of internal and external interfaces and encryption of ingress and egress traffic;
  • Implementing methods to update security equipment affected by software flaws; 
  • Running security assessment tools on devices to ensure appropriate configuration and patch levels, and that no indicators of compromise are present; 
  • Full support to ensure security equipment hardware, software and operating system vulnerabilities are identified and remediated; 
  • Use of an approved encryption method to ensure integrity of all data at rest on security equipment; 
  • Providing comprehensive list of all software and hardware that compromise security equipment; 
  • Demonstrating the ability to update equipment design and capabilities to align with changing cyber intelligence and threat reporting; and 
  • Vetting all local or remote maintenance personnel with the inclusion of background checks. 

TSA hopes that these requirements will “increase security levels; raise the bar of cybersecurity across screening solutions; provide vendors an opportunity to demonstrate their cybersecurity credentials; and provide an aligned approach across the industry—making it easier for vendors to adapt to end user requirement.”

Sounds like a win for anyone involved in travel. 

 

SecurityNext education program unveiled

 - 
Wednesday, October 9, 2019

Security Systems News is very excited to announce the education program for SecurityNext, which will be held in New Orleans, Feb. 9-11, 2020 at the Royal Sonesta Hotel.

The overriding theme for the conference, “Securing Profits in the Age of Convergence” speaks to the seismic shift that has been going on in physical security with the emergence of IT and IoT, and cybersecurity as a result.

The truth is, the world of security is getting so much larger and more expansive, providing both challenges and opportunities for everyone, whether you are a systems integrator/dealer, consultant, end user or manufacturer. Toward that goal, SecurityNext was designed to help you navigate, leverage and profit from the latest technologies, trends and products to stay ahead of the competition and improve your bottom line.

To put together the program for SecurityNext, SSN enlisted the help of some of top thought leaders in the industry to be on the conference advisory board and help to advise on and provide ideas for the program. The result is sessions like:
•    The Race to Identity: Protecting in the Age of Privacy;
•    Securing Profits in the Age of Convergence and Compliance;
•    Systems Integrator Focus: How to Stay Relevant and Profitable;
•    How the Cloud is Changing Everything in Security; and
•    Building a RMR Business Model: Monetizing from the Consumerization of Security.

And, last but not least, the “End User Mega Panel” will feature security pros from Mastercard, Biogen, American Electric Power and the Air Force Insider Threat Hub. This one-of-a-kind panel will be led by Andrew Lanning, co-founder of Integrated Security Technologies, and this year’s recipient of the SIA Jay Hauhn Excellence in Partnerships Award. This will be a good one!

Beyond the panel discussions, we have industry thought leaders leading discussions on topics ranging from the cloud to company culture. For example, Steve Van Till, President and CEO of Brivo — and this year’s SIA George R. Lippert Memorial Award winner — will present a session called “The Cloud Won. Now What?” and Chris Peckham, COO, Building Intelligence Inc. will present “Making Sense of Security in the Cloud.”

Other notable presentations include “Security by the Numbers: A Financial Forecast and Guide” from John E. Mack III, Executive Vice President, Co-Head of Investment Banking, Imperial Capital, and “The Secret Sauce to Success: How Top Companies Bridge the Gap from Good to Great” from SSN class of 2016 “20 under 40” winner Amanda Utter, senior account manager, VTI.

Oh, and let’s not forget the two amazing keynotes lined up: SecurityNext opening keynote, “Realizing the Dream of AI, IoT and Smart Cities” will be presented by Sameer Sharma, Global GM for IoT Solutions for Intel, who will look at how IoT, AI and ICT (5G) can create a data-centric opportunity for Smart Cities beyond just public safety, showing how leveraging more than just camera/vision sensors can produce something far more comprehensive and predictive.

And for our day two keynote, I am ecstatic to have George Barlow Brown, Information Technology Manager for the New Orleans Real Time Crime Center (RTCC). In addition to providing a unique look into the development, challenges and successes of the award-winning crime center that opened in 2017, attendees will have an opportunity to tour the RTCC to cap off the conference on day two.

In addition to soaking up all of this education and checking out the latest products and services in the exhibit portion of the show, there will be plenty of time to network, unwind and celebrate. For instance, the SSN “40 under 40” award reception on the evening of Feb. 10 is always an amazing night, providing a chance to rub elbows with the next generation of security professionals.

Hope to see you in the Big Easy in February!