Recently, Tom Curtin with  REPWORKS hosted a webinar sponsored by SIA, the Security Industry Association. Curtin is a certified expert in cybersecurity. He tells us that many well-known brands have experienced equipment hacks since 2013. REPWORKS is a LENSEC partner, providing representation for security integrators in the Northeastern United States.

Tom says, “Regardless of the device or manufacturer, there is no truly un-hackable device. Some of these companies have gone a long way to secure their products; some have created hardening guides; and, others have created standards and frameworks to protect their devices. We see a lot of company marketing materials that says, ‘we are un-hackable.’ That is not at all true.”

Best Practices

Curtin recommends going the extra mile to understand equipment and software vulnerabilities. Protect your reputation as a security integrator and provide the protection for your customer. It builds loyalty and satisfaction going forward. Here are a few simple tips that go a long way in defending your systems and those belonging to your customers:

• Keeping your computer antivirus updated is a simple task to improve protection.
• Computer updates are necessary to defend against hacks in the operating system.
• Updating firmware patches for IP devices is important to defend against cyber-attack to edge devices, such as cameras, printers, etc.
• Keep your backup files offsite to avoid ransomware snooping on shared drives.
• Update the firmware patch for your wireless router due to recent vulnerabilities in the WPA2 security encryption for WiFi access.
• Use strong, unique passwords for your network and IP devices and change them on a regular schedule.
• Hardening your equipment by disabling unused services will make it more difficult for hackers to get in.
• Bind MAC addresses and disable unused ports on network switches.
• Use Next-Generation Antivirus on your servers to provide superior protection against infiltration by hackers.
• Control network access by limiting the number of people authorized to use the security system network.
• Use 802.1x for your network protocol, requiring devices to authenticate before they can access the network and prevents unauthorized devices from tapping into the switch.

Cybersecurity Terminology

There are a lot of cybersecurity terms being used out there. Some can be confusing. For example, ransomware is a malicious worm that can move through your system of its own volition, encrypting your files as you go. The bad guy then holds your computer hostage, demanding a payment in bitcoin to release your computer data. Curtin says, “It would be ideal to not get infected, but if you do, the FBI tells us, ‘don’t to pay the ransom.’ There is no guarantee you’ll get your data back.  More than likely, you won’t be able to break the encryption.”

Malware is an umbrella term that describes many typed of damaging software. Ransomware, trojan horses, and worms all fall under the umbrella of malware. Take some time to educate yourself on cybersecurity terms and best practices in defensive techniques.

The Responsibility of Risk

When an attack occurs, many parties become involved due to the risk responsibility. One might wonder who bears the burden of risk. Curtin explains the security installer is first in line to be held responsible, once an attack is implemented. This is because they are on the front line, recommending the manufacturer’s equipment and software.

Curtin addresses the security integrator and the risk they accept, saying “If you install software or hardware that is known to be vulnerable, that puts your customer at risk because you’re reducing their security posture. It puts you at risk, because when the customer gets angry, you’ll be the first person they go after, and then the manufacturer is up at the top of the chain. So, I would say the integrator has the most risk and is straight in the middle.” Tom recommends security installers to vet out their manufacturers by researching their equipment and software to identify potential risk before they choose it on behalf of their customers.

Protect Yourself

When you go to your customer sites and connect to their network, protect yourself by running antivirus on your computer. Tom tells us, “You don’t know what threats might be waiting for you within their network. You can keep from transporting their viruses to your network.”

There are certain things you should do to protect your liability. It’s also important to scan your network for vulnerabilities. Curtin recommends, “Once a month run a vulnerability scanner on your network – all of your computers. This will let you know if there are common vulnerabilities in your network.” Scanning your network regularly protects your customer and your reputation as a security integrator.

You can even consider insurance coverage for cyber liability. This protects you and your customer from the liability that comes with a cyber-attack.

If you want to see this webinar for yourself, here is the link to the SIA Webinar: Dealing With Cybersecurity Threats, featuring Tom Curtin with REPWORKS.

LINK: https://www.securityindustry.org/webinar/webinar-dealing-with-cyber-security-threats/

Look for additional information in this newsletter for information about LENSEC’s recommendations for securing your network environment when implementing Perspective VMS®.

Existing System Challenges

When using existing infrastructure employing centralized or distributed architecture, Bradford tells us each security project has its own challenges. When end-users have legacy equipment or analog cameras switching to encoders, Bradford says, “That introduces complexity, and could potentially offer vulnerabilities with legacy hardware.” Integrating existing technology into a new or refreshed system deployment will require proper planning to ensure the equipment is appropriate for achieving the planned results (i.e. – better resolution, protected endpoints, etc.).

Customers might need to adapt systems to meet new standards and requirements. Working with a knowledgeable and reputable integrator will help the customer understand when a solution using legacy equipment doesn’t make sense and produces an inefficient end-result.

Schwartz says, “You need a way to prevent cybersecurity threats from the edge with one hammer, not trying to keep track of problems in a cobbled together solution.” The integrator should suggest using an advanced endpoint antivirus and malware platform that are AI-based and do not require constant updates. This solution will keep up with the threats as they occur.

Scalability

Customers often tell the security integrator, “This is what I need to today, but I want to be able to plan for what I’m going to need tomorrow.” This need to scale can show in the need for data throughput from cameras sending higher resolution images over the network. We also see a need for scaling the number of network ports over time. Once ports are used up, adding additional cameras also means adding additional port capability.

Storage becomes a big concern as well. Bradford says, “We meet with state and local government, and we see the regulations that are put upon them, especially law enforcement, the longevity of that storage is needed for two to three years.”

That can create a need for massive storage on the network, requiring much more storage than most customers plan to purchase, especially when you need video captured at a high quality and frame rate. Careful evaluation of scalability becomes important if a customer needs a high-resolution camera, or adds services such as video analytics that add stress to an existing network. Bradford tells us, “There is a trade-off of capability due to network restraints. A lot of customers say, ‘I need that high-quality forensics at the edge, but I just don’t have the pipes to do it. That’s a big trade-off and it could be a pitfall.”

Investment in equipment that will optimize the network without compromising quality is an important consideration. Customers can avoid this pitfall by choosing equipment and software that includes health monitoring. Razberi has solutions for this, and LENSEC also includes a health monitoring solution in Perspective VMS®. Monitoring your network can identify issues before they become real problems. Having regular monitoring reports can identify equipment issues before you discover outages at the worst possible time – post-incident.

It’s also important for customers to know the value of open-architecture platforms. Many companies sell systems that are proprietary in nature. This means, they don’t work will with other company’s equipment. When the customer’s technology supports open platform, the scalability improves over time. Schwartz says, “I actually appreciate VMS providers that allow [Razberi] integrate right into their video security management systems.” Perspective VMS® has an open platform and Razberi integration that allows for future scalability.

Evolving Market Needs

If the security integrator and their customer don’t pay attention to emerging market trends, they are facing a potential pitfall. Video analytics are making an impact on the security market by allowing customers to implement smart alerts for facial recognition, behavior monitoring, and remote site monitoring. Schwartz explains, “In the event of theft, particularly in the energy sector, we’re seeing a lot of need for that edge processing. This helps predict abnormal behavior to help prevent people breaking in and stealing copper, for example.” LENSEC has a solar solution that they can recommend for remote sites without physical infrastructure, such as buildings, existing power, and more.

Cybersecurity risk is trending upward still. According to a study by Accenture over eight years, the average annual number of security breaches has increased by over 27%. Schwartz says, “That is actually stealing data from you and using it in some sort of nefarious way. Just a simple malware attack is extremely costly. It can take you over a month or more to resolve that. In some cases, we’ve seen where cameras or endpoints got infected, and they couldn’t reset the factory defaults to get rid of it, so they had to throw away the equipment.”

Technology is advancing in great strides to be able to provide better equipment at the edge. Not only rugged equipment, but also edge protection from cyber or physical attacks becomes essential.

When rugged equipment is used in certain environments, integrators and customers must decide if they are storing video and data processing at the edge or are they backhauling the information to a centralized management location. Current technology allows for data streaming using a limited bandwidth backhaul, such as LTE or satellite transmission. Bradford says, “They need to remote monitor to know the health of those signals way out in those rugged environments. Generalized surveillance is not going to serve this environment. Lack of edge security and hardening of endpoints create a pitfall that integrators and customers need to learn about.”

Pitfalls Require Market Ready Solutions

To summarize, here are key solutions that help the integrator and customer avoid pitfalls in today’s emerging security market.

Emerging Security Solutions:

• Open Platforms for Easy Integration
• Quick & Easy Deployment
• Reliable Equipment & Software Protects Reputation & Credibility (Integrator and Customer)
• Lower Total Cost of Ownership (TCO)
• Automate Cybersecurity with Machine Learning
• Stay Ahead of Increasing Complexity (i.e. – Regulations, Threats)

Razberi Technologies builds products and services that are right-sized for customers seeking network optimization without sacrificing video quality, protection from cyber-threats and end-point vulnerabilities, and hardware and cyber health monitoring. Pairing Razberi Technologies products with LENSEC’s enterprise-level software, Perspective VMS® makes good sense. Razberi and LENSEC work together to provide a lower cost solution that advances on that need to also provide quality solutions for today’s complex security environment.

Razberi Technologies CameraDefense™ is a key example of edge protection. This is embedded within the Razberi platform. CameraDefense™ automates industry best practices and standards at the network edge. Schwartz says, “When we first developed the product, our goal was to apply world-class policies that could protect cameras and endpoints at the edge in less than four minutes.”