Guest Blog Archives - Page 3 of 3 - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

Guest Blog

Autonomous Car

GUEST BLOG: Could autonomous vehicles be a terror threat?

 960 640 Stuart O'Brien
By:
0
0

By Vindis Group

If recent news is anything to go by, it is believed that autonomous vehicles could become a reality sooner than we think, and that trucks and lorries could be amongst the first vehicles to be trialled across our roads.

We already have ‘self-driving’ technologies in the cars which are on our roads today, from lane departure warning systems to cruise control and active park assist. However, just how far are we from introducing fully autonomous vehicles onto our roads? As Google tests its own self-drive vehicles, clocking more than 200,000 miles in a fleet of self-driving cars retrofitted with sensors, it seems we are not far from seeing fully autonomous vehicles on our roads at all.

But we must be cautious, as a recent article from The Guardian said how lawmakers have warned that autonomous vehicles must have secure and safe technology to prevent their use as an accessory in terror attacks in the future. VW dealership, Vindis, investigate further:

New developments

We already operate our cars with semi-autonomous technology, which suggests that the developments of in-car technology mean we are significantly close to rolling out fully autonomous vehicles. Many drivers are progressively trusting their vehicles to carry out tasks which previously would always need to be done manually. We already have systems which keep us in our lanes on dual carriageways and motorways, systems that can parallel park our vehicles for us, and software that automatically maintains a safe, steady speed on the UK’s roads – with some even advanced enough with automated braking systems when tracking the vehicle in front. Self-driving technology is revolutionising the driving experience.

But how do we engineer fully autonomous technology? Manufacturers need to converge sensor-based technologies and connected-vehicle communications, so that they can deliver safer self-driving techniques than what each approach could ever deliver on its own.

With lorries and trucks forecasted to be some of the first fully autonomous vehicles to be rolled out onto the roads, some driving jobs could potentially be at risk. Low-end estimates suggest that over 1.7 million truckers could be replaced by self-driving counterparts – which could rise to as high at 3 million, ridding trucks of their manual drivers.

A terror risk

Lorries and trucks have recently become one of the most commonly used weapons in terror attacks. ‘Truck attacks’ have grown in frequency in terror attacks around the globe. Trucks are chosen for their size and anonymity, and have been used to drive into crowded pedestrian areas at high speeds and cause devastating results. It’s predicted that these vehicles will be amongst the first fully autonomous vehicles on our roads, and officials worry they could play a crucial role in mitigating their use as rolling weapons.

How can we prevent threats?

Legislation will be put in place when autonomous vehicles roll out across our roads to prevent them being used as a weapon in terror attacks. Each vehicle should be armed with cybersecurity technology, for instance, so that they can’t be used as an accessory in a terror attack. The cybertechnology aims to make it incredibly hard, if not impossible, to hack the vehicle for hijack meaning potential terrorists can’t use autonomous technology as an accessory in an attack.

Van and truck rental companies will also need to persist with stricter regulations and restrictions. In recent attacks, hire vehicles have been the weapon used to cause mass disaster. It has been suggested that companies should have access to a wider database that reveals more sensitive information in the future so that companies are aware of individuals that are suspect. Whilst databases currently check against identity, credit and insurance, the threat of terrorism may lead to a more detailed and sensitive database.

The UK’s first Terrorism Risk and Incident Prevention suite of products and training to support fleet operators – named ‘TRIP’ – has been developed by a leading provider or training and auditing services for the road transport industry, Fleet Source. Its aim is to reduce the risks of commercial vehicles being used as a weapon in terror attacks. The products and services serve to educated fleet operators, managers and drivers of the risks of terrorism, the nature of the threats and safety precautions that can be implemented to reduce the possibilities of their vehicle being hijacked, stolen or used in a terrorist incident.

The government is also aware of the risks that could be presented with the developments. They plan to develop geo-fencing systems to prevent unauthorised vehicles from entering particular areas of a city – the system will slow down vehicles and control the speed as soon as they enter the sensitive area through satellites. The system would automatically connect with the vehicle and retain control so that the vehicle only travels at a safe sped within the area.

As lorries and vans continue to be used as terror weapons, perhaps it is time to implement some of the prevention strategies sooner rather than later.

Sources

https://www.theguardian.com/technology/2017/sep/06/self-driving-cars-terrorism-cybersecurity-technology

https://www.inverse.com/article/29402-self-driving-tech-might-mitigate-terrorist-truck-attacks

https://www.cnsnews.com/news/article/susan-jones/autonomous-vehicles-provide-avenue-terrorism-congress-told

http://www.fleetsource.co.uk/fleet-source-launches-uks-first-terrorism-risk-and-incident-prevention-training-to-help-prevent-vehicle-as-a-weapon-related-incidents/

CCTV

GUEST BLOG: Will GDPR impact CCTV?

 960 640 Stuart O'Brien
By:
0
0

By 2020 CCTV

25th May 2018 will mark the day where GDPR (General Data Protection Regulation) is implemented by the European Union. With this new legislation, the way we capture and handle CCTV footage will change to fit with the new guidelines presented by the European Union.

With the implementation date closer than we think, businesses should be preparing to comply with changes and be aware of the penalties if they don’t.

In this article, we discuss how you can make sure that your business is working within the framework of the GDPR rules once they’re introduced and help your business avoid the 4% global annual turnover penalty.

What you need to know once GDPR has been introduced:

Viable reasoning is needed for those who have CCTV around your business. An example of this would be to help protect employees when it comes to health and safety or to capture footage of any incidents that occur within the company.

Compiling an operation requirement (OR) is important when it comes to having CCTV in your business property as you can’t use CCTV to spy on your employees – and you need to justify your reasoning.

CCTV that is placed within a public space where someone would expect privacy could face reports the public. This can range from places such as canteens, break areas and public spaces. If you are able to highlight a security risk that could be minimised through using CCTV, it is more likely that the CCTV will be accepted in these places, again think of the OR.

Personal data is being collected constantly through video surveillance. To inform people who operate in and around your business, you should have a disclosure to tell them that CCTV is in use and that they could be captured on any footage that is obtained. A common method is to have signs that are clear and feature a number for those who want to contact the CCTV operators if they have any queries.

Footage that has been collected from CCTV operations can be kept for 30 days. If you need to keep it for a longer time period, you need to carry out a risk assessment that explains the reasons why. Images and videos that you acquire through your CCTV system might be requested by the police, but make sure that they have a written request. Police will usually view the CCTV footage on your premises and this would not warrant any concerns for the leak of the data.

2020 Vision, who provide access control systems, found that your security supplier will be your data processor under the GDPR law. This means that those who are using security companies should put an abiding contract in place that states what the security company can do with the footage that is collected from your premises. Data breaches are a possibility when sharing data with a third party, so you need to be extra careful when it comes to handling.

Security

GUEST BLOG: The WannaCry fallout – It’s not just hospitals looking for extra protection

 960 640 Stuart O'Brien
By:
0
0

By Claire Stead, Online Safety Expert at Smoothwall

It is without doubt that the international uproar and magnitude of the WannaCry cyber-attack on the NHS has left many organisations on edge. Unfortunately, this is the digital world organisations now live in, with cyber-crime now accounting for 50% of all UK crime. Not only that, but ransomware attacks have risen by 600% from 2015 to 2016, highlighting how much more serious ransomware and other cyber-attacks are becoming.

It seems that the NHS’s cyber-attack has been a wake-up call for organisations, as we at Smoothwall have seen a notable increase in the number of inbound requests from organisations not in healthcare, but in business and education looking to shore up their security offerings. What’s clear, is that this has been a wake-up call for each and every industry sector, whose fingers have just got that little bit closer to the panic button.

All organisations, no matter how large or small, public or private sector, need to realise that they have a target on their backs and make cyber security a top priority. They need to have both the cyber security tools and processes in place, as well as an on board workforce to ensure their cyber security is as tight as possible.

All members of an organisation need to be educated to understand the importance and risks around cyber security, and the appropriate processes to follow to keep hackers out, and data safe and secure. This goes throughout the organisation from the c-suite to the rest of the workforce. It is common knowledge that human error accounts for the majority of cyber security incidents with many businesses not investing in the training of their staff to ensure they can detect against malicious email, web pages or links. Organisations need to instil a cyber security mantra within its employees, so that they do not become the weak link in the cyber security chain.

Our approach is simple and is summed up using our 4Ps:

Perception – the security mindset must now be shifted to a ‘security first’ policy. Businesses, schools and hospitals now have to put security at the forefront of all their policies as the risk of an attack grows year by year.

Policy – whether in a school or a business, pupils/staff need educating about the risks of their actions and know the security measures in place to mitigate those risks. This could be anything as simple as regularly updating complicated passwords to recognising ‘phishing’ emails.

Protection – a layered security programme, creating a brick wall of security that can verify the organisation is constantly protected.

Proactivity – it’s no good to have a security programme installed and to never think on it again. The landscape is developing at an incredible rate, and as a result, schools need to ensure that they are keeping up to date with the latest updates and improvements to ensure that they are protected as best they can be.

No cyber security programme is ever going to be 100% secure, but with the right measures and tools in place, with a fully compliant team on board, it will give organisations that much more of a fighting chance against the threats of cyber criminals.