24 November 2023

Oil & Gas

Ensuring Robust Security in Oil & Gas

Joseph Clarke, Assistant Editor of Security Buyer examines the Oil & Gas landscape, exploring regulations, technology, the threat landscape, and proposes the best solutions to secure the future  Security within the Oil & Gas industry is of paramount importance, as the sector stands as a prime target for an extensive spectrum of threats, encompassing both tangible and digital perils. Security managers entrenched in this field confront an intricate and perpetually shifting landscape, necessitating a profound comprehension of the industry’s idiosyncratic challenges. In this article, we embark on a meticulous exploration of the pivotal facets that constitute security management within the Oil & Gas sector. Our aim is to furnish security practitioners with in-depth technical insights, grounded in a pragmatic understanding of the industry’s nuances. Throughout this exposé, we shall make pertinent references to specific security systems that hold utmost relevance within this domain.  The Oil & Gas industry, intrinsic to global energy production and supply, faces a host of threats that transcend conventional security paradigms. These challenges encompass physical vulnerabilities like sabotage, theft, and environmental disasters, which can have catastrophic consequences. Simultaneously, the digital realm presents an evolving panorama of cyber threats, capable of compromising critical infrastructure and sensitive data. As such, security managers must navigate this multifaceted arena, integrating cutting-edge security systems and practices to safeguard not only physical assets but also the digital infrastructure that underpins the industry’s operations. Through a meticulous examination of the core elements of security management, we endeavour to equip security professionals with the knowledge and tools necessary to mitigate risks effectively and ensure the resilience of their operations in the face of an ever-evolving security landscape.  Threat Landscape Analysis  The threat landscape within the Oil & Gas industry is characterised by its intricate and multifaceted nature. In the realm of physical security, the spectrum of potential threats spans from acts of vandalism and deliberate sabotage to the theft of valuable resources. These incidents can not only result in significant financial losses but also pose a substantial risk to personnel safety and the environment.  Equally pressing are the digital perils. Cyber threats loom large, presenting an array of potential consequences that extend from the compromise of sensitive data to the crippling of critical infrastructure. The ramifications of a cyberattack on the Oil & Gas sector can reverberate globally, affecting energy supplies and national security.  To effectively address this amalgamation of threats, security managers must harness the power of advanced threat detection and monitoring systems. Within this context, notable solutions have emerged to fortify security measures. Siemens’ SICLOCK, for instance, offers precise time synchronisation capabilities, ensuring accurate event timing, which is crucial for coordinating security responses and forensic investigations. Concurrently, Honeywell’s Advanced Threat Intelligence Exchange (ATIX) furnishes real-time threat analysis, empowering security teams with the timely information required to respond swiftly and proactively to emerging threats.  In the subsequent sections of this article, we will delve deeper into the strategies and systems available to security managers within the Oil & Gas industry, providing a comprehensive overview of the tools and practices essential for safeguarding critical assets against a diverse array of security challenges.  Regulatory Compliance  Within the Oil & Gas industry, a complex web of regulations and standards is in place, encompassing security in all its dimensions. Compliance with these regulatory frameworks is essential, as non-compliance can result in severe legal and operational repercussions.  One of the cornerstones of security regulations in this sector is the American Petroleum Institute’s Recommended Practice 780 (API RP 780). This document provides comprehensive guidelines for assessing security vulnerabilities specific to the Oil & Gas industry, offering a vital roadmap for security managers to enhance their security posture.  In the digital realm, compliance with cybersecurity standards is paramount. The National Institute of Standards and Technology (NIST) Cybersecurity Framework and ISO 27001 provide robust and widely acknowledged frameworks for securing information and digital assets within the industry. These standards address the critical need to protect sensitive data and digital infrastructure from the ever-evolving landscape of cyber threats.  To navigate this regulatory maze effectively and ensure compliance, security managers can deploy Governance, Risk, and Compliance (GRC) solutions. A notable example is RSA Archer, which streamlines the management of regulatory adherence and risk assessment. These GRC solutions enable security teams to maintain a proactive stance, ensuring that the organisation remains compliant with the evolving legal landscape while effectively managing associated risks.  In the forthcoming sections, we will delve further into the practical steps that security managers can take to implement and maintain compliance with these rigorous standards, enhancing security measures and reducing legal liabilities within the Oil & Gas industry.  Read the full feature in our latest issue here. Never miss a story… Follow us on: Security Buyer @SecurityBuyer @Secbuyer Media Contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

Ensuring Robust Security in Oil & Gas Read More »

Risco

Into the Cloud – Mehedi Hussain

Mehedi Hussain, Apprentice Technical Support Technician, RISCO took part in Security Buyer’s Into the Cloud November Issue 1.What does ‘security’ mean to you?  As a home or business owner, security primarily entails ensuring the safety and well-being of your property, family, and pets. It means having the assurance that when you’re away from your property, you can trust that external threats won’t jeopardise or harm what matters most to you, providing peace of mind.  2.If you could have three people, past or present, to a dinner party, who would it be?  Jimi Hendrix, Dave Chappelle, Georges St Piere   3.What advice would you give somebody looking to enter the field?  Take as much knowledge as you can from those around you and don’t be afraid to ask questions.  Every day, I build my knowledge about new technology, the challenges installers face and delivering good customer service.  4.Describe a funny thing that happened to you recently?  I was filling up the washer fluid in my car without any lights on and trapped my finger under the bonnet.  It was a scene straight out of Tom and Jerry.  5.What three traits define you?  Resilience, persistence and patience. The last two in particular come in handy in my job, which involves taking calls from customers who contact RISCO for swift, first-line technical help.  You have to know your stuff, listen hard to get to the heart of the issue they’re facing and provide clear instructions.   6.What’s the most important trend you see today?  As organisations increasingly adopt cloud-based infrastructure and services, the importance of secure cloud environments cannot be overstated. The primary emphasis must be on deploying strong cloud security measures to guarantee both data integrity and confidentiality.  7.If you didn’t work in the security industry, what would you be doing?   Be working in mechanics; something technical.  8.What’s the most interesting thing about you that we wouldn’t learn from your CV?  I chose engineering at school partly because of the lack of places on other courses.  I was hooked immediately.  9.Who is your inspiration?  Elon Musk; an entrepreneur and innovator, driving advancements in space exploration and sustainability.  10.What item would you take to a desert island?  Some sort of navigation as I’m hopeless with directions  Read the full feature in our latest issue here. Never miss a story… Follow us on: Security Buyer @SecurityBuyer @Secbuyer Media Contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

Into the Cloud – Mehedi Hussain Read More »

biometrics

Protecting Biometric Identities

In this feature, Simon Randall, CEO of Pimloc, and Rebecca Spayne of Security Buyer address the escalating risks associated with biometric data acquisition, its management, and its utilisation  As you are undoubtedly aware, the risks tied to large-scale biometric data collection have markedly increased in recent years, with a particularly pronounced surge in the last six months due to the proliferation of generative AI. This heightened risk entails malevolent actors and individuals gaining access to biometric data, whether from CCTV or other sources, making it considerably easier to initiate phishing attacks, data breaches, and related issues.  Beneath these concerns, we observe three significant trends that are shaping customer demands, requirements, and the interest of our channel partners. Firstly, there has been an extensive expansion in the deployment of cameras worldwide, particularly in Europe but also in the United States and other regions. CCTV has become cost-effective and is transitioning to cloud-based solutions. Access to AI and analytics has become more accessible, making it both simple to capture footage and easier to identify, monitor, track, and extract data from individuals. Concurrently, we are witnessing a proliferation of complex regulations and policies, extending beyond GDPR in Europe, which began approximately four to five years ago, to encompass the United States and other countries. We are also seeing the adoption of policies governing the handling of healthcare, transport, and public safety data.  As a result, organisations deploying CCTV, dash cams, and body-worn cameras must now consider a range of new liabilities. On one hand, there is a growing imperative to ensure the safety and security of individuals. On the other hand, the liabilities and risks associated with capturing and managing this data are undeniably on the rise. Thirdly, there is a notable shift in attitudes and awareness among the public. Citizens are increasingly conscious of surveillance and the challenges posed by new AI technologies and facial recognition. This has spurred active dialogue in the media and among consumers. Consequently, whether operating a retail store, a hospital, a train station, an airport, or working with local law enforcement, organisations find themselves operating in an environment where careful consideration and planning are essential when deploying security systems.  The intersection of these three factors has given rise to a new context where the level of detail and thought required for security system deployment is significantly heightened. On the flip side, there exists a substantial opportunity to enhance safety, security, and operational efficiency. We firmly believe that the industry’s greatest challenge lies in striking a balance between safety, privacy, and efficiency in the realm of large-scale monitoring systems. The accessibility and performance of these systems have improved, but achieving this equilibrium has always posed a challenge. Historically, privacy and security have often been viewed as diametrically opposed. In this new era with AI, DeepFakes, and similar technologies, we advocate that businesses must successfully achieve both objectives.  They must monitor their environments to ensure safety and observe how individuals interact in potentially hazardous settings, such as train tracks or specific areas within hospitals. However, this must be accomplished without encroaching upon individual privacy and freedoms. This transitional period necessitates the exploration of privacy-enhancing solutions that unlock the value of video data. This enables the utilisation of analytics for effective business management while simultaneously safeguarding individuals. It represents a convergence of security operations and other facets of the business.  This intersection of security and privacy presents a compelling challenge. Furthermore, there is an intriguing possibility of using privacy-preserving technologies to enable large-scale surveillance while safeguarding the identities and biometric data of most individuals. In retail and warehousing, AI deployment has become quite prevalent, with numerous cameras and real-time analytics focusing on people counting and flow. However, incidents still require selective data extraction, anonymisation, and thoughtful video management.  Similarly, in transport and mobility, the emphasis is primarily on safety and security. Existing video feeds in security centers can be anonymised and redistributed to other departments to facilitate more efficient resource planning, enhanced environment layouts, and restricted area monitoring.  In the healthcare sector, from clinical research trials to hospital treatments, the need for patient safety and the monitoring of protected wards is critical. Ensuring the safety of nurses and doctors, especially in high-incident areas like the Accident and Emergency department, is vital in environments governed by stringent policies and legislation. Balancing privacy and security in these domains involves various approaches to enable real-time monitoring while safeguarding patient and employee biometric and personal data.  In the realm of public safety, CCTV, body-worn cameras, dash cams, and door cam footage play pivotal roles in investigations. Handling witness and victim data, managing it through the evidential chain, and promoting transparency are crucial aspects. Privacy-enhancing technologies prove valuable for enabling police forces to share positive examples of their activities with local communities, particularly concerning stop and search procedures. In the age of AI and DeepFakes, transparency and accountability are poised to become increasingly significant. In addition to the existing legislative framework, numerous new regulations are emerging. These include the EU AI Act and the Digital Services Act, alongside a multitude of bills being passed in various US states. Staying abreast of these policy requirements has become crucial. Another prominent theme is the issue of international data transfers. Data sovereignty has gained immense significance and is a critical consideration for many implementations. Ensuring a comprehensive understanding of data location, system integration, management, and sovereign protection has become paramount.  Furthermore, the advent of generative AI presents challenges. While not entirely straightforward, it has become more feasible to extract someone’s biometric data, whether a few facial images or audio samples, and input them into generative systems to manipulate, misuse, or alter their appearance and speech. This raises intriguing questions about the future of video evidence. CCTV and dash cam footage have evolved into the de facto standard for objective evidence. However, as an industry, we must contemplate how to enhance the authentication of videos as they progress through the evidential chain. Ensuring the legitimacy and authenticity of

Protecting Biometric Identities Read More »

Access Control

Enhancing Site Security

Caitlin Gittins, Features Editor for Security Buyer explores how organisations and building managers can effectively enhance site security with access control  In today’s security-conscious world, the imperative to protect properties from unauthorised access and potential threats has reached an unprecedented level of significance. Security managers and building owners find themselves at the forefront of this challenge, tasked with adopting a proactive stance towards access control to guarantee the safety and security of their valuable assets, their workforce, and all visitors to their premises. This article aims to provide a comprehensive guide tailored to the needs of these seasoned professionals in the field, offering a roadmap to elevate site security to new heights.  As the digital age ushers in an era of increased connectivity and complexity, the need for effective access control solutions has never been more acute. This article seeks to equip security managers and building owners with the knowledge and insights necessary to navigate this dynamic landscape successfully. We will embark on a journey through the diverse array of access control solutions at their disposal, with a keen focus on practicality and efficacy.  Within the realm of access control solutions, there exist a plethora of options that cater to various needs and circumstances. Our exploration will encompass not only well-established solutions but also emerging innovations that are reshaping the security landscape. Among these solutions, we will examine the merits of Integrated Control Technology’s unified access control solutions, ASSA ABLOY’s smart access control solutions, Paxton’s innovative, and other pertinent offerings.   By the end of this article, decision makers will be better equipped to make informed decisions regarding access control, taking into consideration the unique requirements and challenges of their respective environments. With the right knowledge and proactive strategies, they can fortify their properties against threats and establish a secure and resilient foundation for their operations. In essence, this article seeks to empower security professionals to adapt and thrive in an ever-evolving security landscape.  The Crucial Role of Access Control  Access control stands as the vanguard in the realm of security, constituting the primary line of defense against potential security breaches and unauthorised intrusions. Its role in safeguarding a facility or property cannot be overstated, as inadequate access control opens the door to a litany of grave problems that can have far-reaching consequences.  The first and most immediate concern is the threat of theft. Without robust access control measures in place, unauthorised individuals may gain entry to sensitive areas, putting valuable assets, merchandise, and equipment at risk. This not only translates to financial losses but also can have significant operational and reputational repercussions.  Beyond theft, inadequate access control also paves the way for vandalism. Intruders with unrestricted access can deface property, equipment, or assets, causing extensive damage and incurring additional costs for repair and replacement. Such incidents can disrupt operations and erode trust among employees, visitors, and stakeholders.  In today’s digital age, data breaches represent another ominous consequence of subpar access control. Unauthorised access to sensitive information can lead to the compromise of critical data, including customer records, financial information, and intellectual property. The fallout from data breaches can be catastrophic, ranging from legal liabilities to severe damage to an organisation’s reputation.  Perhaps most alarmingly, inadequate access control can expose individuals within a facility to physical harm. This extends beyond the risk of criminal acts and includes the potential for accidents and emergencies. Without the appropriate access control mechanisms, unauthorised personnel may inadvertently enter restricted zones where hazardous materials or machinery pose threats to life and limb.  Read more exclusives and news in our latest issue here. Never miss a story… Follow us on:  Security Buyer  @SecurityBuyer  @Secbuyer Media Contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

Enhancing Site Security Read More »

Net2

Newport Aquarium Uses Net2 to Replace Traditional Locks & Keys

Newport Aquarium is located in Newport, Kentucky, United States. The aquarium is home to thousands of the world’s most exotic aquatic creatures, including playful penguins, rare white alligators, and smiling sharks and stingrays. To keep the animals, visitors, and staff safe, Newport Aquarium wanted to replace their old security system with an easy-to-use and high-security access control solution. Sec-Tron, an experienced access control integrator, recommended Paxton’s flagship access control system Net2 to provide a simple and scalable security solution. Net2 is an advanced PC-based access control system that offers centralized administration. It is also designed to easily integrate with other access control systems, so site managers can enjoy more streamlined security for their building. Requirements With over 35 years of security industry experience, Sec-Tron specialises in providing custom access control solutions to commercial and industrial sites. Tom Riegler, Sales and Project Manager at Sec-Tron, said: “The whole aquarium is surrounded by pipes and tanks, some full of chemicals. They really needed access control at each area containing dangerous infrastructure to make sure only experienced employees could gain access and prohibiting visitors from accessing those sensitive areas.” The IT team at Newport Aquarium also wanted a system that utilised access cards, allowing them to customize employee ID cards as access cards and increasing access convenience. David Fortunato, Senior Regional IT Manager at the Newport Aquarium, said: “Most of our doors used locks and keys, and some had swipe card readers. At the aquarium we have a lot of doors and a lot of employees who need to carry equipment up and down stairs, so looking for keys in front of a door is not ideal. “We really wanted to have one system on our exterior and critical safety doors, and also make access convenient for our employees.” When sourcing a security system, the Newport Aquarium needed durable hardware because of its unique environment. David explains: “Even though the products are installed and secured in cases and locked rooms, being an aquarium, we have heavy amounts of moisture and salt in the air. It can chew up the products.” Another factor that needed consideration when designing the installation was the possibility of integrating the aquarium’s existing wired infrastructure and security products with the new system. Tom said: “We did a Net2 product demonstration to Newport Aquarium’s IT team. We told them we could use all the existing cabling, readers, door handles and panels. We said we could retrofit the existing hardware with the Net2 door controllers and make it a clean installation.” Solution Tom and his team at Sec-Tron installed Net2 at the aquarium. Tom said: “The expandability of the new system was the customer’s main concern. They also liked Net2’s pricing structure.” The Net2 software can manage up to 1,000 doors and 50,000 users and requires no license fees, making it a cost-effective and scalable security solution. The Newport Aquarium now uses employee ID cards as Net2’s access tokens. The employees scan their IDs at the staff entrance and go through physical screening to enter the aquarium. Once they are in the park, they need to present badges at each door to be given access for a certain number of hours, based on their role and duties. David said: “With our old lock-and-key doors, it was hard to keep track of keys. It is one of the biggest benefits that Net2 has brought, that we could replace all those keys with badges and just keep a few keys for emergency. It provides better tracking, higher security, and greater convenience for our employees.” David further explains how they maximise the features of Net2: “We use the timeline feature to tailor access hours and levels of each door. When it’s after the aquarium’s opening time, we lock the doors to prevent unauthorised access. “Another feature we use a lot is the intruder alarm relay. If someone accidentally goes through our emergency exit, it will sound the horn through the relay and alert our staff to go check and make sure no one has gone to an area that they are not supposed to.” Result David manages the security systems for three theme parks under Herschend Family Entertainment Corp, the other two are Kentucky Kingdom & Hurricane Bay and Adventure Aquarium. The Newport Aquarium is their first Net2 installation, and they have plans to expand Net2 to their other sites. David said: “We are doing the installation in phases. We started with 15 doors at the Newport Aquarium and now it’s fitted across 53 doors. We have a plan to put Net2 on every possible door as it is just much more convenient and safer than keys, and everything is documented. “We have also started putting Net2 in Kentucky Kingdom, which is currently at its phase 1 with around 20 doors. Our other Adventure Aquarium in Philadelphia, the existing security system doesn’t offer great access convenience while maintaining the security level that we require, so we have a plan to install Net2 there as well.” Read more exclusives and news in our latest issue here. Never miss a story… Follow us on:  Security Buyer  @SecurityBuyer  @Secbuyer Media Contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

Newport Aquarium Uses Net2 to Replace Traditional Locks & Keys Read More »

Yan Ferraries - Heald-min

Heald continues growth in the Middle East

Perimeter security manufacturer Heald Ltd appoints Overseas Sales Support lead to enhance operations across the Middle East and Europe. Experienced hostile vehicle mitigation (HVM) sales specialist Yan Ferrieres has joined British perimeter security manufacturer Heald Ltd as Overseas Sales Support. The firm, located in Hornsea, East Yorkshire, designs and manufactures unique hostile vehicle mitigation (HVM) solutions, including road blockers and bollards to protect pedestrians and high- profile locations from the risk of vehicle attacks. Global installs include King Abdullah Sports Stadium in the Kingdom of Saudi Arabia, Avinor Airport in Norway, the World Trade Centre and the UN building in New York City, alongside multiple other locations around the globe. Based in France, Yan has over 20 years of experience in export sales within the HVM industry, working on a range of high-profile global perimeter security projects, bringing his multilingual skills to support various markets within the Middle East regions. Yan will also be supporting Heald’s customers within France and Belgium and will be instrumental in creating new opportunities in these areas. The Middle East region has always been an area that has welcomed Heald products, being the first export market for Heald over 20 years ago. To date, these perimeter security installs are still in active operation. Growth within the European region also remains strong for the Yorkshire-based business, with exports to Europe accounting for 21% of the firm’s total annual sales during the most recent financial year, a 141% increase on the value of export sales versus the previous financial year. The appointment of Yan comes following the announcement that Heald has recently established a German subsidiary. Co-owner and Managing Director Debbie Heald MBE said: “We are delighted to welcome Yan to the Heald team. Having worked with him on several projects over the years, he brings a wealth of experience, and we look forward to continuing to grow in these markets”. Yan Ferrieres added: “It is an honour to be joining the team at Heald and bringing my many years of industry experience to drive growth in many key regions”. Yan will also be leading Heald’s inaugural exhibition at security conference, Intersec in Dubai, which is due to take place between 16-18th January. Read more exclusives and news in our latest issue here. Never miss a story… Follow us on:  Security Buyer  @SecurityBuyer  @Secbuyer Media Contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com  

Heald continues growth in the Middle East Read More »

Scroll to Top