April 2017 Digital Edition

Click Here

March 2017 Digital Edition

Click Here

Feb. 2017 Digital Edition

Click Here

Nov/Dec 2016 Digital Edition

Click Here

Oct 2016 Digital Edition

Click Here

Technology Sectors

Market Sectors

Editorial Features

National Governors Association Selects 4 States for Assistance in Energy Security Exercise

Colorado, Hawaii, Idaho and Maryland to Review and Test Energy Emergency Response in a Simulated Environment

WASHINGTON -- The National Governors Association (NGA) competitively selected four states – Colorado, Hawaii, Idaho and Maryland – to participate in a focused technical assistance project to enhance their experiences in the GridEx V energy security exercise and support the states' energy security planning efforts.

GridEx is a biennial exercise conducted by the North American Electric Reliability Corporation (NERC) to simulate a cyber and physical attack on the electric grid across North America. Participants include members of the electric sector, other critical infrastructure operators, law enforcement, and state, local and federal officials from across the country. The GridEx V exercise will take place Nov. 13-14, 2019.

Supported by the U.S. Department of Energy's Office of Cybersecurity, Energy Security, and Emergency Response, NGA will work with the four states to prepare for, participate in, and share lessons learned and promising practices from the exercise via phone consultations, an in-person workshop planned for January 2020.

During the exercise, participants will remotely respond to simulated cyber and physical events to determine how their organizations, including governors and states, might respond in a real-world event. Governors play critical roles during widespread electric grid outages and NGA's project will help participating states improve their ability to respond and recover from these incidents, enhance emergency communications, build relationships with electricity and other critical infrastructure operators, and identify infrastructure resilience needs.

"As a national leader in cybersecurity and a pioneer in micro-grid development, Maryland is proud to partner with the National Governors Association and other states on the GridEx emergency preparedness exercise," said Governor Larry Hogan, chair of the National Governors Association. "Our technology-driven infrastructure is increasingly vulnerable to cyberattack with the electric grid as a prime target, but we are committed to protecting our state against threats to our infrastructure with the best ideas and latest technologies."

"In order for Idaho to respond to a significant emergency event involving our energy infrastructure, we need to better understand all our stakeholders, their infrastructure and single points of failure, and how we can best mitigate those potential failures in a coordinated effort," Governor Brad Little said. "Idaho welcomes the opportunity to participate in this exercise and take advantage of assistance from our partners."

"I ran on the goal of reaching 100 percent renewable energy in Colorado by 2040, and we've already made significant progress toward achieving this commitment. We must also continue to improve our energy infrastructure and security to ensure grid reliability and resilience," Governor Jared Polis said. "Our state is excited to join this exercise."

"We are honored to be selected for the opportunity to participate in this important exercise that will help stakeholders in Hawai'i and other states enhance their capabilities to respond to severe events affecting the reliability of their energy systems," said Governor David Ige. "Improving grid resiliency in the face of potential cyber and physical threats is a top priority for Hawai'i as we strive to strengthen our national security and achieve our aggressive clean energy goals."

After the exercise, the four selected states will contribute to an after-action report to identify state-focused challenges and lessons learned. The state teams also will participate in a two-day, post-exercise workshop with experts, in which they will explore these results and lessons further and develop action plans to improve energy security in their states. 


Founded in 1908, the National Governors Association (NGA) is the nonpartisan organization of the nation's 55 governors. Through NGA, governors share best practices, address issues of national and state interest and share innovative solutions that improve state government and support the principles of federalism.

GSN'S 2018 HSA Winners


Judging in this category is based on a combination of client organization, technological innovation or improvement, filling a recognized government IT security need and flexibility of a solution to meet current and future organizational needs.


Best Application Security Solution
Appthority – Platinum Winner


Best User & Entity Behavior Analytics Solution
LogRhythm - Platinum Winner

Bay Dynamics – Gold Winner
Gurucul – Silver Winner


Best Anti-Malware Solution
AppGuard Inc - Platinum Winner

Bromium – Gold Winner


Best Application Security Solution
Virsec– Platinum Winner
Code Dx, Inc – Gold Winner
Sargent and Greenleaf – Silver Winner
Bromium – Finalist

Waratek – Finalist


Best Sever Security Solution

AppGuard Inc - Platinum Winner


Best Threat Intelligence Solution

ProofPoint - Platinum Winner


Best Server Security Solution

SolarWinds Worldwide, LLC - Platinum Winner


Best Email Security/ Loss Management Solution
Proofpoint– Platinum Winner


Best identity Management Platform
CyberArk  – Platinum Winner
Beyond Trust– Gold Winner
Idaptive – Silver Winner
Centrify – Finalist


Best Continuous Monitoring & Mitigation Solution
SolarWinds Worldwide, LLC – Platinum Winner
Netwrix Corporation – Gold Winner

DFLabs – Silver Winner
CyberArk – Finalist


Best Physical Logical Privileged Access Management Solutions
Centrify– Platinum Winner
CyberArk – Gold Winner


Best Cyber Operational Risk Intelligence
RedSeal – Platinum Winner
DFLabs – Gold Winner
RiskSense – Silver Winner


Best Compliance/Vulnerability Assessment
RedSeal – Platinum Winner
Wombat Security Technologies, Inc. – Gold Winner


Best Network Security/Enterprise Firewall
OPAQ Networks – Platinum Winner


Best Multifactor Authentication Solutions
Optimal IdM – Platinum Winner


Best Endpoint Detection and Response Solution
Idaptive – Platinum Winner


Best Security Incident and Event (SIEM) Management
SolarWinds Worldwide, LLC – Platinum Winner

LogRhythm – Gold Winner


Best Industrial Cybersecurity Solution
Virsec – Platinum Winner


Category #2 Vendors of Physical Security Products and Solutions


Judging in this category is based on a combination of an increase in client organization, technological innovation or improvement, filling a recognized government IT security need and flexibility of a solution to meet current and future organizational needs.



Best Thermo, Nightvision, Infrared Cameras
FLIR Systems, Inc. – Platinum Winner
CohuHD Costar Gold Winner – Gold Winner


Best City-Wide Video Surveillance
Logos Technologies – – Platinum Winner



Best Interoperable First Responder Communications
LRAD Corporation – Platinum Winner




Best Perimeter Protection, Intrusion Detection System
AMICO – Platinum Winner
PureTech Systems – Gold Winner
FLIR Systems, Inc. – Silver Winner


Best Crash Barriers (Fences, Gates, Barriers, Bollards)
TCP-Security Solutions – Platinum Winner



Best Nuclear/Radiation Detection Solution
FLIR Systems, Inc. – Platinum Winner


Best Chemical Detection Product or Solution
Rapiscan Systems – Platinum Winner
FLIR Systems, Inc. – Gold Winner
Teknoscan Systems Inc. – Silver Winner


Best Explosives Detection Product or Solution
Rapiscan Systems   – Platinum Winner


Best Active Shooter Gunshot Detection Solution
Shooter Detection Systems – Platinum Winner




Best College/University in Homeland Security
Bellevue University – Platinum Winner


Best Disaster Preparedness, Recovery, Clean-up
High Rise Escape Systems Inc. – Platinum Winner




Best Access Control Hardware
Sargent and Greenleaf – Platinum Winner




Most Notable Federal Government Security Program, Project of Initiative
Federal Risk Management Process Training Program (RMPTP)

Most Notable Law Enforcement Interdiction, Arrest, Counter Terrorism or Crime Protection Program – Federal, State or Local
Federal Risk Management Process Training Program (RMPTP)


Most Notable Federal Government Security Program, Project of Initiative
Department of Homeland Security Science and Technology Directorate


New Cybersecurity Regulations Adopted to Protect Financial Systems & Information

In 2016 almost 1.1 billion identities were stolen globally.  This number is up dramatically from a reported 563.8 million identities stolen in 2015.   In addition, the same Symantec Internet Security Threat Report placed the United States at the top of the list for both the number of breaches by country (1,023) and the number of identities stolen by country.

New York State’s Division of Financial Security and other government entities around the globe have been monitoring this increased cybercriminal threat and determining means to help protect the private information of individuals as well as the information technology systems of regulated organizations.

New York State’s Division of Financial Security released new cybersecurity requirements (23 NYCRR 500), directly affecting the way that financial data is managed going forward. Applicable to financial services companies operating in New York State, these regulations declare that, on an annual basis, financial firms are required to prepare and submit a Certification of Compliance with the NY DFS Cybersecurity Regulations to the superintendent, commencing on February 15, 2018.

The scope of this legislation describes measures related to: cybersecurity programs and policy, personnel, resources and training, penetration testing and assessments, audit trails, access privileges, application security, third parties, NPI (Non Public Information) encryption, data retention, incident response and notification.

Among other requirements, this regulation dictates that companies declare any cyberattack to the superintendent within 72 hours. In the past, many companies chose to not disclose information related to these hacking exposures because much of their cost stems from damage to brand reputation and the necessary steps required to rebuild the trust of their clients post-attack.

Similar to the NY DFS proposal, the Federal Reserve Board (FSD), the Office of the Comptroller of the Currency (OCC), and the FDIC issued an advance notice of proposed rulemaking (ANPR) on enhanced cyber risk management and resilience standards for large banking organizations.  Additionally, the states of Vermont and Colorado have released laws pertaining to cybersecurity and the improved protection and monitoring of data. 

Two technologies specifically called out in the new NYS DFS Cybersecurity requirements, Multi-factor Authentication (MFA) and Risk Based Authentication (RBA), are key methods of complying with regulation and defending against attacks. 

Multi-factor authentication is defined as using at least two factors to authenticate a person, generally a combination of:

  • “Something I Have” — this could be a hardware token, a mobile soft token, etc.
  • “Something I Know” — like a PIN code, a password, and
  • “Something I Am” — such as a fingerprint or face recognition.

With MFA, the two factors are fully independent from each other (i.e. the failure of one factor would not compromise the other one).

Risk based authentication is the capacity to detect anomalies or changes in the normal use patterns of a person as part of the authentication process, require additional verification if an anomaly is detected to avoid any breach.

It is more efficient to avoid hacking and cyber-attacks in the first place by focusing attention on the security of the applications being accessed, both externally and internally.  To learn more about these regulations and how similar standards will impact you, visit www.hidglobal.com/iam.

Top 10 Considerations for Choosing the Right Secure Issuance Solution

You need new ID badges, and you know that you’d like to be able to have these “smart cards” enable access to your building and/or your network – or perhaps even other systems like transit or cashless vending – but where do you start? What are your options for printing (and encoding) badges such as these?   Are there other things to consider before making a purchase?

HID Global can help. The white paper, Top Ten Considerations for Choosing the Right Secure Issuance Solution, outlines the top ten things to look for when selecting a secure issuance provider to help you find a solution that meets your specific needs.

Please click here for your free copy of this white paper.

Lessons learned from WikiLeaks

Adi Ruppin

WikiLeaks is only one example (albeit a major one) in a chain of data leakage incidents in recent months. Looking back over the last year or so, you might also recall the posting of TSA screening manuals online, the unintentional release of numerous product specs, as well as many other incidents.

Why are we seeing so many leaks lately? Here are three reasons:

Reason 1: The need to share

Leakage is in no small part due to the fact that data sharing and collaboration have become a “must” in today’s increasingly mobile and global world. This more complex world makes it easier to share and collaborate, but also makes it exceedingly easy for information to leak.

Reason 2: Ease of use

This is the usual security-versus-connectivity paradox. You need to find the optimal solution that balances security and connectivity. You cannot lock down all documents in a vault and not share them with anyone. Nor can you indiscriminately send them via unprotected e-mail. A major reason why documents leak is that most existing solutions are extremely cumbersome to use. They involve installing servers, agents, defining policies and more. And, if something is hard to use, chances are people will not use it.

Reason 3: The right solution for the problem

There is a lot of confusion in the market today, with many different product categories available, such as data loss prevention (DLP), enterprise digital rights management (DRM), e-mail encryption, virtual data rooms and many others. For example, just because you’re using encrypted e-mail doesn’t mean your information will not leak, as this type of protection typically applies only when the document is in transit. As soon as it gets to its destination, it can be freely forwarded to an unauthorized party. It is important to make sure that your solution is solving the right problem.

So what can you do?

In our world, without walls, we need to assume that documents must be shared across organizational boundaries and across different platforms, such as PCs and mobile devices. So, it is pointless to try to protect some nonexistent perimeter. Ultimately, the only solution is to embed security and controls into the documents themselves. New technologies allow document owners to maintain control and track files throughout the documents’ lifecycles. Such solutions allow users to control who views documents and who prints them, and even lets them wipe files completely at any time; even after they have been downloaded.

Adi Ruppin is vice president of marketing and business development for WatchDox, a provider of document protection, control and tracking solutions. Ruppin can be reached at:

[email protected]




Henry Bros. Electronics, Inc. completes the merger with Kratos Defense & Security Solutions, Inc.

Henry Bros. Electronics, Inc. (HBE), a turnkey provider of technology-based integrated electronic security solutions, announced on Dec. 16 that on December 15, after receiving the required stockholder approval, it completed the previously announced merger transaction with Kratos Defense & Security Solutions, Inc.

The affirmative vote of the holders of a majority of the outstanding shares of Henry Bros. common stock was required to approve the merger transaction with Kratos. According to the final vote tally of shares of Henry Bros. common stock, approximately 79 percent of the outstanding shares of Henry Bros. common stock, as of November 2, 2010, the record date for the annual meeting, was voted to approve the merger.

Under the terms of the merger agreement, Henry Bros.'s stockholders will receive $8.20 in cash, without interest and less any applicable withholding taxes, for each share of Henry Bros. common stock they hold.

As of December 16, 2010, the stock of Henry Bros. will no longer be quoted on The NASDAQ Capital Market.



Applied DNA Sciences to redesign its Web site

Applied DNA Sciences announced on Dec. 22 that it has begun a “comprehensive redesign” of its Web site, which will begin with a reworked front page.

“Our company blog has similarly been reimagined to give flesh and blood detail to our story,” wrote James Hayward, the company’s chairman, president and CEO, in an e-newsletter.

Hayward invited visitors to the revamped Web site to read a wide variety of blog entries, and then contribute to the company’s redesign effort by indicating the types of information they would like to see. “More in-depth information on our fast-growing product line?” asked Hayward. “More success stories? More investor-oriented features and data?”

Hayward said a formal online reader survey will soon follow.

AS&E receives $3.8 million order for ZBV Military Trailers

ZBV Military Trailer

American Science and Engineering, Inc., a supplier of X-ray detection solutions, announced on Dec. 22 the receipt of a $3.8 million order from an unidentified government customer for multiple ZBV Military Trailers.

The ZBV Mil Trailer is a ruggedized version of the company’s Z Backscatter Van (ZBV) built onto a standard military trailer. Security officials use the ZBV Mil Trailer for screening vehicles, containers and other cargo for terrorist threats and contraband, AS&E said in a recent press release.

“This first ZBV Mil Trailer order for this service branch of the Armed Forces comes as a direct result of its success with active fielded systems,” said Anthony Fabiano, AS&E’s president and CEO. “The ZBV Mil Trailer has demonstrated its effectiveness for inspecting vehicles and cargo for explosive threats and contraband in harsh terrain.”

HID Global fuels E-Passport and e-ID adoption in Europe

HID Global, a provider of secure identity solutions, announced Dec. 6 that the company’s e-government RFID reader technology is being deployed in France, Germany, Italy, Netherlands and Spain to help create a more robust identity-checking infrastructure in Europe.

The company will be deploying its technology through leading system integrators in two additional countries during the first half of calendar 2011, according to a recent press release.

HID’s reader modules offer one of the world’s fastest solutions for biometric passport reading, and its reader technology is unique in supporting both Basic Access Control (BAC) and Extended Access Control (EAC) to deliver a combination of flexibility and future-proofing as Europe and the rest of the world move to more secure digital credential technologies, says HID Global.

Altogether, HID’s e-Government inlays, readers and printers are now used by ministries of interior and foreign affairs in over 27 e-passport programs and 31 ID/e-ID programs worldwide, making life easier for more than 120 million e-document holders.

“We understand how important it is to minimize delays while maximizing security at border crossings, and so we have focused on delivering best-in-class reader speed, accuracy and flexibility in our e-passports and other e-government solutions,” said Mark Scaparro, senior vice president of Identification Solutions with HID Global. “We offer one of the industry’s fastest and most reliable reader solutions plus seamless interoperability with all relevant standards and technologies. Being able to support both BAC and EAC standards in our readers has been one of the top requirements for our OEM partners in Europe, as demand continues to grow for secure and reliable e-passport and other e-government solutions, and as more countries migrate from a BAC- to EAC-enabled infrastructure.”

HID’s combination of BAC and EAC support makes it easier for countries to support existing requirements while migrating to the latest, more rigorous security standards. BAC is typically used for government identity verification and for such commercial applications as accelerated hotel check-in/checkout, self-serve airline check-in, and purchasing disposable mobile telephony credits.

For greater security, EAC is used to enable biometric matching during e-passport and eID document issuance and at automated border-crossing locations, including airports in Finland, France, Germany, Portugal and the U.K. While more than 30 European countries have completed their e-passport migration to EAC, experts confirm that only a fraction of these countries has a reader infrastructure in place today and deployments will accelerate rapidly.

According to Acuity Market Intelligence, e-passport market revenues will grow at a compounded annual growth rate of 31.5 percent to nearly $7 billion annually by the end of 2014. The firm reported in its April study entitled, The Global e-Passport and e-Visa Industry Report, that e-Passports accounted for 57 percent of all passports issued and 28 percent of all passports in circulation during 2009, and that 88 percent of all passports issued in 2014 will be electronic passports.

“Ten years ago, the e-passport was a concept circulating among forward thinking individuals and small groups of associated industry, government and non-government agencies,” said Acuity Principal, C. Maxine Most. “In the wake of the terrorist attacks on the World Trade Center in 2001 and the subsequent transit attacks in Madrid in 2004 and London in 2005, the e-passport idea rapidly transformed into a foundation for global security. Today, e-passports have not only become mainstream but have also created a multi-billion dollar industry poised to fundamentally change the global travel and border control infrastructure.”

The latest EAC standards mandate that passports contain individual private keys to resist counterfeiting, and require inspecting parties to prove that they are entitled to extract sensitive data such as the fingerprint using digital signatures and a Public Key Infrastructure (PKI). For additional security, HID Global uses advanced encryption techniques to protect against unauthorized access to the chip data. The option of field-upgradeable firmware or a read-only memory (ROM) mask is also available, upon request, depending on platform.

HID Global offers a variety of RFID reader board modules that OEM partners can use to develop customized solutions. The read/write readers support all ISO 14443-4 A/B elements, making them suitable for all existing and yet-to-be-developed ISO chips and chip operating systems. The option of on-board or external design with single or dual antennas optimizes configuration flexibility and performance.

HID Global’s RFID readers are part of the world’s broadest portfolio of e-documents, e-passport and e-national ID solutions, says the Dec. 6 release. The company has a history of industry innovation, including developing and helping to drive deployment of the widely used wire-transfer and wire-embedding technologies for extended contactless e-document durability, and creating patented, thin and flexibleceFLEX inlays that increases e-document resiliency.

Core Security ships Core Insight Enterprise with broad security assessment capabilities

Core Insight Enterprise

Core Security Technologies, a provider of IT security test and measurement software solutions, announced on Dec. 13 the official release of its Core Insight Enterprise. Following a successful beta program, which included more than a dozen Fortune 500 firms and top-level U.S. Government agencies, the launch realizes Core Security’s vision of enabling customers to continuously identify and prove real-world exposures to critical assets across the entire organization through automated testing of network systems, Web applications, and users in one completely integrated solution, says the company in a press release it issued on Dec. 10.

With Core Insight, customers gain real visibility into their security standing, real validation of their security controls and real metrics to more effectively secure their organizations. The solution employs groundbreaking technology that proactively replicates the steps attackers would take to breach valuable information assets.

Unlike other solutions, Core Insight Enterprise starts with customers identifying which systems and data they want most to protect. Insight then automatically calculates paths of attack and then begins to exploit multiple layers of defense until the security of critical assets is either confirmed or breached. Assessment results are delivered via a dashboard and reports that present metrics regarding the efficacy of security controls in terms relevant to the business.

Core Insight Enterprise provides IT security leaders with an automated and continuous view of IT security risk for the very first time.

“Using Core Insight Enterprise to test across our IT infrastructure on a continual basis has given us an entirely new way of looking at whether or not our most critical IT systems and electronic data are protected from real-world attacks,” said Larry Whiteside, chief information security officer of the Visiting Nurses Service of New York. “Just as importantly, it tells us how well our existing defenses are functioning and what type of return we’re getting from our previous security investments.”

“Core Insight Enterprise changes how enterprises should view security,” said Charles Kolodgy, research vice president for Security Products at IDC. “It makes security goal oriented by allowing security professionals to determine if their critical assets are vulnerable.”

 Core Insight builds upon the expanding demand and established innovation of Core Impact, a penetration testing software product, now in its 11th version, said the company. While Impact is the software application of choice among thousands of security testing professionals, Core Insight creates the opportunity to test and measure exposures in a comprehensive and realistic manner.



Recent Videos

HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...
PureTech Systems is a technology leader in the use of geospatial video, focusing on perimeter security.  When combining geospatial capabilities with video analytics and PTZ camera control, managers of critical facilities can benefit by allowing the video management system to aid them in the process...