Home Trade Shows Show News

More than 300 users connected to a rogue wireless network at the Infosecurity Europe exhibition in a live experiment by CryptoCard. On its stand, managing director EMEA Jason Hart set up a wireless network named ’Free Infosec WiFi’ that was open for two hours on the first two days of the show. Presenting the results, he revealed that 143 people had connected on the first day and 162 had connected on the second day. Speaking to SC Magazine on the 305 people who had willingly connected to this network, Hart said: “These are infosecurity people connecting to the unsecured network and using the freely available Cain software with a £30 network, we were able to see their name, IP address and Mac address and could have taken their credentials if they tried to use applications or the internet while connected. “There is no way of knowing that this is a rogue network as users assume it is free and use it, what is a real concern is that if you go on YouTube you can find videos of how to set these networks up. ” In a live demonstration of the smartphone hacking experiment conducted on SC Magazine online news editor Dan Raywood, Hart changed the name of the rogue network to ’BT Openzone free’, which Apple iPhones automatically connected to, demonstrating how simple it is to collect credentials. Also this week, CryptoCard launched the Blackshield Cloud, an authentication-as-a-service offering to replicate an onsite authentication server. It said that Blackshield Cloud allows enterprises to protect any point of access where a password is currently used and allows all access to be secured from a single point of control. Neil Hollister, chairman and CEO of CryptoCard, said: “The Blackshield suite is the technical fulfilment of our vision of making strong authentication a commodity and represents a true paradigm shift for authentication. “The rules of the game have changed in the past couple of years and it’s no longer a question of whether strong authentication is needed, but rather what’s the best way of deploying it. The Blackshield suite takes strong authentication out of the niche and into the mainstream. ”

Security vendor ViaSat has hit back at claims made at Infosecurity Europe by the deputy information commissioner that its findings were incorrect. Asked about results from a Freedom of Information (FoI) Act request by ViaSat, the deputy information commissioner David Smith said that the findings that were reported were ’quite inaccurate’, as while the report said that the figures were from April 2010, he believed them to be from November 2007. The figures are likely breaches of the Data Protection Act received between 6th April 2010, when monetary penalties were introduced by the Information Commissioner’s Office (ICO) and 22nd March 2011. The breakdown, as seen by SC Magazine, showed that ’lenders’, local government and health were the largest offenders in the time space, with 971 cases reported (lenders with 401, local government with 347 and health with 217). The FoI Act request asked specifically for information regarding the number of data breaches, while the ICO used the words ’breaches of the Data Protection Act’ and not data compliance issues. Chris McIntosh, CEO of ViaSat UK, said: “First of all I am disappointed in the response of the ICO today. The figure of 2, 565 was given to us by the ICO in direct response to a FoI request on the number of data breaches reported since 6th April 2010 and was treated in good faith. Subsequently the ICO has made comment that this figure was inaccurate. “If it was, this was down to miscommunication from the ICO. Our request was clear in that we wanted information on the number of data breaches. Even if you look at the revised figures the ICO has released it is still clear that that monetary penalties have been enforced in less than one per cent of the data losses it has dealt with. Of those, none have come near the maximum and so far the penalties, as with the ICO’s actions and undertakings as a whole, have focused on the public sector whilst leaving the private sector relatively unscathed. “The ICO is fond of saying that ’you have to be selective to be effective’ but by being too selective all that happens is that organisations, especially in the private sector, can begin to view the threat of a penalty or an undertaking as something that is so unlikely as to be beneath notice. For example, organisations could easily look at the £60, 000 penalty meted out to A4e, its size compared to the company’s £145 million turnover, its rarity and the fact that A4e is still receiving plenty of business, from the government no less, and feel that the risk of ICO action is one they are prepared to take. “The ICO is right to push for more powers and we fervently hope it can get them. However, it would be nice to see those it has exercised a little more. ”

On Saturday at the China Import and Export Fair (Pazhou) Complex, MH Industry staff will display their highly selected products of world famous brands "MH" and "Two Birds". Canton Fair, China’s largest trade show known for mega scale and significant influence, bridges China business with the rest of the world. By providing a platform that best presents the exporters’ products, and informs the importers of product information to the largest extent, the trade fair offers an indispensable opportunity for every exporter and importer, domestic and overseas alike. For any enterprise in pursuit of international prestige, Canton Fair deserves a try. Aiming to establish itself as the NO. 1 garment accessories supplier of the world, MH Industry has early embarked for its global success at the 2000 Canton Fair. It is the 20th time that MH has taken part in the Canton Fair. With only one stand in 2000 to as many as 13 stands in 2011 for MH Industry, Canton Fair witnessed the great leap for MH Industry’s development. While the sole decoration of an MH logo in 2000 only indicated the existence of the enterprise, the varied pictures of lace, button, thread, tape and zipper products fully demonstrated how MH Industry emerged as the largest garment accessories supplier in China. Deeply rooted in mind that detail is the key to success, MH Industry staff make unyielding efforts to do their best in every aspect. They focus on not only producing highly refined garment accessories, but also perfecting every procedure that follows, such as packaging and promoting. At the Canton Fair, visitors will find that everything appears artistic - sample products are perfect, in terms of both color match and quality; The display is perfect, with the latest products and technologies from MH Industry; The consultants are perfect, since each of them qualifies as a professional of MH Industry and to some extent, an expert of the garment accessories, who is always at visitors’ service. In possession of multiple garment accessories, MH Industry will cover the 2nd and 3rd phases of the 2011 Canton Fair. Specialized in garment accessories and tailoring materials manufacturing, the company is confident in winning visitors’ heart with their already prestige "MH" and "Two Birds" products.

LONDON -- The Infosecurity Europe 2011 conference kicked off today with panel discussions on two important issues for security pros: How to manage security on a budget, and what to do about smartphones. The answer to both, it turned out, is good risk management. You need to move from having a security policy to having a security strategy for the business. Steve Knight, information security officer, Aspen Re An opening session brought together CISOs from the insurance, retail and the legal sector to discuss the question: “When do you stop spending on security? ” In other words, how do you decide when the company is secure enough? Michael Colao, head of information security at insurance underwriters Beazley Group, said that moving from his previous job at an investment bank was a revelation. “Working for an insurance company has completely changed the way I understand risk, ” he said, because the whole insurance industry is based on making clear assessments of risk, and then putting a price to it. “If I say that something unlikely but expensive could happen to us, they’ll ask how unlikely and how expensive. These are calculations they are used to making, ” Colao said. “You can’t use fear, uncertainty and doubt with these people. We convert risk to money, decide what it will cost to control, and then make the decision. ” Andrew Rose, CISO at law firm Clifford Chance, proposed a similar approach, adding that it is necessary to build a common set of terms across the company so every department looking at risk will have common standards by which to judge what constitutes, for example, a “catastrophic” risk. Rose added that, rather than setting the security budget first, it makes more sense to assess risks, assess the costs of controlling them and then match them to the organisation’s appetite for risk. That way, any budget demanded will be fully justified. And don’t be afraid to talk down your own budget. Colao said that, on occasion, he has done a risk assessment that showed spending could be cut in some areas. “It buys you a lot of credibility if you can demonstrate a willingness to cut budget when you can, ” he said. However, the discussion moderator Wendy Nather, a security analyst with the 451 Group, pointed out that all those on the panel were from large organisations, whereas a lot of smaller companies live below what she called the “security poverty line, ” where they have no dedicated security people and often just a small IT department. “Your risk tolerance can be very high when you have no money, ” Nather said. Risk management also dominated the following session, in which participants tried to decide whether smartphones were a boon or a curse to business. Gary Cheetham, CISO at insurance company NFU Mutual, reported that members of his company were pushing to use more mobile devices, despite his misgivings about some smartphone security issues. Michael Everall, CISO for Lehman Brothers Holdings, said he was also in the process of rewriting his company’s mobile usage policy to accommodate demand for a wider range of mobile devices. They and others on the discussion panel agreed it was futile to resist the rise of the smartphone and mobile tablets, such as the iPad, but they all worried the devices (with the exception of the BlackBerry) were built primarily as consumer devices and were difficult to manage from the point of view of security and policy. Everall said trying to support a growing range of devices is too difficult. “The device is not the issue. Our goal should be to look after the data and focus on the basics of confidentiality, integrity and availability, ” he said. Various mobile device management products were considered by the panel – Good Technology Inc., MobileIron Inc. And Sybase Inc. Were all mentioned as having useful products – but technology was only part of the answer, the panel concurred. Cheetham said the risks need to be explained to the company, and the appetite for risk defined. Everall added this should include a change of approach that ensures users understand both the risks and their responsibilities when they choose to download corporate data onto their personal mobile devices. “[Users] need to understand that the data still belongs to the organisation, and they have a responsibility for its security, ” he said. User education: Cheap but effectiveA prevalent theme during the day’s events was the power of good user education, training and awareness in managing and assessing risk. Lehman’s Everall favoured lunchtime sessions with users, with pizza provided, where he could explain why security mattered and why the security department was implementing policies. Users were also given free security software for their home systems. When he joined Beazley, Colao carried out approximately 140 interviews with people around the company to get their views on what mattered and where risks were, and this helped refocus the company’s security posture. He has maintained strong links with departments to ensure security is seen as a benefit to business rather than a blocker. “User education can be far more effective than a large technical investment, ” he said. Steve Knight, information security officer at reinsurance company Aspen Re, who spoke in the security budgeting discussion, had also carried out workshops wherein workers from multiple departments had participated (with sandwiches provided) and where they helped rank the seriousness of a whole range of risks. This close relation was also fostered by running sessions to help users secure their home computers. “Good security should be just part of the routine of the business, ” Knight said, “not contained in a separate policy document. You need to move from having a security policy to having a security strategy for the business. ”

The 109th China Import and Export Fair, commonly known as the Canton Fair, was opened on Apr 15. The number of participants and the scale both created historical high. Participants said the export price generally increased 5-10% due to higher cost and RMB appreciation. A producer said some of their popular products even saw an increase of 20%. Most purchasers showed their understanding for the increase and it did not affect orders much. However, the vice general manager of Ningbo Huamei Threads said some foreign customers have shifted some of their orders to Southeast Asia after the price was adjusted up. The export orders for textiles and apparel did not see any apparent increase during the fair. If RMB appreciates 1%, the profit of producers will reduce about 5%, which compelled producers to lift export prices. Industry players still suggest companies to face RMB appreciation, creating their own brand to win market share.

Not so long ago, phone and CCTV systems worked reliably over their own wires, isolated from an organisation’s data network. We are trying to educate the market, and show the issues around the threats. Ian Kilpatrick, Chairman, Wick Hill Group But that is changing fast with Voice over Internet Protocol (VoIP) telephony and IP-based CCTV. These systems use the same data lines and protocols as the data network, making them cheaper to run and easier to manage. But, in the process, they are now prone to the same threats as the corporate data network. To prove the point, distributor Wick Hill Ltd. Will demonstrate at Infosecurity Europe how easy it is to hack into VoIP and IP-CCTV systems, and carry out damaging attacks. Wick Hill Chairman Ian Kilpatrick said the problem exists because of a general lack of awareness of the dangers. Companies that once sold and installed analogue systems have moved on to the digital generation without fully appreciating the new dangers, he said. “Vendors of Voice over IP phone systems and IP/CCTV are still playing catch-up when it comes to security, because it was never much of an issue when they were still in their analogue days, ” he said. “Some PBX vendors even deny there’s a problem, and claim everything is safe. ” Many of the threats are based on old-fashioned toll fraud, where calls are channelled through the digital private branch exchange (PBX) to premium-rate phone numbers, usually overseas. But VoIP security risks can also include eavesdropping on calls, call interception, the altering of billing records, denial-of-service attacks and the hijacking of PBXs so criminals can sell minutes on to their clients. Furthermore, the digital PBX can provide hackers with an undefended channel to the data network. “If I can break into your phone systems, there will be a bridge to the data network. That bridge is behind the firewall and is typically undefended. It is not perceived as risky, ” Kilpatrick said. “The biggest problem at the moment is the lack of awareness of the problem, as with all security. ” Similarly, he said that if hackers can break into a CCTV system, they can effectively turn it off, or get it to replay old footage while a crime is happening. Kilpatrick will run three demonstrations of how the attacks could take place -- one against a CCTV system, another against a digital PBX, and a third wherein calls are intercepted and recorded. In this third scenario, if hackers could secretly record customers giving credit card numbers over the phone, organisations would be exposed to fraud, and be in serious violation of the Payment Card Industry Data Security Standard (PCI DSS).

Research just published by Kaspersky Lab claims to show that more than three fifths (62%) of IT managers claim that security issues are an obstacle to the increased adoption of cloud security technology. The online research, which has been published today to coincide with the opening of the Infosecurity Europe show in London, suggests that only 41% of respondents are planning to migrate their IT resources to the cloud. The study, which was conducted earlier this month by YouGov and took in responses from more than 150 middle managers in firms of 249 or more employees, found that almost one in five (18%) managers said their businesses had considered – but rejected – the idea of moving any aspect of their IT resources to the cloud. In addition, says Kaspersky, almost a quarter (24%) had not even considered the cloud as an option. And with 79% of the survey’s respondents representing firms with 1, 000 or more employees, Kaspersky Lab says that companies could be missing out on significant cost and efficiency benefits. Andrew Lintell, the IT security vendor’s sales director for the UK and Ireland, said that cloud technology has huge potential for streamlining IT operations, particularly in larger organisations with more sophisticated IT requirements. "Cloud-based solutions can make IT systems leaner as well as more agile and cost effective – freeing up valuable IT expertise and resources", he explained. Lintell went on to say that Kaspersky’s research has found that there is still considerable confusion about the cloud. Companies, he says, may be concerned about where data is stored and how they can keep it secure, but they should also view the positive gains.

Bracknell, UK, 13 April 2011 - 3M, the diversified technology company, will address increasing business user demands for visual security on media tablets by previewing its new range of 3M Privacy Screen Protectors on Stand C82 at Infosecurity Europe (19-21 April, Earls Court, London). The new product range will be shown for the first time alongside 3M’s portfolio of laptop and desktop privacy filters. Available now in gloss finish, 3M Gold Privacy Filters for laptops offer a narrower viewing angle but only for the authorised user positioned directly in front of the screen. "According to a recent Gartner report(1), by 2013 80 per cent of businesses will support a workforce using tablets, said Nick Hughes, Marketing Manager, 3M Mobile Interactive Solutions Division. "In anticipation of this dramatic growth, we will be launching a new range of 3M Privacy Screen Protectors for tablets in the summer of 2011. Visitors to the Infosecurity Europe stand will see an early demonstration of how effective they are in safeguarding on-screen data from unauthorised viewing and helping to achieve visual data compliance. " Also on the stand will be the 3M Gold Privacy Filter for laptops and existing black privacy filters, which are also suitable for desktop monitors in an office environment. The new gold models are designed to offer IT security executives and business professionals a combination of style, enhanced security and market leading clarity and brightness. The black and gold filters are simple, reliable protection tools that fit neatly over laptop screens, and can be readily removed and stored when privacy is not required. They are specifically designed to restrict anyone positioned to the side from seeing private data on the user’s screen while travelling or working in a public environment. The first 250 visitors that register at the 3M stand will receive a gold or standard black filter for free (they will need to be carrying their laptop, or a record of their laptop size, make and model, or they can check on the 3M Product Selector via www.3M.co.uk/privacyfilters).

ProPhotonix Ltd of Salem, NH, USA, a designer and manufacturer of LED systems and laser modules (as well as a distributor of laser diodes for Opnext, QSI, Sanyo and Sony), is to distribute two new high-power laser diodes launched at January’s Photonics West 2011 conference by optical module and component maker Opnext Inc of Fremont, NJ, USA. The HL40023MG, a 500mW 404nm-wavelength violet laser diode, is suited to applications such as biomedical illumination and optical lithography. Current biomedical and direct imaging system makers often use large, power-hungry solid-state laser diodes, says ProPhotonix. The HL40023MG offers manufacturers a more cost-competitive option to use a high-intensity diode in a small 5.6mm package. With a low typical operating current of just 390mA, it also saves on power, helping to lower overall operating costs. The HL45023TG is the first in a family of blue laser diodes planned for development. It has been designed specifically to meet the demands of embedded mobile pico-projector applications, but it is also suited to fluorescence and sensing applications. With a unique and proprietary design, the HL45023TG provides 60mW of optical output power at a wavelength of 445nm while consuming 30% less power than existing, commercially available blue lasers. A maximum operating temperature of 70ºC and small 3.8mm package size suit the growing market demand in embedded and mobile device applications. “The great relationship between our companies, coupled with the market presence ofProPhotonix, will uncover many new opportunities in a variety of applications for these new laser devices, ” reckons Bob Murphy, Opnext business development director for North America Sales.

Tokyo, Apr 11, 2011 - (JCN Newswire) - Showa Denko K. K. (SDK) and NovaCentrix, of the United States, have agreed to cooperate in the promising area of printed electronics. SDK will manufacture and sell conductive inks developed by NovaCentrix through a licensing agreement, and jointly develop conductive inks to be used with NovaCentrix’s Photonic Curing(TM) process technology. It is also agreed that Shoko Co., Ltd., SDK’s consolidated subsidiary, will start serving as sales agent for NovaCentrix in Japan and part of Asia as from this month concerning NovaCentrix’s PulseForge(R) Photonic Curing tools and Metalon(R) conductive inks. The term "printed electronics" refers to the technology to manufacture electronic devices through printing. Compared with conventional methods of separately forming layers of semiconductors, metals and insulating materials, the printed electronics technology enables substantial simplification of manufacturing processes. The technology is expected to find wide-ranging applications, including displays, solar cells, and organic EL lighting. NovaCentrix is a privately-held company in the United States with notable accomplishments in the area of wiring technology, which constitutes an essential part of the printed electronics technology. In printed electronics, conductive wiring is formed through printing with metallic-particles-containing inks (conductive inks), and sintering of those metallic particles with heat treatment. Because of the necessity of heat treatment, it is generally considered that application of printed electronics to plastic substrates is difficult. However, NovaCentrix’s proprietary technology involves high-speed sintering with visible-light flash lamps, restricting the rise in temperature and enabling the use of plastic substrates. Furthermore, the system uses films as plastic substrates, enabling production with the efficient roll-to-roll process. SDK will fully utilize its metal, inorganic and organic material technologies in its joint development, aiming to develop conductive inks optimized for NovaCentrix’s Photonic Curing(TM) system. SDK will aim to improve the performance of existing conductive inks, thereby achieving durability and conductivity equal to those of conventional copper foils and other bulk products. Conductive inks are now used in some of the components for smart phones and solar cells. While its market is estimated at JPY 30 billion at present, the market is expected to grow to JPY 100 billion by 2020. With the tie-up with NovaCentrix, SDK will accelerate R&D for the growing printed electronics market. SDK and NovaCentrix will participate in the 1st Printed Electronics Fair, which will start at Tokyo Big Sight on April 13 as part of the 21st FINETECH JAPAN.