London Attacks = More Mobile
It’s also obvious that security video, especially mobile video, as well as a convergence of physical and computer security will play a larger role in protecting London’s “tubes,” buses and Olympic properties.
Law enforcement and security officials in Great Britain already are among the world’s most prolific users of security video in public places. Tube stations, trains and buses most often are equipped with fixed and mobile security video.
In the United States, Homeland Security, transit and local government executives are rethinking their security measures. “Public transportation is one of the safest types of transportation,” contends William Millar, president of the American Public Transportation Association. Last year, the association identified $6 billion in increased transit security needs among its 1,500 organizational members. Prior to the London attacks, U.S. Congressional legislative proposals pointed to reductions in security grants to local transit systems.
Transit, Olympics needs convergeBut there is no shortage of mobile video products aimed at transit systems, vehicles and stations.
For example, the BusView from Honeywell of Syosset, N.Y., integrates with Digital Chaperone DDR, an all-digital video and data recorder system for transportation systems. One unique aspect is the ability to distribute saved video clips without special software. Another source, MDI Security Systems of San Antonio, Texas, has a mobile digital video recording surveillance system for mass transit and law enforcement vehicles. The products include Witness and Rear Vision.
Turin (2006), Beijing (2008), Vancouver (2010) and the 2012 London Olympics security executives all are looking at specialized electronics in addition to mobile video surveillance. Explosives device jamming is one essential avenue being tracked by those seeking to better protect venues. Another trend: video that reads, searches databases and matches faces, objects and even vehicle license plates to security alerts or rules bring broken.
There also are security convergence lessons to be learned from last year’s Athens Olympics Games.
“The biggest Athens challenge was that you had a 5,000-plus company being formed essentially overnight and by its terms was to last for a year,” said Robert Sikellis, managing director of Vance, based in Oakton, Va., which provided security services and consulting to Olympics organizers and sponsors.
In normal circumstances, a network grows over time paralleling the growth of an organization’s needs and allowing for adjustments to be made and kinks to be worked out. Not so at with the Olympic network, where everything had to be done at light speed and then disappear after three weeks of use, Sikellis said.
The network supported 10,500 PCs, 900 servers, 300 routers, 2,000 switches, 2,500 results terminals and 4,000 printers at more than 60 venues. More than $420 million was spent on IT and related security.
Deadline can’t change“Unlike most technology projects, we are faced with an absolutely unmovable deadline that gives us only one chance to get it right,” said Yan Noblot, information systems manager for Atos. “Olympic systems must work right on the very first day.
The diverse threatsSecurity lapses in the network could have disrupted the games in a number of ways:
Physical security. “In this high risk, multi-threat environment, the IT network was as important as the physical security,” said Edward Kalbaugh, COO of Allegent Technology Group, a New York-based company that provided its SolventView network security management software for the Athens games. “The physical security of the games was directly dependent on the strength of the network.”
Competition results. If hackers could have gotten to the servers on the games network, they could have delayed or prevented the results of an event from being posted in a timely manner to the on-site scoreboard as well as to the Internet and official Olympic sports announcers. Worse, they could have altered competition results.
Confidential data. The administrative side of the network contained personal information about athletes and their families, including medical and passport information, as well as ticketing and other information requiring high levels of integrity and security.
E-Commerce. There was also an e-commerce Web site where the public could purchase official Olympic apparel. Personal credit card information could have been obtained if an attacker compromised this site.
“Redundancy was also a key part of network security,” explained Scott Dancy of Allegent. “Everything, including servers, routers, switches and PCs in the control room, were doubled as a backup in case any type of failure would occur.”
Allegent’s SolventView technology, an integrated security management platform, served an expanded role on the administrative network, enabling the IT team to rapidly identify, isolate and automatically respond to complex and diverse security threats and incidents. An open framework architecture enabled security and configuration data collection from a wide variety of IT assets, including perimeter security, network devices, mobile devices and applications.
Advanced event and alert processing continuously verified normal operating conditions and immediately identified any non-sanctioned activity on monitored assets. The platform’s customer-specific policies prioritized threat levels to ensure incident response efforts were targeted and efficient, while its performance and forensic modules supported process improvement, identified key security and system health trends, and archived data for audit requirements.
IT operationsIn addition to all of the state-of-the-art technologies, it took a lot of manpower to keep the Athens Olympics Games network secure.
Security awareness was raised throughout the IT organization by incorporating training on security policies and procedures into the overall training program. Multiple technical rehearsals were performed prior to the games, including some 300 different crisis scenarios such as viruses, unauthorized access and power outages.
According to Sikellis, the building containing the IT technology operations center was also well protected, including the use of police, military and metal detectors. Only authorized personnel with Olympic credentials were admitted. All of the other IT equipment at various locations was also protected with standard measures.
The security work at the Athens games will become the foundation for future Olympic games. This transfer of knowledge ensures that the learning gained at each Olympic games is passed on to increase efficiency, decrease risks, and lower costs. Preparations for the first IT test events for the Turin [Italy] 2006 Olympic Winter Games and the preparation for the Beijing Olympic Games in 2008 have already begun.