1/216 (1 to 10 of 2160)
|Fire Detection: A Rising Threat to Data Centres||14/07/2020|
FIRES CAN realise short-term and long-term devastation on data processing operations, but also reach far beyond the Data Centre itself, impacting Data Centre customers, their customers and so on. Here, Richard Taylor examines the key points to consider when formulating a fire safety strategy.
Data processing and storage have become increasingly critical to personal, financial and medical records, essentially making Data Centres the central nervous system of business and society. As our dependence on Data Centres keeps growing, these facilities are working hard to ensure that digital information is safe in terms of both cyber and physical security.
Trends towards modernising facilities and the demand for co-location Data Centres – in which companies who outsource their data need to share server locations – will further boost new facility development. In fact, the global Data Centre construction market totalled £35 billion in 2017. If it grows at the expected rate of 10.2% annually, the market will hit £74 billion by 2025.
Given the increasing importance of Data Centres in our business and personal lives, it’s essential that they remain intact and operational as the industry expands. That’s precisely why it’s so critical to address a serious, but often overlooked, threat to Data Centres: fire.
One step forward, two steps back
Data Centres are packed with hot electronic equipment, cables and wires, which – especially if frayed, overloaded or poorly maintained – make them susceptible to fires.
In addition, advances in cooling systems make it increasingly difficult for traditional passive smoke detection systems to sense fires early. As Data Centres house faster and faster servers, equipment inevitably becomes hotter and hotter, prompting Data Centre operators to create better air flow to cool the equipment. These new cooling systems are so efficient at exhausting hot air and pulling in cool air from outside that they delay or prevent smoke from reaching fire detection sensors.
Furthermore, the trend toward co-location results in fragmented Data Centre operations that can create more obstacles to fire detection. For example, while an entire floor might be dedicated to one company’s data, another company may require just a single server, rack or suite of server space and take up a small section of a floor. These are typically secure areas, making access for routine test, inspection and maintenance exercises somewhat challenging.
Far reach of damage
For the Data Centre itself, a fire can lead to equipment failure or loss and service disruption to businesses as well as loss of the entire building. The cost of downtime in a large processing centre can exceed £1.5 million per hour.
In looking for an example of the cost of a Data Centre fire, consider the toll taken on Delta Airlines as the result of a fire in an underground power source and its back-up at the Atlanta International Airport back in August 2016. More than 2,000 Delta flights were cancelled over three days, costing the airline circa £120 million and hurting the company’s brand image, not to mention its stock price.
It’s not always actual fires that cause damage, though. Fire alarm system malfunctions account for more than four out of every ten days that Data Centres are down due to non-informational technology issues.
Fires also can cause a domino effect. Research has shown that 95% of all fire damage within facilities is caused by the release of by-products from the combustion of plastics – such as chloride and sulphur – that reacts with humidity to corrode electronic equipment. This often results in equipment degradation and damage, slower network performance and overall service interruption.
Unique industry, unique approach
By detecting a fire early on, Data Centre facility managers have more time to investigate, understand and control the situation, stage the response and avoid the cost of nuisance alarms as well as transfer data and processes to redundant systems and reduce any impact on operations.
For smoke detection systems to work properly, the smoke needs to reach the sensor in sufficient and detectable density. The traditional approach to smoke detection is to place sensors near or at the ceiling of buildings on the assumption that smoke rises, but advances in Data Centre cooling and design mean that only small concentrations of smoke may reach the ceiling at the start of a fire. As a result, traditional fire detection may not detect the early stages of smoke and fire.
That’s why Data Centre managers may want to consider solutions like an aspirating smoke detection system, which actively samples air through hollow pipes placed in susceptible locations around the building. The system uses a photoelectric light scattering principle to detect the smoke and intercepts the smoke where it’s generated, allowing for very early detection.
This enables Data Centre operators to address potential issues before evacuation alarms are sounded and the Fire and Rescue Service is alerted. In addition, these detectors have multi-level warnings and a wide range of sensitivity to detect even the slightest sign of smoke.
The key difference? While traditional systems take a passive approach towards smoke detection, aspirating systems actively test the air near the most likely sources of electrical fire around the building.
Just as cyber security is an evolving and growing threat posed to Data Centres, so is the threat from fire and other physical security issues. By using the latest technology to detect fires early, Data Centre operators can prevent fire, smoke and water suppressant from wrecking their electronic equipment and causing significant business interruption.
Put simply, Data Centre operators need to regularly check with their fire and life safety system providers in order to make sure they have the technology in place to detect fire early enough.
Richard Taylor is Advanced Detection Marketing Director at Honeywell
|Digital engineering team wins top award for excellence in improving fire safety||14/07/2020|
THE DIGITAL engineering team at multidisciplinary property and construction consultant Ridge and Partners LLP has won the Constructing Excellence SECBE Award in the Digital Construction category for its Building Information Modelling (BIM) firestopping solution that addresses all M&E services passing through fire-rated walls and floors.
This ground-breaking innovation reduces the risks and costs associated with fire safety regulations, which are now subject to closer scrutiny following the findings of the Independent Review of Building Regulations and Fire Safety conducted in response to the Grenfell Tower disaster.
Ridge and Partners LLP was awarded the accolade for its ‘Model Firestopping Review’ innovation designed to test the compliance of building designs against regulations and test data using BIM technology. The concept was initially developed by Ridge and Partners LLP in collaboration with Laing O’Rourke and Rockwool while working on a major project for a large automotive client.
In essence, the process uses BIM modelling to check the compliance of ‘fire stopping’ for M&E services passing through walls and floors. It reduces the risk of buildings not complying with fire regulations which require firestop products (and the building services passing through them) to be installed in accordance with laboratory-tested data.
Brent Rees, partner and head of digital engineering at Ridge and Partners LLP, informed Fire Safety Matters: “We’ve worked closely with our clients to help address this vital issue and more intelligently demonstrate compliance with the regulations. In doing so, we’ve created a completely new way of using digital technology to reduce the risk and cost for our clients that would be incurred if they didn’t comply with the regulations. Most importantly, in the longer term we’re helping to save lives in the event of a building fire.”
Adrian O’Hickey, senior partner at Ridge Ridge and Partners LLP, added: “We feel incredibly honoured to have been recognised for our work in this important field. The advantages of our innovation will be felt by contractors, designers, suppliers, building owners and operators alike. The ultimate benefit is the reassurance that buildings are protected from the risk of fire as much as they possibly can be.”
Benefits to be realised from BIM fire stopping are as follows:
*Substantial cost saving for the client and contractors
*Substantial programme/time saving for the client and contractors
*Clarity of design liability between contractor/consultant
*Saved project costs due to rework or redesign
*Early engagement in the process ensures services are better integrated into the final design, thereby avoiding design sacrifices
*Data in the model assists with understanding of what has been installed, aiding facilities management and providing for any changes to be made to the building in the future. The information is ‘The Golden Thread’ which keeps on going, providing operational continuity for the building in use
*Sustainability gains would be achieved by reducing rework and shortening programmes, cutting back on the overall carbon footprint of a building project
|Avon Protection partners with Venari Group for thermal imaging camera distribution in UK fire market||14/07/2020|
HIGH-PERFORMANCE equipment manufacturer Avon Protection has announced the Venari Group as its new distributor of thermal imaging cameras for the UK fire market.
The agreement will see Venari commence distributorship of Avon Protection’s ‘argus’ range of thermal cameras with immediate effect. The British-manufactured argus technology has been a mainstay of the British fire industry for three decades, supported by continual investment in R&D and product innovation. The ‘Mi-TIC’ unit is “the world’s smallest NFPA 1801-certified thermal imager” for firefighting applications.
After launching into the fire market earlier this year through Oliver North, Venari has already made a name for itself, having acquired the UK’s biggest and most established ambulance manufacturer, O&H Vehicle Technology. It has also been announced as the UK manufacturer of Ziegler Group’s technologically advanced range of firefighting vehicles.
Now, with the latest evolution in the Mi-TIC’s legacy, Venari will be tasked with spearheading customer care, sales and marketing for the UK fire and ambulance services from its state-of-the-art, 60,000 square foot emergency vehicle manufacturing facility.
Avon Protection’s European sales director Mark Ridsdale commented: “I’ve worked with many of the team at Venari in the past and very much look forward to working with them again. Their passion for the Mi-TIC thermal imager completely mirrors that of our own.”
Ridsdale added: “With the latest development of Mi-TIC incorporating the IGNIS engine, this means our thermal imaging camera can provide absolute clarity for firefighters in the most demanding situations. Our thermal imaging camera being supplied and backed up by Venari’s incredibly efficient team will provide an excellent platform for us to solidify our market share.”
Venari Group CEO Oliver North responded: “Avon Protection’s range of thermal imaging cameras has long been at the forefront of UK firefighting strategy. The alignment of Avon Protection and Venari completely champions the importance and significance of strengthening UK-manufactured products. Avon Protection is genuinely one of the most exciting companies I’ve had the privilege of working with in my career to date, and the continuation of our dynamic partnership is one with which I’m excited to be involved.”
North went on to state: “I’ve previously had seven years of experience with the Mi-TIC, and I’m thrilled to represent it to its fullest potential in both the UK Fire and Rescue market as well as the ambulance market with hazardous area response teams teams. Many of the wider team at Venari are also experienced with the Mi-TIC and wholeheartedly share my passion for the range.”
|Policy Exchange report uncovers true cost of public sector fraud during COVID-19 crisis||14/07/2020|
RESEARCH CARRIED out by analysts at the Policy Exchange finds that fraud and error during the COVID-19 crisis will cost the UK Government somewhere in the region of £4.6 billion. The lower bound for the cost of fraud in this crisis is £1.3 billion and the upper bound set at £7.9 billion in light of total projected expenditure of £154.3 billion by the Government (excluding additional expenditure announced in the 8 July 2020 Economic Update).
The research has been conducted by Rob Walton (Senior Fellow at the Policy Exchange Think Tank), Sophia Falkner (Research Fellow) and Benjamin Barnard (head of technology policy). They suggest that the true value of public sector fraud may be closer to the upper bound due to the higher-than-usual levels of fraud that normally accompany disaster management (more of which anon).
The UK Government’s response to COVID-19 is particularly vulnerable to fraud owing to the novelty and speed with which new measures have been introduced and the size of the financial relief packages involved. Furthermore, the increased use of digital channels and third parties raises the opportunities for fraudsters to infiltrate the system. A range of actors – from individuals through to public sector workers, corporations and organised crime networks – have been shown to have participated in COVID-19 related fraud.
Disaster fraud can be defined as a ‘deliberate act to defraud individuals or Governments after a catastrophe’. Crisis management attracts fraudsters as it involves an outpouring of Government aid, typically accompanied by low levels of due diligence.
The Department for Health and Social Care and the NHS are especially vulnerable to an increase in mandate, procurement, recruitment and payroll fraud as a result of the COVID-19 crisis. Even in ‘normal’ times, the annual loss to the NHS from fraud is equivalent to the cost of employing an additional 50,000 fully-qualified nurses, as pledged by the current Conservative Government in its most recent manifesto.
Vulnerable to fraud
By leading the economic response to the COVID-19 crisis, Her Majesty’s Treasury and the Department for Business, Energy and Industrial Strategy are vulnerable to fraud. The speed with which bounce back loans are approved and the potential to make multiple applications pose a particular risk. Poor Companies House data has compounded the risk still further.
In addition, the speed with which overstretched and underqualified councils have issued Business Support Grant Funds make them vulnerable to fraud. Bad practices such as sending cheques in the post have been reported to the Policy Exchange.
The Coronavirus Business Interruption Loan Scheme is one of the most secure against fraud, but this has hampered the effectiveness of the scheme, making the aforementioned bounce back loans necessary.
The Coronavirus Job Retention Scheme is the most expensive and widely used support scheme and is also the most susceptible to fraud. Although HMRC has attempted to directly tackle fraud in this area, it’s one of the most difficult schemes to monitor. Indeed, HMRC had already received 1,868 claims of furlough fraud as of the end of May this year.
The approach taken for the Self-Employment Income Support Scheme, with HMRC only contacting those who are eligible, has minimised the level of fraud, although there’s a potential opportunity for individuals to exaggerate claims.
Benefit fraud has been a long-standing issue, with the amount lost to fraud in 2019-2020 equivalent to each benefit claimant gaining an additional £140 per annum. Universal Credit in particular has been under scrutiny as this has the highest rate of fraud at 7.6% of expenditure and at 17% of total payments. Changes to make Universal Credit more generous and more accessible to the public as a result of COVID-19, combined with the sharp increase in the number of applications, will increase the amount lost to fraud in this area.
Money lost to fraud has an opportunity cost, leaving fewer resources available for essential services such as the NHS, schools and law enforcement. Furthermore, pervasive fraud can prevent the Government from offering services in the first place.
The increase in detected public sector fraud since 2014 should be seen as a positive development. Going forward, though, Government department fraud rates must be compared to their overall budgets to allow for accurate analysis. For example, it appears that the Department for Health and Social Care detected relatively high levels of fraud in 2018-2019 (£7.8 million, in fact) compared to the Department for Business, Energy and Industrial Strategy
(£3.6 million). However, in light of the former’s significantly larger budget (£171 billion versus £7.5 billion for the Department for Business, Energy and Industrial Strategy), the Department for Health and Social Care actually has a relatively low detection rate.
Fraud is notorious for being one of the most difficult crimes to gather accurate information on, which is largely due to persistent underreporting of fraud and issues relating to the recording of it. The Crime Survey for England and Wales revealed that, in 2019, 36% of crime experienced by respondents was fraud-related, but only 13% of police recorded crime for the same period was fraud.
Some victims don’t report fraud as they believe it’s not worth their time because it will not be investigated. Others are unwilling to report fraud due to the stigma attached with doing so given the level of co-operation that most acts of fraud require. This is similar to the stigma which exists around the reporting of rape.
Fraud cases require difficult judgements to be made as to whether an overpayment was realised as a result of fraud or whether the case is one of error. Different recording practices can lead to inconsistent data. Civil servants in Government departments may be wary of reporting fraud due to the negative media attention this can attract. Departments reporting zero fraud may not have the procedures in place to report and detect fraud.
The Policy Exchange researchers note that Government must learn from the experience of the COVID-19 crisis and increase the range of preventative measures and controls that need to be in place for disaster scenarios such that better preparedness is realised for the next crisis.
Widespread Government awareness campaigns to alert the public sector to the possibility and risks of fraud and to enlist the assistance of the public to report fraud are key. Governments must investigate and prosecute COVID-19 crimes to maintain the confidence of the public. To do otherwise will risk threatening the sense of national unity and purpose that has emerged during the crisis.
Although the Government responded fast to COVID-19 related fraud, duly introducing a range of counter fraud and awareness raising preventative measures, the Policy Exchange researchers feel that a Minister for Fraud and Economic Crime should now be appointed to oversee the prevention, detection, investigation and prosecution of all COVID-19 related economic crimes against the public and private sector.
Further, the National Economic Crime Centre (NECC) should undertake a National Risk Assessment of COVID-19 economic crime and create a ‘COVID-19 Economic Crime Hub’ to co-ordinate the prevention, detection, investigation and prosecution of COVID-19 related fraud crimes committed against the UK Government.
According to the researchers, the NECC should also establish a COVID-19 Economic Crime Forum, bringing together all the agencies and Government investigative bodies dealing with COVID-19 related economic crimes, sharing Best Practice and looking to find synergies and overlaps between investigations.
|Security industry predicted to shift towards service-based solution offerings post-pandemic||14/07/2020|
THE LATEST analysis completed by market researcher Frost & Sullivan, entitled ‘Post-Pandemic Growth Opportunity in the Global Security Industry’, finds that the security business sector harbours tremendous investment opportunities despite the economic slowdown witnessed due to the COVID-19 pandemic.
Under an aspirational recovery scenario, according to Frost & Sullivan the global security industry is likely to develop at a compound annual growth rate (CAGR) of 4.3%, garnering revenue of circa £112 billion by 2025 from circa £87 billion in 2019. The conservative forecast scenario predicts that the industry will generate circa £104 billion between 2019 and 2025 at a CAGR of 3.1%.
In the pre-COVID-19 forecast, the industry was estimated to increase at a CAGR of 7.1%, generating revenue of circa £131 billion over the forecast period.
“COVID-19 will cause a brief slowdown in the security market after almost a decade of uninhibited progress,” explained Danielle VanZandt (aerospace, defence and security industry analyst at Frost & Sullivan). “Additionally, while some security sectors may find themselves experiencing a slower recovery than others, much of the industry will witness a shift towards more service-based solution offerings after years of hesitance by customers to adopt these types of solutions.”
VanZandt added: “The key security markets such as disaster management, banking and finance, as well as airport security, will recover at a different pace. The time taken to return to pre-crisis spending levels will also vary significantly. Markets that will record higher-than-average CAGRs during the recovery period include ports (4.5%), disaster management (4.0%), first responders (4.0%) and mass transit (4.0%).”
Despite a marginal slowdown expected in 2020 and 2021, strong demand-side trends will present “immense development potential” for security market participants.
Trends for growth
The following trends are forecast to generate growth opportunities in the security business sector:
*Digitalisation priorities: Remote/cloud-connected access to security systems and monitoring tools will witness a dramatic rise in demand as security guarding will become extremely limited due to stay-at-home orders and likely not recover once those orders expire
*Emphasis on contactless technologies: In the post-pandemic period, contactless technologies such as biometrics, remote access and authentication, in addition to multi-use analytics solutions, will attract investments
*Plug-and-play surveillance: Customer willingness to deploy plug-and-play surveillance equipment over permanent system additions due to cost-effectiveness will offer solution vendors repeat business opportunities
*Sensors-to-action: Vendors must prioritise the development/enhancement of data analytics and sensor networks’ capabilities to provide increased value to customers without having to purchase new solutions or equipment
‘Post-Pandemic Growth Opportunity in the Global Security Industry’ is the latest addition to Frost & Sullivan’s Aerospace, Defence and Security research and analyses available through the Frost & Sullivan Leadership Council.
|New international BIM standard heralds security-minded approach to information management||14/07/2020|
IN ITS role as the UK National Standards Body, the British Standards Institution (BSI) has published the new international standard BS EN ISO 19650-5:2020. This is the third publication in the Building Information Modelling (BIM) 19650 Series and an important addition to the UK BIM Framework.
The standard aims to help organisations involved in the design, construction, operation and decommissioning of assets to reduce the risks associated to sensitive information which could impact on the safety, security and resilience of built environment services.
It specifies the principles and requirements for a security-minded information management approach, specifically addressing the management of information that’s obtained, created, processed and stored as part of – or in relation to – any other initiative, project, asset, product or service. It addresses the steps required to create and cultivate an appropriate and proportionate security mindset and culture across organisations with access to that information, including the need to monitor and audit compliance.
Ant Burd, associate director and head of built environment standards at the BSI, said: “The sharing of information can inadvertently lead to the exposure of sensitive details about a building, a facility or even a piece of critical infrastructure. By taking a security-minded approach, as outlined in this new standard, the risks can be dramatically reduced. We continually work with industry to develop and evolve our suite of supporting standards that seek to address those key aspects of a built asset’s life, from design right through to final decommissioning.”
Download BS EN ISO 19650-5:2020 Organisation and Digitisation of Information About Buildings and Civil Engineering Works, including Building Information Modelling (BIM) -- Information Management Using Building Information Modelling -- Part 5: Security-Minded Approach to Information Management here.
|Consultation launched on doubling maximum sentence for assaults on emergency workers||14/07/2020|
ANYONE WHO assaults or attacks emergency workers could now face a longer jail term as a consultation on doubling the maximum penalty for the offence from 12 months to two years behind bars is launched by the Government.
In 2018, the Government changed the law with the Assaults on Emergency Workers (Offences) Act 2018 such that anyone found guilty of assaulting a police officer, a firefighter, a prison officer or a paramedic faced a maximum of 12 months in prison. Judges must also consider tougher sentences for more serious offences – such as grievous bodily harm (GBH) or sexual assault – if the victim was an emergency worker.
The Assaults on Emergency Workers (Offences) Act modified the offence of common assault or battery where it’s committed against emergency workers acting in the course of their functions. This Act doubled the maximum penalty for common assault from the initial penalty of six months.
The Assaults on Emergency Workers (Offences) Act also created a statutory aggravating factor. This means that when a person is convicted of a range of offences including sexual assault, assault occasioning actual bodily harm (ABH), assault occasioning GBH and manslaughter, the Judge must consider the fact that the offence was committed against an emergency worker as an aggravating factor meriting an increase in the sentence within the maximum allowed for the particular offence.
Now, the Government is seeking views from stakeholders, including representative bodies from the Emergency Services and the judiciary, on whether the maximum penalty should be doubled to two years behind bars.
This move delivers on a bold Conservative Party Manifesto commitment to consult on tougher sentences, with ministers determined to recognise the debt of gratitude the public feels towards emergency workers for the courage, commitment and dedication they show every day in carrying out their duties, including during the COVID-19 pandemic.
Full force of the law
Justice Secretary and Lord Chancellor Robert Buckland QC said: “Being punched, kicked or spat at should never be part of the job for our valiant emergency workers who put their lives on the line to keep the public safe.
Now more than ever, they must be able to do their extraordinary work without the fear of being attacked or assaulted, which is why we’re determined to look at how our laws can protect them further. We will continue to do everything in our power to protect our police officers, prison officers, firefighters and paramedics and ensure those who seek to harm them feel the full force of the law.”
Home Secretary Priti Patel added: “Our police officers, firefighters and other emergency workers go above and beyond the Call of Duty every single day, running towards danger to protect us all. They are our front line heroes who put their lives on the line to keep us safe, yet some despicable individuals still think it’s acceptable to attack, cough at or spit at these courageous public servants. This consultation sends a clear and simple message to the vile thugs who assault our emergency workers. They will be subject to the full force of the law.”
The Government’s consultation will run for four weeks and, depending on the response, legislation could then be brought forward which would see the maximum sentence for assaulting an emergency worker doubled for the second time in two years.
Assault can cover acts such as a push, shove or spitting. When an emergency worker is seriously injured, prosecutions will take place under more serious offences such as ABH, GBH or attempted murder that have far longer sentences.
In 2019, more than 11,000 people were prosecuted for assaulting an emergency worker, with a quarter of those found guilty receiving a suspended sentence or immediate custody.
Police Federation responds
John Apter, national chair of the Police Federation of England and Wales, has responded to the announcement of the consultation.
“The Police Federation has been relentless in pushing for an increase in maximum jail sentences for those who attack emergency workers,” said Apter. “However, any further increases in sentencing could be meaningless without the full support of the courts. This should include consistency of sentencing, which is not the case at this time.”
He continued: “That is why the Police Federation has been working closely alongside The Sentencing Council to reform sentencing guidelines, bring them up-to-date and make them fit for purpose. Assaulting a police officer is completely unacceptable and there must be a suitable deterrent. I accept there will always be times where an offender does not receive a custodial sentence. However, this must be the exception and not the norm.”
|Businesses assisted in keeping home workers secure with NCSC cyber exercise||14/07/2020|
BUSINESS OWNERS are being urged to help keep their home working staff safe from cyber attacks by testing their defences in a roleplay exercise devised by the National Cyber Security Centre (NCSC). The ‘Home and Remote Working’ exercise is the latest addition to the NCSC’s highly successful ‘Exercise in a Box’ toolkit, which helps businesses (notably SMEs) carry out drills in preparation for actual cyber attacks.
Launched last year, the toolkit sets a range of realistic scenarios which organisations could face, allowing them to practise and refine their response to each. The latest exercise – the tenth in the series, in fact – is focused on home and remote working, reflecting the fact that, for many organisations, this remains a hugely important part of their business.
Sarah Lyons, the NCSC’s deputy director for economy and society engagement, observed: “We know that businesses want to do all they can to keep themselves and their staff safe while home working continues. Using ‘Exercise in a Box’ is an excellent way to do just that. While cyber security can feel daunting, it doesn’t have to be. The feedback we’ve received from our exercises is that they’re fun as well as being informative.”
Lyons went on to comment: “I would urge business leaders to treat ‘Exercise in a Box’ in the same way they do their regular fire drills. Doing so will help reduce the chances of falling victim to future cyber attack episodes.”
The exercise follows a range of products developed by the NCSC – itself a part of GCHQ – to support remote working during the Coronavirus pandemic, including advice on working from home and securely setting up video conferencing.
The new ‘Home and Remote Working’ exercise is aimed at helping businesses to reduce the risk of data compromise while employees are working remotely.
The exercise focuses on three key areas: how staff members can safely access networks, what services might be needed for secure employee collaboration and what processes are in place to manage a cyber incident remotely.
Some of the most popular exercises include scenarios based around ransomware attacks, losing devices and a cyber attack simulator which safely imitates a threat actor targeting operations to test an organisation’s cyber resilience.
As part of the exercises, staff members are given prompts for discussion about the processes and technical knowledge needed to enhance their cyber security practices. At the end of the process an evaluative summary is created, outlining next steps and pointing to the NCSC guidance.
A spokesperson for Eventura, a managed services and business systems firm, said: “The ‘Exercise in a Box’ is just like the monthly fire alarm test or evacuation drill. It’s part of the preparation for a real event. The best way to learn and improve on anything is by doing it. ‘Exercise in a Box’ a fantastic tool that’s free, well thought-out, easy-to-use and can help improve an organisation’s security posture. What’s not to love in that?”
‘Exercise in a Box’ is an evolving tool and, since it was launched, the NCSC has continued to work on the platform. It has recently been given a new refreshed look to make it even more intuitive for users. Very soon, micro-exercises – ie ‘bite-sized’ exercises that focus on a specific topic – will be added.
The NCSC is the UK’s lead technical authority on cyber security and offers unrivalled real-time threat analysis, defence against national cyber attacks and tailored advice to victims when incidents do happen. Last year, the NCSC’s Active Cyber Defence Programme took down 190,000 fraudulent sites and stopped 140,000 phishing attacks.
|“Third party failures can cost companies as much as £783 million per incident” reports Deloitte||14/07/2020|
ONE-IN-TWO companies believe the cost of a third party risk incident – such as a supply chain failure, a data privacy breach or some form of disruption to IT services – has at least doubled in the past five years. Research conducted by Deloitte shows that companies estimate such an incident would cost them somewhere between £391 million and £783 million.
Interestingly, these figures show a marked increase since 2015, when large multinational businesses estimated the cost of a third party failure at between £1.6 million and £40 million.
Deloitte’s Extended Enterprise Risk Management Survey* was undertaken between November 2019 and January this year, prior to the outbreak of COVID-19 being declared a global pandemic. At this point, 17% of organisations had faced a high-impact third party risk incident in the past three years. That’s up from 11% in 2019.
Looking at the ways in which they could be financially affected, 30% of respondents thought share prices could fall by 10% or more if a third party incident was not adequately managed.
Kristian Park, risk advisory partner at Deloitte, commented: “Despite an increase in incidents, companies are not yet investing sufficiently in managing third party risk. The COVID-19 pandemic has only highlighted the need for investment in risk management. Companies experienced a wide range of third party incidents at the peak of the pandemic including supply chain, logistics and financial failures, as well as data breaches resulting in fines, all of which can have a significant impact on customer service, regulatory compliance and reputation.”
Investment in responsible business
For the first time in five years, the desire to be a responsible business that effectively manages social and environmental issues throughout its supply chain was one of the key reasons companies have invested resources in third party risk management. Almost half (43%) cited that point as a prime reason for investment. Despite this, a large proportion were still not allocating budget to associated areas. 74% had not allocated funds to manage climate risk, 57% to environmental risk and 54% to modern slavery and labour.
Over half (59%) of respondents thought they were under-investing in extended enterprise risk management, although this fell from 70% last year. Budget for managing third party risk was skewed towards certain areas, including information security, cyber risk, data privacy and Health and Safety. This is predominantly in line with the largest proportion of third party incidents, which were related to cyber risk (23%), bribery corruption (23%) and information security (9%).
Park continued: “The survey shows a desire to develop risk capabilities and to become a responsible business. While efforts were paused at the beginning of the pandemic, these themes are widespread and constant as companies start to recover, particularly so around workplace safety and carbon footprint. Given a growing dependence on critical third party relationships, it’s key that companies act now to protect themselves and their extended enterprise.”*Deloitte’s Extended Enterprise Risk Management Survey collates the views of over 1,145 respondents from 20 countries around the world
|LD1 Category Specification and the IoT: Connected Fire Safety Technologies||13/07/2020|
THE DISPARITIES between Approved Document B (Fire Safety) Volume 1 and the recent revision of Part 6 of BS 5839 present housing providers with varying guidelines on the minimum requirement of fire safety provisions their property portfolio should currently specify. Ian Ballinger outlines why housing providers should consider pairing an LD1 Category specification with the Internet of Things and Artificial Intelligence to future-proof their housing portfolio.
There are now over 15 million ‘smart homes’ throughout the UK as individuals continue to look for solutions designed to make life within their property easier, safer and more efficient. With regard to the social housing sector in particular, advancements around Internet of Things (IoT) technology are supporting housing providers and the Fire and Rescue Services in protecting individuals thanks to the specification of preventative (rather than reactive) fire safety measures compliant with an LD1 Category specification.
While some rented housing providers may not initially look to adhere to this specification as the current legal requirement is an LD3 Category, the latest developments in smoke alarm technology are offering greater flexibility when it comes to connected and cost-effective fire protection.
These technologies are not only compliant with an LD1 Category specification, which future-proofs the property against potential regulatory changes, but also allow for adaptability and enhancement at a future date to meet the individual level of risk each tenant presents.
This can be achieved through the installation of a new generation of connected fire safety systems that feature both Smart RF and Predict technology, providing effective remote monitoring of each property through a wireless network of alarms. The technology allows housing providers to easily monitor and manage the status of alarms in real-time across their entire housing portfolio, highlighting any potential issues as and when they occur.
Historically, a collection of smoke, heat and carbon monoxide alarms will have been installed and tested upon initial installation, then only tested (at best) once a year. In a worse case scenario, after the initial installation test the alarms may never have been tested by tenants.
This is where social housing providers can benefit from IoT and connected fire safety technologies using Artificial Intelligence (AI) to bridge the gap in communication between a property and its tenants as professionals benefit from silent network testing automatically conducted every 18 hours for each property. That assists in providing a clear due diligence trail of compliance (if and when required), but also confirms the status and performance of each alarm.
In theory, the remote monitoring capabilities that connected technologies offer can help support a significant reduction in overheads over time, as the costs and requirements for physical property visits and subsequent missed appointments are eliminated. This approach towards fire safety delivers the highest standards of protection in the most cost-effective way, as providers can use Smart RF and Predict technology to instantly view the performance of each alarm in real-time to understand the trends and levels of risk aligned with each property.
The adaptable technology also allows individuals responsible for the management and maintenance of housing portfolios to use IoT-focused technology to easily upgrade the fire protection systems installed throughout their entire housing stock in the future, subsequently reducing the challenges related to asset management and the associated costs.
This upgrade can be achieved by simply adding a Smart RF radio module into the alarm, allowing the wireless interlinking of up to 50 alarms within one network. This permits the creation of a safety network with access to vital information including current status, alarm history, replacement dates and system health through the activation of a secure cloud-based connected gateway.
By using AI through a connected fire safety system, which itself employs a gateway featuring an algorithm and patented Predict technology, it can highlight trends and high risk patterns of behaviour. Being able to pinpoint tenants who’ve become vulnerable or high risk in a completely automated way means that housing associations are able to use their resource to target and support those most at need, both improving safety and ensuring they’re using precious resource efficiently.
The 2019 revisions to Part 6 of BS 5839 provide professionals, specifically landlords, with a Best Practice guide regarding the provision of fire safety for their new or materially altered and existing properties. The update recommends upgrading from Category LD3 specification (the previous minimum requirement) to a Category LD2 specification. The fire safety provision in sheltered housing flats has also been increased from a Category LD2 to a Category LD1, highlighting an area of potentially higher risk.
In relation to Building Regulations that cover new or materially altered dwellings, it’s clear there’s a current disparity between the laws in England and Wales, which stipulate an LD3 minimum requirement, and the publications in Scotland and Northern Ireland, which recommend a minimum requirement of LD2.
When compared to BS 5839-6, which advises a minimum requirement of LD2 in most rented single occupancy situations, it becomes apparent that the Building Regulations for England and Wales are not as closely aligned to those of its neighbours, subsequently resulting in an element of confusion over what level of protection is required.
The current minimum requirement for newly built or materially altered domestic dwellings in England and Wales is a Category LD3 specification, which requires the installation of a Grade D mains-powered smoke alarm with battery back-up in the circulation areas of each storey of a building, such as landings and hallways, which form part of an escape route. Within the 2019 revisions to BS 5839-6, the recommendation of Grade D has been further defined into Grade D1 (sealed or rechargeable back-up) or Grade D2 (replaceable battery back-up).
For the private and rented sector in particular, a Grade D1 specification for maintenance purposes is seen as the most pragmatic solution, removing the obligation to replace batteries during the life of the alarms. Protection can be taken one step further through an LD2 Category specification, which requires the installation of a heat alarm in the kitchen in addition to a mains-powered smoke alarm (with battery back-up)in the most habitable/high fire risk room, such as a living room. In Scotland and Northern Ireland, along with other European countries, this level of specification is the current requirement under local Building Regulations.
Approved Document B review
While the UK Government has recently announced that Approved Document B (Building Regulations for England and Wales) will be subject to a full review, housing providers shouldn’t wait for changes to reinforce their Duty of Care. Housing providers can demonstrate Best Practice through the installation of alarms that meet an LD1 Category and can successfully future-proof their housing stock from any regulatory changes that may occur at a later date, while appropriately managing the level of risk each individual tenant presents.
An LD1 Category specification is designed to offer maximum protection through the installation of alarms in all areas of a property where a fire could potentially start. This includes alarms in all circulation spaces that form part of escape routes, in addition to smoke alarms in all high fire risk areas (ie living rooms, bedrooms and dining areas). This also includes the installation of a heat alarm in a kitchen. To offer the highest levels of protection available, Thermoptek multi-sensing or optical alarms should be installed.
By following a Best Practice policy that adheres to an LD1 Category specification through the use of IoT and Smart RF fire safety technologies, housing providers can not only ensure compliance with current and future regulations, but also successfully identify the level of risk (or, indeed, an increased risk) posed to their tenants and properties.
Remote monitoring delivers many capabilities, allowing professionals within the housing sector to have a comprehensive understanding of those tenants at a level of high or increased risk and who require swifter intervention.
Ian Ballinger is Head of Projects and Certification at FireAngel