The New Target is Mobile Technology: Why Access Control Users Must be Wary
This event was originally broadcast on November 6, 2024
Now Available On Demand.
Duration: 1 hour
Already registered? Click here to log in.
Summary
This compelling and timely web event will delve into the evolving landscape of access control vulnerabilities related to mobile technology. As mobile devices become integral to access control systems, they also emerge as potential targets for cyber threats and breaches. The live event will explore the risks associated with mobile access control and provide insights into safeguarding against cyber threats, data breaches, and unauthorized access. Industry experts will discuss best practices for securing mobile access solutions, the importance of encryption and multi-factor authentication, and strategies for maintaining a robust security posture. Join us for an engaging discussion that will empower you to enhance the security of your access control infrastructure and avoid the potentially devastating consequences of not addressing these vulnerabilities.
Points of Discussion:
1. Mobile Access Control: Threats from Credential Theft
- Mobile access control systems often rely on wireless communication (e.g., NFC, Bluetooth, or Wi-Fi), making them susceptible to credential theft. Attackers can use man-in-the-middle (MitM) attacks, skimming, or cloning techniques to capture the credentials stored on users’ mobile devices.
2. Exploitation of Weak Encryption in Communication Channels
- Both mobile access control and video surveillance systems often transmit sensitive data over the network, including user credentials and video feeds. If weak or outdated encryption protocols are used, attackers can intercept and decrypt these communications..
3. Video Surveillance: Camera Tampering and Spoofing
- Video surveillance cameras are vulnerable to physical tampering (e.g., covering, repositioning) or video feed spoofing, where attackers replace or manipulate the live feed with false images.
4. Lack of Regular Firmware Updates and Patch Management
- Many mobile access control and video surveillance systems are not updated frequently, leaving them vulnerable to known exploits and security flaws. Attackers can use outdated firmware to compromise devices.
5. Remote Access Exploitation and Cloud-Based Attacks
- With the rise of cloud-based and remote access solutions, many security systems rely on the Internet for functionality. However, if not properly secured, these systems can become targets for DDoS attacks, credential stuffing, or other forms of remote exploitation.
6. User Error and Poor Mobile Device Security
- Users may inadvertently expose their mobile devices to security risks, such as using weak passwords, leaving devices unlocked, or failing to install security updates. Additionally, attackers could access security systems if mobile devices are lost or stolen.
Speakers
Pierre Bourgeix
President, ESI Convergent
Currently serving as the president of management consulting firm ESI Convergent, Pierre Bourgeix is an industry expert in business management and sales strategy. He has spent 30 years as a global security consultant and innovator through his experience with The Rand Corporation, the U.S. State Department, ADT/Tyco Security, HySecurity, Wallace International, SecureState, and BoonEdam. Pierre is also the CTO and Founder of ESI Convergent, LLC.
Pierre’s primary expertise is Physical, and Cyber Security Governance and he has had years of experience within the physical security arena, including experience working with the US Secret Service, the NSA, and the CIA. Projects include a forensic security assessment for Saudi Aramco and forward base security assessment in radar detection, geofencing, and communications testing for the US Navy in Iraq and Kuwait. Pierre also helped the Saudi government implement long-range video surveillance, gate and fence control systems, and ground sensing systems on the Saudi Arabian border. Pierre holds an MBA from the coveted UCLA Anderson School of Management and an MS from California State University-Long Beach.
Phil Jang
Phil Jang is a Converged Security Technology Expert with over two decades of experience. Phil has held significant operational and technological roles at Cisco, eBay, Kaiser Permanente, and VMware. He currently works at TikTok USDS, leading the engineering and run team for Converged Security.
Phil serves as the voice of the customer in SPARC, a Security Industry Association (SIA) sponsored peer benchmarking group. He is passionate about advancing Security technology and improving security holistically for the industry. Known as “the nerd with a word,” he has authored numerous pieces on applied AI technology within the security domain. His expertise in deploying AI solutions across various companies highlights his dedication to enhancing security industry wide.
Moderator: Steve Lasky
Editorial Director
SecurityInfoWatch.com
Sponsored by: