Critical infrastructure industries such as energy, water supply, healthcare, and transportation are the backbone of our society. They are crucial to ensuring public safety, economic stability, and country security.   

As critical infrastructure managers continually embrace digital transformation, their corporate (IT) and operational (OT) networks must be able to efficiently manage large volumes of data, and the growing number of IoT devices, while securely integrating operational technologies, security equipment, and other devices with their systems. To keep their operations running seamlessly, critical infrastructure organisations rely heavily on robust, high-speed, efficient, and secure network solutions/architecture.  

At Nextro, we understand that ensuring the reliability, operations, and security of critical infrastructure networks is of utmost importance not only for the organisations but the entire community.  To this end, Nextro partnered with Arista Networks, an industry leader in data-driven, client-to-cloud networking for large data centre/AI, campus, and routing environments, to provide innovative network solutions tailored to meet the dynamic and growing demands of the critical infrastructure sector.  

This article explores the importance of safeguarding critical infrastructure networks and how Arista Networks’ advanced switches and network solutions enable critical infrastructure organisations and managers to enhance their network availability, agility, automation, analytics, and security. 

Arista’s solutions for critical infrastructure networks 

Arista Networks is at the forefront of providing innovative cloud networking solutions to meet the highest performance, reliability, and security standards necessary for critical infrastructure operations. Their solutions include Extensible Operating System (EOS), network applications, and Ethernet switching and routing platforms.    

Check here how Arista’s solutions and Nextro can help critical infrastructure organisations: 

1. High-Performance Switches 

Arista’s switches are designed for high-performance, offering scalable bandwidth from 1Gbps to 400Gbps. They provide ultra-low latency, high throughput and scalability, ensuring real-time data processing essential for critical infrastructure operations that demand reliable, high-speed data transmission. Below are the two models of Arista’s high-performance switches that meet the needs of critical infrastructure and can be supplied by Nextro in New Zealand & Australia:   
 

• 7000 series switches: designed for high-frequency trading, cloud data centres, and large enterprise environments. They support 10/25/40/50/100 Gigabit Ethernet and are known for their modularity and high-density configurations.   

• 7500R series switches: engineered for the most demanding data centre environments. They offer exceptional performance, support for up to 400 Gigabit Ethernet and features designed to handle massive amounts of data traffic with minimal latency. 

2. Extensible Operating System (EOS) 

Arista EOS is a highly modular and fully programmable operating system that delivers workflow automation, high availability, unparalleled network visibility and analytics capabilities.   

Arista EOS integrates seamlessly with a wide range of third-party applications, automation tools, and scripting languages, enabling network administrators to customise and automate network functions and workflows. It can also scale to hundreds of thousands of compute and storage nodes with management and provisioning capabilities that work at scale.   

EOS ensures optimal network performance and troubleshooting issues by harnessing advanced features, including analytics, network telemetry, and real-time monitoring.   

Designed for resiliency and programmability, Arista EOS provides a robust software foundation and allows for solutions customised to the specific needs of critical infrastructure sectors, ensuring optimal performance and security. 

3. CloudVision: Unified Management and Automation 

Managing complex network environments can be challenging, particularly in critical infrastructure organisations. Arista’s CloudVision platform offers unified management, simplifying network operations and enhancing security. CloudVision’s real-time telemetry and analytics enhance network visibility, monitoring, and control.   

CloudVision’s centralised approach enables network administrators to oversee and efficiently manage complex and large-scale deployments from a single interface, reducing operational complexity, improving response time and mitigating risks.  

The platform leverages cloud networking and integrates various automation tools and orchestration frameworks, enabling streamlined operations and reduced manual intervention. At Nextro, we know that this is crucial for maintaining high availability and scaling infrastructure in response to changing demands. 

4. Virtual Extensible LAN (VXLAN) 

Arista’s VXLAN technology enhances network segmentation, vital for isolating sensitive data and protecting critical systems. By segmenting the network, organisations can minimise the impact of potential breaches and effectively contain threats.

Benefits of Arista’s Network Solutions for Critical Infrastructure 

Nextro can help its critical infrastructure customers achieve the following benefits when deploying Arista switches and other solutions: 

1. Improved Operational Efficiency 

With high-performance switches and routers, Arista network solutions cater to the demanding requirements of critical infrastructure. Their devices provide high-speed data transmission with minimal latency and maximum throughput, allowing critical infrastructure organisations to enhance operational efficiency, reduce downtime, and ensure continuous and reliable service delivery. 

2. Scalability and Flexibility 

Critical infrastructure systems must often scale quickly to accommodate growing demands or integrate new technologies. Arista’s software-driven solutions allow critical infrastructure organisations to adapt and expand their networks without compromising performance. The flexibility and scalability of Arista’s solutions, such as EOS (EOS), enable seamless integration with existing systems and technologies, ensuring that critical infrastructure can scale and evolve without disruption. 

3. Proactive Threat Detection and Response 

With the real-time telemetry and analytics capabilities offered by Arista’s CloudVision platform, organisations can proactively detect anomalies and threats to their networks. This allows them to respond swiftly to potential incidents, minimise damage, and ensure rapid recovery. 

4. Enhanced Security 

Critical infrastructure networks are exposed to various cybersecurity threats, which can cause significant disruptions to their operations, compromise the availability and integrity of vital services, and lead to catastrophic consequences. Therefore, security is paramount in critical infrastructure.   

Arista Networks incorporates advanced security features into its solutions, including segmentation, encryption, and real-time threat detection. By leveraging these capabilities, Nextro helps organisations protect their networks from cybersecurity threats and unauthorised access, safeguarding vital operations and sensitive data. 

Protecting critical infrastructure networks from cybersecurity threats is essential to ensure the uninterrupted delivery of vital services and the safety of our society. At Nextro, we understand the challenges these industries face and provide best-of-breed solutions to meet their needs.  

Together with Arista Networks, Nextro delivers advanced switches and comprehensive network solutions that provide the security, reliability, and performance needed to safeguard critical infrastructure. By leveraging Arista’s innovative networking solutions, organisations can enhance their resilience against cybersecurity threats, ensuring the continued operation and security of the services we rely on daily.  

To learn more about how Arista’s solutions can elevate your network, operations, and security, get in touch with the Nextro team today. We are ready to help you implement the right best-of-breed solutions to optimise the operation of your critical infrastructure while at the same time meeting your security needs. Nextro is a certified and trained Arista Networks partner.   

The post Elevate critical infrastructure networks with Nextro and Arista appeared first on Nextro.

According to a recent global survey released by Fortinet, 31% of organisations with OT environments reported over six intrusions in the past year, a significant increase from the 11% reported the previous year.   

This alarming finding shows that despite growing efforts and investments to bolster their security posture, organisations still face significant challenges when securing integrated IT/OT environments. 

In this article, we cover the main OT cybersecurity challenges highlighted by Fortinet’s 2024 State of Operational Technology and Cybersecurity Report and provide some insights on the best practices for enhancing your OT security posture.    

Cyber Threats to Operational Technology Environments  

Traditionally kept isolated from other environments, most OT systems were not designed for today’s increased network connectivity. As organisations integrate new digital technologies into their OT environments, security challenges become more complex. 

Threats to OT environments can come from numerous sources, including terrorist groups, disgruntled employees, malicious intruders, natural disasters, actions by insiders, and unintentional actions such as human error or failure to follow established policies and procedures. Attackers are developing more sophisticated tactics and tools to penetrate OT protocols and systems.  

To ensure the safety of their OT systems, organisations must adopt essential tools and capabilities to enhance visibility and protection across the entire network, reducing the time for attack detection and response, as well as the overall risk for these environments. 

Key Findings from Fortinet Report 

1. Cyberattacks that compromise OT systems are on the rise. 

This year, 73% of organisations reported intrusions that impacted either OT systems only or both IT and OT systems, a sharp increase from only 49% in 2023. 

Findings also showed an increasing number of organisations experiencing a high volume of intrusions. Over 30% of respondents had six or more intrusions, up from only 11% in 2023. 

2. Email attacks and mobile security breaches are the main attack techniques.   

Phishing and compromised business email were the most common attack types in the last year, affecting 76% and 65% of the organisations. Additionally, ransomware and wiper intrusions saw a spike in activity, rising from 32% in 2023 to over 55% in 2024.  

Cybercriminals’ most common techniques for gaining access to OT environments were mobile security breaches and web compromises.  

These findings highlight the importance of organisations investing in cybersecurity awareness training for their team members, making them a key component of your business’s strategy to fortify your company’s defences.  

3. Organisations have experienced increased damage from intrusions. 

The damages caused by intrusions have also gotten worse for organisations. More than half of respondents (55%) reported degradation of brand awareness due to a successful attack. Findings also showed an increase in organisations that reported lost business-critical data and decreased productivity due to a breach incident.  

Given the rise in attacks and extension of their damages, nearly half (46%) of respondents indicate that they measure success based on the recovery time needed to resume normal operations. That suggests that for many organisations, quickly responding to inevitable attacks may be a more realistic target to measure their cyber resilience success.  

4. Organisations have a more mature OT security posture  

As OT threats become more sophisticated, the report suggests that most organisations still have blind spots in their environment. While there has been a decrease in organisations claiming to have complete visibility of their OT activities within central cybersecurity operations compared to the previous years, the number of organisations reporting that they have 75% visibility increased. This suggests that organisations are gaining a more realistic understanding of their security posture and becoming more aware of their blind spots.  

5. OT Cybersecurity has become a high-rank responsibility 

The percentage of organisations aligning OT security with the CISO increased to 27% this year, compared to 17% in 2023.  

Findings also indicate a growing trend of transferring OT responsibility to other C-suite roles, such as the CIO, CTO, and COO, with an expected increase to about 60% in the next 12 months. This indicates a clear concern for OT security and risk in 2024 and beyond. 

Also, in organisations where the CIO is not responsible, these responsibilities are shifted from the Director of Network Engineering to the Vice President of Operations role, illustrating another escalation of responsibility. 

This elevation into the executive ranks indicates that OT security is becoming a higher-profile topic and gaining more attention at the board level. 

Best practices to enhance OT security 

The results of the Fortinet report show us the urgent need for effective security measures. 

Based on these findings, the Nextro team has compiled the best practices to address OT security challenges and strengthen its security posture.   

Implement network segmentation 

To minimise intrusions, it’s crucial to establish a fortified OT environment with robust network policy controls at every access point. This defensible architecture begins with creating distinct network zones or segments. Additionally, teams should assess the complexity of managing these solutions and consider the advantages of an integrated or platform-based approach with centralised management capabilities. 

Enhance Visibility and Apply Compensating Controls for OT Assets 

Visibility into all assets on the OT network is essential. Once visibility is achieved, organisations must protect any vulnerable OT devices with purpose-built compensating controls. These controls should include protocol-aware network policies, system interaction analysis, and endpoint monitoring to detect and prevent the compromise of sensitive OT assets.  

Integrate OT into Security Operations and Incident Response 

Organisations should integrate OT considerations into their overall SecOps and incident response plans. This involves creating playbooks that specifically address the OT environment, ensuring comprehensive incident management and response. 

Utilise OT-Specific Threat Intelligence and Security Services 

Effective OT security relies on timely awareness and precise analysis of emerging threats. Organisations should ensure their threat intelligence and content sources are rich with OT-specific information, enhancing their ability to respond to imminent risks accurately. 

Adopt a Platform Approach to Security Architecture 

To tackle the dynamic nature of OT threats and the growing attack surface, organisations often deploy numerous security solutions from various vendors, leading to complexity. A platform-based approach can streamline this by consolidating vendors and simplifying the security architecture. A robust platform designed to safeguard both IT and OT environments enables solution integration, improving security efficacy and allowing centralised management to boost efficiency. 

With the rise of more sophisticated and complex OT security threats, organisations must adopt comprehensive and proactive cybersecurity strategies to safeguard their OT environments. 

At Nextro, we stand at the forefront of cybersecurity innovation, offering best-of-breed solutions specifically designed to protect OT and IT infrastructure effectively. Our solutions enable organisations to enhance their security and mitigate risks.  

If you would like to learn more about safeguarding your OT network, or have general networking or cybersecurity questions, please get in touch with the Nextro team today. 

To download your copy of the Fortinet 2024 State of Operational Technology and Cybersecurity here.

The post OT environments are facing increasing cyber attacks appeared first on Nextro.

The rise of artificial intelligence (AI) has sparked both excitement over its potential and concerns about its risks. As AI technology continues to evolve, various industries around the globe are exploring its potential applications.  

AI, which includes machine learning (ML), deep learning (DL), and rule-based expert systems (RBES), has the potential to revolutionise the security, operations, and health and safety of critical infrastructure, industrial sites, retail, and other industries.  

At Nextro, we are already leveraging AI, ML and video analytics to help our customers gain operational leverage and efficiency.  

In this blog post, the Nextro team shares some of its learnings to date, and takes an in-depth look at the benefits of leveraging artificial intelligence and machine learning video analytics solutions to enhance physical security, operational efficiency, as well as health and safety compliance.  

Enhancing Physical Security with AI  

AI physical security applications enable security teams to perform their duties more efficiently and accurately across large datasets. Some well-known examples include:  

• Video Analytics: AI can analyse real-time video feeds to quickly identify unusual activities from people or vehicles such as loitering or intrusion, allowing security operators to focus on other tasks, increasing overall efficiency.  
• Face Recognition: AI systems can use biometric data to locate or recognise a person in real-time or from video archives. This is especially useful for law enforcement, retail crime prevention, or VIP use cases. It also can be used to generate highly-accurate dwell-time statistics 
• People Counting: Automating the counting of people in airports, train stations, stadia, large-footprint retail environments, and businesses aids in managing occupancy, monitoring queues, and alerting staff when necessary. This data assists in enhancing crowd control and understanding peak travel times in transit.  
• Traffic Flow Management: Using advanced AI technology, traffic flow is effectively managed at large venues, hospitals, and city areas. The system detects backups, promptly alerts staff to any issues, and seamlessly re-routes traffic or adjusts signage as needed to ensure optimal flow.  
• License Plate Recognition: Recognising license plates assists in investigations and enables touchless parking payment systems.  
• Object Detection: AI is used to detect objects to secure perimeters at critical infrastructure facilities, prevent smuggling in correctional facilities, and identify left luggage or bomb threats at airports and train stations.  
• Data Integration: AI systems have the capability to seamlessly integrate with diverse data sources including airport baggage systems, logistics systems, and smart building systems. This integration allows for the analysis, prediction, and proactive response to specific business situations. The data can also be seamlessly outputted to an enterprises own data lake and business intelligence systems for further analysis and reporting.  

Securing critical infrastructure and industrial sites from intrusion, theft, and sabotage is just the initial measure to safeguard production and operations. Sustaining ongoing operations also depends on a strategic and proactive approach to operational efficiency, adhering to health and safety regulations, and ensuring compliance with regulatory requirements.  

AI’s Role in Enhancing Health and Safety  

AI-powered solutions offer far more than traditional methods to minimise disruptions, improve operational efficiency, and enhance health and safety procedures. From risk assessment to accident prevention, AI is reshaping how companies approach and implement health and safety practices.  

AI & Video Analytics Systems for Enhanced Safety Compliance  

The new generation of network cameras, thermal sensors, and access control systems, when paired with AI and analytics technologies, efficiently collect and analyse vast amounts of data. This results in faster and more effective safety interventions, not just in real-time events, but also for future protection, raising the bar for long-term site health and safety procedures.  

Key Applications: 

• Personal Protective Equipment (PPE) Detection: AI can detect and confirm the presence or absence of required PPE, enabling workplaces to issue corrective actions and link to access control systems to prevent site access without proper PPE.  
• Restricted Area Monitoring: AI helps prevent incidents in restricted areas and confined spaces. Sensors can trigger equipment shutdowns and alert operations when detecting a person within a risk zone.  
• Early Fire Detection: AI supports fire detection with early recognition of smoke and fire, allowing prompt action.  
• Man-Down Detection: Analytics monitor the working environment for slips, falls, or collapses, mitigating risks in lone-worker scenarios and enabling swift response to incidents.  
• Blocked Exit Notification: AI systems, when paired with well-placed cameras, can detect objects blocking emergency exits or evacuation areas and send alerts. This reduces reliance on a human patrol of the back-of-house corridors and emergency egress points, saving time and money and allowing human resources to focus on more important tasks.  
• Leak Detection: AI monitors pipes, tanks, and equipment, sending alerts regarding potentially dangerous leaks using thermal technology.  
• Safety Regulations Compliance: AI analytics systems can automatically detect potential safety hazards, such as workers not wearing protective gear/PPE or unauthorised personnel in restricted areas, allowing prompt intervention and corrective actions.  

Utilising AI in High-Risk Sectors 

AI integration in high-risk fields exemplifies its potential to mitigate issues, create safer environments, and revolutionise approaches to challenging tasks in critical industries:  

• Predictive Maintenance in Manufacturing: AI-driven systems use sensor data and ML algorithms to forecast equipment failures before they occur, enabling proactive maintenance, reducing downtime, and minimising accident risks.  
• Hazard Detection in Mining: AI-powered drones with advanced sensors and computer vision capabilities can survey mine sites and detect safety hazards, such as unstable terrain or toxic gas leaks, prioritising worker safety and enabling prompt threat response.  

Wearable Devices and Sensors for Worker Health Monitoring  

Specialised wearable devices are indispensable in safeguarding worker health in hazardous environments. In industries like construction, mining, and manufacturing, smart helmets equipped with sensors detect harmful gases, monitor environmental conditions, and assess potential head injuries. These wearables can automatically trigger alerts or emergency responses in case of accidents, ensuring timely assistance and preventing severe consequences. 

Disaster Response and Rescue Operations  

In high-risk situations, such as natural disasters or search-and-rescue operations, AI-powered drones and robots aid first responders in assessing situations, locating survivors, and navigating hazardous environments. These technologies enable more effective disaster response and help protect the safety of rescue teams.  

AI has significantly impacted workplace security and safety through its practical applications, paving the way for a future where protection and progress are intrinsically linked. The adoption of AI for health and safety in the workplace marks a significant shift in today’s organisations. AI-driven solutions offer predictive maintenance, real-time risk assessments, virtual reality training, and wearable devices to enhance workplace safety, mitigate risks, and boost productivity.  

By identifying safety hazards and empowering workers with AI-driven insights, organisations can foster a culture of prevention, creating a collaborative work environment where technology complements human capabilities.  

If you want to know more about how to use artificial intelligence, machine learning and camera analytics to safeguard your organisation, dramatically increase operational efficiencies, surface up business insights, and improve health and safety compliance, please get in touch with the Nextro team now.   

Sources: https://itbrief.com.au/story/ai-in-physical-security-opportunities-risks-and-responsibility
https://www.thedigitalspeaker.com/transformative-role-ai-revolutionising-workplace-health-safety/

The post Harnessing AI solutions for security, operational efficiency, and health and safety compliance  appeared first on Nextro.

In 1998, Netflix shipped its first DVD – Beetlejuice – and its online rental service took off like a rocket. But it was the shift that occurred nine years later when they delivered instantaneous access to movies directly to their subscribers’ living rooms, that transformed the industry.

Enterprises experienced a similar shift in the early 2000s, when OpenStack was released and hyperscalers began offering cloud computing services. Immediate access to centralised computing resources, without an upfront cost, gave companies new potential to innovate. While enterprises’ move to the public cloud has had its ups and downs, the transformation brought about by the cloud computing business model is undeniable. Usage of computing resources in a centralised cloud can be over 80% more efficient than servers distributed on enterprise sites. But despite this massive gain in efficiency, worldwide server sales have continued to grow since the advent of cloud computing, fueled by new services and use cases.

A centralised, subscription-based delivery model can turn an industry on its head. The growth rates, the level of innovation and the revenues associated with a cloud computing model are astounding. It is no wonder that leaders are looking to see whether other markets can be revolutionised in a similar manner.

Take, for instance, the LAN. The race to “cloudify” the enterprise LAN is underway. Equipment manufacturers are joining the market and jostling for position. Identifying which companies are likely to win, and which companies have the most to lose, is a tricky proposition.

Mileage may vary

Each of these three CNaaS features does not appeal to enterprises to the same extent. For instance, some companies prefer to purchase their equipment outright. Some favor a fixed monthly cost instead of a fee which varies based on the number of devices using the network. This leads vendors to be flexible in the way they structure their offers.

Depending on a manufacturer’s position in the market, the type of CNaaS it offers varies as well. Large manufacturers can more easily use their balance sheets to finance their offers. Manufacturers that sell a wide range of equipment tend to bundle more complete IT solutions. Companies that have well-established partnerships with MSPs may be hesitant to bypass them by delivering their own lifecycle services. New entrants, who have put top-notch brain power to work solving the latest IT problems, will tend to be positioning the most innovative equipment.

With the large variability of  CNaaS offers available, enterprises, systems integrators, and industry observers can be forgiven for being confused when different suppliers market their network-as-a-service offering for the LAN.

In order to clarify the landscape, we have identified three overlapping categories of CNaaS that are emerging, each with different market objectives:

• Enabler services are designed by manufacturers to support their MSP partners in offering CNaaS more efficiently. By lowering an MSP’s cost structure and price point, the Enabler CNaaS variant can broaden the market appeal of a fully managed LAN offer.
• LAN-as-a-utility services are usually outcome-based, with the manufacturer retaining direct ownership of network monitoring. New entrants who have designed hardware to be nearly “self-monitoring” may still prefer to work with MSPs to reach a higher number of enterprises. In this case, the manufacturer will be pushed into a hybrid services model, in which the delivery of lifecycle services is split between the manufacturer and the MSP.
• Turnkey services provide bespoke IT solutions, with lifecycle services delivered directly by the manufacturer. These offers target very large corporations. The structure of the recurring fee and the level of hardware financing will be determined in each scope of work according to the enterprises’ specific requirements.

Show me the money

The central question is whether CNaaS will generate new revenues in the same way that cloud computing fueled demand. And as a corollary, if market revenues are indeed set to expand, which companies stand to gain the largest share?  Will a new  CNaaS hyperscaler emerge to steal the show?

The answer is… it is still early days.

In five years, we expect that 14% of the public cloud-managed WLAN APs CNaaS will be sold in some kind of a  CNaaS construct. Over the next year or so, revenues may appear low. We believe that confusion over the definition of  CNaaS is holding back the adoption of the service. However, it is important to note that revenue from equipment in  CNaaS offers appears lower than revenue from traditional equipment sales because  CNaaS revenue is spread across the duration of a contract. The positive side of that double-edged sword is that  CNaaS comes with a long-term engagement from the customer. By 2028, we predict that the Total Contract Value of the  CNaaS offers will be about twice  CNaaS annual revenues.

On top of the hardware and software LAN sales in a  CNaaS offer, vendors will be able to layer new services and applications that have not been sold before, thereby growing the IT market. For instance, new entrants such as Nile, Meter, Join Digital, Shasta Cloud, and Ramen are delivering LAN offers in addition to functionality and applications over and above traditional connectivity.

It took Netflix 13 years to move from renting DVDs to launching a standalone streaming service – and the online streaming business is still expanding and evolving. When a new market adopts a cloud-computing model there’s no instant recipe for getting the right technology, business model and distribution channel. The cloudification of the LAN is more of a marathon than a sprint, and it is still early in the race.

If you want to learn more about CNaaS solutions for your business, get in touch with our team now.

The post The Race to Cloudify the LAN appeared first on Nextro.

AI is a hot topic, with C-level executives, board members, and investors enquiring about the company’s AI strategy. When discussing the integration of Artificial Intelligence in the enterprise, it’s crucial to understand it represents more than just a technological upgrade—it signifies a strategic transformation.

A key aspect of this shift is the need to align AI with business objectives. It’s not merely about checking a box to satisfy executives and stakeholders; it’s about weaving AI into the organisational fabric in a manner that complements and enhances business goals. Additionally, the technical intricacies of AI’s training and design play a pivotal role in the success of AI-related initiatives.

The Symbiotic Relationship Between AI and Human Intelligence

When talking about AI, a common question arises: How can one truly harness the power of AI? Despite the ongoing buzz and AI’s capabilities in performing tasks that seem neat, yet trivial, the real challenge lies in leveraging AI to provide genuine value.

Fundamentally, AI is a complex network of algorithms and data patterns, crafted to simulate human cognitive functions. The essence of AI’s evolution, however, lies in its symbiotic relationship with human intelligence. Humans are the architects behind AI, tasked with designing, training, and refining systems, infusing them with human thought and experience. It’s this human input that transforms AI from a mere data-driven response system into an adaptive and insightful tool.

The Journey to Enterprise AI

Transforming AI from a novelty into a valuable enterprise tool involves a disciplined process, starting with identification of business goals and the formation of a focused team of data analysts and business leaders. These individuals must be not only skilled but inclusive and impeccable in their approach, capable of assembling a data lake and applying AI in practical, meaningful ways. Architects are needed to build, connect, and secure this ecosystem, along with a team of monitors to ensure the system operates correctly.

Transforming AI from a buzzword into a tangible asset that drives business value requires the execution of several steps.

Understanding Business Needs: This journey begins with a deep understanding of your business’s unique objectives, capabilities, training, scalability, and compliance, then positioning AI within these parameters to capture a clear value proposition from the outset. Cultural and Ethical Considerations: Adoption of AI isn’t solely about the technical aspects; it equally involves cultural integration.

Engaging executive stakeholders in a guided ideation process and addressing areas where AI can assist is essential. It’s also crucial to consider the ethical implications of AI use within the company, and the kind of quality assurance humans will have over it, as well as to emphasise the augmentation of team performance rather than job replacement.

Discovery of Data Sources: Identifying all potential data sources within the company, whether interconnected or not, is a critical technical step. This includes, but is not limited to, CRMs, ERP systems, ticketing, monitoring systems, contact logs, chats, emails, images, plans, and drawings.

Planning for a Comprehensive Data Repository: Creating a specific data set that aligns with business objectives is crucial for training the AI engine. This involves methodical planning for a Data Lake, Data Warehouse, or Data Lakehouse, including data migration, modernisation, and storage, plus ensuring security and compliance.

Training AI Against Your Own Data: While pre-trained models like ChatGPT are intriguing, AI’s real transformative power manifests when systems are trained on proprietary data sets. This will lead to groundbreaking uses of AI in augmenting and replacing repetitive tasks and free up human resources for more advanced and value-added activities.

Proving Value to Stakeholders

A practical method to showcase AI’s value is proof of concept, a strategy that allows companies and executive stakeholders to observe the direct impact of AI implementations. This necessity for precise guidance and technical expertise cannot be overstated, as AI is inherently predictive and grounded in probabilities and historical analysis. Human and organisational intelligence are pivotal in steering and advancing AI applications, requiring a transparent explanation and widespread cultural acceptance.

Don’t Go It Alone

Fully capitalising on AI in the enterprise hinges on starting with a clear comprehension of your business objectives, establishing a scalable and compliant data framework, equipping your team with the necessary tools, and adeptly navigating the cultural transition. Similar to previous digital transformations and shifts in cloud adoption and cybersecurity strategies, navigating the AI landscape requires experienced guidance.

Embarking on this rewarding, yet challenging, journey demands expert advice and safeguards. Enterprises should seek a seasoned expert to help them navigate these complexities and to ensure their journey is not only successful but also secure.

The post Embracing AI: Beyond Tech to Strategic Business Transformation appeared first on Nextro.

Most organisations have established protocols for managing video footage related to incidents that affect their operations, regardless of whether they are security or non-security-related.  

Efficient video-evidence management protocols help organisations enhance their operational efficiency, reduce the risk of errors, and improve the overall safety of their operations.  

Genetec Security Center and Clearance allow companies to automate evidence exports and simplify their video-managing processes, improving compliance with regulations and protocols.  

In this blog post, we will explore 4 simple ways to use Security Center and Clearance and take your video evidence management tasks to the next level.  

Safeguard event-related video 

Organisations must comply with different laws and policies governing security and non-security incidents to protect themselves from fines, liability, and other consequences. 

Genetec Clearance can simplify how organisations store video and customise retention rules to follow these policy requirements. 

Based on the type of alarm and its environment, your organisation will have different considerations regarding how to handle event-related videos. This may involve sharing it with stakeholders outside of the security and operation team, retaining these recordings beyond the surveillance system’s standard retention schedule, and ensuring redundancy and protection to mitigate the potential loss of data evidence. 

Automate video preservation policies 

To export recordings from Genetec Security Center to Clearance, operators must select a clip and send it to a case. However, this process can be impractical when there’s a high frequency of alarms when an operator is unavailable. Adding event-to-action triggers in the Security Center allows you to automate export and case creation within Clearance and have a fully integrated solution. 

The functionality is available through the Clearance plugin and uses the pre-existing event-to-action feature in the Security Center. Your organisation can add to your existing alarms configuration to export recordings to Clearance. The functionality uses Security Center alarms as the event triggers, and events can be associated based on cameras, doors, zones, and alarm panels. 

Common challenges of managing video evidence 

Here are four ways to improve video evidence management by using event-to-actions. 

1. Overcome short-term retention policies: 

Certain jurisdictions mandate short Archiver retention periods on their CCTV system. This poses a problem when the periods are so limited that it can impact the security team’s ability to retrieve the evidence in time. Using event-to-action, recordings are automatically sent to Clearance when an alarm is triggered. Once in the app, customers can categorise the evidence, which sets forth specific retention policies. 

2. Ensure redundancy of critical recordings: 

Recordings kept onsite can be at risk of being destroyed if the recorder is damaged. An example of this is panic button incidents. These commonly happen in stores, buildings, and transit vehicles. The button protects employees’ and clients’ safety, while the automatic export of the recording to the cloud protects the recording’s availability through a backup to an offsite location.  

3. Share records when required: 

Organisations are required to maintain records of certain activities that may need to be reviewed by other parties, whether for security, compliance, or audit purposes. For instance, refineries and gas distribution plants must keep track of all cases of flare failure based on thermal detection or photos taken at short intervals. Each event must be retained and made available if there is an audit by environmental agency inspectors.  

4. Minimise human error: 

Regardless of the type of alarm, human error is a significant risk factor that can lead to missed event data. This is particularly true for organisations with high turnover rates and need to train new hires to mitigate this risk. Automating video export eliminates the potential for mistakes and reduces the degree of onboarding required. 

Nextro is a New Zealand-based security integrator and Genetec Unified Elite Partner. If you want to learn more about how Nextro can help you design a new security system or optimise your existing Genetec deployment, please get in touch  here.   

The post Genetec Clearance: Simplify video evidence management with export automation   appeared first on Nextro.

In security, staying ahead of potential threats requires technology that offers both reliability and versatility.  

Axis Communications has once again raised the bar with the release of the new AXIS D2210-VE radar, a sophisticated solution designed to detect, classify, and track intruders in even the most challenging conditions. 

This latest generation of high-frequency radar works stand-alone for non-visual monitoring or hand-in-hand with a PTZ camera for video verification, live tracking, and following. Add to that dynamic maps with Genetec Security Centre, and users can pinpoint the exact location of intruders in real time and monitor their movements across the map. 

Also, automated announcements over external IP speakers provide a proactive and fully automated system that can identify, track, and warn/engage with intruders in restricted areas. 

Check out this amazing video demo of the new AXIS D2210-VE radar.  

The POE radar offers a 95° field of detection and can detect, classify, and track humans up to 60m and vehicles up to 90m. And, with the road monitoring profile enabled, the detection range for vehicles increases up to 150m.  

AXIS D2210-VE can be connected to security systems and analytics tools to increase functionality. For instance, connected to AXIS Speed Monitor, users can visualize vehicle speeds and count data in a camera live view for monitored roads, collecting statistics to make informed decisions for improved road safety. 

Contact Nextro today and discuss with our experts how we can help you protect and secure restricted security areas at your site. 

The post Detect, track and engage with an intruder in a restricted area appeared first on Nextro.

Axis Gold Partner, Nextro, takes out two awards at the annual Oceania Axis partner summit in Denarau Island, Fiji.

Auckland, New Zealand, 15 May 2024 – Nextro, the New Zealand security integrator and managed network and security services provider, was awarded the Fastest Growing Partner of the Year – New Zealand award as well as the Partner of the Year for the Transportation category – New Zealand at Axis Oceania Partner Awards 2024 in Denarau Fiji on 6-9 May 2024. 

The award recognises Nextro’s rapid growth in the physical and electronic security market in New Zealand especially in the sectors of transportation and critical infrastructure where Nextro has deployed and integrated smart cameras, speakers, door controllers, and intercoms from Axis Communications.

“These two awards are recognition of the Nextro team’s successful rollouts of market-leading electronic security and operations solutions for tier one customers in the transportation and critical infrastructure sectors in New Zealand. The outcomes that our Nextro and customer teams have delivered include benefits and efficiencies across security, operations, and health and safety. We are honoured to receive the recognition from our partner Axis Communications,” said Martyn Levy, Nextro’s Managing Director.

“As technology continues to advance at an unprecedented pace, the role of collaborative innovation has never been more crucial. Nextro’s commitment is the backbone of our ability to offer industry-leading innovations that meet the dynamic needs of businesses. Together, we have turned obstacles into opportunities, setting new benchmarks in the industry. This synergy is not just our strategy, but our competitive edge, ensuring we remain at the forefront of security advancements,” said Wai King Wong, Regional Director for Oceania at Axis Communications.

The post Nextro wins NZ Fastest Growing Partner & Transportation Sector categories at Axis Oceania Partner Awards 2024 appeared first on Nextro.

In recent years, the acceleration of digital transformation has promoted the convergence of corporate/information technology (IT) and operational technology (OT) networks and opened up a realm of opportunities for organisations.  

IT/Corporate networks encompass an organisation’s computing, networking, and information management aspects, whereas OT networks support devices that monitor and control physical processes and equipment that have safety and physical impacts on an organisation’s operations. Often, the OT and IT networks are physically separate and distinct. However, more recently, we have observed the desire to integrate both the IT/Corporate and OT network environments in an effort to reduce costs, enhance productivity, and gain a competitive edge.  

However, along with this desire to achieve tangible benefits, significant cybersecurity challenges arise that must be properly addressed to safeguard critical networks and assets. 

Cybercriminals seek to exploit vulnerabilities in corporate/IT networks as an attack vector or pathway to access critical OT systems. The consequences of such breaches can be severe, ranging from financial losses to compromised public safety. Attacks on power grids, shipping lines, manufacturing plants, and other facilities are steadily increasing. 

At Nextro, we understand that as organisations embark on their digital transformation journey to increase efficiency and enhance productivity while seeking to reduce costs, it is crucial to implement robust cybersecurity measures tailored to the unique requirements of OT environments.  

This applies whether an organisation has a physically distinct and separate OT network (from the IT/corporate network) or operates a converged/integrated OT/IT/Corporate network.  

This blog post covers the main steps organisations can take to secure their OT environment, whether separate or integrated with the IT/corporate network environment.   

Cyberthreats to Operational Technology 

Traditionally kept separate, the integration of IT/corporate and OT networks has become increasingly common, driven by the promise of improved efficiency and competitiveness. However, this convergence also brings heightened exposure to cyber intrusions. 

Recent Fortinet surveys reveal alarming statistics. 93% of organisations surveyed experienced intrusions in the past year, highlighting the pervasive nature of cyber threats in OT environments. To address these risks, investments in IT/corporate networks and OT security technologies are on the rise, showing the increasing prioritisation of OT security. 

When controls for physical equipment connect to enterprise computer networks and the cloud, the digital attack surface expands, allowing cyber attackers to penetrate industrial organisations in new ways. 

Attackers are gaining expertise in OT sabotage. They are developing, selling, and buying specialised toolsets designed to penetrate OT protocols and equipment. 

Rogue nation-states are the biggest threat actors and have consistently demonstrated the ability to inflict damage on both local and global scales. 

Cybersecurity Solutions for OT environments  

Securing OT environments may initially seem daunting, but organisations can mitigate risks through incremental steps toward a robust security posture.  

Historically, organisations have prioritised OT functionality over security, leading to a lack of basic security hygiene practices. It is crucial for organisations to embed safety and security as fundamental components of their operations, fostering a culture of best practice adoption throughout the organisation. 

Cybercriminals often exploit common attack vectors, such as spear phishing, compromised endpoints, and stolen credentials, to infiltrate OT environments. Implementing measures like two-factor authentication, ongoing employee security education, and continuous system and border monitoring for indicators of compromise (IOCs) is essential to thwarting these threats.  

To ensure the safety of their OT networks, organisations must implement a thorough security approach to quickly identify and remove access to critical and highly valued OT assets. This proactive security needs to be engineered directly into the OT environment planning, not only adopted after attacks.  

Key Steps for Enhanced Security 

At Nextro, we have put together five important steps to guide organisations through their OT security transformation.  
1. Gain Full Visibility: Develop a thorough inventory of digital assets across IT and OT environments to understand the security landscape fully. Identify users, applications, devices, and systems to lay the foundation for a robust security architecture. 

2. Segment the Network: Implement network segmentation to create security boundaries restricting unauthorised access. By dividing the network into functional segments and controlling communication between them, organisations can minimise the attack surface and limit the lateral movement of threats. 

3. Monitor and Control Access: Authenticate and authorise devices, users, and applications before granting access to resources. Adopt a zero-trust approach to security, continually verifying identities and enforcing access policies. 

4. Implement Proactive Measures: Stay ahead of evolving threats by deploying proactive security measures that pre-emptively identify and prevent potential attacks. Embrace automation to streamline security operations and respond swiftly to incidents. 

5. Streamline Security Operations: Establish a comprehensive cybersecurity operation integrating network and security operations across network and OT environments. Organisations can achieve optimal security outcomes by converging NOC and SOC functions and leveraging automation. 

The Path Forward 

As organisations navigate the complexities of IT and OT convergence, the Fortinet Security Fabric provides a roadmap to a secure and resilient future. By deploying security measures in alignment with industry standards and best practices, organisations can strengthen their defence against cyber threats and safeguard their digital assets effectively. 

In conclusion, prioritising operational technology cybersecurity is essential for organisations leveraging digital transformation to drive innovation and growth. By adopting a proactive and comprehensive approach to physical and cyber security, organisations can mitigate risks, protect critical infrastructure, and ensure a secure foundation for future success. 

Nextro’s OT Cybersecurity Solutions 

At Nextro, we offer comprehensive physical and cybersecurity solutions designed to effectively protect interconnected IT and OT infrastructure. By integrating security across the entire attack surface, sharing threat intelligence between security products, and automating responses to threats, Nextro solutions empower organisations to bolster their security posture and mitigate risks.  

If you want to know more about how to start your OT security transformation, get in touch with our team now. 

The post Protecting Your Organisation: Introduction to Operational Technology Cybersecurity  appeared first on Nextro.

Next-Gen Endpoint Protection for SMBs

Cyber threats are evolving faster than ever before, and small and medium-sized businesses (SMBs) face a tough challenge today. With fewer resources compared to big companies, they become prime targets for cyberattacks.

As threats get smarter, SMBs need top-notch endpoint protection more than ever. This article explores next-gen endpoint protection, highlighting how it’s a crucial defence for SMBs against advanced cyber threats.

Understanding Next-Gen Endpoint Protection

At its core, endpoint protection is a security solution designed to detect, prevent, and respond to threats at the device level — be it laptops, desktops, or mobile devices. While traditional antivirus programs worked fine in the past, they can no longer handle the sophisticated approach of today’s cybercriminals.

That’s where next-gen endpoint protection comes in. Next-gen endpoint protection, however, introduces a suite of technologies, including machine learning, behavioural analysis, and endpoint detection and response (EDR), offering a more dynamic and proactive defence system.

Proactive Defence Strategies

Next-gen endpoint protection redefines cyber defence strategies for SMBs through:

Closely monitoring behaviour

These tools watch how systems normally behave, spotting any abnormalities that might signal trouble. This allows them to catch threats early, often before they can do any damage

Staying up-to-date on threats

SMBs get access to the latest info on cyber threats from all over the world. This means they can defend themselves against the latest threats with security updates that happen in real-time.

Endpoint Detection and Response

EDR features allow businesses to find and deal with threats that bypass their first line of defence. It’s like having a team of investigators and problem-solvers ready to spring into action.

Tailoring Solutions for SMBs

For small businesses, picking next-gen endpoint protection can create a balance between advanced security and cost-effectiveness. These solutions are designed to fit the needs of small businesses, meaning they’re easy to set up and can grow with your company.

They include user-friendly interfaces and don’t need a lot of upkeep, so SMBs can keep their focus on running their business while still staying safe from cyber threats.

Benefits of Next-Gen Endpoint Protection

Using state-of-the-art tech like AI and machine learning, next-gen endpoint protection offers several benefits for organisations serious about cybersecurity.

By tapping into these advanced tools, it can spot and stop emerging cyber threats before they wreak havoc, giving organisations a stronger shield against the ever-shifting threat landscape. Here’s a look at a few of the benefits:

Advanced threat prevention

Next-gen endpoint protection employs sophisticated threat prevention methods to proactively identify and stop evolving cyber threats.

Enhanced detection and response

Unlike traditional endpoint security solutions, next-gen endpoint protection platforms excel in both detecting and responding to threats promptly, improving overall cybersecurity posture.

Comprehensive endpoint security

These solutions provide holistic protection for endpoints, including desktops, laptops, mobile devices, and servers, ensuring all entry points are safeguarded.

Challenges and Considerations

Even though next-gen endpoint protection offers great perks, small businesses can still run into hurdles like tight budgets, tricky tech setups, and the need to train employees. SMBs need to find a solution that fits their needs and resources while making sure everyone on the team knows the basics of staying safe online.

Future Trends and Innovations

In the future, advanced endpoint protection will start using more and more predictive analytics, AI-driven threat prevention, and automation. The zero-trust security model — a cybersecurity approach based on the principle of “never trust, always verify” — is also gaining traction, offering a more comprehensive approach to cybersecurity.

Using advanced endpoint protection is now a non-negotiable for SMBs looking to defend against an increasing risk of cyber threats. To strengthen your security and set yourself up for long-term success, you have to stay up-to-date with the latest tech and take proactive measures.

It’s critical to understand the importance of next-gen protection and take action as soon as possible. Safeguard your assets before you become another cyberattack statistic.

The post Protect Your Business With Next-Gen Endpoint Security appeared first on Nextro.