Monthly Archives: September 2009

AlertEnterprise Wins ASIS Accolades 2009 Security’s Best Winner Award


This entry was posted by on .

Re: Unique next generation software combines IT Security, Physical Access Controls and Industrial Controls to unveil blended threats.

Anaheim, Calif., September 21st, 2009 – AlertEnterprise™, Inc., a red hot software startup in the rapidly emerging space of security convergence for physical and logical security, has earned the ASIS Accolades 2009 Security’s Best Winner Award. AlertEnterprise is exhibiting its solutions in booth #2242 at the ASIS 55th Annual Seminar and Exhibits Conference.

Most industry security experts concur that physical access security, IT security, and critical infrastructure security, all reside in silos. This is a huge challenge for timely detection of terrorist events, malicious behavior and fraudulent activity. Jasvir Gill, founder and CEO of AlertEnterprise takes this mission to heart. His previous startup Virsa Systems was one of the most successful acquisitions by SAP to date and went on to become the heart of the SAP GRC business unit delivering application level security. “The most insidious risks are simple acts that slip between physical and logical security systems. They may not individually trigger an alert in any one system. But, in combination they create a risk that may defy detection unless your physical and logical security systems talk to each other.” says Jasvir.

read more

Where would you rather be during an emergency? I pick California…


This entry was posted by on .

I visited the California Emergency Management Agency (CAL-EMA), the combination of the former Office of Emergency Services and State Department of Homeland Security. I was attending the Sacramento Area Infragard Conference.

What is Infragard? you might ask. It is a private-public partnership with the FBI as the key promoter and sponsor of the alliance to help protect critical infrastructure from attack from malicious threat actors and pandemics etc.

AlertEnterprise attended as a vendor sponsor of the event. Representatives from various state agencies, law enforcement, services and security were present at the event to learn about and discuss cyber security, bio-terrorism, and protection of the food supply. Of great interest to all was the discussion of the H1N1 Flu Pandemic and the recommendations from a CDC (Center for Disease Control) expert. I had the opportunity to present the Security Impact Zones that AlertEnterprise adds value to. These are:
1. Securing critical business applications in regulated industries
2. Securing cyber assets for critical infrastructure of national importance
3. Information Assurance and Certification & Authorization for critical assets for Federal,
Military and Intelligence applications.

read more

NERC CIP Compliance is Coming to a Nuke Near You…


This entry was posted by on .

I attended the Nuclear IT Strategic Leadership (NITSL) Symposium in Chicago last week. This was a virtual who’s who of IT experts in the nuclear space. This year’s conference was oriented towards Cyber Security. Nuclear Power generation is one of the most heavily regulated industries and has been extremely stringent in implementing physical security procedures. It was good to see physical and logical security convergence getting so much air time. One of the keynote speakers Susan Landahl, The Sr. VP of Operations for Exelon (they operate the largest fleet of nuclear plants in the country) in the keynote address said “Cyber Security is going to rival physical security in importance. Physical and Cyber better learn to get along; in fact we need to collocate them now in the same organization”. So how does NERC CIP figure into this? Well as you may know (if you have been following the regulations governing utilities), nuclear plants have been exempt from NERC CIP requirements. Under FERC Order 706-B, NERC CIP extends to cyber critical assets that may not be covered by NRC regulations, particularly 10 CFR 73.54 defining Cyber Digital Assets (CDAs). The tough part is that nuclear plant cyber and IT staff have to submit a security plan with a timeline to demonstrate how they will comply with NERC CIP. Some of the key stakeholders present in the ongoing dialog on how best to deliver security convergence for the Nuclear industry were the Nuclear Regulatory Commission (NRC), Nuclear Energy Institute (NEI), Institute of Nuclear Power Operations (INPO) and of course the Department of Homeland Security (DHS). AlertEnterprise was a sponsor of the event and exhibited solutions for nuclear industry that included compliance automation across multiple regulations including NERC CIP and the nuclear requirements as well as an ongoing risk management methodology. For more information please contact me at pan.kamal@alertenterprise.com.

read more