Invixium Integrates Touchless Face Recognition and Multi-Factor Biometric Solutions with AEOS Access Control

Invixium, a premier manufacturer of innovative touchless biometrics, has integrated its portfolio of modern solutions with AEOS by Nedap, a leading provider of access control solutions. This integration between AEOS and IXM WEB, Invixium’s enterprise-grade software solution, streamlines the process of setting up and using Invixium biometric systems with AEOS. AEOS users can now seamlessly deploy Invixium touchless biometrics, such as face recognition via IXM TITAN, as well as the rest of Invixium’s world-class biometric portfolio.

This integration is powered by IXM Link, a licensed software feature for IXM WEB that allows for one- or two-way database-to-database synchronization between IXM WEB and AEOS. Database synchronization ensures easy setup, installation, and use of Invixium biometric solutions for AEOS users. Administrators can effortlessly enroll biometric data to cardholders (securely stored in IXM WEB) which are continuously synchronized with AEOS. In addition, Device Integration Protocol (DIP) has been implemented to allow AEOS to control the verification process.

“Integrating leading security solutions, such as touchless face recognition, with AEOS has enabled Nedap to remain at the forefront of COVID-19 response,” said Susanne Adriaanse, Managing Director at Nedap Security Management. “Invixium’s innovative technologies like face recognition, mask detection, and touchless thermal screening make them a partner that closely aligns with our strategy to provide a wide range high-level solutions to modern security problems.”

“Expanding our reach through technology integrations is vital to our strategy,” said Shiraz Kapadia, CEO & President at Invixium. “This integration simplifies installation and management while reducing costs for businesses that are looking for unified end-to-end security systems. We look forward to addressing the needs of AEOS users with our unique solutions.”

By: Saket Modi, Co-Founder and CEO at Safe Security

For more than the past decade, healthcare has been the biggest target of data breaches. The total average cost has increased to $9.23 million in 2021 from $7.13 million the previous year, demonstrating a 29.5% rise. Cyberattacks in healthcare are unfortunately not limited to their financial, regulatory, and reputational impact since they have a direct consequence on lives. An Alabama-based resident claimed negligent homicide for the death of her infant because the hospital’s fetal monitors were inaccessible as a result of a ransomware attack, leaving its systems locked for eight days. For instance, if a hacker tampers with CT or MRI scans, it could also lead to incorrect medical procedures/surgeries, incomplete diagnoses, and reduced emergency or urgent care.

In such a scenario, the healthcare sector needs to quickly improve its cyber risk management. This is possible only if they move away from the traditional reactive and point-in-time approach in cybersecurity to adopt a predictive and measurable method instead. Adopting a proactive strategy includes knowing the organization’s breach-likelihood in real-time and its financial impact on the organization.

The current state of cybersecurity in healthcare:

The NotPetya attack happened five years ago. Since then, has much changed in the healthcare sector? The cost of ransomware alone has grown by 1094% since 2015. However, there are three key areas where this sector falls short:

1. Accidental and/or malicious insider threats: The HIMSS Cybersecurity survey 2020 states that 89% of initial compromise in hospitals is still through emails and more than half (57%) of the cyberattacks in healthcare begin via trusted insiders.
2. Third-party are unsecured often with unrestricted access: Over 1600 insurers at an average share PHI with hospitals. Hospitals also deal with a large number of medical devices suppliers, vendors for equipment, medication, repairs, and more, each third party is likely to be an entry point.
3. Medical device security: There will be ~50 billion medical devices by 2028, with 15 – 20 IoMT in each hospital room, creating a vast digital attack surface. Interestingly, while one aspect is digitizing faster than it can be secured, 83% of medical imaging devices are still legacy systems too old to receive software updates.
4. The lack of a designated security team: 87% of healthcare IT security leaders work without the right personnel, and three in four hospitals are operating without a designated security leader.

Can predictive analytics in cybersecurity help the healthcare sector?

Financial services organizations predict the likelihood of loans being repaid using the financial history of the applicant, their previous loans, salary/income, and credit score. Similarly, OTT platforms use predictive analytics and algorithms to improve their suggestions. The medical fraternity too relies on prediction models to improve diagnostics, identify risk groups, and improve patient care. Why not use the same analytical approach to predict the possibility of a breach rather than detecting cyberattacks after they happen and reacting to them? The use of predictive technology and models such as the Bayesian Network to predict cyber breaches makes this possible.

Enterprise cyber risk is a product of the probability of a breach happening and its business consequence. This probability is termed the “breach-likelihood” of the organization and can be calculated at the most granular level. Starting from the breach-likelihood of each medical device in every room, department-wise employee threats, to vendors or suppliers of equipment and pharmaceuticals, Electronic Medical Records directory on the cloud and the security posture of each cloud asset – the possibilities are endless. Each prediction makes the organization that much more prepared to predict and therefore mitigate breaches. Once an organization knows what to expect, it can focus energies on fixing what really matters rather than carrying out ad-hoc activities which only add to a sense of security rather than real cybersecurity.

How does breach-likelihood help the healthcare sector?

Breach likelihood in the healthcare sector can be a gamechanger in giving the visibility that is missing today. Similar to doctors arriving at a diagnosis after carrying out due diligence, sieving noise from actual symptoms, and aggregating all relevant information to a central database, cyber risk quantification can segregate information from noise.

As healthcare organizations ramp up cybersecurity infrastructure, they need to remember that all cybersecurity services, products and processes implemented in their cyber risk ecosystem need to communicate with each other. In a scenario where tens of cybersecurity services and tools are performing well in silos, but together fail to generate a comprehensive and prioritized solution, breach-likelihood is can create one score to drive cybersecurity strategy.

Help AG, the cybersecurity arm of Etisalat Digital and the region’s trusted security advisor, has launched “Help AG as a Service,” a service-centric model that provides comprehensive cybersecurity offerings that customers can avail “as a service” based on state-of-the-art platforms and tools. This highlights Help AG’s position as a pioneer in the Middle East’s cybersecurity sector, spearheading the industry’s move towards a service-centric future.

Help AG as a Service is the culmination of the company’s transition from technology delivery to a service-centric model, which has placed it in the best position to offer the entire lifecycle, from ‘Assess’ to ‘Defend’ to ‘Respond,’ as a service to customers.

With Help AG as a Service, customers can rest assured that they are provided best-of-breed services, irrespective of the underlying technology or deployment model. Driven by its vision to offer the highest level of protection and user experience, Help AG delivers future-ready services in terms of people, processes and technology, on an MRC/PAYG model.

All services delivered by Help AG are fully compliant with regional and country specific data regulations, and the company ensures that it has expertise and infrastructure available on the ground. Help AG follows the concept of ‘think global, act local,’ aiming to give customers all the benefits of the most advanced global technologies, while fully provisioning them with local expertise.

Commenting on the launch, Stephan Berner, Chief Executive Officer at Help AG, said: “Help AG has been one of the region’s most experienced and trusted cybersecurity partners for more than 16 years, and with the launch of Help AG as a Service, we are truly cementing our place as a pioneer in the regional cybersecurity industry. The future of cybersecurity will be service-led, and Help AG is at the helm of this evolution.”

Berner added: “Years ago, we built our service offering from the ground up with a commitment to delivering truly global and advanced security services while moulding them to address regional market threats and requirements. Our offering has been received very well in the market, enabling us to become the biggest Managed Security Service Provider in the Middle East, and driving us to take our service-centric transition to the next phase with Help AG as a Service.” 

Under Help AG as a Service, customers also enjoy SLA-based offerings; cybersecurity expertise on demand, wherein Help AG’s experts work as an extension of the customer’s team; and elastic capacity based on the customer’s needs.

Help AG has already standardized many of its services, including 24/7 Threat Monitoring, Detection and Response, and it has applied automation to several existing services, including its Managed Advanced Web Application Firewall (AWAF) service and Secure Access Service Edge (SASE) offerings, namely Cyber Edge X and the Help AG Secure Private Access Service (HPA). Other best-of-breed services offered by Help AG include Penetration Testing, Red Teaming, Security Awareness, Compromise Assessment, Managed Security Controls, Digital Risk Protection, SMB Security Offerings, Always-On DDoS Mitigation, Security Bundles with Service Providers, and Secure Cloud Offerings.

Help AG continues to invest in developing its capabilities to provide a 360-degree portfolio of cybersecurity services to customers with round-the-clock availability. The company has differentiated itself by providing in-country, compliant security infrastructure; capability and agility in the cloud; optimization-driven service delivery; in-house digital forensics and incident response; automated threat hunting and cyber threat intelligence under its Security Operations Center (SOC) services; and a dedicated team of security researchers with 110+ zero-day findings to its credit, among other factors that add unmatched value for end customers.

Help AG as a Service is built on the foundation of the capabilities the company has cultivated over more than 16 years, delivering the highest quality of services at the best possible prices. With its integration into Etisalat, Help AG now offers secure connectivity coupled with unmatched availability and reliability through state-of-the-art, in-country infrastructure, thereby complying with customers’ data residency needs. The ongoing transition to a service-based model across the cybersecurity industry is increasing the importance of the role of Managed Security Service Providers (MSSPs), and with Help AG, enterprises get access to the best and largest MSS team in the region, as well as a flexible financing model, hence investing in a capability that will evolve over time.