Many lock manufacturers do not understand the relationship and intersection between "mechanical engineering" and "security engineering" in their products. Typically, design engineers are fairly adept at making things work properly, but often fail to contemplate, conceive of, or identify potential or actual "real world" vulnerabilities in the locks and related hardware that they manufacture. This failure can lead to serious breaches in security, often from relatively trivial attacks by unauthorized individuals, rogue employees, and criminals. It can also result in significant liability upon the part facilities that employ specific security technology, and a failure to comply with regulatory requirements.
Issues stemming from insecurity engineering are compounded by intended or unknowing misrepresentations by lock manufacturers about the security of their products. These statements by manufacturers are often relied upon by consumers, commercial enterprises, and the government sector in the decision-making process involving the purchase of security hardware. Ultimately, security relates to both the protection of people and assets, and to liability. Thus, it is imperative that security professionals understand the interrelationship between standards, hardware design, and real-world threats. Marc Tobias, Tobias Bluzmanis, and Matt Fiddler have significant experience and track record in analyzing, discovering, and exposing real-world threats in security hardware. In this presentation, they will address these issues.