Who We Are
SRG Security Resource Group Inc. is a Canadian company dedicated to providing world-class Protective Security Guard and Patrol and Cyber Security services. Founded in the spring of 1996, SRG provides solutions and services for people and organizations across Canada.
SRG Security Resource Group Inc. is a wholly owned subsidiary of SSC Security Services Corp. (TSXV: SECU) (OTCQX: SECUF).
Testimonials
Information Technology Office
“SRG provides subject matter expertise to the Government of Saskatchewan in a timely, proficient manner. I have enjoyed working with the SRG team and appreciate the adaptability and professionalism they exhibit when dealing with our challenging environment.”
– Crystal Zorn
Director, Information Security Branch
The Manitoba Museum
“SRG has been a reliable and preferred supplier of security services to The Manitoba Museum for a number of years.”
– David Thompson
Director of Finance and Operations
The Alberta Teachers’ Association
“The IT security improvement journey for any organization can be a large and continuous undertaking. The Alberta Teachers’ Association (ATA) chose to partner with SRG many years ago to assist us on that journey. SRG continues to add value to the ATA by providing top quality service and resources in an annual security plan. Over the years, SRG has helped us to gain support and commitment from the various stakeholders in the Association and we continue to look forward to a long relationship with SRG.”
– Dr. Terry Bruchal
Director of Information Technology
Get In Touch
Address
300-1914 Hamilton Street
Regina, SK S4P 3N6
Input Capital Corp. Completes Acquisition of SRG Security Resource Group Inc.
REGINA, SK, Feb. 1, 2021 /CNW/ – Input Capital Corp. (TSX Venture: INP) (US: INPCF) (“Input” or the “Company“) is pleased to announce that it has completed the acquisition (the “Acquisition“) of all of the common shares (“SRG Shares“) of SRG Security Resource Group Inc. (“SRG“) on the terms and subject to the conditions set out in the Share Purchase Agreement (“Purchase Agreement“).
“We plan to put our very strong balance sheet to work backing the growth of SRG in the cyber and physical security business in Canada,” said President & CEO Doug Emsley. “SRG is a well-established and profitable business with an experienced management team, and we look forward to enabling the growth of SRG organically and via acquisition in the months and years to come.”
Pursuant to the Purchase Agreement, Input acquired all the SRG Shares for a total purchase price of approximately C$19,900,000 (the “Purchase Price“), as adjusted on a dollar-for-dollar basis for positive or negative net working capital of SRG. Half of the Purchase Price was satisfied by the issuance of 8,883,930 common shares of Input (“Input Shares“) at a deemed value of C$1.12 per Input Share for an approximate total value of C$9,950,000. The remaining 50% of the Purchase Price was paid in cash. The full text of the Purchase Agreement may be found under Input’s issuer profile at www.sedar.com.
The new Input Shares issued to SRG shareholders pursuant to the Acquisition are subject to a statutory hold period expiring 4 months and 1 day from the date of issuance. In addition, the SRG shareholders have agreed to lock-up terms in favour of the Company restricting their ability to transfer their Input Shares until the date that is 6 months following the closing of the Acquisition.
As previously announced, Input will continue to operate its existing agriculture operations in order to serve many farm clients who have 2-3 years left on their streaming contracts. With canola prices nearing all-time highs, Input believes that it has an excellent opportunity to maximize the value of its assets as the Company repatriates capital from the agriculture sector over the remaining life of these contracts. This will grow Input’s already excellent financial capacity to back SRG’s anticipated growth strategy in the security sector.
ABOUT INPUT
Input is primarily an agriculture commodity streaming company providing several flexible and competitive forms of financing which help western Canadian farmers solve working capital, mortgage finance and canola marketing challenges and improve the financial position of their farms. On February 1, 2021, Input acquired SRG Security Resource Group Inc. as a platform for growth in the cyber and physical security business in Canada. For more information, please visit www.inputcapital.com.
ABOUT SRG
SRG is a market-leading Canadian provider of world-class Cyber Security and physical Protective Security Services. Founded in 1996, most of SRG’s employees are located in Western Canada, but solutions and services are provided to organizations across the country. SRG clients include federal and provincial governments, Crown corporations, and many high profile corporate and public sector clients such as hospitals, airports, utility companies and police forces. Previously privately-held, now operates as a wholly-owned subsidiary of Input. More information is available on SRG’s website at https://securityresourcegroup.com.
Forward Looking Statements
This release includes forward-looking statements regarding Input, SRG and their respective businesses. Such statements are based on the current expectations and views of future events of Input’s and SRG’s management. In some cases the forward-looking statements can be identified by words or phrases such as “may”, “will”, “expect”, “plan”, “anticipate”, “intend”, “potential”, “estimate”, “believe” or the negative of these terms, or other similar expressions intended to identify forward-looking statements. The forward-looking events and circumstances discussed in this release may not occur and could differ materially as a result of known and unknown risk factors and uncertainties affecting Input and SRG, including risks regarding their respective industries, economic factors and the equity markets generally, uncertainties concerning the Company’s or SRG’s future plans and intentions with respect to their businesses, risks and uncertainties relating to Input’s and SRG’s businesses, and many other factors beyond the control of Input or SRG (including the ongoing COVID-19 pandemic). No forward-looking statement can be guaranteed. Forward-looking statements and information by their nature are based on assumptions and involve known and unknown risks, uncertainties and other factors which may cause our actual results, performance or achievements, or industry results, to be materially different from any future results, performance or achievements expressed or implied by such forward-looking statement or information. Accordingly, readers should not place undue reliance on any forward-looking statements or information. Except as required by applicable securities laws, forward-looking statements speak only as of the date on which they are made and Input undertakes no obligation to publicly update or revise any forward-looking statement, whether as a result of new information, future events, or otherwise.
NEITHER TSX VENTURE EXCHANGE NOR ITS REGULATION SERVICES PROVIDER (AS THAT TERM IS DEFINED IN POLICIES OF THE TSX VENTURE EXCHANGE) ACCEPTS RESPONSIBILITY FOR THE ADEQUACY OR ACCURACY OF THIS RELEASE.
SOURCE Input Capital Corp.
Special WAA Blog Feature: SRG Protective Services Team Member, Shawn Trotman
Cyber Security Bulletin: Microsoft Cyber Security Updates
This notice is sent as an update to the recent Microsoft Exchange cyber security issues. Microsoft has issued several security patches to address the cyber security issues. Information on business systems shows that unpatched systems internationally continue to exist including within Canada. Some of these systems within Canada have been further compromised with malware. Malicious actors are actively scanning using automated tools to identify unpatched servers
On 11 March 2021, Microsoft Security Intelligence issued a Tweet stating that a new family of ransomware, known as DearCry, is being leveraged by actors exploiting the recently disclosed Exchange vulnerabilities. In addition to DearCry, multiple proofs of concepts leveraging the Exchange vulnerabilities resulting in remote code execution have been made publicly available. These vulnerabilities are being leveraged to gain a foothold within an organization’s network for malicious activity which includes but is not limited to ransomware and the exfiltration of data.
It is strongly recommended that organizations with unpatched external facing servers perform the following:
Note: All updates (CU and the security update) must be run as administrator and Microsoft has noted that multiple reboots may be required. Additional information on patching is available through Microsoft’s tech community blog.
Organizations are encouraged to confirm that no signs of malicious activity have been detected and that both the CU and security update are successful prior to returning the server to service.
Microsoft has published out-of-band Security Updates to address critical vulnerabilities in multiple Exchange products:
Volexity has also published a blog detailing observed activity of actors remotely exploiting a zero-day server-side request forgery (SSRF) vulnerability in Microsoft Exchange (CVE-2021-26855)[2]. This method of exploitation does not require authentication and can be accomplished through remote access to a vulnerable external facing Exchange server over HTTPS.
Microsoft has reported the following vulnerabilities were used by actors to gain access to victim systems:
After exploiting these vulnerabilities to gain initial access, malicious actors deploy web shells on the compromised server. Web shells potentially allow actors to steal data and perform additional malicious actions that lead to further compromise.
Reminder: For your protection, please ensure you follow Microsoft’s instructions on recent Microsoft Security Updates
Please reach out to us with your concerns or for more information on how to protect yourself and your business.
Cyber Security Bulletin: SolarWinds Supply-Chain Compromise
On 13 December, 2020 SolarWinds disclosed a security advisory outlining recent malicious activity impacting SolarWinds Orion Platform resulting from a supply chain compromise. The SolarWinds technology is used by many businesses to manage their network environments including mapping and capacity planning. This is a widespread campaign by a “highly evasive” actor gaining access to numerous public and private organizations around the world.
Through trojanizing SolarWinds Orion Platform software updates, actors were successfully able to distribute malware. This campaign may have begun as early as Spring 2020 and is reported as currently ongoing. Post compromise activity leverages multiple techniques to evade detection and obscure their activity, which includes lateral movement and data theft.
SolarWinds has provided guidance on how to identify the version of Orion Platform organizations are using and to check which hotfixes organizations have applied. If an organization cannot upgrade immediately, please follow the guidelines securing an Orion Platform instance.
An additional hotfix release, 2020.2.1 HF 2 is anticipated to be made available Tuesday, December 15, 2020. SolarWinds recommends that all customers update to release 2020.2.1 HF 2 once it is available, as the 2020.2.1 HF 2 release both replaces the compromised component and provides several additional security enhancements.
In addition to the fixes being posted by SolarWinds, the following recommendations are mitigation techniques that could be deployed as first steps to address the risk of trojanized SolarWinds software in an environment. SRG encourages organizations review the below recommendations and action those based on an organization’s own risk-based assessment:
If malicious activity is discovered in an environment, SRG recommends conducting a comprehensive investigation and designing and executing a remediation strategy driven by the investigative findings and details of the impacted environment.
Please reach out to us with your concerns or for more information on how to protect yourself and your business.
Cyber Security Bulletin: FireEye Cyber Security Breach
This Cyber Security alert is intended for organizations that utilize this technology as part of their cyber security protection program.
On December 8, 2020, cyber security firm FireEye disclosed that it was recently a victim of a targeted security breach by a threat actor.
The threat actors were successful at infiltrating the internal network and acquire red team security assessment tools. FireEye is currently investigating and initial findings show no evidence of customer data exfiltration and at this time cannot state confidently whether these tools will be used or publicly disclosed by the threat actors..
These FireEye tools are used by customers to simulate real-world cyber attacks and test themselves in a near-real type of environment. Users of these technologies should review FireEye released methods of detecting the use of those red team tools in the event the threat actors use them for attack purposes.
Further actions for Consideration:
Please reach out to us with your concerns or for more information on how to protect yourself and your business.