Security tagging

Cyware, the globally renowned company in threat intelligence management, security collaboration, and orchestrated response, announced that it is a recognised pioneer in Frost and Sullivan’s '2024 Threat Intelligence Platform' (TIP) Radar Report. The TIP industry encompasses more than 20 vendors, and Frost & Sullivan selected the top 10 based on solid growth potential, rapid growth rates and commitment to innovation. Cyware is one of only three vendors to lead the report’s Innovation index, due to its scalable innovations, thought leadership in the TIP space, and robust innovation roadmaps. Cyber Fusion Centre Platform  Martin Naydenov, Report Author and Senior Industry Analyst with Frost & Sullivan, notes: "Cyware is one of the pioneering TIP providers (and) pioneers on the Innovation Index, thanks to its comprehensive Cyber Fusion Centre Platform that integrates TIP, SOAR, collaboration, threat detection, and generative AI capabilities called Quarterback AI." He adds, "Cyware distinguishes itself with strong customer alignment, achieving 100% CSAT scores for three consecutive years and pioneering the industry with R&D investments, ranking in the 100th percentile."  Cyware’s TIP solution Martin Naydenov continues: "Intel Exchange, Cyware’s TIP solution, offers many use cases and features, including ROI Feed dashboards, TI lifecycle automation, and bi-directional data sharing and actioning. Over the years, Cyware has continuously enhanced its TIP solution. In 2023, it introduced new collaboration capabilities, enabling threat detection and intel teams to join forces and share content, such as SIEM and YARA rules and automated playbooks." He further states, "In 2024, the vendor added Cyware Quarterback AI, designed to scale, optimise, and accelerate an organisation’s security team’s effectiveness across their tech stack to up-level security teams."   Cyware’s threat-driven automation Anuj Goel, CEO and Co-Founder of Cyware, said: “The value threat intelligence provides goes beyond identifying Indicators of Compromise (IoCs), and unless organisations operationalise cyber threat intelligence (CTI), they often miss its potential to reduce risk and improve SecOps efficiency and effectiveness." He adds, "Cyware’s threat-driven automation simplifies and substantially advances intelligence actioning. It breaks down the barriers between security, devops, and IT teams, and ensures that actionable CTI swiftly reaches the right team members who can act on it to protect the organisation." Leveraging the right threat intelligence platform Leveraging the right threat intelligence platform helps security operations teams get more from intel and ensure the right insights inform critical decision-making. Frost & Sullivan’s 2024 Threat Intelligence Platform (TIP) Radar Report provides meaningful insights into the TIP landscape.

Workiz, the pioneering field service management and communication software, introduces an enhanced online booking feature that allows service professionals to reach more customers, book more jobs and stand out from the competition. With the new Reserve With Google feature, customers can connect directly to Workiz Online Booking through Google search results, increasing the pool of potential customers available to each business owner and streamlining scheduling, payments and other essential functions. Business management solutions “Our mission is to make life easier for service pros so they can grow their business,” said Didi Azaria, CEO of Workiz. “Partnering with Google gives us a unique opportunity to leverage the premier search engine to enhance the reach and connectivity of our intuitive business management solutions. Business owners can offer a seamless process that benefits customers and maximises the possibilities of the Workiz platform.” Workiz' Reserve With Google online booking functionality empowers users to tap into millions of new customers for free, helping them achieve a 30% increase in jobs by simplifying the booking process. Workiz communication suite Workiz online booking widget lets clients to book favours and pay in advance now from Google Customers can effortlessly schedule and pay for services instantly from Google, the company website, social media, or any location with a link. Service pros benefit from booking more jobs 24/7, as the Workiz online booking widget allows customers to book services and pay in advance directly from Google, turning clicks into jobs and enabling business growth even while they sleep. Additionally, Reserve With Google users gain prime placement at the top of Google search results through GLS ads integration, powered by Workiz Online Booking, helping them stand out from the competition, attract more customers, and increase their chances of being booked instantly. “The new integration of Reserve with Google into Workiz instantly converts leads into jobs and connects seamlessly with the Workiz communication suite,” said Workiz founder Idan Kadosh. “This powerful enhancement amplifies the effectiveness of all communication channels, driving revenue up by 30%.” Workiz Online Booking Workiz is a pioneering field service management platform that aims to simplify the way businesses operate and navigate their day-to-day challenges. Workiz Online Booking is the easiest way for customers to book and pay for services online. “Since using Workiz's online booking, we've seen a 30% increase in jobs,” said Jordan Viscusi, CEO of Plumbing 101. “Our customers love the convenience — they can schedule and pay instantly through Google, our website, social media, or anywhere with just a link.” Armed with an array of business tools, from job scheduling and dispatching to invoicing and payment tools, Workiz is committed to helping service professionals manage and grow their businesses. The company’s focus on innovation ensures it consistently develops features that transform field operations and ultimately drive ROI.

Over the last several years, cyber security, a crucial component in any servicer's operation, has taken on an increasingly visible role due to numerous high-profile data breaches impacting various industries. According to the cyber security research firm Check Point Research, the average number of cyber attacks per organisation per week rose 38% in 2022 from 2021, and increased by 28% in the six-month period ending March 31, 2024.  The average number of weekly events has also grown year over year. They look at the importance of cyber security for U.S. and Canadian servicers and discuss how they assess a servicer's program in the evaluation review process.  High cost of corporate inaction  Inaction against preventing cyber attacks can come with a high cost and remediation actions. For example, International Business Machines Corp. (IBM) noted in its Cost of a Data Breach Report 2024 that the average cost of a corporate data breach in 2024 was $4.88 million, a 10% increase from the prior year and the largest yearly increase since the start of the COVID-19 pandemic. Additionally, it was noted that 70% of organisations experiencing a breach indicated it was a significant or very significant disruption. Moreover, IBM said that 63% of organisations are planning to increase their security investments as compared to last year when the figure was 51%, focused mainly on employee training as the top investment area. Remediation actions Servicers have had to enforce corrective actions, including certain customer-facing activities As a result of cyber attacks and breaches, servicers have had to implement various corrective actions, including suspending certain customer-facing activities (website access, payment processing, etc.) and halting internal operations until an investigation determines the method of attack, the impact on systems, and how to stop the attack.  Remediation actions, in addition to addressing the source of the breach, generally include notifying affected customers and offering credit monitoring services for a predetermined period of time. It is also not uncommon for litigation to be initiated on behalf of the affected parties, alleging inadequate cyber security procedures as the cause of the breach. Assessing a servicer's cyber security program While servicers have implemented various cyber security tools and programs, hackers continue to design increasingly sophisticated malware with the potential to penetrate companies' defence systems. Though not all companies have been impacted by cyber breaches, hackers are increasingly using AI and other tools to develop malware that can infiltrate even the most cutting-edge applications, so a servicer's cyber security program becomes even more important as hackers evolve. S&P Global Ratings' servicer evaluation group recognises that a sound cyber security program is a significant factor in the overall analysis of a servicer's operations. When conducting an operational assessment of a servicer, they ask the company to describe its overall cyber security program. The general topics they discuss include the following: Its information security program and management team (e.g., the CEO, chief information officer, and chief information security officer);  Staff resources dedicated to monitoring company systems to triage and address potential cyber security threats;  Frequency of phishing and/or smishing testing programs, overall click rates, and remediation actions;  Timing of vulnerability scans and what internal and external tools are employed to assist in monitoring and identifying potential threats;  The incorporation of AI into the servicer's preventive tools and systems used to combat attacks and secure systems;  Frequency of external penetration tests and the vendor's rotation schedule, along with a discussion of the latest results;  Frequency of internal penetration testing and the results of the last test;  The servicer's data storage backup routines, including how data is backed up (i.e., the cloud, tapes, or both) and whether data is stored on air-gapped mediums;  Recovery time and recovery point objectives for the servicer's data and business units;  Frequency of a servicer's recovery exercises, including data backups to validate their restoration ability;  Data encryption practices at rest and in transit;  Plans to address potential ransomware attacks and the frequency of tabletop exercises;  Employee training on cyber and information security, including social engineering;  System and organisation controls (SOC) 2 certification or other evaluations or tools used to assess the company's cyber security posture; and  The process to evaluate third-party vendors' cyber security posture. Staying ahead of the curve  Sustained investments in cyber security will be crucial for any business entity, especially servicers, as they will continue to experience ever-evolving threats requiring additional expertise, capital, and technology to stay ahead of the curve. Despite servicers' significant expenditure on cyber security staff and systems to support their programs, these preventative measures are only effective if the program is successfully implemented and maintained. Notwithstanding, even the best preventative measures will be continuously challenged by the ever-increasing sophistication of attacks.  Event-reporting regulations New privacy and event-reporting regulations and compliance needs from California and New York A key focus for servicers will be whether they can keep up with the malicious actors who try to penetrate their systems and obtain non-public information, thereby disrupting operations, affecting customers, and posing significant financial harm to the company.  New privacy and event-reporting regulations and compliance requirements from the states of California and New York impacted various industries including servicers, among others. Although not directly affecting servicing, the Securities and Exchange Commission has also stated that cyber security is one of its 2024 priorities when conducting examinations of broker-dealers and investment advisors.  New government regulations As servicers navigate ever-increasing cyber threats and the rollout of new government regulations, their dependence on the digitisation of information and processes should be balanced with comprehensive and preventative cyber security controls in order to effectively combat the risks that lie ahead. While this article focuses on the impacts of cyber security for the Servicer Evaluation ranking process, S&P Global Ratings has written additional articles that relate to cyber security across other industries and the potential credit impacts that they may have (see "Cyber Risk Insights: Navigating Digital Disruption Booklet Published," published July 9, 2024, and "Digital Booklet Published: Cyber Risk Insights," published Feb. 22, 2023). The analysts would like to thank Marilyn Cline for her contribution to this report.

Amidst the challenges of a prevailing economic downturn, the retail sector finds itself grappling with an unparalleled rise in incidents of shoplifting, theft, and burglaries. The disconcerting scenes witnessed on London’s Oxford Street in August 2023,​ where crowds gathered, looting as many stores as possible, sent shockwaves across the nation’s retailers. This alarming surge in retail crime has put retailers on high alert, as they contend with a rising tide of security concerns.  Shoplifting concerns Recent data from the Union of Shop Distributive and Allied Workers (USDAW), has raised alarming concerns: shoplifting rates have surged by an unprecedented 24%.​ In the first half of 2023 alone, there were approximately 8 million reported shoplifting incidents. With the ongoing burden of the cost of living crisis and the approaching festive season, it is expected that these figures will keep surging.  Implementing robust security measures Theft and prevention strategies cost retailers approximately £2 billion in 2021/2022 While more help from the Government to support retail workers and the businesses shoplifters target is certainly needed, the implementation of robust security measures will significantly contribute to deterring these crimes from occurring in the first place. British retailers spend millions on tools to deter and catch shoplifters inside stores, from CCTV and security guards to electronic tagging and alarms. The Grocer reported that theft and prevention strategies cost retailers approximately £2 billion in 2021/2022. Despite these initial costs, other threats are at play beyond the shop floor. Break-ins by criminal gangs For many large town centre stores and supermarkets, and units in retail parks, the rear doors and delivery areas are commonly targeted by criminal gangs. It’s not uncommon for thefts to occur from pallets or cages that have been unloaded from lorries and sit waiting to be moved into the building. After-hours break-ins are a risk for all store owners too, particularly over the festive season when a lot of high-value stock has been delivered to shops and supermarkets. Addressing anti-social behaviour  The additional fencing was deemed an essential measure to safeguard the community Anti-social behaviour also poses a challenge for retailers. In 2022, an Aldi based in Derby​ invested in security fencing to protect staff and deter loitering groups. The additional fencing was deemed an essential measure to safeguard the community, as dangerous items were frequently found outside the store, including weapons and hypodermic needles.  So how do physical security solutions such as fencing and gates help better protect retail establishments such as supermarkets and edge-of-town retail park shops? Fencing and gates: a critical component of retail security  1. Risk assessment and target hardening  A thorough risk assessment will identify potential weak spots that require protection. ‘Target hardening’ involves implementing physical security measures that become more robust as they approach the target. This helps deter intruders while ensuring ease of access for customers and staff.  2. Effective perimeter security  Opt for difficult-to-climb security fencing that provides a robust obstacle against thieves, vandals, and intruders Selecting fencing solutions according to the potential threats, site characteristics, and topography is crucial. It is important to specify fencing that strikes a balance and maintains a welcoming appearance while safeguarding external areas of the store or warehouse from potential harm and unauthorised access. Solid fencing which provides concealment can help to conceal expensive goods and remove them as a target for opportunistic theft.  Opt for difficult-to-climb security fencing that provides a robust obstacle against thieves, vandals, and intruders. I recommend selecting a sufficiently tall and robust fence such as an acoustic barrier. Its noise-reducing properties are often beneficial for these types of sites too.  3. Controlling vehicular speeds and access  To enhance security, consider controlling vehicular speeds and access. One effective approach is the installation of bollards at the ends of traditional high streets. This practice is already commonplace as a means of safeguarding against hostile vehicle attacks, but it can also play a pivotal role in preventing quick getaways of vehicles involved in potential heists. Additionally, employing road blockers and sliding gates at the rear entrances of delivery areas would serve to fortify security further. These measures can help in delaying vehicles, allowing for necessary checks to be conducted.  4. Balancing security with aesthetics  The presence of high-security fencing can also make a site more of a target for vandals and burglars Another challenge is avoiding creating an imposing presence, especially important for areas situated near residential communities. The presence of high-security fencing can also make a site more of a target for vandals and burglars. To minimise this risk consider specifying timber fencing and traffic barriers to secure car parks, providing both security and a welcoming atmosphere for shoppers.  Taking an integrated approach Combine secure perimeter fencing with effective lighting in places with shaded areas and at doors, gates, and shop windows, alongside Perimeter Intrusion Detection Systems (PIDS), and strategically placed CCTV. These measures will hinder unauthorised entry and escape, increasing the likelihood of detection and apprehension.  Prioritising employee wellbeing  Installing robust security fencing, complemented by CCTV, good lighting, and guarding, creates a safe environment Installing robust security fencing, complemented by CCTV, good lighting, and guarding, creates a safe environment for employees. This not only safeguards their well-being but also provides peace of mind that they are protected effectively in the case of a burglary or crime.  When selecting security products for retail sites, it is advisable to opt for items that have undergone rigorous testing and carry relevant certifications for their security level. Each component should meet industry-specific standards for its intended purpose and originate from manufacturers accredited under ISO 9001:2015. This ensures a high standard of quality and reliability in safeguarding the premises.  High-quality security fencing As the cost-of-living crisis continues, crime rates increase, and the festive season approaches, the time to act and implement on-site security is now. By investing in comprehensive security measures, retailers can protect their assets, employees, and customers, ensuring a safer and more secure shopping environment for all. High-quality security fencing is also a sound investment, that requires little or no maintenance once installed. The best fencing solutions are extremely weather-resistant, and won’t suffer from rust or corrosion. With all sectors preparing to ride the rapids of recession in the coming year, improving on-site security while selecting cost-effective measures, is one surefire way to protect your people, your property, and your profits from harm. 

The average business owner or investor has some kind of security precaution in place, especially in the after-hours when there are fewer deterrents to inhibit criminal activity. Security guards, video surveillance systems, motion sensor lights, or even just fake cameras placed around the property are some of the common options people choose.  Future of overnight security Smart business owners are starting to realise, however, that some of these traditional security measures are becoming antiquated and no longer cutting. The now and future of overnight security is in remote guarding. Pioneered by companies like Los Angeles-based Elite Interactive Solutions, which was founded back in 2007, remote guarding is revolutionising the overnight security business. Minimising criminal activity Remote guarding is fast becoming the most popular choice among commercial end-user property owners Remote guarding utilises a combination of cutting-edge technology, “digital guards,” highly trained security agents, and local law enforcement if and when necessary to minimise the potential of criminal activity. For those adequately enlightened to its overwhelmingly impressive crime prevention capabilities, remote guarding is fast becoming the most popular choice among commercial end-user property owners to secure and protect their investments. What Is remote guarding?  Remote guarding is a revolutionary concept and increasing trend in security systems that utilises a combination of methods to effectively analyse potential threats to property. Cameras and/or other monitoring devices running highly advanced algorithmic software are installed in strategic areas or vulnerable places onsite and remotely located security agents are immediately notified of any activity within a designated perimeter of the property. A blend of AI, cybersecurity, and video analytics When properly deployed by an expert provider, the technology stack includes a proprietary blend of video analytics, artificial intelligence, cybersecurity, and more. Done right, “noise” is effectively filtered out, allowing agents to act on legitimate alerts and achieve zero false alarms communicated to first responders. Today, there are a lot of terms and descriptions tossed around about remote guarding, remote video, virtual guarding, etc., but those attributes must be present to represent the true definition of the offering and its many virtues. Realtime situational awareness Many systems have a two-way speaker that allows the security agent to give a verbal warning When specially trained security agents are alerted to trespassers, possible intruders, or other suspicious activity, they analyse the situation in real-time and determine the necessary level of action. Many systems have a two-way speaker that allows the security agent to give a verbal warning, known as a voice-down, to the individual(s) that they are being watched. Most perpetrators, often believing the response is emanating directly from security personnel on the property itself rather than from a remote command centre, flee immediately. However, if the threat persists, the security agent enlists local law enforcement to get on the scene.  Customised remote guarding When properly deployed, remote guarding systems are also customised to specific properties. A team of consultants visits the client’s property to evaluate its vulnerabilities and where to best place cameras and/or other monitoring devices for system efficacy. Traditional security shortfalls  According to Keith Bushey, a retired commander for the Los Angeles Police Department, there is much frustration between law enforcement officers and potential victims of crime due to the historically unreliable performance of traditional burglar alarm systems and central monitoring stations. He states about 90% of security-related calls are false alarms, a problem that has been well-documented through the years. Onsite challenges When a legitimate emergency does occur, the perpetrators have often already done their damage When a legitimate emergency does occur, the perpetrators have often already done their damage and/or escaped by the time law enforcement arrives.  Onsite security guards are not the remedy either as they bring their own set of issues and challenges.  Unexpected costs Traditional security systems can also have unexpected costs. The cost is not only in the security guards’ paycheck or the cost of the equipment itself. The cost comes when an actual incident occurs. In worst-case scenarios, the security guard(s) are injured, the business suffers inventory loss, and/or damage is sustained to the property.  The medical and other costs for the security guard(s), the loss of inventory, property damage, deployment of law enforcement resources, and possible fallout of legal expenses all add up. Even in the best-case scenario, false alarm expenses incur if law enforcement is dispatched. These, among many others, are some of the primary issues that remote guarding resoundingly answers as a superior alternative. A bounty of benefits Remote guarding systems have been proven to cut costs and be more effective than traditional security systems. Even though the monthly monitoring costs of remote guarding are significantly higher than traditional intrusion detection system monitoring, the much higher effectiveness in crime reduction, elimination of false alarms, and augmenting or replacement of manned guards result in a substantially higher return on investment (ROI) to the end user. Easy tracking of threats The security cameras already have their image captured on record, making them easier to track down For example, case studies have demonstrated reduced security costs for clients by 60%, on average. These reductions have come from the costs of security staff, inventory, or property loss, plus saving money on insurance premiums and deductibles. The nature of remote guarding reduces the risk and costs of false alarms, with professional security agents able to determine an actual threat before law enforcement is called. In a rare instance when a perpetrator escapes before law enforcement arrives or can detain the individual(s), the security cameras already have their image captured on record, making them easier to track down and identify. Reduction of false alarms The significant reduction in false alarms is greatly appreciated by law enforcement, as it allows them to focus on real emergencies or crises. Better relationships are also developed between clients and law enforcement, as remote guarding systems are highly reliable in providing accurate and real-time information to officers as they approach the scene. In short, it assists law enforcement in doing their job more effectively, as well as more safely thanks to having eyewitness information before engaging in an active crime scene.  Partnership When you combine the decreased cost with the increased efficiency and success rate, it is easy to see why many commercial end-user property owners across the country are making the shift to remote guarding. It’s also an outstanding opportunity for professional security dealers and integrators to partner with a remote guarding services provider to bring a superior solution to their end customers and pick up a recurring monthly revenue stream in the process.

It’s no secret that the data security sector is constantly changing. It has an annual CGR of about 12.3%. Future trends in data security Much of this has to do with the rise of cybercrime in recent years, with reports showing that cyberattacks happen as often as every 39 seconds. To combat the growing rate of cybercrime, data security has been on the rise. As we journey further into this era, it becomes evident that a spectrum of significant trends is molding the future of data security. This exploration delves into a selection of these trends, unraveling their importance and the potential implications they carry  1. AI security tools will increase  Artificial Intelligence is also being used in the development of smart attacks and malware The introduction of Artificial Intelligence in the data security industry brought significant changes, especially in cybersecurity. AI has been the golden standard for face detection, natural language processing, automated threat detection, and automated security systems. Additionally, Artificial Intelligence is also being used in the development of smart attacks and malware, bypassing even the latest security protocols in data control. And as time progresses, AI security tools will flourish and dominate the scene. Let’s take a more in-depth look at three of the top AI security tools. Targeted attack analysis tool  Manufacturers utilise targeted attack analysis tools to uncover targeted and stealthy attacks. Artificial Intelligence can be applied to the program’s capabilities, processes, and knowledge. For instance, Symantec launched this tool to combat the Dragon 2.0 attack in 2022. The phishing attack reprimanded multiple energy companies while trying to gain access to their operational networks. Targeted Attack Analysis Tools can analyse incidents and look for similarities from previous situations. They also help detect suspicious activities and collect all the necessary data to determine whether a specific action is malicious. Intercept X tool  Results from the Intercept X Tool feature high accuracy and a low false positive rate Sophos, a British security hardware and software company, launched the Intercept X Tool. It engages a neural network that records and analyses data like a human brain. Sophos’ Intercept X Tool can extract features from a single file and perform a deep analysis. It detects malicious activities within 20 milliseconds. Plus, it’s also trained to work on bi-directional sharing and real-world feedback of threat intelligence. Results from the Intercept X Tool feature high accuracy and a low false positive rate.  IBM Watson Technology  IBM’s QRadar Advisor uses IBM Watson Technology, a unique AI tool for fighting cyber attacks. Artificial Intelligence can auto-investigate activities and indicators for potential exploitation or compromise. With cognitive reasoning, IBM Watson Technology can present critical insights to accelerate the response cycle. Security analysts can utilise this technology to search for threat incidents, reducing the risk of letting them fly under the radar. 2. Blockchain as a security solution  It guarantees no points of failure or hackable entrances that can expose datasets inside the system Blockchain is a type of distributed ledger technology (DLT) that aims to establish trust within an untrusting ecosystem. Today it’s one of the most robust cybersecurity technologies in the industry. Blockchain utilises a decentralised ledger system, but your team members can still gain access to transparent information in the cloud. Members can also record, pass along, and view necessary transactional data in the blockchain. The entire blockchain process maintains data integrity within the system while establishing trust among team members. It guarantees no points of failure or hackable entrances that can expose datasets inside the system. Cybersecurity, biometrics Cybersecurity primarily benefits from these features because blockchain can create a secure and robust wall between data and hackers. On top of that, blockchain ledgers can include biometrics like fingerprints and retina scans. These prevent hackers from accessing any private data. Because blockchain is decentralised, it also limits hackable data. Together with the technology’s record-keeping system, each node is provided insight into data manipulation exposing real-time cybercrime attempts.  3. Increased and widened access control  Without access control, expect your company to be open to security issues, including theft, data loss, and breach of data Access control is critical in data security. More than a valuable security tool, business leaders can use access control to regulate people accessing any given resource. A company with an IT security setting can control who has the liberty to edit certain files. One of the primary goals of access control is to minimise threats or attacks to organisations and businesses to keep people and data secure. Without access control, expect your company to be open to security issues, including theft, data loss, and breach of data protection laws. Benefits The benefits of increased and widened access control include: Identifying who can access and control your data at specific time intervals. Protecting data from overwriting, accidental deletion, and malicious intent. User permissions that can be readily changed. Compliance and regulation with data privacy laws. Central management of access to data through a reporting portal or a dashboard.  Multi-factor authentication Access control comes in various types and systems, so it’s critical to know the features of what you’re looking for. The most common type is multi-factor authentication or MFA. It involves multiple steps before logging in, requiring the user to enter other relevant information besides the password. Some other examples of information include biometrics, answering a security question, or entering a code sent to the user’s email address. Two-factor authentication, role-based access control Two-factor authentication further prevents unauthorised entries that can result in unnecessary data possession Two-factor authentication further prevents unauthorised entries that can result in unnecessary data possession.  Another type of access control is role-based access control. In this setup, only one individual can set up access guidelines and grant permissions to specific team members within an organisation. 4. Greater use of the zero-trust security model  The zero-trust security model is a framework that requires every user within and outside the organisation to undergo authentication, authorisation, and validation. These are all essential to ensure proper security configuration before access is granted to the company’s applications and data. A zero-trust model assumes that anyone can cause data breaches and that a traditional network edge is not taken into effect. Moreover, it addresses the following modern-day challenges: Hybrid cloud environments. Security of remote workers. Ransomware threats.  This framework utilises the combination of multiple advanced technologies, including:  A risk-based multi-factor authentication. Endpoint security.  Identity protection.  Cloud workload technology.  The zero-trust model uses all these innovative tools for system identification, user verification, access consideration, and system security maintenance. Constant validation and monitoring Enforcing strict policies and compliance with data privacy laws are also essential Additionally, it also considers data encryption, email security, and asset verification before establishing connections with applications. The architecture of a zero-trust framework requires constant validation and monitoring of the users and the devices they are using. Enforcing strict policies and compliance with data privacy laws are also essential. More importantly, the zero trust architecture requires all organisations to be aware of all their available services and accounts to gain complete control of data handling and manipulation. 5. Increased privacy regulations  Privacy regulations and policies guide organisations in proper data control, handling, and security. These policies guide organisations in proper data control, handling, and security. As a responsible business owner, you must comply with these regulations to avoid legal issues. With cybersecurity attacks becoming common, expect increased and stricter privacy regulations to be released in the next few years. While current policies are still taken into effect, various modifications and adjustments will occur to compete with the rising numbers of data breaches, thefts, data loss, and more.  California Privacy Rights Act (CPRA) Currently, the California Privacy Rights Act (CPRA) is the most comprehensive legislation on state data privacy. It only started to take effect on January 1, 2023. The CPRA introduces the following principles: Broad individual consumer rights. Significant duties of people who need to collect sensitive and personal information. Additional definitions of data privacy and security. An individual’s duties include releasing information about data collection to concerned data subjects and proper access, correction, and deletion of information. Final thoughts  2023 is a big year for data security. Trends such as increased adoption of zero-trust policies, a greater reliance on AI security tools, and the implementation of blockchain as a security solution are all things we expect to see shortly.  Staying up-to-date with these trends is important for keeping your business current and ensuring that you’re adhering to new and changing regulations. Doing so can give you an edge over the competition and keep you out of legal hot water.

Companies at GSX 2023 emphasised new ways that technologies such as artificial intelligence (AI) and the cloud can address long-standing issues in the security market. Among the exhibitors at the event in Dallas were companies seeking creative ways to apply technology, lower costs, and make the world a safer place. Reflecting on the exhibition, here are some additional takeaways. Expanding AI at the edge  i-PRO is a company reflecting the continued expansion of edge AI capability in the security market. Today, more than half of the company’s lineup supports AI at the edge so the customer has a wide choice of form factors when seeking to leverage the feature set.  AI processing relay, extended warranty i-PRO is increasing their warranty period from 5 to 7 years, which could be a lifetime warranty in some cases I-PRO also has an “AI processing relay” device that accepts non-AI video streams and applies edge analytics. AI has progressed from a high-end technology to a feature available in a variety of cameras at different price points. i-PRO is also increasing its warranty period from 5 to 7 years, which could be a lifetime warranty in some cases depending on a customer’s refresh schedule and lifecycle management. Active Guard, MonitorCast The company’s video management system (Video Insight) is continuing to build new features including “Active Guard,” an integrated metadata sorter. Their access control platform, MonitorCast, is a Mercury-based solution that is tightly integrated with Video Insight. Their embedded recorders now have PoE built in.  “We can move at a faster pace to fill out our product line since leaving Panasonic,” says Adam Lowenstein, Director of Product Management. “We can focus our business on adapting to the market.” Emphasis on retail and other verticals  Shoplifting is a timely issue, and retail is a vertical market that got a lot of attention at GSX 2023. “We see a lot of retailers who are primarily interested in protecting employee safety, but also assets,” says Brandon Davito, Verkada’s SVP of Product and Operations. “Shrinkage is a CEO-level priority.”  “Retailers are getting more engaged with security posture, instead of letting perpetrators walk,” Davito adds. Intrusion detection Verkada has an intrusion product that will notify a central station if there is an alarm On the alarm side, Verkada has an intrusion product that will notify a central station if there is an alarm, and operators can review videos to confirm the alarm. Other capabilities seeking to discourage trespassers include sirens, strobes, and “talkdown” capabilities.  International expansion Verkada continues to expand internationally with 16 offices in all, including Sydney, Tokyo, and London. The core value proposition is to enable customers to manage their onsite infrastructure more simply, including new elements such as PTZ cameras, intercoms, and visitor management. Verkada emphasises ease of use, including a mobile application to allow access to be managed across the user base. Forging partnerships “We are committed to the channel and industry, and we continue to build relationships and expand our reach,” says Davito. Among the industry relationships is a new partnership with Convergint, which was hinted at during the show and announced later the same day. They are also expanding their partnerships with Schlage, Allegion, and ASSA ABLOY.  Working with other verticals They offer new features for K -12 schools, and a new alarm platform is easier to deploy and manage Verkada has also found success across multiple other verticals, notably healthcare, where they integrate with an electronic medical records system. They offer new features for K-12 schools, and a new alarm platform is easier to deploy and manage. They are integrating wireless locks to secure interior doors in schools, looking to secure the perimeter, and installing guest management systems. Transitioning the mid-market to the cloud  Salient is squarely focused on the “mid-market,” a large swath of systems somewhere between small businesses and enterprise-level systems. Pure cloud systems are not as attractive to this market, which has a built-out infrastructure of on-premise systems. Adding a camera to an existing system is easier and less expensive than tying it to the cloud. Benefits of cloud It’s a market that may not be ready for the pure cloud, but there are benefits to be realised from adding a cloud element to existing systems. “We are continuing to augment our premise-based solutions with added cloud capabilities and flexibility,” says Sanjay Challa, Salient’s Chief Product Officer.  The feedback Salient hears from their customers is “I want to own my data.” The hybrid cloud approach offers the right mix of control, flexibility, and unit economics. Cloud add-on capabilities We want to provide the flexibility for customers to go full-cloud as it becomes more economically attractive" Cloud add-on capabilities include bringing more intelligence about system operation to the user via the cloud. Over time, Salient expects to sell more cloud-centric offerings based on feedback from integrators and customers. “We want to provide the flexibility for customers to go full-cloud as it becomes more economically attractive over time,” says Challa.  Vaidio AI technology Salient seeks to be a transition pioneer to help customers realise the path to the cloud. Their approach is “crawl, walk, run,” and helping customers make the transition at each stage. Salient has added AI to its product offering, incorporating Vaidio AI technology from IronYun into a powerful suite and broad array of on-premise analytics, which are gaining traction. The seamless approach makes it easy for customers to embrace AI analytics, although Salient remains broadly committed to open systems. Addressing ‘soft’ features for integrators AMAG is in the process of enhancing its product line with the next generation of access control panels. However, “product” is just part of the new developments at AMAG. In addition to “hard” features (such as products), the company is looking to improve its “soft” features, too; that is, how they work with the integrator channel. Integrator channel Rebuilding a process to make your organisation more efficient, is relatively easy; it just takes a lot of persistence" “We have the depth of our legacy customer base we can learn from, we just need to close the feedback loop quicker,” says Kyle Gordon, AMAG’s Executive Vice President of Global Sales, Marketing, and commercial Excellence, who acknowledges the value of reinstating face-to-face meetings after COVID. “We are laser-focused on nurturing our integrator channel,” he says.  “Developing new features takes time, but rebuilding a process to make your organisation more efficient, that’s relatively easy; it just takes a lot of persistence,” says Gordon. More cohesive internal communication is another useful tool, he says.  Disrupting the cloud based on price  Wasabi is working to make cloud applications less expensive by offering a “disruptive” price on cloud storage, $6.99 per terabyte per month (80% less than hyperscalers). Contending “hyperscalers” like AWS are charging too much for cloud storage, Wasabi is using its own intellectual property and server equipment co-located in data centres around the world. Wasabi sells “hot cloud storage,” which refers to the fact that they only have one tier of storage and data is always accessible. In contrast, a company such as AWS might charge an “egress fee” for access to data stored in a “colder” tier.  Cloud storage “We saw that several video surveillance companies had not yet adopted cloud storage, and we saw an opportunity to make it easy to use,” said Drew Schlussel, Wasabi’s Senior Director of Product Marketing. “We just install a little bit of software that allows them to store data in the cloud and bring it back from the cloud.” Performance, protection (cybersecurity), and price Wasabi works with integrators, resellers, and distributors and also integrates with VMS companies Wasabi works with integrators, resellers, and distributors and also integrates with VMS companies such as Genetec and Milestone. Emphasising performance, protection (cybersecurity), and price, their data centres are certified to SOC 2 and ISO 27001 standards.  Faster throughput for weapons detection Xtract One is a young company focusing on weapons detection in a time of accelerated concern about gun issues post-COVID. Founded in Canada and based on technology developed at McMaster University, Xtract One has found a niche in providing weapons detection at stadiums and arenas. These customers already have budgets, and it is easy to shift the money to a newer, faster technology. Madison Square Garden in New York City is among its customers.  Cost savings solution Xtract One can increase throughput to 30 to 50 people per entrance per minute (compared to 5 to 6 people per minute when using metal detectors). The solution doesn’t require anyone to empty their pockets and the system alarms on items beyond guns and knives. Using Xtract One allows customers to reduce the number of screening lanes and security staff, providing additional cost savings, all while getting fans through the screening process in half the time. Purpose-built sensors The system uses purpose-built sensors looking for specific characteristics, such as reflective and density properties In addition to stadiums and arenas, Xtract One, formerly Patriot One, is also getting “inbound” interest from schools, hospitals, manufacturers, and other verticals that makeup 50% of their business. “We’re on a rocket ride, mainly because the weapons issues are not going away,” says Peter Evans, CEO and Director at Xtract One. The system uses purpose-built sensors looking for specific characteristics, such as reflective and density properties, all correlated by an AI engine.  Providing early warning of violence ZeroEyes is another company focused on weapons detection. Their AI gun detection system works with video images to identify if someone is “brandishing” (carrying) a weapon. In other words, the system does not detect concealed weapons. Identifying someone carrying a weapon provides early warning of a possible violent act. Increased response with AI-enables images Images are identified by AI and sent to a monitoring centre where a human confirms the image before contacting first responders. Knowing the location of a shooter enables staff to lock entry points, move people to safety, and direct first responders. The company was founded to leverage existing camera views to stop mass shootings and gun violence by reducing response times. 

A pioneer in the access control sector since 1971, AMAG Technology is looking to the future and the next generation of products that will expand its services to customers. “In our vision, we have advanced approaches that will not only provide our partners with advanced technologies but also ones that are easier to install with tools to expand their services,” says David Sullivan, who was appointed President of the venerable access control company in September 2022. New challenges at AMAG Sullivan brings a new outlook to the AMAG business, a part of Allied Universal, and a new vision to lead the company into the future. We caught up with David Sullivan to discuss his new challenges at AMAG and the journey ahead as the company looks to the future. Q: How does your background inform your approach to leading AMAG? I believe that it helps me to define a vision for AMAG that will be unique and on the leading edge of our industry David Sullivan: With the exception of only a few short years, my career has been in access control. I have experience with several systems and have had the privilege to manage several successful access control companies. As a result, I bring a great deal of experience into my role at AMAG. I believe that it helps me to define a vision for AMAG that will be unique and on the leading edge of our industry. Q: How would you describe AMAG’s journey over the last several years and how do you see the future? Sullivan: Prior presidents of AMAG always shared their leadership vision and direction with senior leaders located in the United Kingdom. This had an impact on the full direction of the business, sometimes limiting its ultimate success. Before I became a part of AMAG, these senior leaders that were located in the UK retired, placing for the first time the full management responsibilities of the president. This has allowed me to integrate the business into a single team, with single objectives, and a single vision. We expect to begin to reveal this new vision in the coming weeks. We are excited about the future of AMAG and believe we will surprise the industry with our new products and approach in the coming months and years. Q: How important is it that a manufacturer provides both hardware and software solutions? How does AMAG’s approach (in general) differentiate it in the market? We can design the complete solution, providing functionality that others may find more difficult to accomplish Sullivan: Regardless of the manufacturer, we all provide hardware and software. An access control solution is not complete without both. Some of us choose to make our panels, and others do not. Those who are dependent on third-party suppliers are restricted to the developments and direction of that company, and while it might be perceived to be an open technology, it still is proprietary to the hardware manufacturer. AMAG has controlled its manufacturing of panels from day one. The result means that we can design the complete solution, providing functionality that others may find more difficult to accomplish. Q: How does the breadth of AMAG’s product suite provide advantages to customers and/or integrators? Sullivan: AMAG’s product portfolio is unique and provides the end user with an end-to-end identity management solution from one company. Our Control Room PSIM, Symmetry CONNECT Identity Management Solution, Symmetry Access Control, and Symmetry GUEST solutions all integrate to provide the user with a broad set of features and capabilities from a single provider. There is no finger-pointing when we come to support your system. We hold full responsibility for making it work and can quickly provide a resolution to any application difficulties the user may be experiencing. Q: How does AMAG address the divide between on-prem and cloud systems? How do you help customers make the transition and/or plan for the future? We are in the early stages of developing our next generation of access control in which we intend to provide on-prem Sullivan: In our current product portfolio, we have three products that are cloud-based. Our mobile credential platform (Symmetry Mobile), our visitor management solution (Symmetry GUEST), and our physical identity and access management solution (Symmetry CONNECT) are all offerings that operate in the cloud. We are in the early stages of developing our next generation of access control in which we intend to provide on-prem, web client, and cloud-based offerings. One of the primary objectives is to ensure that the large installed base of systems that are out there today will be able to migrate not only to our next generation but as well to the cloud if the client so desires. Q: What is AMAG’s approach to mobile credentialing? Sullivan: As an access control provider, adding Symmetry Mobile credentialing to our portfolio just made sense. We want our customers to have a forward-thinking solution with the opportunity to save money not only on the physical badges but the cost of printing and distributing badges. Mobile credentials can be easily issued and revoked remotely, reducing administrative overhead, and eliminating the need for physical inventory management. Organisations can centrally configure what devices are used and the read range for each type of device and operating system, thus providing flexibility. Symmetry Mobile offers a customised questionnaire that controls access and reduces liabilities. Q: What has surprised you the most in your first year or so leading AMAG? Not many companies are blessed with such a broad portfolio that is supported by a resource-rich company Sullivan: I wouldn’t say I was surprised by this as much as happy to see, but I would say that the quality of our people was a pleasant surprise. As well, the AMAG product offering is broad and has some unique elements. When coupled with the depth of the resources that we have in AMAG, I know that we are second to none. Not many companies are blessed with such a broad portfolio that is supported by a resource-rich company that has so many talented people. Q: Please describe your dealer channel, and how you are seeking to expand it. Sullivan: The AMAG products are sophisticated and typically are installed for higher-end applications. With this sophistication comes a need to be well able to install such a solution. We have a strong group of certified and loyal partners who help us to deliver these enterprise solutions. We desire to provide our existing partners with updated and competitive systems to offer to their end users. Q: What is the security industry’s (and/or AMAG’s) biggest challenge in the next five years? We need to find ways to provide both our channel partners and the customers with solutions that are easily integrated Sullivan: I believe that the advancements that we are seeing in technology provide our industry with the opportunity to truly change how security is provided to our collective customers. As we advance these solutions, we will need to do so responsibly and in a way that helps the channel’s abilities. We need to find ways to train our partners to both install and support these more complex solutions. At the same time, we need to find ways to provide both our channel partners and the customers with solutions that are easily integrated, moving away from proprietary closed systems to open and cohesive solutions. This will ensure that the users get the best, and most complete solutions. Q: What does the industry as a whole misunderstand about AMAG -- time to set the record straight! Sullivan: Well, I am not ready to openly share where we are heading. We are in the process of putting together some advanced approaches to how we will do business with our partners. We are focused on providing tools that will enhance their services to their customers, and with products that are leading edge. I can only state that all should keep their eyes on AMAG, because over the next few years, we are going to surprise some people, and more importantly make our loyal partners quite powerful.

When it comes to security cameras, the end user always wants more—more resolution, more artificial intelligence (AI), and more sensors. However, the cameras themselves do not change much from generation to generation; that is, they have the same power budgets, form factors and price. To achieve “more,” the systems-on-chips (SoCs) inside the video cameras must pack more features and integrate systems that would have been separate components in the past.  For an update on the latest capabilities of SoCs inside video cameras, we turned to Jérôme Gigot, Senior Director of Marketing for AIoT at Ambarella, a manufacturer of SOCs. AIoT refers to the artificial intelligence of things, the combination of AI and IoT. Author's quote “The AI performance on today’s cameras matches what was typically done on a server just a generation ago,” says Gigot. “And, doing AI on-camera provides the threefold benefits of being able to run algorithms on a higher-resolution input before the video is encoded and transferred to a server, with a faster response time, and with complete privacy.” Added features of the new SOC Ambarella expects the first cameras with the SoC to emerge on the market during early part of 2024 Ambarella’s latest System on Chip (SOC) is the CV72S, which provides 6× the AI performance of the previous generation and supports the newer transformer neural networks. Even with its extra features, the CV72S maintains the same power envelope as the previous-generation SoCs. The CV72S is now available, sampling is underway by camera manufacturers, and Ambarella expects the first cameras with the SoC to emerge on the market during the early part of 2024. Examples of the added features of the new SOC include image processing, video encoders, AI engines, de-warpers for fisheye lenses, general compute cores, along with functions such as processing multiple imagers on a single SoC, fusion among different types of sensors, and the list goes on. This article will summarise new AI capabilities based on information provided by Ambarella. AI inside the cameras Gigot says AI is by far the most in-demand feature of new security camera SoCs. Customers want to run the latest neural network architectures; run more of them in parallel to achieve more functions (e.g., identifying pedestrians while simultaneously flagging suspicious behavior); run them at higher resolutions in order to pick out objects that are farther away from the camera. And they want to do it all faster. Most AI tasks can be split between object detection, object recognition, segmentation and higher-level “scene understanding” types of functions, he says. The latest AI engines support transformer network architectures (versus currently used convolutional neural networks). With enough AI horsepower, all objects in a scene can be uniquely identified and classified with a set of attributes, tracked across time and space, and fed into higher-level AI algorithms that can detect and flag anomalies. However, everything depends on which scene is within the camera’s field of view. “It might be an easy task for a camera in an office corridor to track a person passing by every couple of minutes; while a ceiling camera in an airport might be looking at thousands of people, all constantly moving in different directions and carrying a wide variety of bags,” Gigot says. Changing the configuration of video systems Low-level AI number crunching would typically be done on camera (at the source of the data) Even with more computing capability inside the camera, central video servers still have their place in the overall AI deployment, as they can more easily aggregate and understand information across multiple cameras. Additionally, low-level AI number crunching would typically be done on camera (at the source of the data).  However, the increasing performance capabilities of transformer neural network AI inside the camera will reduce the need for a central video server over time. Even so, a server could still be used for higher-level decisions and to provide a representation of the world; along with a user interface for the user to make sense of all the data. Overall, AI-enabled security cameras with transformer network-based functionality will greatly reduce the use of central servers in security systems. This trend will contribute to a reduction in the greenhouse gases produced by data centres. These server farms consume a lot of energy, due to their power-hungry GPU and CPU chips, and those server processors also need to be cooled using air conditioning that emits additional greenhouse gases. New capabilities of transformer neural networks New kinds of AI architectures are being deployed inside cameras. Newer SoCs can accommodate the latest transformer neural networks (NNs), which now outperform currently used convolutional NNs for many vision tasks. Transformer neural networks require more AI processing power to run, compared to most convolutional NNs. Transformers are great for Natural Language Processing (NLP) as they have mechanisms to “make sense” of a seemingly random arrangement of words. Those same properties, when applied to video, make transformers very efficient at understanding the world in 3D. Transformer NNs require more AI processing power to run, compared to most convolutional NNs For example, imagine a multi-imager camera where an object needs to be tracked from one camera to the next. Transformer networks are also great at focussing their attention on specific parts of the scene—just as some words are more important than others in a sentence, some parts of a scene might be more significant from a security perspective.  “I believe that we are currently just scratching the surface of what can be done with transformer networks in video security applications,” says Gigot. The first use cases are mainly for object detection and recognition. However, research in neural networks is focussing on these new transformer architectures and their applications. Expanded use cases for multi-image and fisheye cameras For multi-image cameras, again, the strategy is “less is more.” For example, if you need to build a multi-imager with four 4K sensors, then, in essence, you need to have four cameras in one. That means you need four imaging pipelines, four encoders, four AI engines, and four sets of CPUs to run the higher-level software and streaming. Of course, for cost, size, and power reasons, it would be extremely inefficient to have four SoCs to do all this processing. Therefore, the latest SoCs for security need to integrate four times the performance of the last generation’s single-imager 4K cameras, in order to process four sensors on a single SoC with all the associated AI algorithms. And they need to do this within a reasonable size and power budget. The challenge is very similar for fisheye cameras, where the SoC needs to be able to accept very high-resolution sensors (i.e., 12MP, 16MP and higher), in order to be able to maintain high resolution after de-warping. Additionally, that same SoC must create all the virtual views needed to make one fisheye camera look like multiple physical cameras, and it has to do all of this while running the AI algorithms on every one of those virtual streams at high resolution. The power of ‘sensor fusion’ Sensor fusion is the ability to process multiple sensor types at the same time and correlate all that information Sensor fusion is the ability to process multiple sensor types at the same time (e.g., visual, radar, thermal and time of flight) and correlate all that information. Performing sensor fusion provides an understanding of the world that is greater than the information that could be obtained from any one sensor type in isolation. In terms of chip design, this means that SoCs must be able to interface with, and natively process, inputs from multiple sensor types.  Additionally, they must have the AI and CPU performance required to do either object-level fusion (i.e., matching the different objects identified through the different sensors), or even deep-level fusion. This deep fusion takes the raw data from each sensor and runs AI on that unprocessed data. The result is machine-level insights that are richer than those provided by systems that must first go through an intermediate object representation. In other words, deep fusion eliminates the information loss that comes from preprocessing each individual sensor’s data before fusing it with the data from other sensors, which is what happens in object-level fusion. Better image quality AI can be trained to dramatically improve the quality of images captured by camera sensors in low-light conditions, as well as high dynamic range (HDR) scenes with widely contrasting dark and light areas. Typical image sensors are very noisy at night, and AI algorithms can be trained to perform excellently at removing this noise to provide a clear colour picture—even down to 0.1 lux or below. This is called neural network-based image signal processing, or AISP for short. AI can be trained to perform all these functions with much better results than traditional video methods Achieving high image quality under difficult lighting conditions is always a balance among removing noise, not introducing excessive motion blur, and recovering colours. AI can be trained to perform all these functions with much better results than traditional video processing methods can achieve. A key point for video security is that these types of AI algorithms do not “create” data, they just remove noise and clean up the signal. This process allows AI to provide clearer video, even in challenging lighting conditions. The results are better footage for the humans monitoring video security systems, as well as better input for the AI algorithms analysing those systems, particularly at night and under high dynamic range conditions. A typical example would be a camera that needs to switch to night mode (black and white) when the environmental light falls below a certain lux level. By applying these specially trained AI algorithms, that same camera would be able to stay in colour mode and at full frame rate--even at night. This has many advantages, including the ability to see much farther than a typical external illuminator would normally allow, and reduced power consumption. ‘Straight to cloud’ architecture For the cameras themselves, going to the cloud or to a video management system (VMS) might seem like it doesn’t matter, as this is all just streaming video. However, the reality is more complex; especially for cameras going directly to the cloud. When cameras stream to the cloud, there is usually a mix of local, on-camera storage and streaming, in order to save on bandwidth and cloud storage costs. To accomplish this hybrid approach, multiple video-encoding qualities/resolutions are being produced and sent to different places at the same time; and the camera’s AI algorithms are constantly running to optimise bitrates and orchestrate those different video streams. The ability to support all these different streams, in parallel, and to encode them at the lowest bitrate possible, is usually guided by AI algorithms that are constantly analyzing the video feeds. These are just some of the key components needed to accommodate this “straight to cloud” architecture. Keeping cybersecurity top-of-mind Ambarella’s SoCs always implement the latest security mechanisms, both hardware and software Ambarella’s SoCs always implement the latest security mechanisms, both in hardware and software. They accomplish this through a mix of well-known security features, such as ARM trust zones and encryption algorithms, and also by adding another layer of proprietary mechanisms with things like dynamic random access memory (DRAM) scrambling and key management policies.  “We take these measures because cybersecurity is of utmost importance when you design an SoC targeted to go into millions of security cameras across the globe,” says Gigot. ‘Eyes of the world’ – and more brains Cameras are “the eyes of the world,” and visual sensors provide the largest portion of that information, by far, compared to other types of sensors. With AI, most security cameras now have a brain behind those eyes. As such, security cameras have the ability to morph from just a reactive and security-focused apparatus to a global sensing infrastructure that can do everything from regulating the AC in offices based on occupancy, to detecting forest fires before anyone sees them, to following weather and world events. AI is the essential ingredient for the innovation that is bringing all those new applications to life, and hopefully leading to a safer and better world.

Around production environments, the main concern was always the efficiency of the production output. The risks of operational technology (OT) cybersecurity were unknown for many years. However, that all changed as the need for knowing what is connected, where it’s connected, and how it’s connected became imperative.  As cybersecurity is a necessity for oil and gas, the integrity of the OT network is very crucial for the safety and operation of the Motor Oil refinery. OT cybersecurity plan Learn how Honeywell engineers and Motor Oil engineers collaborated to build out the most efficient OT cybersecurity plan with two priorities at the forefront: maintaining network security and being able to provide a safe and healthy workplace. “Honeywell was the organisation that had cybersecurity experts who were able to reach our target. With our OT DCS engineers, their mentality, and existing collaboration with Honeywell engineers, we had a solid foundation to build on,” Ioannis Minoyiannis, Head of Automation, Motor Oil.

Hackers gain control of a chemical plant’s furnace control system. They tamper with the temperature settings and cause an explosion. The consequences of an incident like that can be catastrophic, especially since 9.3 million people reside within a 10-kilometre radius of the average chemical plant in the US. Targeting operational technology (OT) systems has become a typical tactic for bad actors. Cybercriminals and nation-state actors see these critical assets as an open invitation to disrupt operations, cause physical damage and even put public safety at risk. Average cost of Cyber breach OT environments require greater connectivity to realise the advantages of an intelligent production environment. “With increased connectivity comes the increased risk of bad actors gaining access to a network. They want to use it as a launching point to deploy malware and cripple the ability to produce products or provide services,” says Chase Carpenter, Chief Security Officer at Honeywell. Attacks are also costly. According to the Ponemon Institute, the average cost of a cyber breach in critical infrastructure is now $4.5 million. Moreover, 75% of OT organisations experienced at least one intrusion in the past year. OT cybersecurity starts with visibility Unfortunately, the solution didn’t provide the visibility required to efficiently identify cyber threats Honeywell needed to improve security for its own manufacturing environment. Every one of its over 400 facilities depend on OT to function, and in turn, those OT environments depend on cybersecurity programs and solutions to help improve their defences against malware and other cyber attacks that could disrupt or, worse, shut down its manufacturing sites. Before they can implement a good security program for the OT assets, they need to know what they are and where they are. Honeywell started by using an off-the-shelf cybersecurity solution to monitor OT networks at its various manufacturing locations. Unfortunately, the solution didn’t provide the visibility required to efficiently identify cyber threats. Specifically, the tool could not correctly detect numerous network assets, which might vary between workstations, test devices, control systems, CNC devices and more, depending on the manufacturing site. Advantage of the situation Honeywell would have to shut down a factory every time the site was threatened “Over 49% of our assets were left unclassified,” says Mukesh Saseendran, Director of Cybersecurity at Honeywell. “To get an accurate inventory, we needed an individual to walk down to every single workstation and document everything manually, which in itself is labour intensive and prone to human error.” If an asset is undocumented, it’s a blind spot. It could present a gaping hole for attackers to infiltrate, and no one would know about it until it’s too late. Without the right cyber tools in place, Honeywell would have to shut down a factory every time the site was threatened, resulting in serious revenue leakage. “If I don’t know about a particular asset, I can’t protect it and that’s a terrifying scenario,” Carpenter says. “There could be bad actors taking advantage of the situation to stage an attack.” Honeywell taps in-house experience to fight threats Around the same time that Honeywell realised its commercial off-the-shelf solution was inadequate, the company launched its own OT cyber solution. This software solution – Honeywell Forge Cybersecurity+ | Cyber Insights – came from years of internal development in Honeywell’s OT cybersecurity business, which serves multiple industries with products and services designed to help organisations reduce their industrial cybersecurity risk. Honeywell tested and evaluated dozens of OT cybersecurity software products in its labs The reality is that, over the years, Honeywell tested and evaluated dozens of OT cybersecurity software products in its labs – for itself and its customers. The company gained profound insight into what is considered a best-in-class solution and applied that insight as it developed Cyber Insights. Inventory of assets on the network Carpenter says he had three must-haves before removing the previous cyber tool and replacing it with Cyber Insights. First, the solution needed to be capable of accurately determining the inventory of assets on the network. Second, he and his team needed the capability to be able to passively detect any malicious activity happening on the network. Third, the solution should be designed to accurately identify the version of the operating system or firmware on each asset and when it needs to be patched or updated. “Cyber Insights delivered on every one of those must-haves,” says Carpenter. “Honeywell now has far greater visibility into all the assets on the network that manage, monitor and control its industrial infrastructure.” OT-centric environments In addition, Cyber Insights is designed to provide a layer of vulnerability defence “Having this visibility also means that, in case there is an adverse situation, we should have the ability to respond more quickly to the threat,” says Saseendran. In addition, Cyber Insights is designed to provide a layer of vulnerability defence. If an unauthorised system is trying to communicate with another asset, Cyber Insights is designed to raise flags and send alerts about the potential threat. Cyber Insights is also capable of significantly reducing unnecessary noise, particularly in OT-centric environments. “The previous product discovered 200,000 to 300,000 assets and networks across all our sites, and we didn’t understand why it was discovering so many,” explains Saseendran. “We later realised it was looking at the data and traffic incorrectly and, as a result, generating a lot of noise. When we switched to Cyber Insights and did the audit correctly, we were down to 67,000 assets across those sites. Honeywell now has far greater visibility into all the assets and networks that manage, monitor and control its industrial infrastructure.” Deployment of Cyber Insights Cyber insights are designed to make the implementation process easy Carpenter is the process of deploying Cyber Insights to 120 of Honeywell’s vital manufacturing sites Another major downside to that original off-the-shelf tool was that it was very difficult and time-consuming to implement. At each site, it took Honeywell four to six months to get up and running with the solution. “There are over 400 factory sites at Honeywell,” says Saseendran. “We simply cannot invest six months per site to implement the solution. That’s why efficient implementation is so critical.” In contrast, Honeywell implemented its first Cyber Insights site in less than a month, with seven sites implemented in two months. Carpenter is now in the process of deploying Cyber Insights to 120 of Honeywell’s most critical manufacturing sites. Honeywell’s experience indicates that a typical single-site deployment of Cyber Insights takes about 33% less time than the previous solution utilised by Honeywell. In addition to ease of implementation, Cyber Insights’ clear and straightforward representation of the network landscape simplified asset configuration and viewing, which is crucial for asset discovery without resorting to manual audits. Since going live with Cyber Insights, Honeywell observed an 18% to 20% increase in asset discovery within the Honeywell-deployed sites. This is a significant benefit that eliminates the need for manual workstation audits, which are often error-prone and unreliable. The Honeywell difference Reality is that OT cybersecurity is lazing because it needs specialised tools and knowledge Cyber teams have become skilled at implementing solutions, practices and procedures designed to improve security for IT systems; however, the reality is that OT cybersecurity is lagging because it requires specialised tools and knowledge. Organisations simply can’t use the tools they have in the IT space when managing their OT environment Honeywell has approached this challenge by leveraging its vast experience in the OT world to develop Cyber Insights. “We have a very complex environment, including small sites, large sites and sites around the world,” says Saseendran. “If Cyber Insights works for us in our manufacturing sites, it will very likely work for our customers as well. There is no silver bullet to fully secure your OT environment,” says Carpenter. “However, Honeywell currently offers one of the most complete sets of products and services that can help organisations improve their protection of their critical OT assets.” Robust cybersecurity solution for the OT environment Implementing Cyber Insights is like getting a good pair of glasses for the first time – everything becomes clear, and with that clarity comes new speed and efficiency. If there is an attack, Cyber Insights is designed to help cyber teams identify the source and know where to focus, which can help their organisations save valuable time and resources. It is not an install-once and-walk-away solution, but rather a constant companion in the battle against cybercrime. If they are looking for a comprehensive and robust cybersecurity solution for the OT environment, look no further than Honeywell Forge Cybersecurity+ | Cyber Insights. This solution can help them improve the visibility, control and resilience of the OT network, and help to improve their ability to protect it from cyber threats that could harm the business and reputation.

A distinguished nonprofit organisation recently launched a cutting-edge 1000-bed Multi Super Specialty Hospital and Research Centre in Surat, Gujarat. This initiative aims to address medical gaps, especially in highly specialised fields. To date, the hospital has served over three million outpatient (OPD) cases and performed surgeries for 800,000 patients. Renowned for its advanced amenities, the hospital attracts patients from local and international communities. It prioritises serving low-income groups and beneficiaries of the Ayushman Bharat Yojana. Moreover, the hospital delivers comprehensive services, including consultations and diagnostics, adhering to global standards. The NABH accreditation further solidifies its position as a pioneering healthcare provider in India. Challenges Despite their efforts to boost operations through day-to-day communication efficiency The client was previously associated with a brand of foreign origin. However, despite their efforts to boost operations through day-to-day communication efficiency, they encountered no improvements. Instead, their investment turned out to be an expensive affair. Their challenges can be summarised as follows: Advanced Functionality: The current brand could not offer advanced IP features. Recurring charges: An annual maintenance cost of almost 80 Lacs was proving a headache for the authorities. Safeguard existing investment: The existing devices had to be integrated and enhanced with new, but more advanced solutions. Solution The VoIP communication solution by Matrix was seamlessly integrated, with a gateway from another brand, incorporating an embedded IP PBX and premium Standard SIP desk phones. Below is a detailed description of the solution: The gateway allows an IP connection to a network switch, which enables two IP phone connections. An IP connection from the network switch extends to SPARK200 (Active and Standby). SPARK200 enables connection to multiple IP Phones.  Results Additionally, the scalability ensured the solution's readiness for future requirements The diverse needs of the multi-specialty hospital were carefully addressed with a Matrix VoIP communication solution. These solutions enabled effortless communication throughout the facility, thanks to a range of contemporary features embedded within the system. Additionally, the scalability ensured the solution's readiness for future requirements. Let's explore how this VoIP communication solution notably improved the hospital's operations. End to recurring charges: The Matrix Solution resolved their most pressing issue, providing a more sensible licencing structure to prevent any recurring costs, effectively conserving their resources. Safeguarding existing investment: The Matrix Solution seamlessly integrates with the current network infrastructure, optimising existing resources while simultaneously upgrading communication capabilities with advanced features offered by Matrix devices. Modern features: The hospital now benefits from a modern array of features provided by the Unified Communication solution. Features such as Auto Call Back, Scheduled Call Forwarding, and Department Group Call Forwarding, among others, have been integrated to enhance operational efficiency. Operational efficiency: The VoIP communication solution facilitated a smooth flow of information, significantly enhancing workflow efficiency. Consequently, the hospital is experiencing a seamless exchange of information.

When it comes to protecting the environment, the security industry has historically been perched on the sidelines. For instance, the amount of electricity that physical security systems use is minimal when compared to the total energy usage in a typical building. However, as awareness of environmental issues has surged, and as some of the "low-hanging fruit" has been harvested, attention has come back to opportunities for additional, if small, savings. The lifecycles of security products are also being more closely examined, including the environmental impact of using plastics and other chemicals. We asked this week's Expert Panel Roundtable: How can the security industry contribute to protecting the environment?

In the complex world of physical security systems, standards can enable disparate systems to be combined to function together as a cohesive whole. Standards help to ensure that all the “pieces” fit together to create a clear, unified picture. More broadly speaking, standards also play a role in ensuring best practices are deployed in a range of security-related situations. We asked this week’s Expert Panel Roundtable: Which standards have had the greatest positive impact on physical security?

There is safety in numbers, or so the expression goes. Generally speaking, several employees working together tend to be safer than a single employee working alone. Even so, some environments require that workers complete their jobs alone, thus presenting a unique combination of security vulnerabilities. The U.S. Occupational Safety and Health Administration (OSHA) defines a lone worker as “an employee working alone, such as in a confined space or isolated location.” We asked this week’s Expert Panel Roundtable: How can security technologies help to protect "lone workers?"