It’s not just a new year, it’s a new decade. And somehow this makes it feel bigger. Almost like we’re moving faster or reaching farther. Technology is certainly advancing at an unprecedented pace. While there’s a lot to talk about, there are three big security trends that we think will continue to have a huge impact in the year to come.

1. What is artificial intelligence and is it going to take over?

We’ve seen countless versions of artificial intelligence (AI) in pop culture—think of Sonny in the 2004 film I, Robot or Rachael in Blade Runner—so we feel we know the technology. And, based on this, we believe our anxieties around it are warranted. But, the truth is that the science to produce even far less sophisticated versions of these characters just doesn’t exist.

AI today

Computers use data to help improve performance without being explicitly programmed

Today’s AI science is focused largely on machine learning. With machine learning, computers use data to help improve performance without being explicitly programmed.

This means that, through the use of algorithms and training, a computer can be programmed to determine which features it should use in the identification process to efficiently produce the most accurate output.

Over time and based on a trainer’s feedback, for example, a computer can determine that using color rather than shape to identify a flower is more efficient because the results are more accurate.

Machine learning in the physical security industry

In the security sector, we’re seeing good results with automatic license plate recognition (ALPR) systems that employ machine learning. Today’s ALPR cameras and systems are better at recognizing license plates from different countries, states, or provinces because they’re more efficient at identifying an ever-expanding number of inputs.

We don’t need to worry that AI will be running our lives

So, we don’t need to worry that AI will be running our lives. And, in fact, we should be relieved that machine learning can be used to identify scofflaw plates as this will help keep our roads and spaces safer.

 

2. Can we move beyond the single, secured door?

With increased globalization and the rise of multinational companies, organizations everywhere are facing new challenges around visitor, and employee access management.

Protecting your environment is no longer as easy as securing a single door. As the nature of work becomes more complex, organizations are going to have to take a different approach for managing the flow of people through their facilities.

Organizations are going to have to take a different approach for managing the flow of people through their facilities

The challenges of traditional access control

We’ve seen that relying exclusively on a static access control system can increase workload and inefficiencies. With this approach, granting and revoking temporary access and provisioning employees is a labor-intensive process. It requires hands-on participation from security operators and front office staff.

There is no guarantee that corporate or regulatory policies are being followed as well as little-to-no traceability. And, ultimately, the process is, by its very nature, prone to human error.

Large conglomerates have been meeting these challenges by developing tailor-made solutions based on physical identity management. These systems are costly and require 3rd party support. Smaller organizations simply could not afford the time or resources necessary to implement them.

Heading into 2020, we’re seeing an increase in out-of-the-box solutions that will allow organizations of all sizes to move to cloud-based identity management systems.

How Physical Identity and Access Management (PIAM) systems can help

More affordable Physical Identity and Access Management (PIAM) solutions will help organizations secure their systems and facilities by effectively managing access requests based on an individual’s identity and an organization’s security policies.

They can ensure that only those individuals who have the right to access a secured area can do so by managing and automating the process.

In effect, by extending an access control system with a PIAM, organizations of any size will be able to reduce workloads, fully implement corporate policies, and better protect their spaces.

 

3. Should we be nervous about facial recognition?

We shouldn’t be surprised by the public’s fear of facial recognition. The idea that private citizens can be identified and tracked in public is the stuff of political espionage and sci-fi thrillers. But, beyond the fictional examples, we’ve also seen cases where facial recognition gets it wrong.

Incorrectly identifying an innocent man for a robbery twice or having difficulty distinguishing members of the same race are just some of the real-world reasons people don’t trust facial recognition.

How facial recognition can increase security

Facial recognition technology can play a huge role in helping keep people, assets, and spaces safe. It can monitor visitors to improve safety and efficiency, assist security personnel by helping to reduce response times, and aid in the investigation of incidents.

Facial recognition technology can play a huge role in helping keep people, assets, and spaces safe

In the coming year, we’re going to see a greater focus on developing solutions that use a privacy-by-design approach.

For video surveillance applications, this will include the ability to automatically mask—through blurring or pixelation—persons in live and stored video feeds. The system itself will ensure that only authorized personnel can access un-pixelated or blurred images and only in cases that warrant it.

Anonymization

Using this approach will help reduce concerns and increase protection, which will lead to greater accuracy and trust.

In parallel, technology providers must continue to work with regulating bodies to ensure that the policies around implementing and using any surveillance technology, especially facial recognition, align with our values.

With all these trends, we’re seeing the relationship between people and technology evolving. When we focus on improving the lives of people in our communities, we can harness the power in these advancements and make a real difference.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

Author profile

Andrew Elvish Vice President of Marketing, Genetec, Inc.

In case you missed it

Water Plant Attack Emphasizes Cyber’s Impact On Physical Security
Water Plant Attack Emphasizes Cyber’s Impact On Physical Security

At an Oldsmar, Fla., water treatment facility on Feb. 5, an operator watched a computer screen as someone remotely accessed the system monitoring the water supply and increased the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million. The chemical, also known as lye, is used in small concentrations to control acidity in the water. In larger concentrations, the compound is poisonous – the same corrosive chemical used to eat away at clogged drains. The impact of cybersecurity attacks The incident is the latest example of how cybersecurity attacks can translate into real-world, physical security consequences – even deadly ones.Cybersecurity attacks on small municipal water systems have been a concern among security professionals for years. The computer system was set up to allow remote access only to authorized users. The source of the unauthorized access is unknown. However, the attacker was only in the system for 3 to 5 minutes, and an operator corrected the concentration back to 100 parts per million soon after. It would have taken a day or more for contaminated water to enter the system. In the end, the city’s water supply was not affected. There were other safeguards in place that would have prevented contaminated water from entering the city’s water supply, which serves around 15,000 residents. The remote access used for the attack was disabled pending an investigation by the FBI, Secret Service and Pinellas County Sheriff’s Office. On Feb. 2, a compilation of breached usernames and passwords, known as COMB for “Compilation of Many Breaches,” was leaked online. COMB contains 3.2 billion unique email/password pairs. It was later discovered that the breach included the credentials for the Oldsmar water plant. Water plant attacks feared for years Cybersecurity attacks on small municipal water systems have been a concern among security professionals for years. Florida’s Sen. Marco Rubio tweeted that the attempt to poison the water supply should be treated as a “matter of national security.” “The incident at the Oldsmar water treatment plant is a reminder that our nation’s critical infrastructure is continually at risk; not only from nation-state attackers, but also from malicious actors with unknown motives and goals,” comments Mieng Lim, VP of Product Management at Digital Defense Inc., a provider of vulnerability management and threat assessment solutions.The attack on Oldsmar’s water treatment system shows how critical national infrastructure is increasingly becoming a target for hackers as organizations bring systems online “Our dependency on critical infrastructure – power grids, utilities, water supplies, communications, financial services, emergency services, etc. – on a daily basis emphasizes the need to ensure the systems are defended against any adversary,” Mieng Lim adds. “Proactive security measures are crucial to safeguard critical infrastructure systems when perimeter defenses have been compromised or circumvented. We have to get back to the basics – re-evaluate and rebuild security protections from the ground up.” "This event reinforces the increasing need to authenticate not only users, but the devices and machine identities that are authorized to connect to an organization's network,” adds Chris Hickman, Chief Security Officer at digital identity security vendor Keyfactor. “If your only line of protection is user authentication, it will be compromised. It's not necessarily about who connects to the system, but what that user can access once they're inside. "If the network could have authenticated the validity of the device connecting to the network, the connection would have failed because hackers rarely have possession of authorized devices. This and other cases of hijacked user credentials can be limited or mitigated if devices are issued strong, crypto-derived, unique credentials like a digital certificate. In this case, it looks like the network had trust in the user credential but not in the validity of the device itself. Unfortunately, this kind of scenario is what can happen when zero trust is your end state, not your beginning point." “The attack on Oldsmar’s water treatment system shows how critical national infrastructure is increasingly becoming a target for hackers as organizations bring systems online for the first time as part of digital transformation projects,” says Gareth Williams, Vice President - Secure Communications & Information Systems, Thales UK. “While the move towards greater automation and connected switches and control systems brings unprecedented opportunities, it is not without risk, as anything that is brought online immediately becomes a target to be hacked.” Operational technology to mitigate attacks Williams advises organizations to approach Operational Technology as its own entity and put in place procedures that mitigate against the impact of an attack that could ultimately cost lives. This means understanding what is connected, who has access to it and what else might be at risk should that system be compromised, he says. “Once that is established, they can secure access through protocols like access management and fail-safe systems.”  “The cyberattack against the water supply in Oldsmar should come as a wakeup call,” says Saryu Nayyar, CEO, Gurucul.  “Cybersecurity professionals have been talking about infrastructure vulnerabilities for years, detailing the potential for attacks like this, and this is a near perfect example of what we have been warning about,” she says.  Although this attack was not successful, there is little doubt a skilled attacker could execute a similar infrastructure attack with more destructive results, says Nayyar. Organizations tasked with operating and protecting critical public infrastructure must assume the worst and take more serious measures to protect their environments, she advises. Fortunately, there were backup systems in place in Oldsmar. What could have been a tragedy instead became a cautionary tale. Both physical security and cybersecurity professionals should pay attention.

What Are The Positive And Negative Effects Of COVID-19 To Security?
What Are The Positive And Negative Effects Of COVID-19 To Security?

The COVID-19 global pandemic had a life-changing impact on all of us in 2020, including a multi-faceted jolt on the physical security industry. With the benefit of hindsight, we can now see more clearly the exact nature and extent of that impact. And it’s not over yet: The pandemic will continue to be top-of-mind in 2021. We asked this week’s Expert Panel Roundtable: What have been the positive and negative effects of Covid-19 on the physical security industry in 2020? What impact will it have on 2021?

Expert Roundup: Healthy Buildings, Blockchain, AI, Skilled Workers, And More
Expert Roundup: Healthy Buildings, Blockchain, AI, Skilled Workers, And More

Our Expert Panel Roundtable is an opinionated group. However, for a variety of reasons, we are sometimes guilty of not publishing their musings in a timely manner. At the end of 2020, we came across several interesting comments among those that were previously unpublished. Following is a catch-all collection of those responses, addressing some of the most current and important issues in the security marketplace in 2021.