At ISC West this year, emerging technologies will be on display to help organizations manage their environments, from the building itself to who’s on the premises and what’s going on at any given moment. Top of mind this year is cybersecurity, compliance and management of security assets as threats rise and governing bodies put regulations in place that businesses need to react to. The good news is that the shift in approach to holistic monitoring of cyber and physical assets can move enterprises to a place of digital transformation and proactive management rather than reactive practices based on threats and changing regulations. The show provides an opportunity for both vendors and potential customers to learn from each other about what’s out there and what’s needed in terms of future solutions as the industry evolves.

Are you in cyber and physical security compliance?

At this year’s show, we’ll continue to see developments focused on integration of cyber physical security that will lead to deeper understanding of the relationship between devices, device monitoring and spaces in which all devices physically reside. Digital solutions help achieve a digital transformation which stitches the data relationships together to provide better threat vector impact and overall understanding of risk. The technologies in smart buildings are subject to cyberattacks, which pose not just a threat to data and privacy but can compromise the physical space as well. Think of the locked door in a smart building that now is opened with access control via key cards or mobile devices given only to certain members of staff. These integrations increase safety and restrict access across the enterprise, but a bad actor can access and duplicate the necessary data to open the door with a copycat device while hiding the event from the surveillance system. By having a comprehensive cyber whitelist of installed devices, potential rouge devices are prevented from transmitting on the network, therefore providing an automated guard against internal and external attacks. When systems are compromised due to a hack or physical intervention, it puts what’s behind the door at risk, whether it’s money in a bank or information in a sensitive work environment, such as a laboratory.

Digital solutions help achieve a digital transformation which stitches the data relationships together

It’s increasingly important to highlight the relationship between cyber and physical security. A great illustration of this is the digital twin. A digital twin is a replica of a physical space that uses both informational and operational technology to give real-time information about what’s going on in a space.  These can include things like floor plans for the building as well as real-time sensor data from the building management system, HVAC systems, lighting, fire, security, and more. By getting a complete picture of the physical and digital assets of an organization, it becomes possible to monitor all systems from one central location to see how they’re working together and act on the insights they provide. So, in the example of a breach from before, it’s possible to flag that hack, isolate its exact location and devices involved, and resolve it quickly while maintaining preservation of evidence.

Compliance: how to get there safely, efficiently and effectively

As these threats evolve, governing bodies are taking action to ensure that data is protected to minimize these kinds of threats and ensure that organizations feel confident in the security of their data. Norms and compliance measures are emerging quickly, such as General Data Protection Regulation (GDPR) which began to be enforced in March 2018, and the California Cybersecurity Law, which went into effect in the US just this past January. The regulations of what can be done with data mean that companies need to react or face penalties such as fines, which can be as high as 4% of worldwide annual revenue of the previous year. These are also fluid and can change rapidly, meaning flexibility is important in compliance solutions. However, this presents an opportunity for companies to invest in innovation to ensure they’re prepared for those changes and to protect the safety of not just employees, customers and target markets, but of the larger organization.

Getting to a place of compliance can seem costly and time consuming at the beginning

Getting to a place of compliance can seem costly and time consuming at the beginning, especially for larger organizations. They may have thousands of security assets (cameras and sensors, for example) and might not even be fully aware of what they have, where they are, and whether those assets are functional, never mind compliant with data protection legislation. The right solution takes all the steps to becoming safe and compliant into account, beginning with inventory and mapping of all assets to get a complete picture of where things stand and where changes need to be made. One large financial institution, upon embarking on this journey, identified an additional 10% of assets that they didn’t know they had, and additional ones that were nonfunctioning and needed to be repaired or replaced for compliance and safety.

Monitoring: centralized and remote for rapid response

Once assets and data are centralized and a complete inventory is taken, it’s much easier to effectively monitor the complete enterprise. At this year’s show, smart technologies will be on display that reduce cybersecurity risks and monitor assets for compliance. If something changes, that can be flagged, and appropriate parties can be quickly notified to act and neutralize security threats or avoid the expensive penalties that come with noncompliance. Since all these components are centralized in one location, it becomes possible to monitor much more effectively and fix issues remotely in minutes rather than scheduling a trip to a location that may not happen for days or even weeks. A security camera for a large chain enterprise such as a retail store or bank in a small-town location deserves service just as quickly as one in a major city, since the threat that each non-functional device poses is the same to who and what it is there to protect.

Keeping it up: a proactive approach to service and maintenance

One of the ways that emerging technologies can be a game changer is when it comes to the cost and approach

One of the ways that emerging technologies can be a game changer is when it comes to the cost and approach to systems maintenance and operation. In addition to performance and compliance, other types of data, such as historical events, can also be monitored centrally. This gives context to security events and can move organizations from a reactive to a proactive approach to their security as well as operations. If small problems are identified and resolved before they become larger problems, it means that security events can be mitigated more quickly or prevented entirely due to early intervention. On the operations side, early insights into asset performance means that fewer resources are expended on noncompliance fees and large-scale, emergency repairs. These resources can take the form of money, but also of time spent by employees and enforcement agencies to ensure continued compliance. Staff can spend time engaged in active monitoring rather than generating reports, since that can now be automated.

In the new decade, it’s time to use the technological resources available to better protect systems for smarter, safer and more sustainable environments. On every level, compliance is important not just for its own sake, but so are the other benefits associated with intelligent management.

The show presents an educational opportunity for vendors and customers alike. Walking around the show floor and talking to everyone is a unique way to see what’s out there and evaluate what is and isn’t working for a business while getting information from all the industry experts. Even if they’re not ready for a complete overhaul, taking stock of what’s available, where things are heading and how their operations and mission can be better served by implementing one or more of the solutions showcased is more important than ever. On our end, those conversations about needs and concerns are invaluable in driving innovation.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version

Author profile

Jason Pelski General Manager Assurance Services, Data Enabled Business, Johnson Controls, Johnson Controls, Inc.

In case you missed it

How Does Audio Enhance Security System Performance?
How Does Audio Enhance Security System Performance?

Video is widely embraced as an essential element of physical security systems. However, surveillance footage is often recorded without sound, even though many cameras are capable of capturing audio as well as video. Beyond the capabilities of cameras, there is a range of other audio products on the market that can improve system performance and/or expand capabilities (e.g., gunshot detection.) We asked this week’s Expert Panel Roundtable: How does audio enhance the performance of security and/or video systems? 

What Are The Mainstream Uses For Thermal Cameras?
What Are The Mainstream Uses For Thermal Cameras?

The high cost of thermal imaging cameras historically made their use more likely in specialized law enforcement and military applications. However, lower pricing of thermal imaging technologies has opened up a new and expanding market for thermal cameras in the mainstream. We asked this week’s Expert Panel Roundtable: What are the new opportunities for thermal cameras in mainstream physical security?

Identiv Unveils Cloud Access Control and Frictionless Mobile Solution
Identiv Unveils Cloud Access Control and Frictionless Mobile Solution

Even though ISC West 2020 was canceled, many of the product introductions planned for the trade show still happened. For example, physical security and secure identification company Identiv introduced the Hirsch Velocity Cirrus and MobilisID. Hirsch Velocity Cirrus is a cloud-based Access Control as a Service (ACaaS) solution. It is an optimal solution for both end-users and integrators, with lower upfront costs, reduced maintenance, enhanced portability, and the future-proof assurance of automatic security updates and feature sets. Smart mobile physical access control solution Identiv’s MobilisID is a smart mobile physical access control solution that uses Bluetooth and capacitive technologies to allow frictionless access to a controlled environment without the need to present a credential. We caught up with Jason Spielfogel, Identiv’s Director of Product Management, to discuss the new products and other topics. Q: How is Identiv positioned in the market as a whole? What philosophy drives your product offerings? What vertical markets do you target? Every customer needs every one of these components Spielfogel: Identiv provides a total solution. Our platforms provide access control hardware and software, video surveillance and analytics, door access readers, and ID credentials, both cards and mobile, for a variety of vertical markets: Federal government, state, local and education government agencies (SLED), healthcare, schools, banks/financial services, retail, airports and transportation, and infrastructure. Every customer needs every one of these components in every physical security deployment, and we ensure that all parts are working together at all times, even as technology continues to evolve. With that said, our philosophy is very customer-centric, and we position ourselves as a trusted partner. Our products and technology platform always strive to reflect and anticipate the environment our customers are facing, both in terms of technical requirements and functional capabilities. Q: How does the MobilisID system eliminate "friction?" Spielfogel: Identiv’s MobilisID eliminates the “friction” of access control by forgiving the user from presenting a physical credential to the reader. A simple wave of their hand over the MobilisID reader establishes a connection, and the reader reads their mobile device’s credential from the MobilisID app.  No badge or access card to read, and no contact with the reader, makes this a frictionless access control experience. Administrative friction is also eliminated because there is no physical credential to issue or withdraw; it’s all done via the MobilisID Manager. Q: Discuss the advantages of Bluetooth over competing technologies. Bluetooth offers a blend of reliability and specificity Spielfogel: There are two primary competing technologies: WiFi and Near Field Communication (NFC). The problem with WiFi is that it’s not location-specific. In other words, the WiFi router can’t tell which door the user is near. NFC has the opposite problem in that it’s impossible to get credential reads unless the phone is presented within an inch or two of the reader. Bluetooth offers a blend of reliability and specificity to create frictionless access. Q: "Touchless" has always been a big selling point. Doesn't the coronavirus improve the outlook for these systems even more? Spielfogel: The coronavirus certainly highlights the value of frictionless access. But the vast majority of access systems today use proximity which was already touchless. But for systems using touchpads or contact-based credentialing, certainly frictionless is offering some alternatives that would help keep employees and visitors safer in the current climate. Q: How else might the current pandemic change the security market forever (i.e., more teleworking?) Spielfogel: Permanent changes are not likely, but it does force security directors to rethink how their employees interact physically with systems for both physical and logical access. As a result, we might see accelerated adoption of some emerging technologies, such as greater use of mobile logical access solutions, as well as frictionless physical access control. We’ve already seen an uptick in our smart card reader and token line and our Thursby enterprise and personal mobility offering during the coronavirus pandemic. Q: There are a lot of cloud systems in the access control space. How is your Cirrus cloud product different? Velocity already has all those features Spielfogel: Cirrus is different from many others in that it’s built on one of the most mature, feature-rich, secure physical access solutions available today – Hirsch hardware and Velocity Software. While many competitors are scrambling to add features to their relatively new ACaaS platforms, Velocity already has all those features. While they are building up their encryption capabilities and cybersecurity testing, we’ve already been doing that for two decades. We certainly have some more development ahead of us for Cirrus, but most of it is just surfacing features we already have into the Cirrus interface. Q: How do you guide customers as their needs change? Spielfogel: Whether users want solutions that are on-prem, in the cloud, or anything in between, Identiv’s full architecture ensures that customers can adopt and migrate to new solutions as they see fit. No two customers are alike, so providing the flexibility to gradually update or change systems is a real differentiator. Our competitors either want customers to jump all at once to the cloud or push to keep everything on-prem/legacy. CSOs and CISOs live in a different world: They've got it all to deal with.  We're there with them across all of it, because that's the true reality.