IHS Markit estimates that 68 million intruder alarm sensors were sold globally in 2016; of which 41 percent were wireless, according to the latest intruder alarm and monitoring database. However, just 4 percent of those wireless sensors were destined for the large commercial sector. Residential and small-medium business sectors jointly accounted for the remaining 96 percent of the wireless sensor market. Although the use of wireless sensors remains limited in the commercial sector, the popularity of these products is on the rise for several reasons. Wireless sensors carry significantly lower installation costs as the installation process is much simpler and quicker. The lower installation cost allows companies to allocate a greater portion of their security budget to hardware, enabling them to invest in additional or higher-quality sensors, or upgrades for the system such as integration with video surveillance. Wireless solutions are also more practical in unique installations like remote areas without easy access to the power mains. To overcome range issues, mesh networks, which act as signal repeaters, are used for larger installations. Moreover, as the use of wireless sensors proliferates across commercial applications, consumers may choose to adopt wireless control panels, to allow for easier future addition of extra sensors, as they won’t require on-site IT configuration to add to the system. Prices of wireless sensors have also fallen fast, decreasing by 16 percent since 2012. Battery lifespan of wireless sensors has also improved in recent years, now lasting between one and five years depending on circumstances. Although enhancements have been made, limited lifespan of sensor batteries will put pressure on the security systems manager, necessitating the procurement of software that will allow to easily manage battery statuses. More wireless sensors are available with UL certification, a prerequisite for many professional monitoring and insurance providers. Although wireless sensor technology is making inroads into commercial projects, concerns remain such as encryption, sensor price and ongoing maintenance costs. Despite improvements to encryption for wireless systems, the risk of being hacked is still a common concern amongst large commercial end users. For example, wireless sensors are susceptible to jamming and signal interference, and if the system’s control panel is compromised the entire network of wireless sensors can be rendered useless by disabling the wireless module. Wireless sensors are also more expensive than their wired counterparts. For example IHS Markit found that globally a wireless PIR sensor costs 30 percent more than a wired variant on average. The maintenance costs of wireless sensors are also higher, with the requirement to buy and maintain a set of spare batteries for replacement or re-charging. Despite the challenges facing wireless security sensors in large-commercial applications today, manufacturers and installers that promote and install wireless sensors will likely reap the long-term benefits of the devices. Vendors with strong after sales service, such as customer service and maintenance, would be able to improve efficiency and speed of service by capitalising on the greater ease with which wireless sensors can be added to the system. This will lead to shorter installation times allowing them to serve more customers in a set period of time. As wireless sensors are adopted on a wider scale the significance of battery management system solutions will become apparent. Suppliers with the best battery management software, that is easy to use with interactive interface, are likely to seize the best of this opportunity. Manufacturers of wireless sensors could further improve their products’ market opportunities by working closely with insurance providers and educating them about the benefits of wireless systems in commercial applications as well as their technological features. Entering into partnership with insurance providers may provide avenues for long-term impact.

Cyber-attacks continue to increase in frequency and sophistication, presenting significant challenges for organizations that must defend their data and systems from capable threat actors. These actors range from individual, autonomous attackers to well-resourced groups operating in a coordinated manner as part of a criminal enterprise or on behalf of a nation-state. Threat actors can be persistent, motivated and agile, and they use a variety of tactics, techniques, and procedures (TTPs) to compromise systems, disrupt services, commit financial fraud, and expose or steal intellectual property and other sensitive information. Given the risks these threats present, it is increasingly important that organizations share cyber-threat information, and use the community’s experience to improve their security posture. Cyber-threat information is any information that can help an organization to identify, assess, monitor, and respond to cyber-threats. Examples of cyber-threat information include indicators (system artifacts or observables associated with an attack), TTPs, security alerts, threat intelligence reports, and recommended security tool configurations. Most organizations already produce multiple types of cyber-threat information that are available to share internally as part of their information technology and security operations efforts. By exchanging cyber-threat information within a sharing community, organizations can leverage the collective knowledge, experience and capabilities of that sharing community to gain a more complete understanding of the threats the organization may face. Using this knowledge, an organization can make threat-informed decisions regarding defensive capabilities, threat detection techniques and mitigation strategies. By correlating and analyzing cyber-threat information from multiple sources, an organization can also enrich existing information and make it more actionable. This enrichment may be achieved by independently confirming the observations of other community members, and by improving the overall quality of the threat information through the reduction of ambiguity and errors. Organizations that receive threat information and subsequently use this information to remediate a threat confer a degree of protection to other organizations by impeding the threat’s ability to spread. Additionally, sharing of cyber-threat information allows organizations to better detect campaigns that target industry sectors, business entities, or institutions. NIST has published Special Publication (SP) 800-150, Guide to Cyber-Threat Information Sharing, to assist organizations in establishing and participating in cyber-threat information sharing relationships. The publication describes the benefits and challenges of sharing, clarifies the importance of trust, and introduces specific data handling considerations. To show how sharing and coordination can increase the efficiency and effectiveness of an organization’s cybersecurity capabilities, NIST SP 800-150 presents some scenarios that describe threat information sharing in real-world applications. The goal of the new publication is to provide guidelines that improve cybersecurity operations and risk management activities through safe and effective information sharing practices, and help organizations to plan, implement, and maintain information sharing. Basics of Cyber-threat information sharing NIST SP 800-150 introduces basic cyber-threat information sharing concepts including types of cyber-threat information and common terminology. The publication also examines potential uses for shared cyber-threat information and explores the benefits and challenges of threat information sharing. Threat information is any information related to a threat that might help an organization protect itself against a threat or detect the activities of an actor. Major types of threat information include the following: Indicators are technical artifacts or observables that suggest an attack is imminent or is currently underway or that a compromise may have already occurred. Tactics, techniques, and procedures (TTPs) describe the behavior of an actor. Security alerts, also known as advisories, bulletins, and vulnerability notes, are brief, usually human-readable, technical notifications regarding current vulnerabilities, exploits, and other security issues. Threat intelligence reports are generally prose documents that describe TTPs, actors, types of systems and information being targeted, and other threat-related information that provides greater situational awareness to an organization. Threat intelligence is the threat information that has been aggregated, transformed, analyzed, interpreted, or enriched to provide the necessary context for decision-making processes. Tool configurations are recommendations for setting up and using tools that support the automated collection, exchange, processing, analysis, and use of threat information. The primary goal of the publication is to foster similar threat information sharing practices across organizational boundaries – both acquiring threat information from other organizations, and providing internally-generated threat information to other organizations. Threat information sharing provides access to threat information that might otherwise be unavailable to an organization. Using shared resources, organizations can enhance their security posture by leveraging the knowledge, experience, and capabilities of their partners in a proactive way. Allowing ‘one organization’s detection to become another’s prevention’ is a powerful paradigm that can advance the overall security of organizations that actively share threat information. Organizations that share cyber-threat information will benefit by gaining situational awareness, which will, in turn, help to improve security posture and risk management practices. As seemingly unrelated observations are shared and analyzed, those can be correlated with data collected by others, helping to mature community knowledge. This improved community understanding helps organizations remain better informed about changing TTPs and how to rapidly detect and respond to threats. Such agility creates economies of scale for network defenders while increasing actors’ costs by forcing them to develop new TTPs. While sharing threat information clearly has benefits, certain challenges remain. Some challenges that apply both to consuming and to producing threat information are: Establishing trust; Achieving interoperability and automation; Safeguarding sensitive information; Protecting classified information; and Enabling information consumption and publication. NIST SP 800-150 identifies several information challenges that apply only to the consuming of threat information and other challenges that apply only if an organization wants to provide its own information to other organizations. Establishing sharing relationships NIST SP 800-150 recommends the following planning and preparation activities in relation to launching a threat information sharing capability: Define the goals and objectives of information sharing; Identify internal sources of threat information; Define the scope of information sharing activities; Establish information sharing rules; Join a sharing community; and Plan to provide ongoing support for information sharing activities. Throughout this process, organizations are encouraged to consult with subject matter experts both inside and outside their organization. Such sources include: Experienced cybersecurity personnel; Members…

The cloud era has the potential to change every aspect of physical security, offering alternative ways of doing things, opportunities to realise greater long-term value from legacy systems, and capabilities that have simply never existed before. Working together, smart devices and IP networks can realise remarkable benefits in diverse areas, including cost, installation, efficiency, integration, business automation, monitoring, situational awareness and ease of use. Software is always up to date without the need for on-site work and systems can be quickly and easily adapted to user requirements. One of the perhaps unexpected effects of cloud is that, for many organisations, and particularly those operating or moving towards ‘smart’ environments, security systems are shifting from being ‘grudge purchases’ – made only when they absolutely must be – to desirable investments that can secure specific, tangible, measurable business benefits. The security sector has been slow to adopt cloud technology, in part because of natural, but now somewhat out of date concerns over putting security services ‘out there’ rather than keeping them ‘safely’ in-house. The extent of this shift and the speed with which it can take effect, though, are dependent on how effectively security providers address the challenges arising for organisations wishing to take advantage of the new capabilities and benefits offered by cloud. This is particularly the case when a move away from a traditional systems approach is being considered. Choose the right provider Many long-standing security providers simply lack the necessary skills and knowledge to address the complexities inherent in the integration of diverse systems, particularly over IP networks. Conversely, new entrants to the market from the world of IP networks, while bringing networking expertise, often lack understanding of security systems. Furthermore, they often do not fully understand, or sometimes even perceive, the complex legal and technical issues that can arise. It is beyond question, though, that in the world of physical security, the cloud is here to stay, just as it is in the consumer world of smart watches, fitness trackers and satnavs. Earlier this year, Gartner predicted that in 2017 we would see 8.4 billion connected ‘things’ – an increase of over 30% on 2016. It would be foolish indeed to ignore such growth and the immense benefits that the technologies driving it can deliver as they connect previously disparate devices and data sources. Nevertheless, the security sector has been slow to adopt cloud technology, in part because of natural, but now somewhat out of date concerns over putting security services ‘out there’ rather than keeping them ‘safely’ in-house. Cloud integration essentials Appropriate expertise and experience are essential when it comes to cloud integration. Decisions must be made as to which facilities, services and infrastructure to move to the cloud right away, which to move later, and which should stay on-premises for the foreseeable future. There will be pros and cons for each device and service, which need to be fully understood to make the right decisions. Often a hybrid or staged approach is the right choice – for example, embracing secure hosted services now with a view to full cloud migration as part of a longer-term plan. When planning the implementation of new and migrated systems, a seamless transition is usually essential. Risks must be fully understood and mitigated, and users and others brought up to speed rapidly, and then supported effectively on the new facilities. Such issues mean you need a security partner that can provide expert counsel on both technical and commercial matters from the very start of the engagement. Exploring the idea Often, the first major challenge with any new technology comes at the exploratory stage, before any actual migration is even planned. Exploring potential risks and benefits, and convincing key players within the organisation that a move towards cloud should be made, can be challenging indeed without specialist knowledge in a variety of arenas, including IP networking, cloud infrastructure, applications and services, legacy systems integration and, of course, the cloud-based solutions available. A capable, experienced security systems integrator (like Reliance High-Tech) will work closely with you to fully understand the detail of your existing infrastructure, and your aims and objectives, as well as budgetary, technical and other constraints. Working from that basis they can then advise on strategic options and help you communicate the benefits to interested parties across your organisation.

1. Lower your storage spend –  Organizations are keeping as much as 40% of their inactive data on their most expensive infrastructure. With unstructured video growing exponentially, fueled by the rise of new video surveillance programs, you can’t afford to have this kind of inefficiency. Then the solution is to adopt a multi-tier storage system that automatically migrates your video to the most cost efficient tiers of storage. Whether that’s high-performance disk storage, object-based storage or high-capacity primary storage, file-based tape or the cloud – your organization can cost-effectively store data based on various policy requirements. 2. Easy, immediate access Finding a file in your system should be no more difficult than finding a document on a C: drive. Quantum’s solution for video surveillance is a single file system, built specifically for video applications. On the backend, retention and access policies can be set to handle data migration and simplify organization and file recall. 3. High performance Storage performance that performs inefficiently prevents companies from capturing usable data. Quantum’s StorNext software retains data cost-effectively, supports complex video management systems and analytic applications, and ingests video from 4 times as many cameras per server to deliver time-to-decision results, allowing proactive protection and crime prevention. Quantum’s storage infrastructure not only handles this sheer volume of data with ease, but also delivers streaming performance regardless of whether it’s on disk, tape, or in the cloud. 4. Scale with your storage needs The ability to seamlessly integrate more sources of information into modern analytical tools is becoming more important, as is the capacity to scale and accommodate increased camera and sensor counts, panoramic coverage and higher image resolution. As more cameras are added, image resolutions increase and retention times become longer, Quantum’s solution can scale to handle the need for more capacity. 5. Compliant with your current infrastructure Quantum’s storage solutions support all major platforms, operating systems and networks, and integrate seamlessly with VMS and other systems. This enables security professionals to integrate the solution into their existing infrastructure without being locked into a single vendor or platform as well as to configure the file interface to receive input from a variety of devices and systems. 6. No trade-offs necessary To gain more insight and an increased return on investment from video surveillance data, a storage solution must balance high performance, high capacity and high retention. These three parameters can be flexed to provide the best trade-off between budget and mission whilst minimizing sacrifice of redundancy, accessibility or scalability. 7. Gateway storage architecture Upgrading storage capabilities while also satisfying budgetary restrictions is a challenging part of building a comprehensive storage infrastructure. Instead of replacing your pre-existing storage system, why not to build onto it! Artico™ offers an easy, nondisruptive choice for adding Quantum tape, FlexTier™, and Lattus™ scale-out storage to an existing security environment. Quantum’s StorNext platform is a policy-driven tiering software, allowing users to extend primary storage with scalable, more cost-effective tiers of storage. Our multi-tier solution is ideal for security and surveillance organizations with large amounts of video dealing with the challenges that come with scaling storage with your data growth. End users can set up policies to automatically migrate data across tiers, utilizing less costly types of storages like file-based tape and cloud, thus delivering the total capacity needed more cost effectively.