securitylinkindia

MANAGEMENT

RISK MANAGEMENT: A CORE MILITARY SKILL – AN ESSENTIAL CORPORATE REQUIREMENT

Colonel Arun HariharanVice President, National Head – Nodal,Security and EHS, Bharti Airtel Ltd What is Risk Management? The term Risk Management is loosely used both in the military as well as the corporate environs. It is nothing but something we do in our day to day lives, all the time – whether it is a decision to buy a new car, changing jobs or even a simple thing such as crossing the road. To put it across simply, Risk Management is the process of identifying, assessing, and controlling potential risks that could negatively impact an organization or project. These risks could arise from a wide range of sources, including financial uncertainties, legal liabilities, strategic management errors, accidents, natural disasters, cybersecurity threats, or operational failures. Effective risk management helps organizations minimize losses, protect assets, ensure compliance with regulations, maintain operational continuity, and enhance decision-making. In a rapidly changing and uncertain world, proactive risk management is vital for achieving long-term success. Let us now examine how this works in the military and in the corporate – the differences and the overlaps. Risk Management in the Military Risk management in the military is a systematic process used to identify, assess, and control risks associated with military operations, training, and other activities. Its primary goal is to preserve combat power, conserve resources, and increase operational effectiveness while minimizing unnecessary loss or damage. Military risk management typically follows a structured approach such as the U.S. Army’s 5-step model: 1. Identify hazards: Recognizing potential dangers in various military activities. 2. Assess hazards: Evaluating the likelihood and severity of identified hazards. 3. Develop controls and make risk decisions: Developing and implementing measures to reduce or eliminate risks, by using risk information to inform operational planning and execution. 4. Implement controls: Implementing strategies to minimize the risks. This could involve reducing the probability of the risk happening or lessening its impact if it does occur.5. Supervise and evaluate: Continuously tracking risks, reviewing the effectiveness of risk mitigation efforts, and adjusting strategies as needed. This process helps military leaders balance mission requirements with personnel and equipment safety, ensuring that risks are taken only when the potential benefits outweigh the possible losses. Risk Management in a Corporate Scenario vs the Military Risk management in the corporate world shares some similarities with military risk management, but there are notable differences in focus, scope and implementation. This stems from the basic purposes of both these organisations. Whereas, in the armed forces focus is on effective training, seamless logistics and winning wars, in a business enterprise it is about staying competitive in the market, generating profits, regulatory compliances, organisational reputation etc. Hence, though at a high level the process remains same there are nuanced differences. In simple terms, here’s how corporate risk management differs in the two fields: Parameter Corporate Military 1 Focus Primarily focused on financial risks, reputation, and business continuity. Centred on operational effectiveness andpreserving combat power. 2 Types of risks Market risks, credit risks, operational risks, legal/ compliance risks, strategic risks. Combat-related risks, equipment failures,personnel safety, mission failure. 3 Regulatory environment Governed by various laws and regulations (e.g., Unified Licence for telecom operators, RBI regulationsfor banks). Follows military doctrine and governmentregulations. 4 Stakeholders Shareholders, customers, employees, regulators. Government, soldiers, allies, civilians inoperational areas. 5 Risk appetite Often defined by board of directors, balancingrisk and reward for profit. Determined by mission objectives andstrategic importance. 6 Time horizon Can range from short-term to long-term, often with a focus on quarterly or annual results. Mission-specific, can be immediate (tactical)or long-term (strategic). 7 Tools and methodologies ERM framework, ISO 31000, financial modelling, scenario analysis. Specific military risk assessment tools,after-action reviews. 8 Reporting Regular risk reports to management, board, and sometimes public disclosures. Often classified, reported through chain of command. 9 Risk transfer Can use insurance, derivatives, or other financial instruments to transfer risk. Limited options for risk transfer; risks areusually managed internally. 10 Cultural aspects Risk culture varies widely between organizationsand industries. Strong emphasis on safety and operational security across the organization. 11 Consequences offailure Financial losses, reputational damage, legal liabilities. Potential loss of life, mission failure, national security implications. 12 Innovation andrisk-taking Often encourages calculated risk-taking for competitiveadvantage. Emphasizes following established protocols, with innovation focused on enhancing capabilities and safety. While both sectors endeavour to manage risks effectively, the corporate world generally has more flexibility in its approach and can often take on more risks in pursuit of profits. The military, given its critical role in national security and catastrophic nature of failure, tends to be more conservative in its risk management practices. Transitioning Military Personnel and Risk Management as a Career Transitioning military personnel often possess skills such as leadership, decision-making under pressure, operational planning, and risk assessment – qualities that naturally align well with various subdomains of risk management. Hence risk management is a good career option for veterans seeking jobs in the business sector. The term Risk Management is loosely used both in the military as well as the corporate environs. It is nothing but something we do in our day to day lives, all the time – whether it is a decision to buy a new car, changing jobs or even a simple thing such as crossing the road Based on exposure to the sector, here are some recommended subdomains and related industries that could be a good fit: Operational Risk Management ● Fit: Veterans excel in understanding and mitigating risks tied to processes and operations. ● Industries: – Manufacturing. – Logistics and Supply Chain. – Aviation and Aerospace. – Healthcare (hospitals, emergency services). Security Risk Management ● Fit: Military backgrounds provide excellent training in physical security, threat assessment, and protection. ● Industries: – Corporate Security– Critical Infrastructure(telecom, energy, water, utilities).– Event Management.– Financial Institutions(fraud, cybercrime prevention). Cybersecurity Risk Management ● Fit: Many veterans come from IT, communications, or intelligence backgrounds and can transition well into cybersecurity roles. ● Industries: – Technology and Software Development. – Telecommunications . – Financial Services. – Healthcare (patient data protection). Compliance and…

Read More
Production

Reframing the Virtual Production: From Green Screens to LED Backdrops

What if you could create a stunning desert landscape or an alien world in real-time? No need to wait for hours of post-production. Productions like The Mandalorian have highlighted this new frontier, where the line between physical and virtual worlds is becoming increasingly blurred. Today, a major shift is taking place – moving from traditional green screens to immersive LED backdrops. The legacy and limitations of green screens Green screens have long been a cornerstone of filmmaking, enabling breathtaking scenes and unseen galaxies to come to life in post-production. However, they also introduce challenges like color spill and uneven lighting. As most creative crews know, addressing shadows, green tones, and precise color keying is time-consuming, often stretching both budgets and patience. For actors, performing against a blank green stage can be disengaging. It disconnects them from the authenticity of their craft. It’s not easy to work up subtle reactions to surroundings that will exist only later. Additionally, compositing work, such as matching lights, removing color spill, and refining edges, requires painstaking effort. Each pixel demands attention, adding pressure to both timelines and production costs. The rise of LED backdrops These disadvantages have, however, been overcome by filmmakers and studios as the usage of LED technology is becoming more common. Rich in detail, adaptable, and vibrant, LED screens have opened a fresh level of filmmaking immersion. LED screens allow dynamic landscapes to be projected, creating the feeling of a real set. Actors can interact with their surroundings, while directors and camera operators capture shots with clarity that previously required post-production. Moreover, LED screens blend seamlessly with real- world lighting. Costumes beam naturally under a desert sun, as reflective surfaces may capture neon skies and radiate light in truly realistic ways, already helping out the visual workload but also empowering the all-around realism of every shot. The most amazing thing is the flexibility. Switching from a futuristic city to a lush forest or creating an alien world can be done instantly. Filmmakers no longer need to build elaborate sets and then dismantle them, saving time and resources. Real-world transformations: Elevating studio production with advanced LED solutions Media24, South Africa’s leading media company, faced limitations with traditional studio setups. Physical backdrops were time-intensive to set up and lacked flexibility during shoots. What if you could create a stunning desert landscape or an alien world in real-time? No need to wait for hours of post-production. Productions like The Mandalorian have highlighted this new frontier, where the line between physical and virtual worlds is becoming increasingly blurred. Today, a major shift is taking place – moving from traditional green screens to immersive LED backdrops To address these issues, Media24 installed a 51.84m² LED backdrop using 256 Hikvision P1.2 COB LED units. The Flip-Chip COB technology improved brightness and resolution by eliminating bonding wires and enabling closer LED spacing. This transformation boosted production flexibility while saving time and resources. Digital displays allowed seamless background changes, and real-time control made scene adjustments quick and efficient. High-quality visuals also enhanced VR shoots and live TV shows, elevating Media24’s productions. Across the Atlantic, Brazilian audiovisual company Neto Eventos installed a 10.24-meter wide and 2.88-meter tall arc LED wall with a 2.5mm pixel pitch. The immersive backdrop created vivid environments for live broadcasts. Hikvision’s advanced technology ensured excellent image clarity and color accuracy, empowering the studio to produce creative and compelling content. As LED technology becomes the new norm, innovators like Hikvision are playing a pivotal role in helping creators bring captivating worlds to life, bridging the gap between imagination and reality. Committed to advanced manufacturing and innovative solutions, Hikvision is supporting creative teams in realizing even their boldest visions. From the legacy of green screens to the embrace of LED walls, the journey ahead marks a significant evolution in filmmaking and broadcasting. Read More

Read More

Rethinking Risk Management – How Centralized Platforms Simplify Cybersecurity

Harikrishna PrabhuCOO, Technobind Solutions As cyber threats evolve at an unprecedented pace, organizations find themselves entangled in a web of fragmented security solutions, each promising protection but collectively creating chaos. From endpoint security and cloud protection to identity access management and compliance tools, the sheer complexity of managing multiple platforms often leaves security teams overwhelmed and vulnerable. This disjointed approach not only increases operational inefficiencies but also widens security gaps – offering adversaries an opportunity to exploit weaknesses. A unified platform can bridge these security silos, transforming risk management from a reactive burden into a proactive, intelligent defense mechanism that simplifies operations, enhances threat response, and fortifies an organization’s cybersecurity posture. The Complexity Conundrum Traditional cybersecurity strategies rely on disparate security solutions, forcing security teams to juggle multiple dashboards, policies, and alerts. This siloed approach creates blind spots, delays incident response, and increases the risk of misconfiguration – often the weakest link in cybersecurity defenses. The Shift to Centralized Risk Management A centralized risk management platform consolidates security functions into a single pane of glass, providing real-time visibility, streamlined workflows, and automated threat intelligence. By integrating risk assessment, compliance tracking, and threat detection into one ecosystem, organizations can proactively manage vulnerabilities before they escalate into breaches. The Benefits: Efficiency, Accuracy, and Compliance As cyber threats grow in sophistication, businesses must transition from reactive defense to proactive risk mitigation. A centralized security platform isn’t just a convenience – it’s a necessity for organizations looking to simplify security operations while fortifying their cyber resilience. By embracing centralized cybersecurity risk management like ESET Protect Platform, enterprises can reduce complexity, cut costs, and ensure a more resilient security posture in an era of relentless cyber threats. ● Holistic Visibility – Security teams can correlate data across endpoints, cloud environments, and networks, reducing the time to detect and respond to threats. ● Automation and AI-Driven Insights – Leveraging AI and machine learning, centralized platforms can identify anomalies, prioritize risks, and automate remediation, reducing human error.● Regulatory Compliance – Organizations can maintain compliance with industry standards (e.g., GDPR, NIST, ISO 27001) by aligning security policies across the enterprise in a structured manner. ESET PROTECT Platform: A Paradigm of Centralized Cyber Risk Management In the quest for streamlined and effective cybersecurity, the ESET PROTECT Platform stands out as a quintessential example of centralized cyber risk management. This cloud-first, AI-native cybersecurity platform integrates a comprehensive suite of tools designed to provide robust protection while simplifying security operations. Key Features of ESET PROTECT Platform ● Unified Security Management: Offers a centralized console that provides real-time visibility and control over all endpoints, facilitating seamless policy enforcement and incident response. ● Advanced Threat Defense: Utilizes proactive, cloudbased defenses to guard against zero-day and never- before-seen threats, ensuring that emerging vulnerabilities are promptly addressed. ● Extended Detection and Response (XDR): Enables comprehensive threat hunting and incident response capabilities, allowing security teams to investigate and remediate sophisticated threats effectively. ● Multi-Factor Authentication (MFA): Ensures that access to organizational data is protected through seamless MFA, enhancing security compliance and reducing unauthorized access risks. ● Vulnerability and Patch Management: Actively tracks and addresses vulnerabilities in operating systems and applications across all endpoints, mitigating potential security threats from unpatched systems. As cyber threats evolve at an unprecedented pace, organizations find themselves entangled in a web of fragmented security solutions, each promising protection but collectively creating chaos. From endpoint security and cloud protection to identity access management and compliance tools, the sheer complexity of managing multiple platforms often leaves security teams overwhelmed and vulnerable In conclusion, the future of cybersecurity lies in simplification without compromise. As businesses continue their digital transformation journeys, embracing a centralized risk management approach is no longer optional—it’s a critical imperative. Platforms like ESET PROTECT exemplify this strategy by unifying security functions, automating threat detection, and providing real-time risk insights. By adopting such comprehensive solutions, organizations can transition from fragmented defenses to a streamlined, proactive security posture, effectively mitigating cyber risks while freeing up valuable resources to focus on innovation and growth. About TechnoBind TechnoBind is the first Specialist Distributor in the Indian IT channels space offering a hybrid distribution model placed synergistically between broad-based and niche distribution, to deliver high business value for its reseller partners. TechnoBind helps partners to implement solutions, which solve specific business pain points arising out of the rapidly changing facets of technology for businesses. TechnoBind’s sole focus is to help enterprises manage and make the most of their most precious asset which is data. The portfolio of thirty cutting-edge brands spanning Access, Management, Security, Infrastructure and Cloud enables TechnoBind to uniquely address data management. Read More

Read More

Law and Order: How Employees Benefit from Being Monitored?

Sergio BertoniLeading Analyst atSearchInform 71% of small and medium-sized businesses experienced attempts by employees to leak data, SearchInform research states. However, employees often leak data accidentally and without any malicious intent, for example, because of negligence or cyber illiteracy. Today, establishing control over employees’ actions with data is a common practice, but it is impossible to ensure without specialized software – DLP systems, which have become a basic tool for protecting companies against data breaches caused by insiders. DLP systems are also used to avoid data misuse, improve the level of work discipline, and retain valuable staff. Control within the Law The employer has the legal right to control employees to protect sensitive information such as personal data, banking and commercial secrets, data collected by state information systems, and data in industrial control systems at critical infrastructure facilities. For example, an employer is responsible for keeping passport scans and other documents of employees, the company’s partners, and clients’ data safe as well. This is enshrined in the laws of many countries, as well as in international legislation such as GDPR. However, personnel must be informed that the organization where they are employed is using an automated monitoring system (like DLP). The fact that an organization uses specialized software for employee control must be documented in corporate policies. Employees, in their turn, should be informed about what the protective system is used for, and sign a consent for their activity to be monitored. For the employer it is necessary to draw up an additional agreement to the employment contract and outline all the tasks of using the system which could be the following: ● Oversee employees’ compliance with job descriptions and internal labour regulations; ● Control the appropriate use of the company’s information resources and technical means to fulfill job duties; ● Ensure protection of commercial, trade, official, and other secrets as required by national and international regulations. The DLP systems are also deployed to maintain discipline and evaluate staff productivity. In case of such system implementation in corporate IT infrastructure, the employer should take measures to avoid conflicts and misunderstandings between the team and management. Introducing corporate regulations on working with information will help solve this task. Besides, a separate policy on how documents need to be stored, and whether it is permitted to use clouds and personal email to communicate work-related tasks and other questions is a must. This way employees will understand what is allowed to do at work and what is prohibited for them. For example, an employer may not allow an employee to use a corporate PC for non-work related activity on social networks, storing personal photos etc. What are the benefits of being monitored? The issue is that employees often interpret various monitoring systems as excessive control and distrust. In this case, it is crucial to communicate to the team the advantages employees receive from being monitored by protective software. Providing employees with real life cases will help in this regard. The first case from SearchInform practice proves that DLP systems help employees avoid being accused of a crime they never committed: ● The security department specialists found on the employee’s corporate PC confidential data that he did not have access to. Investigation revealed that the remote access tools were regularly run on his computer, however, the employee hadn’t noticed it. It turned out that the network administrator temporarily stored confidential data on the ‘victim’s’ PC before transferring it to third parties. Thus, the DLP system helped identify the real intruder and save the honest employee from being dismissed. 71% of small and medium- sized businesses experienced attempts by employees to leak data, SearchInform research states. However, employees often leak data accidentally and without any malicious intent, for example, because of negligence or cyber illiteracy. If our client did not have a DLP system, it would have been very difficult for the guiltless worker to avoid suspicion and prove that he was not involved in the data leak. Unfortunately, such cases are not uncommon. In this way, modern control systems help to avoid situations when staff members need to justify themselves. In some organizations where DLP is not implemented, in the same cases, the employees may be required to undergo polygraphs or other stressful procedures. DLP at employees’ service There are major ways, how DLP system brings important benefits to the employees. Firstly, the DLP system reduces the risk of accidental data leakage, which could lead to sanctions against the employee. The system is equipped with proactive blocking functionality, which is fine-tuned by an Information Security specialist. The feature reduces the chances of confidential documents intentionally or unintentionally leaving the company’s information perimeter. DLP also notifies the user (InfoSec specialist or another professional in charge) about suspicious employee activity. In addition, DLP systems can be equipped with the open mode of operation that empowers the user not to commit dangerous actions with the help of special notifications. It is also possible to customise alerts about dangerous actions or enable the user interface – a visible window on the taskbar so that personnel can communicate freely with the InfoSec professionals. ● Case: The employee of the research institute was preparing documentation containing data from clinical trials of the drug. Out of habit, he sent the documents for review to a former manager, who at the time was already working for a competitor. The incident that occurred by mistake severely damaged the reputation of the institute. However, it could have been avoided if the DLP was deployed. Secondly, DLP ensures confidence that all incidents will be investigated objectively and thoroughly. This applies not only to prevent false accusations but also to verifying complaints from employees about arbitrary behavior by the company’s top management. ● Case: One of our clients, a retail company deployed a DLP system. Then, a suspicious email to the CFO from one of the dismissed employees was found. Ex-worker accused the CFO of taking full advantage of the CEO’s trust to fire valuable…

Read More

AI & ML in Security & Surveillance

By Milind BorkarMD, Systematica Suyog Security Consultants(Sr. Consultant & Security Expert) Surveillance and Security in the traditional sense is now moving forward in leaps and bounds. Gone are the days of CCTV using analog cameras that are being replaced by digital cameras that enable video analytics to be performed on an incoming digital stream. Also, between year 2005 and year 2010 there was a massive push to standardize the interface between the camera and the software that talks to it over an ethernet cable. This standard is ONVIF (Open Network Video Interface). Though many camera manufactures claim ONVIF compliance one must check the following link prepared by onvif.org – https://www.onvif.org/conformant-products/. This development disrupted the stranglehold of camera manufactures with their partners and allowed many other players to enter the market as proprietary protocols were no longer required. Most of the terabytes of stored video is useless as it does not carry any useful information. Manual searches need to be conducted to find the relevant information one is looking for. This turns out to be a time-consuming process and by the time information is found it might be out of date. This is where Video Analytics can help to some degree by looking for only relevant information thereby saving time and resources. Even though Video Analytics saves a considerable amount of time, it still does not avoid the manual process involved in looking at video instead of data. Here is where Artificial Intelligence (AI) and Machine Learning come in. AI/ (neural networks) builds a model based on a few initial parameters that are input by the user. Without getting into the details, it quickly builds a neural network and tells you the confidence level of each object found in the video frame. This is a highly mathematical process involving convolution, calculus, probability and statistics. Based on the confidence level of each object found in the frame, one can fine tune the neural network by changing the input parameters. This fine tuning is called Machine Learning by which the neural network gives confidence levels above 95% for each object found. We have done this in our product where object confidence levels went from as low as 60% to as high as 98%. One can now put the neural network in training mode telling it what the target end result the user wants. The machine then self learns by varying the hundreds of input parameters till the end target is met. At this stage the model is what the user was expecting and he now continues to use this highly accurate model to build his or her applications to solve problems specific to their market vertical. So, what AI/ ML has done is that video examination is no longer required but extracted data from the video stream is examined. This is a far more intelligent way of examining video streams and far more efficient allowing the end user to build multiple intelligent applications on top of this. This is the WAVE of the future as multiple PETABYTES of data cannot be examined after the fact. With the number of cameras increasing exponentially all across the globe, the best way to process video is on the fly in real time as it saves time, money and resources across the board. However, for a particular use case some time and money have to be invested to fine tune the neural network model. Once this process and methodology is mastered, one can use it for other use cases. In our case, some of our models took up to 30 minutes to bring up the confidence level above 95%, while in other cases it has taken up to a week. Factors that affect this training period are following: (a) Lighting, (b) Number of objects in the frame, and (c) Complexity of the shape of the object. Diagram describing our Object Classification Engine We will now describe a couple of used cases to make this clear: Used case 1: Implementing Standard Operating Procedure (SOP) Suppose a SOP is defined for a drug testing methodology in a pharmaceutical laboratory. Requirements are as follows: ● Capture and time stamp when an employee enters and exits the laboratory. ● Measure procedure when the drug testing starts. ● Identify colored flasks and test tubes and their movement from one step to the next.● Identify microscopes and other medical instruments used in measurement and how they are being used. ● Flag any deviation from SOP and report to administrators. As one can see, one can use identifying objects in the video stream and determine whether the SOP is being followed. This can be used by the laboratory management team to improve overall efficiency of the laboratory and its’ employee performance without looking at video streams. A snapshot of our current Object Classification Engine for illustrative purposes Used Case 2: Measuring queue lengths at bank counters, airport check in lines, hospitals etc. ● Determine queue lengths to determine arrival and service rates. ● Queue lengths will increase if service time is greater than person arrival time. ● Flag these so the service efficiency can be improved. Summary The neural network model has over 25 million pre-defined objects in the database. These have been developed using artificial intelligence techniques. In a typical end user case, a very small subset of these 25 million predefined objects is required. New objects are continuously being added to the database. The model also allows itself to be put in training mode based on what the end user really wants Our Object Classification Engine takes advantage of this and provides interfaces so that end user case applications can be developed rapidly and be put to use. We provide extracted data, interface to the ML neural network model as well as we provide application development services for the customer. Read More

Read More

How Much for That VMS

Its Total Cost of Ownership May Surprise You! By Gaurav TaywadeDirector, India Operation, Vicon On-premise enterprise video management systems (VMS) can be a huge investment – one of the priciest elements of a company’s physical security technology infrastructure. They’re also one of the most critical. Without eyes on a property, there’s no way to ensure that other systems are doing their job. Since the pandemic, spending on VMS solutions has continued to rise. Commercial office space vacancies are high, hybrid and remote work models have businesses operating with far fewer onsite workers, crime is up, and security guards are in short supply. Building and security managers are determining that existing cameras provide insufficient coverage under these new conditions, and are therefore seeking to expand their systems. Quickly evolving technology is complicating matters, making legacy VMSs obsolete. Companies unable to leverage the latest generation of cameras, analytics, and integration opportunities are deciding that it’s time to upgrade to a new platform rather than continue to throw money into a substandard solution. After 5-10 years, the actual cost of one system may be as much as 50% lower than another As stakeholders wrestle with how to upgrade or replace their VMS network, performance and operational needs take top priority. However, once specifications are agreed upon, and various manufacturers have been identified that meet a project’s requirements, price can become the deciding factor. Unlike the straightforward comparison of technical specs between offerings, calculating and comparing the total cost of system ownership is much more elusive. The total-cost-of-ownership (TCO) is affected by many factors – some of which come as an unwelcome surprise to system owners after their VMS is up and running. At that point, it’s too late to reevaluate the wisdom of their investment. There is no magic formula for estimating TCO. Manufacturers structure their licensing, warranties, upgrades, maintenance, training, and other policies in different ways, and their promotional materials rarely spell out these distinctions. After 5-10 years, the actual cost of one system may be as much as 50% lower than another. To accurately evaluate TCO, decision-makers must know where to look for hidden expenses and the right questions to ask. We hope this whitepaper helps readers do just that. Device Licensing Practices are Sometimes Tricky Licenses are part of any on-premise VMS solution. The licensing model makes systems scalable; users pay more for larger deployments. In enterprise systems with hundreds or thousands of cameras, licensing represents a significant expense. That said, there is tremendous variation in how much licensing will cost a company throughout its VMS’s lifespan. The price-per-license differs by manufacturer, but that is only part of the story. Some manufacturers require a license for each camera. Others charge licensing fees for servers, workstations, storage, and edge devices. Licensing tied to NVRs and servers can pack a disproportionate financial wallop – especially when NVR licenses are calculated based on the number of streams supported. For example, let’s take one 12MP camera that features triple-streaming. With NVR licensing, the camera requires three licenses if all three streams are used, even if the same NVR records all three. Recording redundancy doubles the price. With two servers recording each of the three camera streams, that single camera represents six licenses! By contrast, a camera-only licensing model would require one license for this device, period. Consider how this policy substantially impacts a network with hundreds of cameras. When NVRs are licensed, adding or upgrading cameras also becomes more expensive. Let’s say a customer wishes to replace several 1MP cameras with 5MP models. The 5MP devices will impose more demand on the server. VMS systems may be infinitely scalable, but individual NVRs or servers have their limits. Adding new cameras, or replacing existing ones with higher resolution models, can result in the need for more network hardware. Once again, paying per camera – and only per camera – keeps TCO in check as systems grow. By contrast, when VMS software is free and licensing is only required for cameras, the options for keeping systems current remain uncomplicated and less expensive However, even with camera-only licensing models, there are still ‘buyer beware’ issues to consider. Some manufacturers link each license to the MAC address of a specific camera, making the license non-transferable. Limiting software in this manner is an antiquated approach that takes advantage of the user. When hardware needs to be replaced, there’s no reason the software license should need replacing too. Imagine if your laptop died and Microsoft said you must buy all new software rather than transfer your licenses to the new device. You would be irate. Finally, some manufacturers charge premium licensing fees, per device, to access certain VMS features. A camera’s specifications may indicate it “can do” certain things, but it’s possible that they are not included with a basic license. When calculating a system’s TCO, make sure you understand what your licenses include and what they don’t! Keeping Current is Critical; It Shouldn’t Be Costly Like any software, VMS platforms are constantly improving. The DevOps process used by many software development teams, with its focus on continuous feedback, collaboration, and communication, has accelerated the speed and frequency with which updates are released. Unlike business software for sales or marketing – for which new releases may be helpful but unnecessary – security software provides a mission-critical function. It should be kept current at all costs. How VMS manufacturers charge for updates affects TCO. Some updates, like those addressing bugs and vulnerabilities, may be free, but others come with a fee. Before purchasing a system, prospective owners should understand what to expect. Are upgrades mandatory? How frequently do they typically happen? Are upgrade protection plans available? How is the price calculated? Even if manufacturers do not mandate upgrades, they may ultimately discontinue support of earlier software versions, rendering the NVRs and servers running them obsolete unless the customer invests in an enterprise-wide software upgrade and relicensing. Without a systemwide update, the system owners cannot even add a single new camera….

Read More

Enhance Border Security in Adverse Weather

In the high-stakes world of border security, fog and other adverse weather conditions create critical blind spots that smugglers and criminals easily exploit. Sight- Booster, a real-time software solution from ThexoVision, gives border guards the clear vision as they need to stay one step ahead and keep borders secure. Why is fog a critical risk and challenge for border security? ● Smugglers take advantage of poor visibility: Drug and human smugglers often carry out their operations in foggy weather, when surveillance is at its weakest. ● Limited detection performance and range: Security cameras lose effectiveness in fog, which reduces their effectiveness, making it harder for border guards to identify threats. ● Delayed reaction time: Officials only detect intrusions when it is too late, making it impossible for them to react in time to prevent border violations. ● Thermal cameras have limitations: Although thermal cameras can help, they do not always provide enough detail to identify vehicles, faces or contraband, making it difficult to act. SightBooster: From poor visibility to clear detection SightBooster, developed by ThexoVision, is a real-time software solution that improves surveillance images in poor visibility conditions – without the need for expensive hardware development. ● Instantly improves camera image clarity: Officers can see clearly even in dense fog. ● Identifies threats from long distances: Border Patrol can spot and track smugglers from 1km or more, reducing security gaps. ● Seamless integration with existing cameras: Interoperates with CCTV, thermal, PTZ and drone cameras for improved visibility. ● Faster response time: Security teams can act before border intruders cross the border. Top: original video frame in dense fog, Bottom: processed video frame with clear visibility via SightBooster software solution Proven success: SightBooster in action Kazakhstan field trial In real-world tests with our partner TNS Service, Sight- Booster processed live footage (H.264, 20Mbps bitrate) from a standard PTZ security camera monitoring a 1km target in dense fog. The original footage was almost unusable, but the video enhanced with SightBooster showed remarkable clarity of detail, enabling effective surveillance. Border patrol vehicles in the UK SightBooster is integrated into Presidian® Smart Mobile Monitoring Stations developed by DJ Byers Security Solutions® (UK). These mobile units improve real-time situational awareness for border patrol officers, ensuring that officers are never blinded by fog, heavy rain or low light conditions. The future of border security With increasing pressure on border security forces, technology must evolve to outpace the strategies of smugglers and criminals. SightBooster offers a cost-effective, high-performance solution that gives security teams the visibility they need when they need it most. SightBooster : A versatile software technology for various conditions ThexoVision’s proprietary real-time video enhancement software technology is capable of revealing scene objects under constrained visibility conditions in camera-based systems. This capability not only works in fog, but also aids visual detection and identification in the presence of a wide variety of obscurants such as haze, smog, smoke, dust, rain, or snow. In addition, it can also cope with use cases in night vision and underwater scenarios of low visibility. AI or not to AI? Whilst in today’s technologies artificial intelligence is becoming more and more pervasive, ThexoVision believes in a balanced approach on application of AI. In fact, the core of SightBooster software technology avoids using AI in producing the clarified version of the input stream. The reason – when dealing with surveillance or border security, we don’t want to introduce non-existing objects or details into the processed image. Nevertheless, when need be, SightBooster can be efficiently combined with other AI-based methods, like object detection. Fog and bad weather don’t stop smugglers, so border security can’t afford to be blind. Sight- Booster gives officers the clear vision they need to stay one step ahead and keep borders secure Milan Tresch, CEO of ThexoVision. Founded in 2019, ThexoVision evolved from a post-processing software initiative towards fulfilling the promise of real-time processing capabilities. Recognizing its potential for widespread industrial applications, the team took a hands-on approach to development, establishing a four-camera test system at Budapest airport’s control tower. This rigorous testing validated the technology and significantly boosted its market credibility. Our technology that is primarily available as a software development kit (SDK) can be incorporated into server – and desktop-based configurations, as well as into small-sized, embedded solutions for mobile applications. The SDK has been designed to allow for a streamlined integration into vastly differing products, systems Ramon Hegedus, CTO of ThexoVision. The company represents a fusion of two generations of expertise among its six owners. The senior partners include the project’s original visionary and co-founder who continues to drive market development and funding, a former chief commando officer who later became a successful international trader of military technologies, and an ex-head of a police counter-narcotics unit, today leading a company that develops sensitive military and civilian electronics solutions. The younger generation features the company’s CEO and two exceptional software developers – one of them a specialist in computer vision and graphics, while the other, also co-founder and CTO, an expert in optical sciences and imaging. Their joint innovative efforts put ThexoVision ahead of competitors. Read More

Read More

Data Breaches on the Rise: A Comprehensive Analysis

Dr. Suman GhoshProject Management ProfessionalBritish Telecom In the digital age, data breaches have become a pervasive threat, impacting organizations across all sectors. Since 2021, the frequency and severity of these breaches have surged dramatically, posing significant risks to both personal and organizational security. This article delves into the alarming rise in data breaches, the financial implications, and the critical need for enhanced security measures, particularly in email protocols. The surge in data breaches Data breaches have increased by a staggering 72% since 2021. This surge can be attributed to several factors, including the proliferation of digital data, the increasing sophistication of cyberattacks, and the expanding attack surface due to remote work and cloud adoption. In 2024 alone, there were over 422.61 million data records leaked in various breaches. This unprecedented rise underscores the urgent need for robust cybersecurity strategies. Financial impact of data breaches The financial repercussions of data breaches are profound. The average cost of a data breach reached $4.88 million in 2024, marking a 10% increase from the previous year. This cost includes several components such as business disruption, customer loss, regulatory fines, and post-breach remediation efforts. For instance, the healthcare sector, which handles highly sensitive patient data, reported the highest average breach costs at $9.77 million. Similarly, the financial sector faced substantial costs due to the value of financial data and the potential for significant financial losses from fraud and theft. Email: The primary vector for malware Email remains the most common vector for malware delivery, accounting for 35% of all malware incidents. Cybercriminals exploit the inherent trust users place in their inboxes, using tactics such as phishing, malicious attachments, and deceptive links to infiltrate systems. The Verizon 2021 Data Breach Investigations Report highlighted that 94% of malware is delivered via email. This statistic emphasizes the critical need for enhanced email security protocols to protect against these pervasive threats. Case studies and real-world examples Several high-profile data breaches in recent years illustrate the devastating impact of these incidents. For example, the 2023 breach of a major financial institution resulted in the exposure of millions of customer records and a subsequent $100 million fine. Another notable case involved a healthcare provider, where a ransomware attack led to the compromise of patient data and a $50 million settlement. These examples highlight the severe consequences of data breaches and the importance of proactive security measures. The role of advanced security measures To combat the rising tide of data breaches, organizations must adopt advanced security measures. This includes implementing multi-factor authentication, encryption, and regular security audits. Additionally, the use of artificial intelligence (AI) and machine learning (ML) can enhance threat detection and response capabilities. Organizations that extensively use security AI and automation reported an average cost savings of $2.22 million per breach. The importance of employee training Human error remains a significant factor in data breaches. Therefore, comprehensive employee training programs are essential to educate staff about the risks and best practices for data security. Regular phishing simulations and cybersecurity awareness training can significantly reduce the likelihood of successful attacks. Conclusion The rise in data breaches is a stark reminder of the evolving cybersecurity landscape. With the average cost of breaches reaching unprecedented levels and email remaining a primary attack vector, organizations must prioritize robust security measures. By adopting advanced technologies, enhancing email security protocols, and investing in employee training, organizations can mitigate the risks and protect their valuable data. Read More

Read More

India Risk Outlook 2025

The year gone by was marked with geopolitical changes and turbulence of a high order. The events in Syria, Lebanon, Ukraine and closer home in Bangladesh, Myanmar and surrounding geographies will cast a telling shadow on the events of 2025. A multitude of elections across the globe and in India, have thrown up diverse results which challenge the old order. While the Narendra Modi-led Bharatiya Janata Party (BJP) emerged from the 2024 General Elections weakened, Donald Trump in the United States of America (USA) came out much stronger and with an agenda which threatens to challenge and reshape the world order. The year ahead is likely to be challenging for India both domestically and in the geostrategic domain. Conversely it would also be a year of multidimensional opportunities which will not only demand deft handling but may also result in new alignments and need for course correction.Economic paradigms may need a fresh approach should President-elect Trump go ahead with his policies of punitive/ reciprocal tariffs and mass deportation of illegal migrants. On the geostrategic front, a more muscular QUAD is at odds with an expanding BRICS and the two may be on a collision trajectory.With the QUAD leaders’ summit planned in 2025 in India, strong anti-China posturing may strain India’s prominence both in SCO and BRICS. The geopolitical tightrope that India has to walk can be gauged by the likely visit of Vladimir Putin to India in first quarter of 2025, followed by PM Modi traveling to China for the SCO summit and hosting the QUAD leaders in October 2025. One misstep or a belligerent statement can derail or alter the outcome of these significant events. In a similar vein India’s image abroad was dented by accusations of targeted killings/attempted murder by alleged government agencies, coupled with bribery allegations against the biggest business house of India.On the domestic front, peaceful elections in J&K and a smooth transition to power of an opposition led government bodes well for the overall security dynamics of the sensitive region and its continued progress in 2025 would be a big boost to stability. The vigorous efforts taken by the BJP-led government to root out Left-Wing Extremism (LWE) would continue in 2025 and may result in weakening this antinational movement significantly.The overthrow of the Sheikh Hasina government has been a big setback as India had backed her government fully. The relations currently are rather fragile with a widening trust deficit on the back of reports of attacks on minorities, and their places of worship. The recent visit of the Foreign Secretary of India has smoothened some issues but more needs to be done in 2025 to bring the relations back to a semblance of normalcy. However, tense relations between the two neighbours in 2025 are likely to continue. On the more complex Indo-China front the disengagement and pull back by both armies from Ladakh has been a very positive development. The recent visit of the National Security Advisor (NSA) to China has given further momentum to an improvement in ties. No dramatic development or normalisation of relations are likely in 2025 and few baby steps to rebuild trust can at best be expected.On the internal front, the BJP-led government is weaker, and despite all odds the opposition INDI alliance has posed significant challenges to the government. This has led to further polarization and widening of communal fault lines. If this remains unchecked, it may lead to social unrest in some historically sensitive areas. The farmers protest continues and will not give much room to the government in 2025 to address the much-needed agricultural reforms.Despite all this 2025 will be a pivotal year for India as it will become the fourth largest economy growing at a rate of 6.5-7 percent in the coming years. Artificial Intelligence (AI) and quantum-based technologies and semi conductor manufacturing will play a big part in the economic resurgence of India, the problems of wealth distribution, population, climate risks and inflation will continue to pose challenges. Overall, a year of stability, steady growth, some geopolitical risks mixed with opportunities is forecast for 2025. Executive Summary The year 2024 was characterized by elections in more than 70 countries and persistence of several geopolitical conflicts. With the series of elections that too k place, the discussion on the spirit and quality of democracy took center stage as leaderships in these countries either used elections to tighten grip on power, gain legitimacy or display illiberal tendencies. The Russia-Ukraine and Israel-Palestine conflicts continued to worsen and have spillover effects in other states, impeding any global efforts towards restoring peace. The Global economy is riddled with stagnant major economies and growing global debt which is already at a record level due to the COVID-19 pandemic. Several governments are offering increased spending and tax cuts as a part of political campaigns, which will only add on to the global debt. There are alarming trends of increasing cost of living, increasing defense expenditure, backsliding on international commitments, and increasing vulnerability to climate variability. Against the backdrop of global disorder, multiplying geopolitical complications and internal challenges, India successfully conducted its general elections. India took strategic measures to protect its integrity, propel its regional influence and maintain a considerable global presence while facing new risks and threats. On the geopolitical front, the diplomatic friction between India and Canada has heightened after the Canadian government accused the Indian High Commissioner and five other diplomats of being ‘persons of interest’ in the murder case of Hardeep Singh Nijjar, a Canadian citizen allegedly involved in Khalistani activities. India responded by recalling its diplomats and by expelling the Canadian High Commission in India, citing its interference in internal affairs as the reason. There are speculations that this diplomatic fallout between the two nations could have spillover effects in other domains, particularly in trade. In late October, India and China established a temporary truce regarding the ongoing conflict along the Line of Actual Control (LAC), with a border disengagement agreement. There will be pulling back of…

Read More

Synergizing Artificial Intelligence and Human Analysis in Corporate Threat Intelligence

Lt. Col. Sushil Pradhan (R)Executive Director and COO, MitKat Advisory, Certified Data Centre Professional Co-authors Introduction Amid an evolving global environment characterized by socio-political turbulence, economic changes, supply chain disruptions, and climate change, businesses face various risks that threaten their operational capability. The need to continuously monitor relevant events and threat indicators has emerged to mitigate these risks promptly and effectively. Corporate threat intelligence is an essential tool to this end. It emphasizes proactive identification and mitigation of risks and enables timely reactions. Risks can be generated by regulatory changes, economic sanctions, upcoming civil unrest, extremism, terrorism, political changes etc. Modern threat intelligence integrates the capabilities of artificial intelligence (AI) and human analytical capabilities to address these issues. AI processes vast amounts of information and datasets through various sources like social media, open-source intelligence (OSINT), and government sources. In parallel, human analytical skill complements AI by interpreting, analyzing and contextualizing filtered information, and presenting it in the form of actionable intelligence that can enable viable options for decision-making. Corporate Threat Intelligence Today’s interconnected world features a dynamic and unpredictable operational environment. Dimensions like domestic politics, international relations, technological advancements, and civil unrest come into play, affecting a business environment. To adapt to these changes, corporations and businesses need a robust threat intelligence system to track, monitor, and manage these risks. Corporate threat intelligence has evolved beyond cybersecurity and now includes climate change, governance, political and economic stability, as well as regulatory policies. Businesses, especially MNCs, face diverse political and economic landscapes that pose adaptability issues as well as operational interruptions. Regime changes, sudden tariffs or sanctions, and regional conflicts are common in sensitive regions and impact business operations. For example, Houthis attacking commercial vessels in the Red Sea region has previously impacted the maritime trade route, adding to transportation and logistics costs. Corporate threat intelligence assists businesses in tracking and monitoring such events, thereby enabling effective risk mitigation strategies. Role of Artificial Intelligence in Threat Intelligence Productive threat analysis is an outcome of deciphering a vast amount of information within a specified timeframe. AI helps declutter irrelevant information, reduce noise, and provide relevant data. Threat intelligence traditionally relies on human analysts who used to surf the web, aggregate OSINT and analyze data manually. This approach was useful in providing depth and conceptual understanding but is labor-intensive and cannot keep up with the pace of the changing operational environment. The introduction of AI has provided a credible counter to these challenges. AI enables automated data collection and curation at an incredible speed. Synergizing Artificial Intelligence and Human Analysis Furthermore, AI also features 24/7 monitoring of relevant events, pattern and trend recognition, and regulatory compliance. AI’s integration with mass notification tools provides real-time updates, which nearly simultaneously enhances organizational awareness. For example, in the case of protests, AI continuously monitors media and social media to look for patterns and possible anomalies. AI can then notify the organization regarding possible supply chain disruptions due to the blockage of national highways, roads, or railway tracks, informing speedy decision-making. Role of Human Intelligence in Threat Intelligence AI has indeed revolutionized threat intelligence with its scalability and speed in processing vast amounts of data in a short period, as well as pattern and trend recognition. However, the role of human analysts remains irreplaceable. The human element of threat intelligence adds cultural context, deeper understanding, and strategic insight. Human analysts can identify the root causes of an event through cultural and contextual understanding while AI provides relevant data. AI excels at processing vast amounts of data and generating pattern analysis, which is difficult for a human analyst in the age of information overload. A human analyst focuses on building strategies and actionable steps to mitigate the risks based on the data provided by AI. For example, in case of a ransomware attack, AI will quickly identify the entry points and systems affected by the attack, while human analysts will focus on strategizing mitigation of the risk. Despite these advancements, vulnerabilities exist, thus making human collaboration an integral part of corporate threat intelligence. An important shortfall of AI integration in threat intelligence is the spread of disinformation and misinformation, which can be eliminated with human involvement, which includes verification of sources, checking patterns and inconsistencies, and flagging of issues considered false. This helps to bring in authenticity, reliability, and conceptualization, overcoming the deficiencies of AI. Future Applications Future applications of AI in threat intelligence include advancements like dynamic risk mapping and Geographic Information Systems (GIS), which will assist businesses in exposing geopolitical and geographical vulnerabilities, leading to a better understanding of the region of interest. One of the most important features of AI is Natural Language Processing (NLP), which enhances the language and dialect understanding of AI. It will help businesses to understand contextual and localized dynamics on a deeper level. Upcoming AI advancements like scenario simulations and advanced sentiment analysis will provide a deeper understanding of public opinion, predict upcoming events, and simulate them to effectively mitigate the risk early on. However, ethical concerns like data privacy and AI bias still cloud the capability of AI. Advancements like Explainable AI (XAI) can build transparency and trust, but the collaboration between AI and analysts will remain crucial, with humans contextualizing and conceptualizing information that AI refines through data made available to it. Conclusion Threat Intelligence has proved to be essential for businesses globally. Dynamically evolving operational environments necessitate innovative threat intelligence protection to safeguard critical assets, business operations, and reputation. AI has been a revolutionary part of corporate threat intelligence, and its scalability and speed have changed how we process the increasingly interconnected global risk landscape. AI has enabled real-time data analysis, pattern and trend recognition, sentiment analysis, and predictive modeling to identify risks early on. The synergy between AI and humans creates a feedback loop that enhances the relevance and accuracy of solutions to upcoming risks. This paves the way for a hybrid model which will allow for more accurate information as well as the most…

Read More