Category: Feature

Milind Borkar – Expert Security Consultant In the dynamic world of surveillance, one often treads a fine line between cutting-edge technology and practical application. For someone like me, with over five decades of experience in the security and surveillance industry, the journey has been one of continuous learning and adaptation. However, there comes a point in every professional’s life when they encounter something that profoundly alters their perspective. For me, that transformative moment occurred when I received ‘The Footage Whisperer – See What the Camera Saw,’ an extensive and enlightening guide penned by my long-time acquaintance, Gautam D. Goradia. Apart from reading the book I tried the SW & VMS to see if the software works as mentioned or are there any technical issues when recording and playback. I did not encounter or see any issues. A Deep Dive into Surveillance Expertise Before delving into the paradigm-shifting aspects of ‘The Footage Whisperer,’ let’s explore the author’s background, a critical factor in establishing the credibility of this compendium. Gautam D. Goradia is no novice in the world of surveillance; his journey in this domain spans several years. He is an individual who has meticulously honed his craft and knowledge, recognized by both peers and authorities in the field. His extensive experience has fostered an in-depth understanding of the intricate workings of surveillance technology. The Compendium That Redefines Surveillance Narratives What sets ‘The Footage Whisperer’ apart is its remarkable depth and comprehensiveness. This compendium isn’t just another book; it’s a game-changer for the entire video surveillance industry. It masterfully covers the numerous challenges faced by various industries, spanning from airports to zoos, providing invaluable insights into diverse applications, from A to Z. As a seasoned veteran in the field, I cannot emphasize enough the significance of this resource. It underscores the importance of daily auditing, smart backup, and standardized reporting – aspects that often remain overlooked amidst the industry’s relentless pursuit of higher megapixels and advanced technologies. Debunking Myths and Embracing Auditing One of the most notable contributions of ‘The Footage Whisperer’ is its ability to debunk myths that have long plagued the surveillance landscape. It shifts the industry’s focus from mere technological advancements to the core essence of surveillance – genuinely ‘seeing what the camera saw.’ The emphasis on daily auditing as a standard operating procedure is nothing short of a paradigm shift, ensuring that every user achieves optimal outcomes. Despite my extensive expertise and knowledge in the field, ‘The Footage Whisperer’ has been a revelation. It serves as a potent reminder that in the ever-evolving world of surveillance, there is always room for growth, innovation, and, most importantly, perspective transformation. Eminent Contributors and the National Occupational Standard (NOS) While the compendium is undoubtedly a testament to Gautam’s vision, it is essential to acknowledge the invaluable contributions of eminent figures such as Dr. Kiran Bedi and others. Their insights and expertise have enriched ‘The Footage Whisperer,’ transforming it into a collaborative effort by industry stalwarts. Furthermore, the compendium’s impact extends far beyond its pages. It has played a pivotal role in setting a National Occupational Standard (NOS) for CCTV Video Footage Auditors, a pioneering initiative by the Ministry of Skill Development and Entrepreneurship, Government of India. This groundbreaking move ensures that a new breed of professionals is wellequipped to address the challenges and opportunities that lie ahead in the industry. COM-SUR: The MS Office of CCTV Among the myriad revelations within ‘The Footage Whisperer,’ the concept of COM-SUR stands out prominently. Often likened to the ‘MS Office’ of CCTV, COM-SUR is a versatile tool that standardizes how users should interact with surveillance video, regardless of the brand or type of camera or VMS. It empowers users with a comprehensive and all-encompassing solution for their surveillance needs. A National Service and Societal Purpose However, ‘The Footage Whisperer’ extends beyond the realms of technology. It embodies a national service and societal purpose. By offering free versions of COM-SUR for community policing, budget-constrained government schools, and places of worship, the compendium envisions a safer world where potential threats are thwarted through daily CCTV footage audits. It’s a testament to the profound impact that the fusion of technology and humanity can have on our society. Embracing a Whisperer’s Call to Action In conclusion, ‘The Footage Whisperer’ is not just a book; it’s a transformative movement. It calls upon everyone involved in the video surveillance industry, from system integrators to camera manufacturers, VMS creators, and the police, to rethink their approach. The industry now has a whisperer, and it’s urging us all to ‘see what the camera saw’ and, more importantly, ‘act on what it revealed.’ *Views expressed in the article are solely of the Author  

Col. Avijit Nandi (Retd.), Head-Integrated Risk Management & Investigation/ Fraud, MitKat Introduction Whistleblowing is not a new phenomenon as many thinks. The concept and its use have been there for ages. Two quotes below from Kautilya, the famous scholar and one of India’s most popular presidents Dr. A. P. J. Abdul Kalam echo the sentiment. In fact, we turn whistle-blowers in our school, colleges, and even in our families. The only difference is the motive in each case. “Where do the evils like corruption arise from? It comes from the neverending greed. The fight for a corruption-free ethical society will have to be fought against this greed and replaced with ‘what can I give’ spirit” – Dr. A. P. J. Abdul Kalam Here we will broadly discuss ‘Whistle Blowing’ in the workplace. Every organisation encourages honest employees. Encouraging whistle-blowing in an organisation promotes transparent, clear, and effective communication means. An ethical person who thinks of the betterment of the society and organisation he serves will resort to whistle-blowing. Whistle-blowing in recent years has gained huge prominence since in the global competitive market, a company’s effort to be ahead in the race cut corners illegally, which gets reported. There have been instances of huge and big whistle-blowing by the employees against the companies. There are seven dimensions of organisation culture that can influence the employees to be a whistleblower. “Any witness who supplies data about extortion and on the off chance that he/ she prevails with regards to demonstrating it will get the reward of onesixth of the sum being referred to; or if the source is an administration worker, he/ she might get one-twelfth of the sum for a similar demonstration” – Kautilya Vigilance. Engagement. Credibility. Accountability. Empowerment. Courage. Option. Who is a Whistleblower? A whistleblower is a person, often an employee but also can be a supplier, vendor, or any third party, who reveals information about activity within a private or public organization that is deemed illegal, immoral, illicit, unsafe, or fraudulent. Study shows there are four type of factors that can influence a whistleblower’s intention to conduct whistleblowing, namely – pressure/ incentives, opportunity, rationalization, and capability. Types of Whistleblowers The need for effective whistle-blowing systems The value of whistle-blowing cannot be overstated. Studies have shown ‘the single most important way in which wrongdoing was brought to light in public sector organizations’ was employee whistle blowing. There is accordingly no doubt that more needs to be done by legislators as well as public and private entities to encourage whistle-blowing and related reports of corruption – to handle reports of alleged corruption, wrongdoing and undue risks in a sound manner; and to provide appropriate levels of protection for whistle-blowers. Whistle-blowing systems can be more successful if they provide a combination of reporting channels (e.g., directly to specific trusted persons, via a telephone hotline, or through an online channel, or an app); if the authorities make a point of communicating with whistle-blowers throughout the investigation process to maintain trust (a failure to be responsive may give rise to a perception that the wrongdoing is being covered up or that the investigation is not serious); and if information from reports is connected with information from other sources (such as surveys and audits). For that reason, supporting whistleblowing inside the organszation may be highly beneficial for companies. If misconduct is reported, the perpetrators can be stopped, and more importantly, the damage their actions have caused can be mitigated or even prevented. It is often hard for employees to decide to report misconduct. We will explore in detail different reasons employees fail to report transgressions. This does not mean that companies should be discouraged, as there are ways for them to encourage whistleblowing. It starts with implementing an anonymous whistleblowing system and making it a big part of the company’s culture. We will analyse different options, their advantages and disadvantages, and how to begin implementing them. Encouraging people to speak up and expose wrongdoing is a major factor in fighting fraud, corruption and unethical behaviour. The mere presence of a whistleblowing system may be enough to put people off committing any illegitimate activity, thus significantly reducing the risk of fraud. Take a look at six crucial benefits that whistleblowing can bring to any organisation: Helps combat fraud. Avoids reputational damage. Prevents issues escalating. Reduces losses. Raises awareness. Creates an open culture. Barriers to whistle-blowing According to research, whistleblowing is beneficial for companies. For example, companies that receive a higher number of whistleblowing reports tend to have a plethora of positive outcomes such as a 46% decrease in negative news coverage or a 2.8% increase in return on assets to mention a few. However, this study found that 56% of employees chose not to report misconduct. Other studies show even more alarming numbers. One EU study found out that 81% of Europeans did not report the corruption even when they were aware of whistleblowing is beneficial for companies, but employees tend not to report misconduct. To be able to provide the solution, we first need to understand the problem. Why don’t people report misconduct more often? Barriers on the employer’s side One of the most prominent obstacles to the introduction of whistleblowing in companies is the negative perception by managers. Whistleblowing is perceived less as an improvement tool and more as telling on someone. Culture plays a role in this perception. For example, in the US, employees are three times more likely to report than in Europe. Also, the United Kingdom has the highest reporting rates in Europe. Additionally, managers often believe that there is no need for a reporting system as they have an open company culture that nurtures whistleblowing. However, the data paints a different picture. A survey by the consulting company EY found that 56% of those who witnessed misconduct in the company did not report it. However, 73% of these people reported that they would consider reporting to an external party, such as a lawyer. Barriers on the employees’ side…

Training a machine-learning model with real-lifedata from firefighters was key Firefighters regularly risk their lives in dangerous situations, but most deaths on duty are not directly caused by fire or smoke inhalation. Instead, approximately 40% of on-duty fatalities come from sudden cardiac death. Now, researchers at the National Institute of Standards and Technology (NIST) and their colleagues have used a form of AI known as machine learning to accurately identify abnormal cardiac rhythms in firefighters. The researchers hope their work will eventually lead to a portable heart monitor that firefighters could wear to catch early warning signs of heart trouble and prompt them to seek medical attention before it’s too late. The team, which includes researchers from NIST, the University of Rochester and Google, published its results in the Fire Safety Journal. Sudden cardiac death claimed the lives of 36 firefighters on duty in 2022, according to the National Fire Protection Association. Sudden cardiac death occurs when an irregular heart rhythm causes the heart to stop pumping blood, most commonly due to a heart attack. Sudden cardiac events kill on-duty firefighters at twice the rate of police officers and four times the rate of other emergency responders. “Year after year, sudden cardiac events are by far the number one killer of firefighters,” said NIST Researcher Chris Brown, “Cardiac events also cause career-ending injuries and long-term disabilities.” Firefighters work in remarkably strenuous environments, carrying heavy objects, climbing stairs, and enduring extreme temperatures with a limited ability to cool off. And while they may experience significant discomfort, reports have shown that firefighters often try to push through these situations without realizing they may be at risk for sudden cardiac death. To address this issue, the NIST researchers got in touch with colleagues from the University of Rochester School of Nursing. A decade ago, Rochester researcher Mary Carey and her colleagues collected 24 hours of electrocardiogram (ECG) data from each of 112 firefighters, who had electrodes strapped to their chests. The ECG data encompassed 16-hour on-duty shifts and eight-hour off-duty shifts during which the firefighters engaged in their daily activities such as answering fire and medical calls, exercising, eating, resting and sleeping. “The firefighter data we collected is so unique,” said Rochester Co-author Dillon Dzikowicz, “Having robust data is essential to move our work forward and protect firefighters.” The researchers then used machine learning and the Rochester dataset to build what they call the Heart Health Monitoring (H2M) model. They trained H2M with 12-second segments of a large portion of the ECG data. Individual heartbeats in the ECGs were classified as normal beats or abnormal beats indicative of irregular heart rhythms such as an atrial fibrillation or ventricular tachycardia. “The model is designed to effectively learn ECG patterns from both normal and abnormal beats,” said NIST Guest Researcher Jiajia Li. Once H2M was trained and validated, it analyzed firefighter ECG data from the Rochester dataset that it had not previously seen. When presented with approximately 6,000 abnormal ECG samples, H2M identified them correctly with about 97% accuracy. As a check, H2M was also trained using ECG datasets from non-firefighters. When it used this non-firefighter data, H2M had an error rate of about 40% in identifying cardiac events in the firefighter data. “Using the right dataset to train the AI model was critical,” said NIST Researcher Wai Cheong Tam. In the future, the researchers envision that this model could be incorporated into portable heart monitors that firefighters could wear on duty to warn them of cardiac irregularities in real time. Such an AI assistant could be the next best thing to a cardiologist accompanying a crew fighting a fire. “This technology can save lives,” said Tam, adding that this approach could be broadened to help other groups if the AI is trained with appropriate ECG datasets, “It could benefit not only firefighters but other first responders and additional populations in the general public.”  

Rahat Jain, Managing Director, IDIS India Video surveillance has long been an essential weapon in the war against shrink. But recent technological advances and better implementation options are redefining the way systems are designed and used. Key developments include the rise of AI-powered analytics; improvements in camera performance; the availability of easier POS and video integration; the emergence of end-to-end solutions; fairer video management software license fees and lower lifecycle costs; customers moving to NDAA-compliant equipment, and more trustworthy and ethical technology supply chains. This eBook outlines the most noteworthy developments and will be helpful for anyone planning, installing, upgrading, or using video in the context of retail profit protection. Addressing threats to profitability In the retail sector, camera systems are relied on almost universally for deterrence and detection, prevention, and investigation. Thieves remain ever-inventive in their search for new ways to exploit loopholes in security, lapses in vigilance – even brief ones, and gaps in operational oversight. Would-be thieves typically use sleight of hand, movement between aisles and displays, distraction, and speed. The video systems put in place to stop them must be effective against multiple threats, including opportunist shoplifting, organized thefts-to-order, robbery, internal fraud, bogus slip-trip-fall scams, stock room pilfering, and crime centered around checkouts and returns counters. And increasingly, in a highly competitive trading landscape, cameras are being used for powerful business intelligence functions, as well. 1. Don’t cut corners with cameras You may need to keep a close eye on budgets, but don’t be deceived by low upfront camera costs – there’s usually a catch. Beware of higher costs further down the line and avoid quality and performance shortcuts. HD and ultra-HD cameras aren’t expensive – or they don’t have to be – and saving marginal costs by installing low-quality and low-resolution models is a false economy. Crisp, clear image capture is the foundation of your security system. From the quality of real-time viewing and video evidence to the effectiveness of money-saving AI analytics, a lot is riding on camera performance. In retail settings, achieving complete visibility of all areas, without blind spots, is essential – because any gaps in surveillance will quickly be identified by criminals and dishonest staff. Experience shows that gaps in fields of view are always exploited, which is why risk assessments, both internally and externally, are essential. Even within the same retail chain, stores don’t necessarily share the same threats and risks, so it’s important that a range of cameras that will mitigate the risk profile of each facility – without impacting the shopping experience – is specified. Cutting costs and boosting system performance with the right cameras Low profile HD and ultra-HD internal cameras will give you the image quality operators need to detect suspicious behavior, especially near high-risk areas such as checkouts, outside fitting rooms, and storage areas. Quality cameras with excellent true WDR performance and IR are essential for dealing with the challenging light conditions often found in stores and storage areas, including low light, variable light, and back-lighting. Consider fisheyes that provide wide area coverage and domain awareness of entire shop floors and aisles more affordably and allow you to replace multiple fixed lens models. 2. Reliable, affordable, and easy to retrieve video evidence A robust retail video system will ensure that footage can be retained for extended periods, if necessary, without excessive storage costs. NVR-based systems remain popular for retailers as they are highly scalable, allowing for the addition of multiple cameras without the need for extensive cabling or infrastructure upgrades. This makes it easier to expand the system as needed. NVRs also make it easy to integrate with other security and safety systems, such as access control and intruder systems. This integration enhances overall security and presents an affordable yet comprehensive security infrastructure. To prevent potentially costly gaps in footage, SD card failover is now essential on cameras to guarantee continuous recording in the event of network instability or outages (a common vulnerability in retail environments such as strip malls, where bandwidth is often constrained). In addition, recordings should be fast and simple to review and export to support internal investigations or legal action. VMS controls should be intuitive and easy to use to make retrieving evidence a straightforward task, even for inexperienced users, including local retail managers. To save time and improve accuracy, retailers are taking advantage of the powerful meta-data search tools, which are now available with AI video solutions and devices. Pitfalls to avoid with HD video data handling Systems often disappoint because problems arise around video data storage and retrieval. HD video increases storage requirements, and cost can mount with extended retention periods over 30 days. To prevent this, look for solutions that support H.265 in addition to advanced compression technologies. Where video footage is mission critical, consider NVRs that offer features including RAID 1, 5, 10, and redundancy to prevent data loss in case of hardware failure or damage. With tampering becoming an increasing concern, the integrity of footage should be assured with ‘fingerprint’ technologies that make undetected tampering impossible. 3. Centralized, local, and remote monitoring Video systems should always be designed around the requirements of users. In the case of retail, this can include security officers, loss prevention managers, store and branch managers, business owners, control room operators, and head-off profit protection teams. For example, for independent businesses and convenience stores, the objective of the surveillance system may be to use real-time monitoring to support intervention at the moment of attempted theft or immediately after. To enable this, controls should be intuitive and straightforward so that non-specialist staff quickly become confident using the system. For retailers with centrally monitored large stores or branch networks, control room staff will need to be able to multitask. For example, operators will want to be able to configure notifications and alerts and relay events, including video pop-ups, to security officers and managers on the ground. Store staff will want easy-to-use client software that gives them the tools they need to manage day-to-day…

Shakti Leekha, Chief Business Officer, Enlite Research Private Limited In today’s fast-paced world, the importance of seamless and efficient access control systems cannot be overstated. The need for touchless, smarter, more secure solutions has led to the rise of touchless access controls. Enlite, a company that is developing wireless solutions for the built world, has taken access management to new heights with its groundbreaking access management solution. This cutting-edge system is reshaping the way we interact with our workspaces, providing a safer and more convenient access experience. Introducing Enlite: Pioneering the Future of Access Control Enlite is a rising star in the realm of sustainable and innovative solutions for the built world. Their mission is clear and powerful – to inspire tomorrow by creating a compelling today. Through years of research and development, they have unveiled Enlite Enable, an innovative touchless access management smart device that caters to the evolving needs of modern businesses. Enlite’s customer-centric approach and dedication to innovation have earned them trust across various sectors, from small startups to multinational corporations. With Enlite Enable, they are at the forefront of the access control revolution, empowering businesses to embrace a more secure, efficient, and touchless workspace. Top 10 Features of Enlite’s Access Management Solution Lightning fast contactless check-ins & checkouts: Enlite Enable transforms the way employees access their workspace. A simple tap of the RFID card or the use of an app on the smartphone grants them seamless entry and exit. This contactless approach not only enhances efficiency but also fosters a hygienic workplace, addressing health concerns in today’s world. Access & manage from anywhere: With Enlite’s webbased platform and app, administrators can manage access control from anywhere. Grant or revoke access, configure user permissions, and monitor real-time access events – all in the palm of your hand. Sync users automatically: Managing users becomes a breeze with Enlite’s automatic user synchronization. When employees join or leave the company, access permissions are updated in real-time, ensuring an always up-to-date access control system. Troubleshoot hardware online: Enlite’s proactive approach to hardware maintenance allows administrators to troubleshoot issues online, minimizing downtime and streamlining maintenance efforts. Download history logs: Comprehensive access history logs provide valuable insights into user movements and access events. Enlite enables you to download and analyze these logs for enhanced security and auditing purposes. Granular and site level permissions: Administrators have granular control over access permissions, allowing them to define specific access levels for individual users or groups. This flexibility extends to managing access control at both individual site levels and multiple locations. Easy integration: Enlite’s Access Management Solution seamlessly integrates with other security and business systems, creating a comprehensive security ecosystem. The interconnected approach enhances overall security and optimizes operations. Detailed reporting: Data-driven decision-making becomes effortless with Enlite’s detailed and customizable reporting. Monitor occupancy status, analyze access patterns, identify trends, and make informed decisions for a more secure and efficient workspace. Lockdown/ emergency mode: In critical situations, Enlite’s lockdown/ emergency mode enables administrators to secure the workspace instantly by restricting access to specific areas or the entire facility, enhancing workplace safety and preparedness. Scalability: As your business grows, Enlite’s Access Management Solution grows with you. Whether it’s a small office or a large corporate campus, the system can be easily scaled to meet your changing needs, ensuring a future-proof investment. Top Reasons to Choose Enlite’s Access Management Solution Multiple credentials for enhanced convenience: Enlite’s Access Management Solution offers multiple credential options giving users the freedom to choose the access method that suits them best. Appealing aesthetics enhancing the workspace: Enlite Enable’s sleek and minimalist design blends seamlessly with any architectural style, the smart product engineering allows for plug & play installation. Its high-quality PCBs & Heavy Duty components allow for long life. Automatic alerts for real-time security: Stay on top of security events with Enlite Enable’s automatic alerts, which instantly notify administrators of any unusual access events or security breaches. Web-based management for streamlined control: Administrators can conveniently manage the access system from anywhere using Enlite Enable’s user-friendly webbased platform, ensuring constant connectivity and control. Unlocking the Future of Access Control with Enlite Enable Enlite Enable Access Management represents the future of workspace security and efficiency. With its touchless check-ins, remote access management, automatic user synchronization, troubleshooting capabilities, and much more, it sets the benchmark for next-generation access control systems. This solution has already been deployed in buildings across India. By choosing Enlite Enable, businesses can unlock the full potential of their workspace security and access management needs. Embrace the touchless revolution with Enlite Enable and create a safer, more efficient, and technologically advanced workspace for your employees and visitors.  *Views expressed in the article are solely of the Author  

Milind Borkar – Expert Security Consultant As technology evolves rapidly from year to year, it becomes a challenging task to determine the requirements to build a secure, robust and almost foolproof system that will fulfill all basic security parameters. These parameters will vary for each new system as the same parameters cannot be applied across the board for all systems. A robust system that meets the security requirements for any new and/ or green field project, the following points will drive the decision-making process. Let’s use a CCTV system as an example: Budget and time available to implement the security system. Conduct a thorough site survey to determine security vulnerabilities and use it as vehicle to determine security requirements. This then becomes the primary driver along with the available budget. Detailed Camera information a. Mega-Pixel rating. b. Number of cameras required. c. Each camera location and it’s purposed function. d. Type of camera: Fixed, PTZ, indoor or outdoor, thermal performance, Field of View etc. e. Any other requirements that are specific to the location of the camera to fulfill its intended function. Storage capacity per camera – both inside as well as outside the camera. Storage architecture of the CCTV system. Network architecture of the CCTV system. Integration of other security components such as access control, perimeter intrusion detection systems, facial recognition, license plate recognition, under vehicle surveillance system, visitor management system, radar for areas not covered by cameras and other special requirements. Remote access/ cloud connectivity. Physical guarding. Video analytics. Vendor(s) selection. As one can see there are several factors that influence the decision-making process in building a security system. We will briefly go over each one of them in the following sections: Budget and time available As in any and every sphere of life the available budget is the key factor. Based on the available budget and time, a determined effort needs to be put in place to first build a project specific requirements document. Several trade-offs will need to be considered if the project requirements cost exceeds the available budget. This could be an iterative process that will consume time and money in the planning phase. Each new or green field project or an update/ refresh cycle of an existing deployment must go through this elaboration process to avoid surprises in the implementation/ build phase. Site survey Conducting a site survey is the basis of building a security system. This phase is the most critical where a thorough site survey is conducted to determine security vulnerabilities. Along with this a determination needs to be made as to what other systems are required to complement the main CCTV system. The illustrative airport diagram should give a very good idea of the other security components that need to be explored. Once this information is gathered and documented, then this information becomes the driving force for subsequent phases of the project. The best way to illustrate the process of building a security system is through an example. We are using an airport We will use the following diagram to highlight all the components that constitute a surveillance/ security system. We have used an airport as a use case. A typical airport is a super-set of any security deployment. as an example as it has a super-set of inputs that can be applied to any security system design. The color-coded table is used to distinguish the various inputs/ requirements received from the customer. The following table is a standard template that can be used to capture security requirements. These inputs are used to design the entire security system which can then be used to calculate the cost of the implementation. Using the above inputs from the customer and the respective BOQs for each airport, a complete design can be derived. The following table shows the output of the design process for 24 airports. Each airport has the same security requirements but BOQs are different. Once the design is completed to a 90% level of the target specification, the budgetary process can be started. Several vendors, RFQs etc. will be involved to go through an iterative process. This process will also vary for each geographical region. and must be considered. Without going into the details that vary for different geographical regions the important point to consider is the vendor selection process as it has a significant impact on the quality, robustness and overall cost of the system. Customers desirous of building a security system can engage subject matter experienced consultants who can guide and evaluate all the variables/ entities in the decision-making process. Cost optimization through simulation A security system design, implementation and build out are a complex system with many sub-systems that need to work with each other flawlessly. Every care must be taken in the early phases of the project as many variables are involved which can have a significant impact on the overall cost. One of the ways to help this process is to run a simulation based on the customer inputs. Through experience we have determined the following: The customer knows what he wants but does not know how to get there. Almost all vendors over sell their products and services which do not benefit the customer in any way. A consultant is required in all cases to systematically guide and evaluate all the options available to provide the highest performance at the lowest cost to the customer. We will now go through a simulation for one of 24 airports. We will show how our simulator determines the highest performance at the lowest cost. The following graph il lustrates this. The X-Axis shows the percentage of cameras running video analytics (VA). The Y-AXIS shows the cost in a standardized format. The DELTA between the lowest cost and the highest cost is 3x. VA stands for Video Analytics; VMS stands for Video Management Software. The GREEN line is the overall COST with the other colored lines that sum up to the overall GREEN line cost. Impact of Cost…

Vishak Raman, Vice President of Sales, India, SAARC, SEAHK & ANZ at Fortinet Distributed networks and a hybrid workforce are rapidly transforming today’s network environments. Workers divide their time between the office, home, and somewhere in between. Applications are split between on-premises, cloud, and Software-as-a- Service (SaaS) deployments. And data, once the sole province of the data center, is increasingly distributed across multiple locations. Over the past few years, ensuring that every user and device has secure, reliable access to the critical resources they need has been a top priority for IT teams. And access needs to be easy, no matter where the user is located or where applications and assets have been deployed The Fortinet 2023 State of Zero Trust Report looks at the progress IT teams have made in establishing a new sense of normalcy following the network upheaval initiated by the start of the global pandemic. With most employees suddenly working outside the network perimeter, IT teams scrambled to keep businesses operational. This effort often took the form of quick fixes and workarounds that exposed the weaknesses in their remote-worker strategy. It also highlighted the challenges of bringing their rapidly expanding network environments under a unified security umbrella. Outlier environments, like poorly secured home offices or misconfigured cloud solutions implemented by DevOps teams with little security experience, became new attack vectors for cybercriminals. It quickly became obvious that the implicit trust model in many organizations was a problem. However, too many IT teams tried to solve the issue in the traditional way by throwing technology at the problem. And it wasn’t long before they had a new problem of trying to get discrete point solutions to work together. These challenges are reflected in this report, which includes a number of key findings. Organizations of all sizes are actively implementing zero-trust strategies, but challenges remain: Companies have deployed considerably more solutions as part of their zero-trust strategies since 2021. Companies are looking to enable zero trust everywhere to minimize the impact of a breach. Although companies are moving forward, they still face challenges, including interoperability between solutions, consistent visibility, end-to-end policy enforcement, and application latency issues. Respondents also complained about the lack of reliable information to help them select and design a solution. Solutions must cover both on-premises and remote users with a consistent application access policy, and success has been mixed: Many solutions like zero-trust network access (ZTNA) and secure access service edge (SASE) are cloud-only. However, companies need to secure access to applications on-premises and outside of the network. Notably, nearly 40% of organizations still host more than half of their applications on-premises. The most significant challenge in any zero-trust strategy is the need for more integration between on-premises and cloud environments. Three-fourths of respondents have encountered issues with their hybrid workforce because of relying on cloud-only ZTNA. The top priorities for SASE solutions vary, but ‘security effectiveness’ is the most significant, with 58% placing it in their top three priorities. The consolidation of vendors and solution interoperability is crucial: Deploying solutions from multiple vendors has created many challenges for organizations, including introducing new security gaps and high operations costs. Larger companies are especially keen to consolidate solutions to simplify operations and reduce overhead. Zero-Trust Strategy Priorities The pandemic initiated a dramatic workforce transformation, with the vast majority of employees who traditionally worked on-premises suddenly working from home. This change triggered a corresponding dramatic upheaval in networks, essentially turning them inside out. Almost overnight, organizations needed to create secure network access to critical applications and resources through the perimeter, which often required upgrading remote access technologies such as edge security tools. At the same time, the limitations of traditional VPNs became apparent as hackers began accessing corporate resources by hijacking VPN tunnels through poorly protected home networks. Plans to move applications to the cloud were accelerated to offload pressure on the network perimeter and to improve the user experience. Of course, none of these changes were entirely unexpected. The move to a hybrid workforce had been in progress for some time, but the pandemic accelerated the change. Many organizations weren’t ready for the sudden transition to remote work, and they didn’t have the technologies in place that the circumstances demanded. Despite these issues, two-thirds of organizations have decided to maintain a hybrid workforce, with larger employers more likely to support remote workers than smaller ones. The challenge has been providing consistent access and exceptional user experience for workers who move between onpremises and remote work locations. It has been particularly difficult for the 72% of organizations that opted for a cloud-only ZTNA solution to provide secure access to critical applications. (Fig. 1) Early on, it became clear that the best approach for managing and securing a workforce with no permanent location was to initiate a zero-trust strategy, which eliminates implicit trust based on location and enforces the principle of least privilege. The reasons are broad for implementing zero trust, but 34% identified minimizing the impact of breaches and intrusions, and 29% cited enabling zero trust everywhere as their primary incentive. Interestingly, only 18% selected reducing capital expenditure. Although their top objective for choosing a zero-trust solution (ranked as either extremely or very important) was to ensure application-layer security (85%), compatibility with both on-premises and cloud settings (82%), and integration with the rest of their networking and security infrastructure (82%) were also very high. Organizations also report being better prepared to support and secure their hybrid workforce with a wide range of solutions already in place to support their zero-trust strategies. The solutions that have been implemented include secure web gateways (SWGs) at 75%, cloud access security brokers (CASB) at 72%, network access control (NAC) at 70%, ZTNA at 67%, next-generation firewalls (NGFWs) at 63%, and endpoint detection and response (EDR) with 62%. The one surprise was the relatively low implementation of multi-factor authentication (MFA) at only 52%, which is critical for preventing unauthorized access to applications and other resources. Those organizations that have not yet…

In this digital age, when footfall is declining and ecommerce is growing, the challenges for shopping malls seem bigger than ever. In this blog, we look at the importance of the customer experience and explore the best ways for malls to attract more shoppers As consumer behaviors change and shopping trends move ever more online, many shopping malls are seeing a decline in footfall and sales. Moreover, malls are finding it very difficult to compete with the endless product selection, price comparisons, and always-on nature of online shopping. However, although consumers are getting much of their shopping needs covered online and visiting their local malls much less frequently, one advantage that shopping centers have over their ecommerce competitors remains: the interactive, in-person experience. Today’s purchasers are empowered like never before, so their expectations for all of their shopping experiences have risen to a new, vastly higher level. This means only the most customer-centric businesses can reach the now-expected standard. Therefore, delivering a great customer experience can help malls regain customer loyalty and boost revenues over the long run. With that in mind, the next issue is this: what should shopping malls do to improve the customer experience and satisfaction? Here are four ways in which Hikvision’s smart retail solutions can enhance customer experience and give shopping malls a competitive edge. Understand and meet customers’ needs in real time with customer intelligence How are people shopping these days? As consumer behavior changes and competition grows, shopping malls need to track a number of metrics to attract shoppers and improve business performance. Ask yourself the following questions: What is the average daily foot traffic for my mall? Does my mall have a reasonable shopper-to-staff ratio? Do I understand my customer’s journey? In asking these questions, we begin to see the importance of data-based decisions regarding the customer experience. With key metric data, malls can launch more effective marketing activities and in turn generate more footfall and sales. But how can one get these metrics? The answer – with cameras that do more than just record security video. Hikvison’s smart cameras with people counting and heat mapping capabilities provide real-time awareness of customers’ journeys through the mall. For example, smart cameras can be used to count customers entering and leaving the shopping areas, ensuring that enough staff are available to serve them. During busy times, staff can be directed to the registers when queues get too long and then return to routine tasks at non-peak times when fewer customers are in the mall. Additionally, Hikvision’s intelligent video analytics provides new insights on which areas, shops and brands are the most popular. This helps malls to optimize available floor space throughout the retail mix and floor plan, making it more in tune with consumer needs and trends. This ensures that the shopping experience is as convenient, efficient, and satisfying as possible. Capture attention and convey information quickly and efficiently with commercial displays Shopping malls today have gone from being simply a hallway of retail stores to multipurpose complexes that feature restaurants, entertainment venues, special events, holiday activities, and more, in addition to the conventional retail shops. To attract new visitors and maintain maximum footfall, malls need to create fun and unique shopping experiences for customers. This is where Hikvision’s commercial display solutions come in. Hikvision offers a diverse range of outdoor and indoor displays with eye-catching visuals, attractive advertising, and digital navigation solutions. For example, exciting display solutions for building façades can be an effective way to draw more in-store visitors. Digital signage in central walkways can create an amazing and memorable experience for visitors. Kiosk displays in high-traffic areas can provide information about shops, brands, sales, and special events, as well as show customers the route to the nearest bathroom or exit. These solutions grab shoppers’ attention and provide useful information, boosting the whole experience in an efficient and enjoyable manner. Provide easy, convenient parking with smart parking management Today, convenience is a must, from entry to exit. From finding a parking space on the way in to smart vehicle location on the way out, malls must ensure customers not only find parking spots quickly, but also locate their parked cars easily in those shopping malls’ expansive parking structures. Here, Hikvision’s smart parking solution makes it fast and easy to find available spaces, and helps customers locate their cars in large parking lots. This solution saves them time and improves their satisfaction when visiting the mall, improving the chances for repeat business. Ensure a safe shopping environment Security is the final piece to the puzzle. With Hikvision’s smart video solution, security teams at shopping malls can get alerts in real time to ensure the store is always safe. Additionally, Hikvision offers multiple, high-value security applications for unattended environments, from traditional video security to AI algorithms that detect incidents. These capabilities ensure that customers always feel safe and comfortable inside the mall.  

Gaurav Ranade, CTO, RAH Infotech The rising cybersecurity risks are a cause for worry for IT teams across verticals. This is where organizations need a proactive and advanced mechanism to counter the new-age threats and threat actors. Exposure and vulnerability management are considered as one of the most ideal solutions for mitigating cyber threats But what is exposure and vulnerability management? Exposure and vulnerability management are both important aspects of cybersecurity, but they focus on different aspects of protecting an organization’s systems and data. Exposure management is the process of identifying and mitigating potential risks or vulnerabilities in an organization’s systems and infrastructure. It involves assessing the overall risk landscape and implementing measures to minimize the impact of potential threats. Vulnerability management is a subset of exposure management and specifically focuses on identifying, evaluating, and mitigating vulnerabilities in an organization’s systems and applications. It involves a systematic approach to proactively identify and address weaknesses that could be exploited by attackers. The key components for strong exposure management are – vulnerability assessment, risk assessment, risk mitigation, patch management, secure configuration management, security awareness and training, incident response planning, and continuous monitoring. Why is exposure management needed? Exposure management in cybersecurity is crucial for several reasons: Risk Reduction: Exposure management helps in reducing the overall risk to an organization’s digital assets. By identifying and mitigating vulnerabilities and weaknesses in the system, exposure management minimizes the chances of cyberattacks and data breaches. Vulnerability Identification: This process helps in understanding potential entry points that attackers could exploit, allowing proactive measures to be taken to strengthen security. Prioritization of Security Measures: Exposure management helps organizations prioritize their security measures based on the level of risk associated with each vulnerability. Compliance Requirements: Many industries and regulatory frameworks require organizations to implement exposure management practices as part of their security and compliance efforts. By adhering to these standards, organizations can demonstrate their commitment to protecting sensitive data and maintaining a secure environment. Incident Response Preparedness: By continuously monitoring and managing exposures, organizations can detect and respond to potential security incidents more effectively. This proactive approach allows for faster containment and remediation of security breaches, reducing the overall impact on the organization. Reputation and Customer Trust: Exposure management helps in preventing and minimizing the impact of security breaches, enhancing the organization’s reputation and maintaining customer confidence in their ability to protect sensitive information. Skybox’s award-winning exposure management solution is a go-to option for businesses Skybox’s Vulnerability and Threat Management solution leverages the company’s proprietary network modelling, exposure management, and path analysis to provide precise exposure analysis and vulnerability prioritization and management. Skybox’s approach to vulnerability and threat management delivers four essential benefits for customers: Skybox aggregates vulnerability data from all assets (including IT, OT, and multi-cloud) and every corner of the network. Unique scan-less detection capabilities and active scanning deliver a 360-degree view of the attack surface. Daily, human-curated threat intelligence is fed into the Skybox network model. Exposure, CVSS severity, exploitability, asset importance, and automated cyber risk quantification capabilities including financial impact provide an exact risk score used to prioritize action where it matters most proactively reducing your risk of attack. Skybox identifies and automatically recommends effective, practical options to reduce risk. Available patches are aggregated by Skybox threat analysts daily, however, remediation options go beyond patching and include configuration changes, network segmentation, and more. Attacks, including zero days, can be prevented, even when patches are impractical or unavailable. Integrations with ITSM tools assist in implementing and maintaining remediation through ongoing oversight. The solution automatically generates tickets, tracks performance versus SLAs, keeps stakeholders apprised, and ensures issues are promptly addressed. Skybox continues to evolve this solution and recently added the ability to quantify cyber risk exposure in financial terms to help organizations pinpoint cyber risks with the highest potential financial impact. By implementing exposure management practices, organizations can reduce their attack surface, minimize the risk of data breaches, and improve their overall cybersecurity posture. It is important to tailor exposure management strategies to the specific needs and risks of each organization and regularly review and update them to address emerging threats and technologies. *Views expressed in the article are solely of the Author RAH Infotech is India’s leading value-added technology distributor and solutions provider. Headquartered in New Delhi, RAH Infotech has been providing world-class IT solutions since the year 2005 to a large number of channel partners and enterprises in the India & SAARC regions. The rich portfolio includes a wide range of best-of-breed solutions to address requirements across Security, Data, Network, Application, Storage, and beyond.As a top-tier technology enabler, we manage the entire value chain of data management requirements of enterprises and protect their digital assets. We partner with the finest global technology firms to develop customized IT solutions in the area of cybersecurity, networking, cloud computing, data management and application management for various industry verticals.  

Ashish Kumawat, Former Security Professional with Reliance Group Support Services; PhD in Public Policy and Law from Central University of Rajasthan In any nation, laws and public policies are the torchlights for development within any domain. It sets forth the path to be followed, the existence of a liberal/ restrictive space within which the innovations can flourish or be curtailed. However, the main problem pertains to the long gestation period in the visibility of the outcomes, which may restrict the promptness of the governments to amend the policy or to resort to Parliament to amend the laws. The same may also hold for cyber-space in India. As per the Data Security Council of India (DSCI), India remains the second most cyber-attack-affected country globally. Dr U.K. Vairagade, associate professor, Dr. (Sow.) IBP Women’s College (Aurangabad) says that the modern thief can still do more with a computer than with a gun. Dr Vairagade argues that today’s terrorists can do much more harm with a keyboard than with a bomb. In this age of artificial intelligence, internet of things and cloud computing, do people like Osama still need to hijack a narrow plane? The obvious answer, as we all may agree, is that today, a simple attack on critical infrastructure can be more devastating than any other attack. One of the best and most recent examples of this case is Russia’s cyber-attacks on Ukraine. Therefore, the importance of cyber-security cannot be underestimated. Anju A. Singh, assistant professor, V.N. Patil Law College (Aurangabad), states that we cannot ignore cyber-security in India as it has become an indispensable asset to protect businesses, governments, institutions, and individuals. Legal and policy strategies adopted in India Given the importance of cyber-security and its potential to disrupt the political as well as socio-economic fabric of the nation, India did not remain aloof in the challenges brought about by growing cyberspace. It promptly adopted the following strategies. Legislative strategies A. The Information Technology Act, 2000 (IT Act, 2000) and its Amendment in 2008 (IT Act, 2008): It envisages a coalition of actors where responsibilities are fixed among various stakeholders. The important sections in these Acts are: Section 43: It makes hacking anyone’s computer or network a punishable offence. It includes manipulation of storage, the introduction of contaminants or computer viruses, denial of access, damage to any associated component of computer vision network data etc.; Section 43A: This section was introduced via amendment in 2008 to the original act. It makes a body corporate responsible for protecting the ‘sensitive personal data’ of its stakeholders. Here central government holds the right to prescribe what ‘sensitive personal data’ means. Section 66F: The act of cyber terrorism shall be punishable with imprisonment which can be extended to life imprisonment. Section 72A: This section makes it a criminal offence to disclose personal data without the data subjects’ consent or in any breach of a lawful contract. Here the person performing the contract is aware that their action can likely cause wrongful loss or gain. One of the critical institutional mechanisms that arose from the IT Act of 2008 was the establishment of the Computer Emergency Response Team – India (CERT-IN), which was responsible for scanning internet traffic. B. Draft Digital Personal Data Protection Bill 2022: An upgrade over the withdrawn Draft Data Protection Bill, 2019, it fixes liabilities on data fiduciaries (an institution which keeps the data of users/ citizens). It also gives necessary rights to citizens, like obtaining information and seeking necessary corrections. One crucial aspect is the right to seek the erasure of data once the data’s purpose has been met. However, there is an element of differentiality in this clause’s applicability to private and specific public organisations. C. Indian penal code (IPC): Section 500 (defamatory emails): it attracts imprisonment up to 2 years or a fine or both. IPC under sections 463 and 383 makes email spoofing and web jacking punishable crimes, respectively. Further, sections 201, 292, 294, 409,448 and 509 can be used to govern cyber-crimes. Also, the Supreme Court’s original jurisdiction under Article 21 of the Constitution can be invoked in cyber-crimes affecting privacy. Policy and associated strategies: A. National Cyber Security Policy 2013: One of the most promising aspects of this policy was the set up of the National Critical Information Infrastructure Protection Centre (NCIIPC) under the National Technical Research Organisation (NTRO). India has successfully started leveraging this institution. For example, it’s a successful warning against the Shadow Pad attack. Another key feature of this policy was creating a talent pool of five lakh cybersecurity professionals by 2018. Further, it envisages the concept of shared responsibility for tackling social and economic issues in the form of emphasis on public-private partnerships. One of the successful initiatives has been Cyber Surakshit Bharat Initiative. B. Cyber security and R&D: there have been significant developments in the field of R&D, like the creation of the techno-legal National Cyber Security Database of India. Also, a Cyber Security Software Repository has been created. Further, many initiatives have been taken to advance cyber security at the individual, organisational level. cases: There have been certain landmark Indian cases related to the prevention of cybercrime and various interpretations related to the IT Act of 2000 and 2008, IPC. These also have implications for the evolution of the policies. These are: Suhas Katti case: It is related to posting derogatory messages about a divorced woman. The accused was punished under section 67 of the IT Act, 2000 and section 469, 509 of IPC. Pune City Bank case: Few Citibank employees won customers’ trust, got the pin numbers from them and transferred USD 3,50,000 to bogus accounts. Later, the accounts where the money was transferred had to be frozen. Jogesh Kwatra case: Jogesh Kwatra, an employee of the plaintiff company, started sending defamatory, vulgar emails to his subordinates and customers worldwide. The aim was apparent- to defame the company. Finally, Delhi High Court assumed the jurisdiction in this case. Bank NSP case: This case pertained to deception using…