Category: Feature

Milind Borkar MD, Systematica Suyog Security Consultants (Sr. Consultant & Security Expert) Computer storage systems have seen a massive evolution and transformation over the last 100 years or so. These changes have been dramatic in relation to the size, price and the access speed of storage. These changes have been possible due to the rapid advances in technology, which was initially slow and took years to evolve but later in the last decade it accelerated due to rapid innovations and concerted/ collaborative efforts of the industry giants. These technology advances have revolutionized the way companies, businesses and consumers use storage technologies today –y from the most ubiquitous smart phone devices and personal computers to all the way to businesses which now have come to rely more on cloud storage services. In this article we try to capture the evolution of storage technologies over the years and examine the fundamental technical reason that has accelerated storage evolution over the last decade. Storage evolution over the last 70 years relative to size, capacity and price The table below highlights the trends in storage. Initially, the advances in technology were slow, mostly led by IBM in the 60s and 70s in the Megabyte revolution. In the 80s and 90s other companies jumped on the storage bandwagon and started the Gigabyte revolution soon to be followed by the Terabyte revolution. Today there are many physical form factors of storage devices from the traditional mechanical hard disk drives (HDD) to non-volatile memory (NVM) or solid-state devices (SSD); however, the fastest and most dynamic revolution is occurring in the cloud. Storage Technology Evolution over the last 100 years (Another View) There is another view of understanding the evolution of storage technology as well. The diagram below is a pictorial representation of the other view how storage technologies have evolved over the last 100 years. The fastest growing storage technology today Today, most storage systems use some or the other form of a mechanical device for storage which is otherwise known as ‘hard disk drives’ (HDD). HDDs are the dominant technology for several reasons such as very high recording density per platter, more than one platter per HDD, higher rotational speeds up to 15000 RPM for enterprise class drives, and reduced costs due to economies of scale. However, they do have inherent disadvantages owing to further recording density increase has hit the limits of the physical space, increasing the rotational speed of the platter increases the cost exponentially, and being a mechanical device it is bound to physically fail due to all the moving parts. A single HDD with a single platter at 15000 RPM can at most deliver a transfer speed of 100MB/s for sequential block reads, and for the random reads for the same configuration, transfer speed drops down to as low as 10MB/s Given the inherent limitations of mechanical storage devices and the rapid drop in prices of non-volatile memory (NVM), NVM is the next revolution in storage. It is found in almost all mobile devices and now continues to replace mechanical devices across the board. There are several reasons for this – they are now cost competitive with HDDs per terabyte of storage capacity and this price parity will continue to erode in favor of NVM in the coming years; NVM technology is far more reliable in the longer term because it has no moving parts; NVM is over 100 times faster than HDD and has similar transfer speeds for both sequential and random reads/writes unlike HDDs; and micro-second read/ write latency compared to milli-second latency for HDDs. Companies like Intel and Samsung have now developed NVM technologies that are 3 dimensional – it means increased storage density per cubic measure of volume without any performance degradation. The first system implementations of NVM were found to be SSDs that use the Serial ATA Protocol or SATA. The reason behind this was very simple. They achieve a 100-fold increase in transfer speeds relative to HDD immediately without changing the upper level small computer systems interface (SCSI) protocol. The SCSI protocol is over 4 decades old and is used by all I/O protocols such as fiber channel etc. All major operating systems also support the SCSI protocol. So for the industry’s quick gain, it was easy to replace the HDD with an NVM based SSD. The next disruption was soon born because the SCSI protocol and its associated software stack were very heavy as far as execution time was concerned. This SCSI protocol overhead directly impacted latency of reads and writes which is detrimental to high performance applications such as high frequency trading, small transactions in banking, and numerous database applications for machine learning and artificial intelligence. Thus, an industry working group was formed to address the latency problem associated with the SCSI protocol. The industry came up with a new protocol which takes advantage of the native speed of NMV. They completely eliminated the SCSI protocol to define a new protocol called NVMe (Non-Volatile-Memory Express) protocol. In this protocol, the NVM device is directly attached to the I/O PCI express bus hence the extension ‘e’ in NVM. This eliminates the need to have the traditional hardware and firmware that resides in a host bus adapter (HBA) along with HBA itself. The following diagram illustrates this concept Latest NVM highlights ● PCIe Gen1 is 2.5 gbps per lane per direction. Today’s SSDs pack Gen3x2 or Gen3x4 (8 Gbps x 2 or 4 lanes = upto 32 Gbps) bandwidth in a very tiny M.2 gumstick form-factor. ● 3-D NAND and 3D-Xpoint NAND – DRAM-bandwidth at flash-economies – very low-latency flash (20us IO read/Write) latency compared to 200us latency for enterprise flash. ● New form-factor coming to pack TB of capacity – ‘ruler’ form factor from Intel. ● NVMe enables performance scaling with the increase in capacity – traditionally denser HDD did not bring any performance improvement. ● NVMe over TCP enables low-cost SAN deployment compared to Infiniband, RoCE, iWarp or FC. ● NVMe allows dual-ported…

As urban centers continue to expand, buildings are evolving into far more than just places of work or residence. Today, architectural facades are becoming dynamic digital canvases that captivate passers-by and spark conversation. Traditionally, large-scale LED displays were seen as costly and energy-hungry, but the global shift toward sustainability has spurred innovative solutions that balance striking visuals with eco-friendly design. Rethinking traditional building displays Older building displays were often notorious for their high energy consumption. While LEDs are generally more energy-efficient than traditional lighting like incandescent or fluorescent bulbs, early LED displays didn’t fully realize that advantage due to technical limitations. Firstly, they lacked efficient thermal management, causing excessive heat generation that wasted energy (and also shortened component lifespan). Secondly, inefficient power supplies and imprecise voltage control led to further waste, especially when static or bright-white content forced RGB diodes to run constantly at maximum intensity. As a result, early LED displays could consume up to 1,000 watts per square meter, leading to high electricity costs and a large carbon footprint. Maintenance added another layer of difficulty. Many legacy systems were large, hard to service, and required extensive time for repairs or recalibration. These concerns underscored the urgent need for solutions that could reduce operational costs while aligning with sustainability goals. Turning to green LED solutions Recent innovations in LED technology have ushered in a new era of energy-efficient, adaptable, and environmentally friendly building displays. A key innovation is in thermal design such as flip-chip COB technology, which can reduce device temperature by 5-10°C and power consumption by around 45%. This improvement stems from flip-chip COB architecture, where LED chips are mounted directly onto the substrate, eliminating traditional wire bonds. This design minimizes thermal resistance, allowing heat to dissipate more efficiently and lowering junction temperatures. These enhancements bring down heat output and energy use. Precise voltage control, enabled by common cathode setup, further enhances efficiency by powering each RGB diode individually. Compared to conventional common anode design, this new approach reduces energy consumption, all while maintaining the vibrant, high-definition visuals demanded by today’s audiences. Softwaredriven management and control offer another key path to energy savings. Smart content management systems such as Hikvision’s PixMaster intelligent engine, dynamically adjust brightness and contrast based on content and ambient light conditions. This ensures the display uses only the power it needs, optimizing energy efficiency without sacrificing visual performance. Additionally, robust aluminum shells protect components from harsh weather, ensuring long-term durability and reducing maintenance frequency. These innovations make modern LED displays a reliable investment and contribute to minimizing waste. A real-world example of sustainability in action The transformative potential of these innovations can be seen in the case of Kamir’s new office building in Croatia. Faced with an outdated system that consumed excessive energy and lacked versatility, Kamir installed a 26-square-meter outdoor LED video wall using Hikvision’s P6 Outdoor Fixel LED technology. Featuring flip-chip COB and common cathode designs, the new system is an energy- efficient display, reducing energy consumption by 45% while maintaining stunning visual clarity. The installation’s intelligent energy management system adjusted brightness in real time, optimizing power use without compromising clarity. Its robust construction ensured reliable performance across Croatia’s varied weather conditions. Besides, the commercial LED display’s dynamic content capabilities attracted sponsors and advertisers, transforming the façade into a revenue-generating platform. This upgrade not only enhanced Kamir’s brand visibility but also demonstrated its commitment to sustainability. The global pursuit of greener solutions is redefining expectations across industries, and building displays are no exception. By adopting energy-efficient LEDs, smart content management, and durable designs, leaders like Hikvision are helping property owners transform energy- intensive displays into key components of sustainable strategies. Each installation marks progress toward a future where technology not only captivates but also benefits cities and communities. As more businesses recognize the long-term advantages, sustainable displays will become a cornerstone of urban design. Explore more about our LED display solutions and sustainability-focused innovations. Read More

Major Sadhna SinghConsultant As India rapidly advances towards becoming a digital powerhouse through smart cities, public safety systems, and ambitious Digital Public Infrastructure (DPI) missions like India Stack and CoWIN, the invisible foundation of this transformation is the reliability of its hardware. Among the most critical components are Hard Disk Drives (HDDs), the quiet workhorses storing vast volumes of surveillance footage, citizen data, and mission-critical system logs. But what if this very foundation is quietly being compromised? India’s backdoor hardware invasion India is witnessing a stealthy influx of used, refurbished, and end-of-life (EoL) hard drives, often mis-declared as new to evade regulatory controls. These HDDs enter through loopholes in trade classification, mostly without any quality checks, manufacturer credentials, or safety certifications. Many arrive under Harmonized System (HSN) Code 84717020, which is designated for new storage devices, thus circumventing licensing requirements under the Foreign Trade Policy (FTP) and violating E-Waste Management Rules. On paper, India doesn’t prohibit refurbished HDD sales, but their import is tightly regulated. In practice, however, grey market players exploit the regulatory blind spots, resulting in a digital time bomb quietly ticking across our surveillance systems, government servers, and public sector installations. The numbers tell a troubling story ● Over 3.3 million HDDs, many suspected to be used, were imported in FY 2023-24, outnumbering imports by authorized OEMs. ● In just the first nine months of FY 2024-25, an additional 1.9 million units were imported, suggesting a thriving grey market. ● Hyderabad Air Cargo alone accounts for up to 90% of these imports in recent months, with others entering via Chennai, Kolkata, and Mumbai. ● Top source countries include Hong Kong, Singapore, China, and the US, notorious hubs for global e-waste dumping. Declared import prices, sometimes as low as USD11-20 per unit, are a fraction of the legitimate OEM cost (USD70-90). The under-invoicing not only implies massive tax evasion but also points to deep-rooted misdeclaration networks. A. Port-wise import volumes B. Country of origin National security and cyber risks These aren’t just dodgy business practices. They’re national security vulnerabilities. Unlike surveillance-grade HDDs designed for 24×7 operations, refurbished drives, typically desktop-grade and not meant for continuous workloads, fail prematurely. In sensitive environments like railway command centres, police control rooms, or border surveillance hubs, such failures could mean loss of critical footage during emergencies, be it a riot, a terrorist attack, or an industrial accident. Worse still, HDDs refurbished overseas may carry undetected firmware modifications, turning them into potential hardware backdoors. In an era where data is strategic capital, compromising hardware is equivalent to compromising sovereignty. The economic fallout Beyond the security risks, this grey market has led to: ● Crores in lost revenue due to customs duty evasion and GST shortfalls. ● Market distortion, where shady traders repackage used drives with new casings and stickers, selling them at inflated MRPs, sometimes even on government procurement platforms like GeM. ● Consumer fraud, with unsuspecting households and MSMEs believing they’ve bought new, warrantied products; when in reality, they’re buying used electronics with limited lifespan and no accountability. Environmental non-compliance The environmental cost is equally dire. India’s E-Waste Management Rules (2022) prohibit unregulated import of electronic waste. Many of these drives fail within months, turning into toxic waste streams without proper recycling mechanisms. Their import also potentially violates India’s obligations under the Basel Convention, which prohibits transboundary movement of hazardous e-waste disguised as usable goods. Storage is sovereignty In today’s world, sovereignty doesn’t just depend on borders, but on bytes. Trusted storage hardware is as vital as secure communications. From Aadhaar to AI models, from critical infrastructure to defence networks — our digital services rely on integrity at the hardware level. Allowing unknown, unverified HDDs to creep into our systems threatens confidentiality, availability, and integrity, the very pillars of cybersecurity. What needs to be done 1. Tighten the Legal Screws ● Issue clear DGFT and CBIC circulars reiterating licensing requirements for used HDDs. ● Move refurbished HDDs from ‘Restricted’ to ‘Prohibited’ category, except for OEMs under Extended Producer Responsibility (EPR). 2. Impose Minimum Import Prices Introduce import price floors (e.g., USD 35 for 1TB drives) to stop under- invoicing and restore fair trade practices. 3. Mandate Labelling and Traceability Make it mandatory for all imported HDDs to: ● Be BIS registered. ● Carry labels indicating ‘Refurbished’ status, country of origin, and refurbisher’s identity 4. Secure Public Procurement Platforms like GeM should: ● Create a separate refurbished electronics category. ● Ban usage of non-certified drives in critical surveillance and defence contracts. 5. Conduct Strategic Audits Ministries such as MeitY, MHA, and MoHUA should: ● Audit existing HDDs used in police and smart city projects ● Run firmware-level forensic checks to detect possible vulnerabilities ● Involve CERT-In and NTRO in cases of national security concern Conclusion: A call for a whole-of-government response What India faces today is not just a trade irregularity, but a strategic vulnerability. The silent flood of unauthorized, potentially compromised HDDs threatens our national security, digital trust, consumer protection, and environmental goals, all at once. This calls for a coordinated response from DGFT, CBIC, BIS, MeitY, MoEFCC, MHA, and GeM to plug gaps, ensure hardware integrity, and protect the digital spine of India. In the data age, storage is infrastructure, and infrastructure is sovereignty. Let’s not allow backdoors to be built into our nation’s future, drive by drive. Read More

With the growing cyber threats across infrastructure sectors, STQC-certified Vicon Valerus VMS provides assurance that the system has been rigorously tested for vulnerabilities, encryption strength, data integrity, and secure software architecture. It not only meets the government’s Essential Requirements (ER) for cybersecurity but also builds confidence among end users deploying surveillance solutions in critical sectors such as smart cities, transportation hubs, defense, and public infrastructure. This certification makes Vicon Valerus VMS a trusted and future-ready choice for mission-critical deployments By Gaurav Taywade, Director, India Operations, VICON Introduction Open APIs have made it easy for leading VMS platforms to link video to instances of doors being propped open, LPR events, and other security incidents. The added value of integrated solutions makes them the norm for today’s enterprise systems, and common in small to medium-sized installations. However, in most integrations the VMS is not the dominant interface for viewing video with its associated data. Instead, users click on an event of interest within their access control software, for example, to see a short video clip captured by a nearby camera. Then, to search for more related clips, they turn to the VMS interface. While such integrations are better than no integration, the operator experience is clumsy and inefficient for use as a core security management platform. A video-centric platform allows security personnel to remain within the VMS interface to view and manage events from integrated solutions – like access control, LPR, vape detection, and more – all through a single pane of glass. To explain its inherent superiority, let’s begin with a hypothetical security threat and envision how such a system would facilitate a response. Imagine this Larry was terminated from his job last week. Today, he drives to his former workplace. A security officer monitoring the property sees live video from a parking lot camera pop up within the VMS interface. On the same screen, data from an integrated License Plate Recognition (LPR) system shows that the vehicle belongs to Larry Larkin, former employee. Larry’s plate is not on security’s ‘forbidden on property’ list, but the officer is curious whether Larry’s visit is expected. He checks his list of approved visitors for the day and sees that Larry has an appointment with HR to finalize severance paperwork. Therefore, there’s no need to dispatch an officer to the parking lot. Larry heads to the employee entrance instead of the main entrance. As he approaches the door, a nearby camera’s motion detection analytic pushes video to the officer’s screen again. In addition, the VMS displays a facility map pinpointing the location of the active camera. Larry is in the wrong place, as he is no longer an employee. From within the VMS screen, the officer opens a 2-way communication channel with the intercom mounted next to the employee door. He plans to instruct Larry to use the main entrance, where he must sign in and be met by someone from HR. Just then, a staff member arrives at the employee door, swipes in, and improperly permits Larry to follow her through the entrance. Her name and department display next to the video. The officer follows Larry’s movement through the facility via surveillance cameras, instructs another officer to intercept him, and alerts HR that Larry is approaching their department unescorted. Furthermore, as a precaution, the officer calls up the status of door to the HR department and confirms that it is locked. The episode ends without incident. Larry’s use of the employee entrance was an honest mistake driven by habit. HR greets him at the door and allows him to enter the office area, where he meets with a benefits representative as planned. To summarize, within the VMS, the officer was able to: This example is purely hypothetical, but it illustrates the advantagesof a centralized video platform presenting disparate systems withina single pane of glass. Capabilities will vary by VMS manufacturerand the integrations they offer, but in all cases, system operators,administrators, onsite workers, and visitors benefit. Let’s dig deeper. Enhanced Situational Awareness and Actionable Intelligence Video is much more meaningful when supported by live, corresponding data. When security officers are trying to understand the nuances of a security event, having all relevant information presented and seamlessly accessible is ideal. In the previous example, there were many times the guard received additional information within the VMS to explain what he was seeing. In a non-integrated solution, with only video immediately available, the officer would only know that someone had tailgated through an employee entrance. He would lack sufficient knowledge to assess the risk and respond appropriately. An overreaction by his security team could cause unnecessary stress and inconvenience to everyone in the building; a weak response could jeopardize their safety. With a video-centric integrated solution, operators have the data they need to differentiate between ‘real’ security threats and harmless situations. They can prioritize where to focus their attention and quickly understand when it’s necessary to deploy additional resources. A Faster, Better, More Informed Response Without a single pane of glass, security guards must navigate several solutions, search for, and pull up, relevant data to stitch together and make sense of what they observe – a cumbersome process that’s impossible to perform in real time. Our example ended peacefully, but what if Larry was emotionally unstable and seeking revenge for what he perceived as wrongful termination? Imagine if HR had flagged him as a volatile individual who was not welcome on site? Or, if the guard observed Larry removing a firearm from his car while in the parking lot? That guard could have initiated a lockdown immediately from within the VMS. These are ways in which a video-centric centralized solution facilitates a faster response. A centralization solution also better equips officers who monitor security from their mobile devices. Patrolling guards can maintain situational awareness without toggling between apps. When officers in the field have access to the same information as those behind a desk, they can respond immediately and spontaneously to security risks, like a…

By Anand Bhat, Chairman & Managing Director, BNB Security & Automation Solutions Why the conversation is shifting Until recently the goal of most safety or security projects was clear-cut – install the right sensors & equipment, route alarms to a control room, keep false positives manageable and respond within a written SLA. That formula is no longer enough. Three forces are reshaping expectations: 1. Data saturation Modern campuses already host thousands of points – surveillance cameras, access control systems & readers, fire smoke & heat detectors, intrusion & occupancy sensors, range of ambient & energy measurement sensors – yet nearly 70 percent of that data is never correlated. 2. Business continuity pressures Downtime is now measured in reputation minutes as much as in rupees. Stakeholders want documented proof that small incidents are isolated before they interrupt service. 3. Regulatory tightening India’s Digital Personal Data Protection Act, the revised National Building Code, Public Safety Act and emerging ESG disclosure norms all require real-time evidence, not retrospective logbooks. Sensor orchestration – turning every sense point into a single, contextual feed for the operations centre – moves from ‘nice to have’ to ‘table stakes.’ A simple definition Sensor orchestration is the practice of: ● Collecting data from every relevant safety, security or environment- related sensor, regardless of brand. ● Normalising it into a common, time-aligned stream. ● Fusing multiple streams into a higher-level event (e.g., ‘over-temperature + carbon-monoxide rise + camera flame pattern = verified fire’). ● Responding according to a playbook that blends automation (doors release, HVAC dampers close) with human escalation. ● Auditing the entire chain in a way that regulators and insurers can examine the audit trail. A typical 3-6-9-year outlook (next decade) Timeframe What will change Implications for professionals Next 0-3 years – Integration phase •Most large projects will specify open protocols (MQTT, ONVIF, BACnet/ IP) as mandatory.•Sensor fusion will tackle the everyday irritants first – false fire alarms, redundant guard patrols,energy waste. •Engineers must learn basic data normalisation and security segmentation. •Engineering design spec teams must/ will write ‘deliver raw API data’ into ‘actionable intelligence’ and ‘performance contracts.’ Next 0-3 years – Integration phase •AI models trained on multi-sensor data sets become common in GSOCs. • Routine incidents (80% today) trigger full closed-loop responses without operator intervention. • Insurers start discounting premiums when buildings prove sub-10-second incident containment. •Security & Facility managers’ upskill in AI ‘explainability’ – being able to justify how amodel chose an action.•Legal and data-privacy officers are increasingly involved in sensor placement and data retentionpolicies. Next 6-9 years – Predict-and prevent phase •Digital twins combine BIM, real-time sensors and historical fault data.•Regulations shift from ‘respond within x seconds’ to ‘show that you can predict and avoid.’•Smart-city feeds (weather, crowd density, air quality) mesh with building sensors. •Risk managers prioritise scenario modelling over traditional checklist audits.•Vendors differentiate through ‘micro-services’ (e.g., lithium-battery thermal-runaway predictor) that plug into a common orchestration platform. Key capability gaps to close now 1. Open data skills Most teams still rely on proprietary GUIs now. They need fundamentals in: ● Time-series basics – sampling, latency, synchronisation. ● Lightweight messaging – MQTT topics, REST calls, simple JSON parsing. An operator does not need to code AI models, but must understand how ‘sensor A’ synchronises with ‘sensor B’ and what happens if one timestamp drifts. 2. Cyber-physical discipline Multiple small breaches in the last 24 months began with an unsecured surveillance camera and ended in an HVAC shutdown. OT segregation, encrypted NFC-enabled devices, certificate management and patch cadence must become part of the FM playbook, not an afterthought delegated to IT. Those low-code design inclusion competencies must now be at the edge. 3. Playbook design Automated response is only as good as the playbook behind it. Each event class requires: ● Threshold (when to trigger). ● Dependencies (which other sensors confirm or cancel). ● First automated act. ● Operator escalation path. ● Audit closure. Writing clear, testable playbooks is a new professional skill set somewhere between process engineering and emergency planning. Until recently the goal of most safety or security projects was clear-cut – install the right sensors & equipment, route alarms to a control room, keep false positives manageable and respond within a written SLA. That formula is no longer enough 4. Continuous audit culture The future regulator will ask for a digital traceability, audit trail & explainability, not a binder. Life-safety drills, valve closings, data-retention decisions – all must leave an immutable log. Building teams should practice incident retrospectives the way airlines analyse near misses. Product and solution directions BNB and its OEM partners will plan to collaborate on four solution stacks aligned to the roadmap above. 1. Multi-sensor edge gateways – Devices that accept legacy 4-20 mA loops, modern IP streams and encrypted wireless payloads in one enclosure, forwarding normalised MQTT to the GSOC. 2. AI-ready data lake – A dedicated cloud or on-prem storage that keeps raw and derived sensor data for at least five years for customers, ready for carbon reporting, forensic analysis or model retraining. 3. Low-code playbook engine – Drag-and-drop logic so security supervisors, not programmers, can update responses when floor layouts or customer needs change. 4. Assurance dashboards – Simple widgets: average response time this week; top three sensor faults; compliance score against energy, water, wellness targets. Modern campuses already host thousands of points – surveillance cameras, access control systems & readers, fire smoke & heat detectors, intrusion & occupancy sensors, range of ambient & energy measurement sensors – yet nearly 70 percent of that data is never correlated Preparing the workforce 1. Short, targeted training – Certified 20-hour or similar micro-courses on basic sensor networking, AI alarm correlation and OT cyber hygiene. 2. Cross-functional drills – Quarterly exercises where security, MEP, IT and data-privacy teams walk through one orchestrated event.3. Graduate outreach – Partnering with universities to include sensor-network basics in mechanical and electrical engineering electives. How the industry should cooperate 1. Shared taxonomies & ontologies – Agree on naming conventions for devices and events….

Dr Banusri VelpandianSenior Law Specialist Bhavya JhaLaw Graduate Co-author Though it sounds very personal, the nature of harm caused to one’s reputation and dignity also has public aspect inherent to it. Even the Apex Court of our country gives reasoning that individuals constitute the community and the law relating to defamation protects the reputation of each individual in the perception of the public at large. In this age of all pervasive freedom and preference to privacy, a delicate balance between free speech and expression that is considered to be a fundamental right, and certain reasonable restrictions have to be arrived at. Starting July 1 last year, three criminal laws, of the British-era viz; The Indian Penal Code of 1860, the Code of Criminal Procedure of 1973 and the Indian Evidence Act, 1872 have been replaced by the Bharatiya Nyaya Sanhita (BNS), the Bharatiya Nagarik Suraksha Sanhita (BNSS), and the Bharatiya Sakshya Adhiniyam (BSA) respectively. Not only are these laws a part of the Government’s efforts to decolonising our legal system, but they also seek to create a more accessible and efficient justice delivery mechanism. The laws are more comprehensive and in tune with the needs of the present-day system. For instance, the BNS places greater emphasis on national security and public order, removes colonial terminologies and expands the scope of some definitions in sexual offences. On the other hand, the BNSS has integrated technology into criminal proceedings, is transparent and more citizen-centric. The BSB makes a massive difference by adopting 21st Century evidence standards and greater reliance on electronic data. This article specifically focuses on the basic principles and established norms related to harms caused to any ones’ reputation and associated dignity. It also focuses on the growing role of AI and IT in harming reputation, and to gain a basic understanding on the subject. Harm to Reputation under India’s new Criminal Laws: Legal continuity, Digital threats, and Emerging jurisprudence The right to reputation is fundamental for individual dignity and personal liberty, and is protected under Article 21 of the Indian Constitution. It operates in harmony with the freedom of speech and expression guaranteed under Article 19(1)(a), subject to reasonable restrictions under Article 19(2). The constitutionality of criminal defamation was also upheld by the Supreme Court in Subramanian Swamy v. Union of India, (2016) 7 SCC 221, stating that reputation is intrinsic to Article 21, and that reasonable restrictions under Article 19(2) are justified. The implementation of the new criminal laws set in motion a transformative shift in its criminal justice framework. One key area of continuity and adaptation is the law relating to harm to reputation. Now that the world is perpetually online, and new technologies such as AI are emerging every day, the facets of both harm to and protection of reputation are increasingly evolving. In light of this, the matter of how the legal system deals with these issues becomes even more pertinent. As far as defamation under tort (Civil wrongs) law is concerned, as a general rule, the focus is on libel (i.e., written defamation) and not on slander (i.e., spoken defamation). In order to establish that a statement is libelous, it must be proved that it is (i) false, (ii) written; (iii) defamatory, and (iv) published. Defamation under BNS: Retaining the Legacy of the IPC The Bharatiya Nyaya Sanhita, 2023, which replaces the Indian Penal Code, retains the offence of criminal defamation under Section 354, reproducing nearly verbatim the language of Section 499 of the IPC. It defines defamation as ‘making or publishing any imputation concerning a person with intent or knowledge that it will harm their reputation.’ The punishment is prescribed under Section 354(2) as imprisonment up to two years, or fine, or both. The essential elements in causing harm to reputation involve the following and it depends upon their interpretation: a. Imputation and targeting. b. Means of communication and causal link. c. Harmful intent or knowledge or reason to believe. Further, the principle of noscitur a sociis, a Latin term meaning ‘it is known by its associates,’ is a rule of legal interpretation. It states that the meaning of an unclear or ambiguous word should be determined by considering the other words and phrases surrounding it The ten exceptions listed under the IPC have been retained without any changes. This continuity ensures doctrinal consistency while simultaneously allowing for newer procedural and evidence mechanisms under BNSS and BSA. The exemption will also include certain privileged communications such as the statements made during Parliamentary proceedings. The ten exceptions under Section 354 are: 1. Truth for Public Good: True statements made for the public good are not defamation. 2. Public Servant Conduct: Good faith opinions on a public servant’s official conduct are exempt. 3. Public Questions: Good faith remarks on a person’s conduct in public affairs are allowed.4. Court Proceedings: Accurate reports of judicial proceedings are not defamatory. 5. Merits of a Case: Fair comments on the merits of a case or conduct of involved parties are exempt. 6. Public Performances: Honest reviews of works submitted to public judgment are not defamation. 7. Censure by Authority: Lawful censure by someone in authority made in good faith is protected. 8. Accusation to Authority: Complaints made in good faith to proper authorities are not defamation. 9. Protection of Interests: Imputations made in good faith to protect one’s or another’s interests are exempt. 10. Caution for Good: Warnings given in good faith for someone’s or public benefit are not defamatory. Comparison with the IPC-Era Even as the substantive content of the law on defamation remains the same, the procedural and evidentiary frameworks have changed. The BNSS introduces faster timelines for investigation and trial [BNSS, 2023, Chapter XII], which can expedite defamation cases. Legal explainer: Chapter XII of the Bharatiya Nagarik Suraksha Sanhita, 2023 deals with police procedures for investigation, mirroring CrPC’s Chapter XII but with modern upgrades. Key points for defamation cases: ● Section 173: FIRs must be registered promptly for cognizable offences. ● Section 176: Police can…

REDEFINING THE ROLE OF SECURITY IN THE CORPORATE WORLD ANIL PURICMD, APS Group A first generation serial entrepreneur, thought leader and an action catalyzer rolled into one – Anil Puri is a rare combination of a visionary, an innovator and a strategic thinker. He has used this combination to innovate and implement on-ground many new business ideas. His rich experience in various businesses has enabled him to nurture & mentor innovative ideas and scale them up. “In a world of rising risks, security is the new RoI” Introduction In today’s volatile, unpredictable, complex, and ambiguous (VUCA) world, corporations face a wide range of threats – cyber, physical, reputational, and geopolitical. Security, once considered a passive cost burden, is now being redefined as an active protector of profits, business continuity, and corporate reputation. With rising incidents of cyberattacks, insider threats, industrial sabotage, and disruptions caused by natural disasters and civil unrest, the role of corporate security has expanded from guarding gates to safeguarding value chains. It makes a bold move and great sense to transform the corporate mindset – from viewing security as a cost center to appreciating it as a strategic investment that protects profits, fuels resilience, and builds competitive advantage in the global market. “When security leads, losses retreat” 1.Understanding the Legacy Perception: Security as a Cost Center Security was traditionally viewed as a non-productive overhead. Historically, security was confined to physical guarding, with minimal alignment to strategic business goals. This perception relegated it to a cost on the profit and loss account without tangible contribution to revenue or growth. Security budgeting is often reactive and not outcome-linked. Corporate boards often allocate security budgets after an incident, making it reactive rather than preventive. There’s minimal linkage between security inputs and organizational outcomes or profitability. RoI of security investments is difficult to quantify. Unlike marketing or production where inputs and outputs can be directly measured, the returns from security (e.g., prevention of incidents, reputation protection etc.,) are intangible. This causes reluctance in investing significantly in security measures – poor integration with business strategy. In many organizations, security functions operate in silos without integration with operations, HR, finance, or IT, further weakening their strategic relevance and visibility. 2.Evolving Threat Landscape: A Paradigm Shift in Risk Perception “Every breach avoided is revenue protected – security is silent profitability“ Rise of hybrid and complex threats Modern threats are no longer isolated – cyber and physical threats now converge. For instance, a disgruntled insider can physically access a server room and launch a ransomware attack. This hybrid nature makes security far more strategic. Globalization and expanded risk perimeters Global supply chains, remote operations, and digital platforms mean that organizations now face risks from multiple geographies, jurisdictions, and threat actors – ranging from state-sponsored espionage to transnational crime networks. Political, economic, and environmental risks Geopolitical tensions, trade wars, climate-induced disasters, and pandemics like COVID-19 have demonstrated how non-traditional threats can cripple operations and cause massive financial losses. Regulatory tightening and compliance pressures From GDPR in Europe to India’s Digital Personal Data Protection Act, and evolving ESG norms – security and privacy compliance have become core to business licensing, investor trust, and global market access. Increased accountability of C-suite and Boards Security breaches now result in reputational damage, legal scrutiny, and even removal of CXOs. Leadership is increasingly accountable for lapses in data protection, crisis management, and employee safety. “Security transforms from expense to asset the moment a threat is blocked” 3.Security as a Profit Protector: Strategic Reframing Loss prevention equals profit protection Security measures reduce theft, fraud, and operational disruptions – translating directly to cost savings and enhanced margins. Retail chains globally invest heavily in surveillance and analytics to prevent inventory loss (shrinkage). Security sustains business continuity and investor confidence A well-secured environment ensures minimal operational downtime during crises, assuring investors and clients of organizational resilience. For example, firms with robust Business Continuity Plans (BCP) performed better during the COVID-19 lockdown. Brand trust is rooted in security and compliance Customers, regulators, and stakeholders are more loyal to companies that protect their data, ensure safe workplaces, and comply with laws. A breach in security can wipe out years of brand building – as seen in high-profile data leaks. Security mitigates legal and regulatory penalties Failure to implement adequate security can lead to lawsuits, sanctions, and insurance claim denials. Proactive compliance with security standards (e.g., ISO 27001, ISO 18788) reduces liabilities. Cybersecurity is a competitive differentiator In sectors like BFSI, IT, and e-commerce, robust cyber defense systems enhance customer confidence, driving sales and global competitiveness. “No margin is safe without protection – security defends the bottom line” “In today’s volatile, unpredictable, complex, and ambiguous (VUCA) world, corporations face a wide range of threats – cyber, physical, reputational, and geopolitical. Security, once considered a passive cost burden, is now being redefined as an active protector of profits, business continuity, and corporate reputation. With rising incidents of cyberattacks, insider threats, industrial sabotage, and disruptions caused by natural disasters and civil unrest, the role of corporate security has expanded from guarding gates to safeguarding value chains” 4.Case Studies: Global and Indian Examples Target Corporation, USA. A 2013 data breach led to 40 million customer credit card details being stolen. The company faced $200 million in losses and lost customer trust. Since then, they have invested heavily in cybersecurity, positioning themselves as an industry leader in retail security. Tata Consultancy Services (TCS), India TCS integrates information security within its project lifecycle, ensuring client data protection and compliance with global norms like GDPR. This has made it a preferred vendor for Fortune 500 clients. Taj Mumbai 26/ 11 Attack Response During the 2008 Mumbai attacks, security and hotel staff protected guests and facilitated emergency evacuation. Their preparedness became a global case study in disaster response and resilience. Amazon’s Security Architecture Amazon deploys AI-driven surveillance, warehouse robotics, and encrypted data architecture to ensure smooth operations even under peak demand. This contributes directly to customer satisfaction and profitability. “In today’s corporate battlefield, security…

Technological advancement has ushered in a new wave of innovation and efficiency – but it has also opened the door to vulnerabilities that cyber attackers are eager to exploit. With billions in damages and reputational costs at stake, businesses must evolve their security posture to match these emerging threats. As cybersecurity continues to evolve in 2025, organizations around the world will have to rethink their approach to protecting their most critical assets and operations. Here are five cybersecurity trends to watch in 2025 and beyond. Attacks on operational technology will increase No longer content to target IT, cyber attackers are increasingly taking aim at critical operational technology (OT) systems. Prominent examples like the Colonial Pipeline [i] and MGM Grand [ii] attacks demonstrate the way that threat actors are now more focused on completely shutting down facility operations instead of just stealing information. This shift shows how cybercriminals and state-sponsored groups are evolving their tactics to inflict a more direct, crippling impact on business operations globally. In 2025, protecting OT systems from these types of targeted, disruptive attacks will be a major cybersecurity challenge for industrial organizations. Cybersecurity regulation will intensify Globally, governments are recognizing the systemic risks posed by attacks and are taking a more active and collaborative role in driving cybersecurity best practices. This will significantly impact the way that organizations approach security. For instance, there are now regulations like the European Union’s NIS2 Directive [iii] that can hold executives personally liable if appropriate security measures are not implemented at their organizations. This will drive stronger collaboration among government and the C-suite, boards and cybersecurity leaders. As cybersecurity continues to evolve in 2025, organizations around the world will have to rethink their approach to protecting their most critical assets and operations. Here are five cybersecurity trends to watch in 2025 and beyond In the U.S., there are new SEC rules [iv] that require prompt reporting of cyberattacks to provide greater protection for investors. Meanwhile, Australia is set to implement stringent cyber regulations of its own through the Security of Critical Infrastructure (SOCI) Act [v] . Though SOCI was first enacted in 2018, the grace period for compliance ended in August 2024. This means that going forward, Australian organizations in critical infrastructure sectors will now be required to comply with this enforceable regulation or face potential fines. Overall, organizations across the globe will have to closely monitor evolving government regulations and align their security strategies accordingly to avoid penalties and reputational damage in the coming year. Asset visibility will improve In 2025, a key cybersecurity challenge for organizations, particularly building operators, will be gaining full visibility into the myriad connected assets on their networks. Many building owners struggle to identify all the connected devices, from security cameras to HVAC systems to access control panels, which make up their OT infrastructure. Without a clear understanding of their complete asset inventory, organizations are unable to effectively defend against threats. Attackers who gain access to unmonitored systems can disrupt critical building functions and cripple operations. Honeywell’s Cyber Insights is an OT-focused solution designed to help provide building operators with near real- time visibility into their full asset landscape. It delivers the comprehensive asset discovery and management that is essential for protecting OT environments in 2025 and beyond. AI’s role in security will grow In 2025, there will be greater reliance on AI-powered solutions to enhance cybersecurity capabilities. For example, in the building operations space, AI can be used to automate patch management and mitigate disruptions. Instead of simply deploying patches, AI can analyze the risks and impacts, and selectively apply patch updates in a way that minimizes downtime. AI is also enhancing security monitoring and incident response. For example, AI can help in analyzing log data to quickly identify true threats and prioritize the most critical issues. This allows organizations to eliminate false positives and respond to incidents faster and more effectively. OT security expertise will be in demand As cyberattacks are increasingly targeted at OT systems, organizations are recognizing the critical need for security teams to deeply understand OT infrastructure and its unique vulnerabilities. Traditional IT personnel often lack the specialized knowledge required to secure OT assets like HVAC, access control and building management systems. Going forward, security leaders must make sure that their teams can identify and mitigate risks across the full IT-OT convergence. This includes understanding OT communication protocols, equipment architectures and the potential cascading impacts of disruptions. Without comprehensive OT security expertise, organizations remain dangerously exposed to attacks that could cripple critical systems and operations Read more

Sudhakar Aruchamy Chief Technology OfficerEverestIMS Technologies Artificial Intelligence isn’t just another tech buzzword – it’s a runaway train barreling through the global technology landscape, tearing up the tracks of convention and leaving a trail of awe, disruption, and existential questions in its wake. In 2025, AI’s fingerprints are everywhere – from the networks humming beneath 5G cities to the autonomous drones delivering medical supplies in war-torn Ukraine, from the AI-crafted climate models guiding Pacific Island nations against rising seas to the deepfake controversies rocking democratic elections worldwide. This isn’t a quiet evolution – it’s a seismic shift, and the world is still scrambling to catch up. The Global AI Arms Race: Innovation Meets Chaos Start with the numbers – AI investment is forecast to approach $200 billion globally by 2025 (Goldman Sachs). Beijing’s state-backed push has birthed AI-driven surveillance systems so advanced they can predict social unrest by analyzing crowd behavior, while Silicon Valley’s tech giants – Google, Microsoft, and xAI – counter with models like Grok, Deepseek and Manus AI powering everything from chatbots to quantum computing simulations. Meanwhile, Europe’s AI Act, now in full swing, tries to rein in the chaos with strict ethical guidelines, but enforcement feels like a game of whack-a-mole against a flood of innovation. Artificial Intelligence isn’t just another tech buzzword – it’s a runaway train barreling through the global technology landscape, tearing up the tracks of convention and leaving a trail of awe, disruption, and existential questions in its wake In Africa, AI is a double-edged sword. Startups in Kenya are using it to optimize solar grids for off-grid villages, but the continent’s digital divide means many are left out of the AI boom – exacerbating inequality while others reap the benefits. Across the Middle East, AI-powered oil extraction algorithms are slashing costs for Saudi Aramco, but they’re also raising alarms about job losses in an already volatile region. This isn’t just tech; it’s geopolitics, economics, and culture colliding at warp speed. AI’s Tech-Space Makeover : From Networks to Creativity Dig deeper, and AI’s reshaping the tech stack itself. Take networks – like those powered by EverestIMS Technologies Infraon IMS, are using machine learning to predict failures, allocate bandwidth, and fend off cyber threats in real time. 5G’s rollout, now covering 60% of the globe, relies on AI to manage its insane data throughput, but it’s also creating new vulnerabilities – DDoS attacks doubled last year, with AI both the culprit and the cure. In the future, Infraon IMS will enhance its capabilities to drive self-optimizing systems, enabling intelligent automation and adaptive performance improvements. Then there’s the creative frontier. The 2024 Writers Guild strike over ‘AI replacement’ fears showed the human backlash brewing. In music, platforms like Suno use AI to generate chart-topping tracks, but artists like Billie Eilish are crying foul, accusing the tech of stealing soul. Meanwhile, in gaming, NVIDIA’s AI-driven DLSS 4.0 is rendering photorealistic worlds in real time, but it’s also sparking debates about accessibility – can every gamer afford the hardware to keep up? The Ethical Quagmire: AI’s Dark Mirror AI’s promise is intoxicating, but its shadow looms large. Deepfakes – once a niche trick – went mainstream in 2024, with AI-generated videos swaying elections in Brazil, and the U.S. The tech’s so convincing that even seasoned fact-checkers are stumped, eroding trust in digital media. In China, AI surveillance is tracking citizens’ every move, raising Orwellian alarms, while in the West, facial recognition controversies – like the U.K.’s scrapped live facial recognition trials – are forcing a reckoning over privacy versus security. Climate tech, too, is a mixed bag. AI models predicting sea level rise are saving lives in the Maldives, but their energy hunger – data centers now consume 4% of global electricity – is accelerating carbon emissions unless paired with renewable grids. And let’s not forget the jobs question – McKinsey predicts 800 million jobs could be automated by 2030, with AI-driven logistics and manufacturing already displacing workers in Detroit and Shenzhen. The tech boom is brilliant, but it’s also brutal. The Human-AI Frontier: Who’s in Control? What’s most mind-bending is how AI is forcing us to redefine ‘intelligence’ itself. In 2025, xAI’s Grok 3, Deepseek and Manus AI aren’t just answering questions – they are sparking philosophical debates, writing poetry, and even advising CEOs on strategy. But as AI creeps into decision-making – think AI judges in Estonia’s courts or AI doctors diagnosing patients in rural India – we’re grappling with a core question: Who’s in the driver’s seat? Humans or machines? Philosophers like Kate Crawford warn we’re sleepwalking into a ‘technological unconscious,’ where AI’s black-box algorithms make life-altering choices we can’t fully understand or audit. Yet, innovators like Demis Hassabis at DeepMind argue AI could solve humanity’s grand challenges –cancer, climate change, even interstellar travel – if we harness it right. The tension is palpable: AI’s a tool, a threat, and a mirror, reflecting our hopes and fears back at us. Start with the numbers – AI investment is forecast to approach $200 billion globally by 2025 (Goldman Sachs). Beijing’s state-backed push has birthed AI-driven surveillance systems so advanced they can predict social unrest by analyzing crowd behavior, while Silicon Valley’s tech giants – Google, Microsoft, and xAI – counter with models like Grok, Deepseek and Manus AI powering everything from chatbots to quantum computing simulations. Meanwhile, Europe’s AI Act, now in full swing, tries to rein in the chaos with strict ethical guidelines, but enforcement feels like a game of whack-a-mole against a flood of innovation. The Road Ahead: A Call to Shape the Future So, where does this leave us? AI’s not slowing down – it’s accelerating, reshaping tech, society, and our very notion of progress. In Japan, AI-powered robots are caring for an aging population, while in South Korea, AI-driven urban planning is reimagining Seoul’s skyline. But the stakes are sky-high – if we don’t address the ethical gaps, digital divides, and job disruptions, we risk a world where AI’s…

Aditya Khemkha In a defining move that signals the rise of a more secure, self-reliant, and quality-assured surveillance ecosystem, the Ministry of Electronics and Information Technology (MeitY) has introduced a new compliance requirement for the CCTV industry in India. As per the official gazette notification dated April 9, 2024, MeitY has made STQC certification mandatory for all CCTV cameras – whether manufactured, imported, or sold across the country. This change falls under the updated Electronics and Information Technology Goods (Compulsory Registration) Order, 2021, and mandates compliance with Essential Requirements (ERs) and BIS certification (IS 13252 Part 1). All non-compliant models will be barred from sale or distribution post April 9, 2025. The decision marks a pivotal shift in India’s approach toward surveillance technology, one that reinforces national security, data privacy, cybersecurity resilience, and consumer trust. Understanding STQC: The new quality gatekeeper for CCTV Standardisation Testing and Quality Certification (STQC) is a set of quality assurance frameworks developed by MeitY. STQC focuses on rigorous technical validation to ensure electronics, especially security and surveillance equipment, meet defined standards of safety, reliability, and performance. It goes beyond functional efficiency and delves deep into the core of cybersecurity, hardware resilience, and data protection protocols. STQC certification for CCTV cameras demands comprehensive testing of encryption mechanisms, firmware integrity, secure communication protocols, and physical robustness, setting a new benchmark for surveillance products in India. Key provisions of the mandate ● Universal Applicability: All analog, IP, and speed dome cameras must obtain STQC certification under IS 13252-1 (IEC 60950-1) standard. ● Cybersecurity by Design: Every certified product must comply with stringent ERs, including:• Secure communication via TLS/ HTTPS. • Enforcement of strong, unique passwords. • Disabling of debugging/ test ports in shipped devices. • Uniformity in firmware versioning and patch management ● Tamper-Resistance & Physical Security: • Devices must feature secure enclosures • Physical ports must be access-controlled or locked • External interfaces must be designed to deter unauthorized access ● Certification Deadline: Effective from April 9, 2025, all non-certified models will: • Be removed from the BIS license databases • Be ineligible for new model approvals • Face prohibition from manufacturing, sales, or imports within India A boost for Atmanirbhar Bharat & indigenous innovation The STQC mandate is not just a regulatory milestone; it is a strategic enabler of India’s ‘Atmanirbhar Bharat’ vision. By enforcing stringent quality and cybersecurity parameters within the national ecosystem, the regulation actively discourages substandard, foreign-dumped products and opens new doors for domestic manufacturers and indigenous innovations. For Indian brands, the path forward is not just about compliance, but about leading with conviction, capability, and country-first commitment. CP PLUS: At the forefront of India’s secure surveillance revolution India’s leading surveillance brand, CP PLUS, has long believed that surveillance is not just about watching –it’s about protecting, preventing, and preserving. With a well-established ecosystem of design, development, and manufacturing facilities in India, CP PLUS is uniquely positioned to meet and exceed STQC standards. Having already invested significantly in R&D, firmware security frameworks, and hardware hardening protocols, CP PLUS is fully equipped to align its product portfolio, including IP cameras, analog cameras, PTZ solutions, and smart edge devices, with the new STQC requirements. From encryption standards embedded into every transmission to physical designs engineered for tamper resistance, CP PLUS products are built with a vision to offer trustworthy, high-integrity surveillance for every Indian household, institution, enterprise, and government body. This proactive compliance readiness, backed by decades of market leadership, positions CP PLUS not just as a manufacturer but as a national partner in security sovereignty. Impact on the surveillance ecosystem The introduction of STQC compliance brings with it significant ramifications, some challenging, but many promising, for the surveillance industry at large: Enhanced Security and Trust: With encrypted data transfers, consistent firmware, and tamper-proof designs becoming mandatory, consumers and institutions can trust their surveillance systems like never before. Operational Challenges for Some Manufacturers: The path to compliance is not without its hurdles. From obtaining testing approvals to updating legacy firmware, and from redesigning physical components to aligning supply chains, the industry must prepare for transformation at all levels. Supply Chain Realignment: Manufacturers relying on imported, non-compliant components may face disruptions. India-based supply chains, however, will benefit from renewed focus and investments. A Rise in Standardization and Benchmarking: The move encourages surveillance systems to be assessed on standardized parameters – enabling fair comparison, consistent performance expectations, and better buyer awareness. The way forward: Standardised, secure & sovereign India’s move to mandate STQC certification for CCTV cameras is more than regulatory enforcement, it is a declaration of security independence and consumer dignity. In an age where surveillance systems can be the first line of defense against everything from local crime to cyber intrusion, ensuring that every device is secure by design is not just prudent, it is essential. By championing this regulation, MeitY has created a model for proactive, pre-emptive cybersecurity governance, one that puts India in the global spotlight as a nation where digital trust is engineered into every device. And with brands like CP PLUS leading the way, the future of surveillance in India looks indigenized, intelligent, and impregnable. Read More