Category: Feature

Milind BorkarMD, Systematica SuyogSecurity Consultants(Sr. Consultant & Security Expert) We illustrate the benefits of PoE technology as far as campus security is concerned: Power Over Ethernet, PoE/ PoE++, is a technology that enables devices to receive electrical power over a standard Ethernet cable. Ethernet is a technology that has evolved over the last few decades and is pervasive in almost every office, small and large businesses and is used to network servers, storage that provide the end user a critical service as far as their business operations are concerned. In parallel, over the last decade or so, many companies are manufacturing devices that use the Internet Protocol as a means of communication. This allows for many disparate devices to communicate with each other using the IP protocol and all of them today use the ethernet cable. This makes sense because the price point of ethernet technology has dramatically dropped over a period of time. This price drop is seen across all technology spectrums such as: network switches, NAS storage, fire alarms, access control systems, BIO ID systems, Surveillance cameras, Video Management Software and innumerable other technologies that have all come to benefit from the ubiquitous IP protocol and Ethernet L2 routing protocols. One can now imagine all the possibilities of building a single unified secure system with very different devices all networked together but unified by a single software platform. However, there is a caveat in all of this. Most of the devices are located in different parts of the infrastructure and they all need electrical power to run and function reliably. As they all use the ethernet cable to communicate, including electrical power within the connecting ethernet cable, eliminates the need for a power supply at each terminating device. This results in cost savings; every manufacturer of the devices has to ascertain that they are POE compliant which results in half the number of cables being used to network plus has the added advantage of a 100-meter run between the device and the nearest network switch. In summary PoE/ PoE++ is a simplifying and unifying technology which allows system integrators to build custom solutions as per customer requirements without having to worry about different power supplies with different power ratings for each device. There are several POE products available in the market which can be easily searched. Once the requirements of the customer are known one can make a choice of vendor and budgetary limitations to put together an appropriate solution. We will illustrate these various points using campus security as an example in the following paragraphs Basic campus security requirements and the driving forces behind them Other essential campus considerations Challenges and approaches to a viable Campus Security Solution A Network Diagram Illustration of the various components that constitute a Campus Security solution “Power Over Ethernet, PoE/ PoE++, is a technology that enables devices to receive electrical power over a standard Ethernet cable. Ethernet is a technology that has evolved over the last few decades and is pervasive in almost every office, small and large businesses and is used to network servers, storage that provide the end user a critical service as far as their business operations are concerned. In parallel, over the last decade or so, many companies are manufacturing devices that use the Internet Protocol as a means of communication” The above diagram shows the many components that go into building a security solution. This is more from a hardware perspective and shows a typical layout. A key point to note is the FIREWALL and the WAN connection to outside the campus. This WAN connection could be to other campuses or to the cloud that connects to other campuses or to both. Special attention needs to be paid to this particular component of the system. Several security techniques are available out in the market to make this point of the network achieve the highest possible security breach block. Another view of the network but more from a layout and human perspective An Example of the VMS Software which acts as the other OS in addition to the network OS The illustration above is to depict the critical role the VMS Software plays in any security system. It is the key backbone software that talks to all the other Peripheral Access Systems Software. In the above example we have shown Automatic License Plate Recognition along with Under Vehicle Surveillance System at the key entry points into a campus. The VMS in the above case also integrates an existing Visitor Management System but now enhances it with video and Facial Recognition. The campus shown is connected through the cloud to other campuses. The cloud component allows remote management, control and has access to machine learning and artificial intelligence and machine learning components of Azure/ WATSON. Any Cloud service could be used in implementing a custom solution to the growing needs of campuses as the technology is available today. Summary In this short article we have tried to illustrate how we can implement campus security. POE technology plays a key role in connecting all the devices because of its’ ability to carry electrical power over great distances. POE repeaters can be used to extend beyond 100 meters. POE is a game changer as far as reducing the overall installation and cabling costs are concerned. The diagrams used for illustration in this brief article are used to highlight the 4 key components and their relationship with each other: (1) Network Hardware and Software (2) Compute/ Storage Hardware and Software (3) The VMS Software (the other OS) that plays a key role in integrating all the Peripheral Access Devices and finally (4) The importance of Cloud Connectivity for overall ease in control and management of the various sites/ campuses.

Dr Banusri VelpandianSenior Law Specialist Ms Pali SinghLegal ConsultantCo-author The National Crime Records Bureau (NCRB) Crime Report in India 2022 evinced that the number of cases registered under the six major environmental acts increased notably from previous years . This trend in increasing reporting on major violation of environmental regulations also indicates a greater enforcement activity and mainstreaming of environmental compliance into the legal system. Environmental crimes are often described as ‘Low Risk, High Reward, which makes it a highly lucrative operation for many criminals, typically because of the lack of strong legislative deterrence, fragmented regulation and lenient penal consequences as compared to other crimes. Environmental harm does not have an identifiable ‘victim’ and its adverse effects are not realised and felt immediately. But the consequences can be profound, irreversible and transnational, not only to the ecosystem but also to humans and societies dependent on them. In legal remedial terms, environmental harm can be tackled through either civil or criminal mechanisms. In the civil or regulatory jurisdiction i.e., forums like National Green Tribunal, Pollution Control Boards, Constitutional Courts (vide PILs), may direct remedies like closures, compensation/ damages, restoration, regulating license etc.; whereas in criminal persecution, wilful or gross environment violations are treated as offences punishable by imprisonment, fines, or both. While the civil environmental law focuses on various legal principles of polluter pay principle, precautionary principle etc., the criminal environmental law focuses on imposing punitive consequences against the violator, for acts that constitute offences against the environment and, by extension, against society at large. In this article, we will explore the concept of harm to nature, various legal principles, the legal and policy framework in India including Constitutional and statutory provisions along with judicial precedents, and touch upon some of the international efforts to mitigate and deal with the environmental crimes. Understanding Environmental Harm and Their Impact ‘Environmental harm or crime (or) green crime’ is a complex and evolving concept with no standard, universally accepted definition. Broadly, it encompasses unlawful acts that cause significant harm to the environment, including ecosystems such as forests, rivers, wetlands, oceans, and the wildlife and communities dependent on them. The United Nations Environment Programme and Interpol define environmental crime as “a collective term to describe illegal activities harming the environment and aimed at benefiting individuals or groups or companies from the exploitation of, damage to, trade or theft of natural resources, including, but not limited to, serious crimes and transnational organized crime.” Similarly, a notable development in international legal discourse is the push to recognise ‘ecocide’ as a core international crime in the Rome Statute, alongside genocide, crimes against humanity, war crimes, and aggression. In fact in 2021, the Independent Expert Panel for the Legal Definition of Ecocide proposed a legal definition of the term ecocide which means “unlawful or wanton acts committed with knowledge that there is a substantial likelihood of severe and either widespread or long-term damage to the environment being caused by those acts.”5 While being important, the issue with such a broad definition may be to identify the exact ‘victim’ (whether a river, forest, species, single animal), defining the jurisdiction (domestic, regional, global) and determining culpability (individuals, corporations, or state actors). Persecution for such crimes may be difficult especially when environmental harm occurs in the pursuit of economic development, cultural or local practices, and animal-human conflict. According to Interpol, environmental crimes may range from ivory trafficking, overfishing, illegal logging or the dumping of hazardous waste. They are often embedded within the same routes used to smuggle weapons, drugs and people. An Interpol study ranked environmental crime as the third-largest criminal sector in the world, after drug trafficking and counterfeiting, with an estimated worth of USD110- 281 billion annually. Environmental or green crimes occur due to both structural and systemic vulnerabilities including transnational nature of crimes, poor enforcement, widespread corruption and collusion, lack of prosecution, limited international coordination and regulatory frameworks. It is also because of high demand for exotic and rare animal and plant products and poverty and economic desperation which fuel such illegal acts. A paradox is that even an effective attempt to crack down on such supply can increase black-market prices, thereby incentivising more illegal activity.7 Nevertheless, such harm is rarely isolated and is often interlinked with other criminal activities like money laundering, human trafficking, smuggling etc. Unsurprisingly, the consequences are multi-dimensional, often having ripple effects: ● Environmental Effects: Environmental degradation, biodiversity loss, climate change, damage to natural resources. ● Social Effects: Displacement of communities, cultural loss, health risks, exacerbating poverty and inequality. ● Economic Effects: Loss of government revenues, illicit depletion of natural capital, and disruption of sustainable livelihoods. ● Political and Security Effects: Cross-border smuggling, money laundering, funding armed groups, fueling conflicts, destabilizing fragile regimes. Principles of Environmental Law Environment Law principles act as guidance for policy-makers, legislators and judiciary that have emerged over the decades from international conventions, treaties, judicial pronouncements, legislations etc. Some of these are discussed below: 1. Polluters Pay: Polluters Pay is a fundamental principle which primarily means those who pollute the environment must pay the cost of such degradation, in terms of the damage and the restoration. It acts as a double-edged sword, wherein, it discourages pollution, and also holds individuals/ industries strictly liable even if pollution was unintentional. The United Nations Environment Programme and Interpol define environmental crime as a collective term to describe illegal activities harming the environment and aimed at benefiting individuals or groups or companies from the exploitation of, damage to, trade or theft of natural resources, including, but not limited to, serious crimes and transnational organized crime The principle 16 of the Rio Declaration (1992) states, “National authorities should endeavor to promote the internalization of environmental costs and the use of economic instruments, taking into account the approach that ‘the polluter should, in principle, bear the cost of pollution,’ with due regard to the public interest and without distorting international trade and investment.” The courts in India have actively applied the principle in the judicial pronouncement….

Milind Borkar MD, Systematica Suyog Security Consultants (Sr. Consultant & Security Expert) Computer storage systems have seen a massive evolution and transformation over the last 100 years or so. These changes have been dramatic in relation to the size, price and the access speed of storage. These changes have been possible due to the rapid advances in technology, which was initially slow and took years to evolve but later in the last decade it accelerated due to rapid innovations and concerted/ collaborative efforts of the industry giants. These technology advances have revolutionized the way companies, businesses and consumers use storage technologies today –y from the most ubiquitous smart phone devices and personal computers to all the way to businesses which now have come to rely more on cloud storage services. In this article we try to capture the evolution of storage technologies over the years and examine the fundamental technical reason that has accelerated storage evolution over the last decade. Storage evolution over the last 70 years relative to size, capacity and price The table below highlights the trends in storage. Initially, the advances in technology were slow, mostly led by IBM in the 60s and 70s in the Megabyte revolution. In the 80s and 90s other companies jumped on the storage bandwagon and started the Gigabyte revolution soon to be followed by the Terabyte revolution. Today there are many physical form factors of storage devices from the traditional mechanical hard disk drives (HDD) to non-volatile memory (NVM) or solid-state devices (SSD); however, the fastest and most dynamic revolution is occurring in the cloud. Storage Technology Evolution over the last 100 years (Another View) There is another view of understanding the evolution of storage technology as well. The diagram below is a pictorial representation of the other view how storage technologies have evolved over the last 100 years. The fastest growing storage technology today Today, most storage systems use some or the other form of a mechanical device for storage which is otherwise known as ‘hard disk drives’ (HDD). HDDs are the dominant technology for several reasons such as very high recording density per platter, more than one platter per HDD, higher rotational speeds up to 15000 RPM for enterprise class drives, and reduced costs due to economies of scale. However, they do have inherent disadvantages owing to further recording density increase has hit the limits of the physical space, increasing the rotational speed of the platter increases the cost exponentially, and being a mechanical device it is bound to physically fail due to all the moving parts. A single HDD with a single platter at 15000 RPM can at most deliver a transfer speed of 100MB/s for sequential block reads, and for the random reads for the same configuration, transfer speed drops down to as low as 10MB/s Given the inherent limitations of mechanical storage devices and the rapid drop in prices of non-volatile memory (NVM), NVM is the next revolution in storage. It is found in almost all mobile devices and now continues to replace mechanical devices across the board. There are several reasons for this – they are now cost competitive with HDDs per terabyte of storage capacity and this price parity will continue to erode in favor of NVM in the coming years; NVM technology is far more reliable in the longer term because it has no moving parts; NVM is over 100 times faster than HDD and has similar transfer speeds for both sequential and random reads/writes unlike HDDs; and micro-second read/ write latency compared to milli-second latency for HDDs. Companies like Intel and Samsung have now developed NVM technologies that are 3 dimensional – it means increased storage density per cubic measure of volume without any performance degradation. The first system implementations of NVM were found to be SSDs that use the Serial ATA Protocol or SATA. The reason behind this was very simple. They achieve a 100-fold increase in transfer speeds relative to HDD immediately without changing the upper level small computer systems interface (SCSI) protocol. The SCSI protocol is over 4 decades old and is used by all I/O protocols such as fiber channel etc. All major operating systems also support the SCSI protocol. So for the industry’s quick gain, it was easy to replace the HDD with an NVM based SSD. The next disruption was soon born because the SCSI protocol and its associated software stack were very heavy as far as execution time was concerned. This SCSI protocol overhead directly impacted latency of reads and writes which is detrimental to high performance applications such as high frequency trading, small transactions in banking, and numerous database applications for machine learning and artificial intelligence. Thus, an industry working group was formed to address the latency problem associated with the SCSI protocol. The industry came up with a new protocol which takes advantage of the native speed of NMV. They completely eliminated the SCSI protocol to define a new protocol called NVMe (Non-Volatile-Memory Express) protocol. In this protocol, the NVM device is directly attached to the I/O PCI express bus hence the extension ‘e’ in NVM. This eliminates the need to have the traditional hardware and firmware that resides in a host bus adapter (HBA) along with HBA itself. The following diagram illustrates this concept Latest NVM highlights ● PCIe Gen1 is 2.5 gbps per lane per direction. Today’s SSDs pack Gen3x2 or Gen3x4 (8 Gbps x 2 or 4 lanes = upto 32 Gbps) bandwidth in a very tiny M.2 gumstick form-factor. ● 3-D NAND and 3D-Xpoint NAND – DRAM-bandwidth at flash-economies – very low-latency flash (20us IO read/Write) latency compared to 200us latency for enterprise flash. ● New form-factor coming to pack TB of capacity – ‘ruler’ form factor from Intel. ● NVMe enables performance scaling with the increase in capacity – traditionally denser HDD did not bring any performance improvement. ● NVMe over TCP enables low-cost SAN deployment compared to Infiniband, RoCE, iWarp or FC. ● NVMe allows dual-ported…

As urban centers continue to expand, buildings are evolving into far more than just places of work or residence. Today, architectural facades are becoming dynamic digital canvases that captivate passers-by and spark conversation. Traditionally, large-scale LED displays were seen as costly and energy-hungry, but the global shift toward sustainability has spurred innovative solutions that balance striking visuals with eco-friendly design. Rethinking traditional building displays Older building displays were often notorious for their high energy consumption. While LEDs are generally more energy-efficient than traditional lighting like incandescent or fluorescent bulbs, early LED displays didn’t fully realize that advantage due to technical limitations. Firstly, they lacked efficient thermal management, causing excessive heat generation that wasted energy (and also shortened component lifespan). Secondly, inefficient power supplies and imprecise voltage control led to further waste, especially when static or bright-white content forced RGB diodes to run constantly at maximum intensity. As a result, early LED displays could consume up to 1,000 watts per square meter, leading to high electricity costs and a large carbon footprint. Maintenance added another layer of difficulty. Many legacy systems were large, hard to service, and required extensive time for repairs or recalibration. These concerns underscored the urgent need for solutions that could reduce operational costs while aligning with sustainability goals. Turning to green LED solutions Recent innovations in LED technology have ushered in a new era of energy-efficient, adaptable, and environmentally friendly building displays. A key innovation is in thermal design such as flip-chip COB technology, which can reduce device temperature by 5-10°C and power consumption by around 45%. This improvement stems from flip-chip COB architecture, where LED chips are mounted directly onto the substrate, eliminating traditional wire bonds. This design minimizes thermal resistance, allowing heat to dissipate more efficiently and lowering junction temperatures. These enhancements bring down heat output and energy use. Precise voltage control, enabled by common cathode setup, further enhances efficiency by powering each RGB diode individually. Compared to conventional common anode design, this new approach reduces energy consumption, all while maintaining the vibrant, high-definition visuals demanded by today’s audiences. Softwaredriven management and control offer another key path to energy savings. Smart content management systems such as Hikvision’s PixMaster intelligent engine, dynamically adjust brightness and contrast based on content and ambient light conditions. This ensures the display uses only the power it needs, optimizing energy efficiency without sacrificing visual performance. Additionally, robust aluminum shells protect components from harsh weather, ensuring long-term durability and reducing maintenance frequency. These innovations make modern LED displays a reliable investment and contribute to minimizing waste. A real-world example of sustainability in action The transformative potential of these innovations can be seen in the case of Kamir’s new office building in Croatia. Faced with an outdated system that consumed excessive energy and lacked versatility, Kamir installed a 26-square-meter outdoor LED video wall using Hikvision’s P6 Outdoor Fixel LED technology. Featuring flip-chip COB and common cathode designs, the new system is an energy- efficient display, reducing energy consumption by 45% while maintaining stunning visual clarity. The installation’s intelligent energy management system adjusted brightness in real time, optimizing power use without compromising clarity. Its robust construction ensured reliable performance across Croatia’s varied weather conditions. Besides, the commercial LED display’s dynamic content capabilities attracted sponsors and advertisers, transforming the façade into a revenue-generating platform. This upgrade not only enhanced Kamir’s brand visibility but also demonstrated its commitment to sustainability. The global pursuit of greener solutions is redefining expectations across industries, and building displays are no exception. By adopting energy-efficient LEDs, smart content management, and durable designs, leaders like Hikvision are helping property owners transform energy- intensive displays into key components of sustainable strategies. Each installation marks progress toward a future where technology not only captivates but also benefits cities and communities. As more businesses recognize the long-term advantages, sustainable displays will become a cornerstone of urban design. Explore more about our LED display solutions and sustainability-focused innovations. Read More

Major Sadhna SinghConsultant As India rapidly advances towards becoming a digital powerhouse through smart cities, public safety systems, and ambitious Digital Public Infrastructure (DPI) missions like India Stack and CoWIN, the invisible foundation of this transformation is the reliability of its hardware. Among the most critical components are Hard Disk Drives (HDDs), the quiet workhorses storing vast volumes of surveillance footage, citizen data, and mission-critical system logs. But what if this very foundation is quietly being compromised? India’s backdoor hardware invasion India is witnessing a stealthy influx of used, refurbished, and end-of-life (EoL) hard drives, often mis-declared as new to evade regulatory controls. These HDDs enter through loopholes in trade classification, mostly without any quality checks, manufacturer credentials, or safety certifications. Many arrive under Harmonized System (HSN) Code 84717020, which is designated for new storage devices, thus circumventing licensing requirements under the Foreign Trade Policy (FTP) and violating E-Waste Management Rules. On paper, India doesn’t prohibit refurbished HDD sales, but their import is tightly regulated. In practice, however, grey market players exploit the regulatory blind spots, resulting in a digital time bomb quietly ticking across our surveillance systems, government servers, and public sector installations. The numbers tell a troubling story ● Over 3.3 million HDDs, many suspected to be used, were imported in FY 2023-24, outnumbering imports by authorized OEMs. ● In just the first nine months of FY 2024-25, an additional 1.9 million units were imported, suggesting a thriving grey market. ● Hyderabad Air Cargo alone accounts for up to 90% of these imports in recent months, with others entering via Chennai, Kolkata, and Mumbai. ● Top source countries include Hong Kong, Singapore, China, and the US, notorious hubs for global e-waste dumping. Declared import prices, sometimes as low as USD11-20 per unit, are a fraction of the legitimate OEM cost (USD70-90). The under-invoicing not only implies massive tax evasion but also points to deep-rooted misdeclaration networks. A. Port-wise import volumes B. Country of origin National security and cyber risks These aren’t just dodgy business practices. They’re national security vulnerabilities. Unlike surveillance-grade HDDs designed for 24×7 operations, refurbished drives, typically desktop-grade and not meant for continuous workloads, fail prematurely. In sensitive environments like railway command centres, police control rooms, or border surveillance hubs, such failures could mean loss of critical footage during emergencies, be it a riot, a terrorist attack, or an industrial accident. Worse still, HDDs refurbished overseas may carry undetected firmware modifications, turning them into potential hardware backdoors. In an era where data is strategic capital, compromising hardware is equivalent to compromising sovereignty. The economic fallout Beyond the security risks, this grey market has led to: ● Crores in lost revenue due to customs duty evasion and GST shortfalls. ● Market distortion, where shady traders repackage used drives with new casings and stickers, selling them at inflated MRPs, sometimes even on government procurement platforms like GeM. ● Consumer fraud, with unsuspecting households and MSMEs believing they’ve bought new, warrantied products; when in reality, they’re buying used electronics with limited lifespan and no accountability. Environmental non-compliance The environmental cost is equally dire. India’s E-Waste Management Rules (2022) prohibit unregulated import of electronic waste. Many of these drives fail within months, turning into toxic waste streams without proper recycling mechanisms. Their import also potentially violates India’s obligations under the Basel Convention, which prohibits transboundary movement of hazardous e-waste disguised as usable goods. Storage is sovereignty In today’s world, sovereignty doesn’t just depend on borders, but on bytes. Trusted storage hardware is as vital as secure communications. From Aadhaar to AI models, from critical infrastructure to defence networks — our digital services rely on integrity at the hardware level. Allowing unknown, unverified HDDs to creep into our systems threatens confidentiality, availability, and integrity, the very pillars of cybersecurity. What needs to be done 1. Tighten the Legal Screws ● Issue clear DGFT and CBIC circulars reiterating licensing requirements for used HDDs. ● Move refurbished HDDs from ‘Restricted’ to ‘Prohibited’ category, except for OEMs under Extended Producer Responsibility (EPR). 2. Impose Minimum Import Prices Introduce import price floors (e.g., USD 35 for 1TB drives) to stop under- invoicing and restore fair trade practices. 3. Mandate Labelling and Traceability Make it mandatory for all imported HDDs to: ● Be BIS registered. ● Carry labels indicating ‘Refurbished’ status, country of origin, and refurbisher’s identity 4. Secure Public Procurement Platforms like GeM should: ● Create a separate refurbished electronics category. ● Ban usage of non-certified drives in critical surveillance and defence contracts. 5. Conduct Strategic Audits Ministries such as MeitY, MHA, and MoHUA should: ● Audit existing HDDs used in police and smart city projects ● Run firmware-level forensic checks to detect possible vulnerabilities ● Involve CERT-In and NTRO in cases of national security concern Conclusion: A call for a whole-of-government response What India faces today is not just a trade irregularity, but a strategic vulnerability. The silent flood of unauthorized, potentially compromised HDDs threatens our national security, digital trust, consumer protection, and environmental goals, all at once. This calls for a coordinated response from DGFT, CBIC, BIS, MeitY, MoEFCC, MHA, and GeM to plug gaps, ensure hardware integrity, and protect the digital spine of India. In the data age, storage is infrastructure, and infrastructure is sovereignty. Let’s not allow backdoors to be built into our nation’s future, drive by drive. Read More

With the growing cyber threats across infrastructure sectors, STQC-certified Vicon Valerus VMS provides assurance that the system has been rigorously tested for vulnerabilities, encryption strength, data integrity, and secure software architecture. It not only meets the government’s Essential Requirements (ER) for cybersecurity but also builds confidence among end users deploying surveillance solutions in critical sectors such as smart cities, transportation hubs, defense, and public infrastructure. This certification makes Vicon Valerus VMS a trusted and future-ready choice for mission-critical deployments By Gaurav Taywade, Director, India Operations, VICON Introduction Open APIs have made it easy for leading VMS platforms to link video to instances of doors being propped open, LPR events, and other security incidents. The added value of integrated solutions makes them the norm for today’s enterprise systems, and common in small to medium-sized installations. However, in most integrations the VMS is not the dominant interface for viewing video with its associated data. Instead, users click on an event of interest within their access control software, for example, to see a short video clip captured by a nearby camera. Then, to search for more related clips, they turn to the VMS interface. While such integrations are better than no integration, the operator experience is clumsy and inefficient for use as a core security management platform. A video-centric platform allows security personnel to remain within the VMS interface to view and manage events from integrated solutions – like access control, LPR, vape detection, and more – all through a single pane of glass. To explain its inherent superiority, let’s begin with a hypothetical security threat and envision how such a system would facilitate a response. Imagine this Larry was terminated from his job last week. Today, he drives to his former workplace. A security officer monitoring the property sees live video from a parking lot camera pop up within the VMS interface. On the same screen, data from an integrated License Plate Recognition (LPR) system shows that the vehicle belongs to Larry Larkin, former employee. Larry’s plate is not on security’s ‘forbidden on property’ list, but the officer is curious whether Larry’s visit is expected. He checks his list of approved visitors for the day and sees that Larry has an appointment with HR to finalize severance paperwork. Therefore, there’s no need to dispatch an officer to the parking lot. Larry heads to the employee entrance instead of the main entrance. As he approaches the door, a nearby camera’s motion detection analytic pushes video to the officer’s screen again. In addition, the VMS displays a facility map pinpointing the location of the active camera. Larry is in the wrong place, as he is no longer an employee. From within the VMS screen, the officer opens a 2-way communication channel with the intercom mounted next to the employee door. He plans to instruct Larry to use the main entrance, where he must sign in and be met by someone from HR. Just then, a staff member arrives at the employee door, swipes in, and improperly permits Larry to follow her through the entrance. Her name and department display next to the video. The officer follows Larry’s movement through the facility via surveillance cameras, instructs another officer to intercept him, and alerts HR that Larry is approaching their department unescorted. Furthermore, as a precaution, the officer calls up the status of door to the HR department and confirms that it is locked. The episode ends without incident. Larry’s use of the employee entrance was an honest mistake driven by habit. HR greets him at the door and allows him to enter the office area, where he meets with a benefits representative as planned. To summarize, within the VMS, the officer was able to: This example is purely hypothetical, but it illustrates the advantagesof a centralized video platform presenting disparate systems withina single pane of glass. Capabilities will vary by VMS manufacturerand the integrations they offer, but in all cases, system operators,administrators, onsite workers, and visitors benefit. Let’s dig deeper. Enhanced Situational Awareness and Actionable Intelligence Video is much more meaningful when supported by live, corresponding data. When security officers are trying to understand the nuances of a security event, having all relevant information presented and seamlessly accessible is ideal. In the previous example, there were many times the guard received additional information within the VMS to explain what he was seeing. In a non-integrated solution, with only video immediately available, the officer would only know that someone had tailgated through an employee entrance. He would lack sufficient knowledge to assess the risk and respond appropriately. An overreaction by his security team could cause unnecessary stress and inconvenience to everyone in the building; a weak response could jeopardize their safety. With a video-centric integrated solution, operators have the data they need to differentiate between ‘real’ security threats and harmless situations. They can prioritize where to focus their attention and quickly understand when it’s necessary to deploy additional resources. A Faster, Better, More Informed Response Without a single pane of glass, security guards must navigate several solutions, search for, and pull up, relevant data to stitch together and make sense of what they observe – a cumbersome process that’s impossible to perform in real time. Our example ended peacefully, but what if Larry was emotionally unstable and seeking revenge for what he perceived as wrongful termination? Imagine if HR had flagged him as a volatile individual who was not welcome on site? Or, if the guard observed Larry removing a firearm from his car while in the parking lot? That guard could have initiated a lockdown immediately from within the VMS. These are ways in which a video-centric centralized solution facilitates a faster response. A centralization solution also better equips officers who monitor security from their mobile devices. Patrolling guards can maintain situational awareness without toggling between apps. When officers in the field have access to the same information as those behind a desk, they can respond immediately and spontaneously to security risks, like a…

By Anand Bhat, Chairman & Managing Director, BNB Security & Automation Solutions Why the conversation is shifting Until recently the goal of most safety or security projects was clear-cut – install the right sensors & equipment, route alarms to a control room, keep false positives manageable and respond within a written SLA. That formula is no longer enough. Three forces are reshaping expectations: 1. Data saturation Modern campuses already host thousands of points – surveillance cameras, access control systems & readers, fire smoke & heat detectors, intrusion & occupancy sensors, range of ambient & energy measurement sensors – yet nearly 70 percent of that data is never correlated. 2. Business continuity pressures Downtime is now measured in reputation minutes as much as in rupees. Stakeholders want documented proof that small incidents are isolated before they interrupt service. 3. Regulatory tightening India’s Digital Personal Data Protection Act, the revised National Building Code, Public Safety Act and emerging ESG disclosure norms all require real-time evidence, not retrospective logbooks. Sensor orchestration – turning every sense point into a single, contextual feed for the operations centre – moves from ‘nice to have’ to ‘table stakes.’ A simple definition Sensor orchestration is the practice of: ● Collecting data from every relevant safety, security or environment- related sensor, regardless of brand. ● Normalising it into a common, time-aligned stream. ● Fusing multiple streams into a higher-level event (e.g., ‘over-temperature + carbon-monoxide rise + camera flame pattern = verified fire’). ● Responding according to a playbook that blends automation (doors release, HVAC dampers close) with human escalation. ● Auditing the entire chain in a way that regulators and insurers can examine the audit trail. A typical 3-6-9-year outlook (next decade) Timeframe What will change Implications for professionals Next 0-3 years – Integration phase •Most large projects will specify open protocols (MQTT, ONVIF, BACnet/ IP) as mandatory.•Sensor fusion will tackle the everyday irritants first – false fire alarms, redundant guard patrols,energy waste. •Engineers must learn basic data normalisation and security segmentation. •Engineering design spec teams must/ will write ‘deliver raw API data’ into ‘actionable intelligence’ and ‘performance contracts.’ Next 0-3 years – Integration phase •AI models trained on multi-sensor data sets become common in GSOCs. • Routine incidents (80% today) trigger full closed-loop responses without operator intervention. • Insurers start discounting premiums when buildings prove sub-10-second incident containment. •Security & Facility managers’ upskill in AI ‘explainability’ – being able to justify how amodel chose an action.•Legal and data-privacy officers are increasingly involved in sensor placement and data retentionpolicies. Next 6-9 years – Predict-and prevent phase •Digital twins combine BIM, real-time sensors and historical fault data.•Regulations shift from ‘respond within x seconds’ to ‘show that you can predict and avoid.’•Smart-city feeds (weather, crowd density, air quality) mesh with building sensors. •Risk managers prioritise scenario modelling over traditional checklist audits.•Vendors differentiate through ‘micro-services’ (e.g., lithium-battery thermal-runaway predictor) that plug into a common orchestration platform. Key capability gaps to close now 1. Open data skills Most teams still rely on proprietary GUIs now. They need fundamentals in: ● Time-series basics – sampling, latency, synchronisation. ● Lightweight messaging – MQTT topics, REST calls, simple JSON parsing. An operator does not need to code AI models, but must understand how ‘sensor A’ synchronises with ‘sensor B’ and what happens if one timestamp drifts. 2. Cyber-physical discipline Multiple small breaches in the last 24 months began with an unsecured surveillance camera and ended in an HVAC shutdown. OT segregation, encrypted NFC-enabled devices, certificate management and patch cadence must become part of the FM playbook, not an afterthought delegated to IT. Those low-code design inclusion competencies must now be at the edge. 3. Playbook design Automated response is only as good as the playbook behind it. Each event class requires: ● Threshold (when to trigger). ● Dependencies (which other sensors confirm or cancel). ● First automated act. ● Operator escalation path. ● Audit closure. Writing clear, testable playbooks is a new professional skill set somewhere between process engineering and emergency planning. Until recently the goal of most safety or security projects was clear-cut – install the right sensors & equipment, route alarms to a control room, keep false positives manageable and respond within a written SLA. That formula is no longer enough 4. Continuous audit culture The future regulator will ask for a digital traceability, audit trail & explainability, not a binder. Life-safety drills, valve closings, data-retention decisions – all must leave an immutable log. Building teams should practice incident retrospectives the way airlines analyse near misses. Product and solution directions BNB and its OEM partners will plan to collaborate on four solution stacks aligned to the roadmap above. 1. Multi-sensor edge gateways – Devices that accept legacy 4-20 mA loops, modern IP streams and encrypted wireless payloads in one enclosure, forwarding normalised MQTT to the GSOC. 2. AI-ready data lake – A dedicated cloud or on-prem storage that keeps raw and derived sensor data for at least five years for customers, ready for carbon reporting, forensic analysis or model retraining. 3. Low-code playbook engine – Drag-and-drop logic so security supervisors, not programmers, can update responses when floor layouts or customer needs change. 4. Assurance dashboards – Simple widgets: average response time this week; top three sensor faults; compliance score against energy, water, wellness targets. Modern campuses already host thousands of points – surveillance cameras, access control systems & readers, fire smoke & heat detectors, intrusion & occupancy sensors, range of ambient & energy measurement sensors – yet nearly 70 percent of that data is never correlated Preparing the workforce 1. Short, targeted training – Certified 20-hour or similar micro-courses on basic sensor networking, AI alarm correlation and OT cyber hygiene. 2. Cross-functional drills – Quarterly exercises where security, MEP, IT and data-privacy teams walk through one orchestrated event.3. Graduate outreach – Partnering with universities to include sensor-network basics in mechanical and electrical engineering electives. How the industry should cooperate 1. Shared taxonomies & ontologies – Agree on naming conventions for devices and events….

Dr Banusri VelpandianSenior Law Specialist Bhavya JhaLaw Graduate Co-author Though it sounds very personal, the nature of harm caused to one’s reputation and dignity also has public aspect inherent to it. Even the Apex Court of our country gives reasoning that individuals constitute the community and the law relating to defamation protects the reputation of each individual in the perception of the public at large. In this age of all pervasive freedom and preference to privacy, a delicate balance between free speech and expression that is considered to be a fundamental right, and certain reasonable restrictions have to be arrived at. Starting July 1 last year, three criminal laws, of the British-era viz; The Indian Penal Code of 1860, the Code of Criminal Procedure of 1973 and the Indian Evidence Act, 1872 have been replaced by the Bharatiya Nyaya Sanhita (BNS), the Bharatiya Nagarik Suraksha Sanhita (BNSS), and the Bharatiya Sakshya Adhiniyam (BSA) respectively. Not only are these laws a part of the Government’s efforts to decolonising our legal system, but they also seek to create a more accessible and efficient justice delivery mechanism. The laws are more comprehensive and in tune with the needs of the present-day system. For instance, the BNS places greater emphasis on national security and public order, removes colonial terminologies and expands the scope of some definitions in sexual offences. On the other hand, the BNSS has integrated technology into criminal proceedings, is transparent and more citizen-centric. The BSB makes a massive difference by adopting 21st Century evidence standards and greater reliance on electronic data. This article specifically focuses on the basic principles and established norms related to harms caused to any ones’ reputation and associated dignity. It also focuses on the growing role of AI and IT in harming reputation, and to gain a basic understanding on the subject. Harm to Reputation under India’s new Criminal Laws: Legal continuity, Digital threats, and Emerging jurisprudence The right to reputation is fundamental for individual dignity and personal liberty, and is protected under Article 21 of the Indian Constitution. It operates in harmony with the freedom of speech and expression guaranteed under Article 19(1)(a), subject to reasonable restrictions under Article 19(2). The constitutionality of criminal defamation was also upheld by the Supreme Court in Subramanian Swamy v. Union of India, (2016) 7 SCC 221, stating that reputation is intrinsic to Article 21, and that reasonable restrictions under Article 19(2) are justified. The implementation of the new criminal laws set in motion a transformative shift in its criminal justice framework. One key area of continuity and adaptation is the law relating to harm to reputation. Now that the world is perpetually online, and new technologies such as AI are emerging every day, the facets of both harm to and protection of reputation are increasingly evolving. In light of this, the matter of how the legal system deals with these issues becomes even more pertinent. As far as defamation under tort (Civil wrongs) law is concerned, as a general rule, the focus is on libel (i.e., written defamation) and not on slander (i.e., spoken defamation). In order to establish that a statement is libelous, it must be proved that it is (i) false, (ii) written; (iii) defamatory, and (iv) published. Defamation under BNS: Retaining the Legacy of the IPC The Bharatiya Nyaya Sanhita, 2023, which replaces the Indian Penal Code, retains the offence of criminal defamation under Section 354, reproducing nearly verbatim the language of Section 499 of the IPC. It defines defamation as ‘making or publishing any imputation concerning a person with intent or knowledge that it will harm their reputation.’ The punishment is prescribed under Section 354(2) as imprisonment up to two years, or fine, or both. The essential elements in causing harm to reputation involve the following and it depends upon their interpretation: a. Imputation and targeting. b. Means of communication and causal link. c. Harmful intent or knowledge or reason to believe. Further, the principle of noscitur a sociis, a Latin term meaning ‘it is known by its associates,’ is a rule of legal interpretation. It states that the meaning of an unclear or ambiguous word should be determined by considering the other words and phrases surrounding it The ten exceptions listed under the IPC have been retained without any changes. This continuity ensures doctrinal consistency while simultaneously allowing for newer procedural and evidence mechanisms under BNSS and BSA. The exemption will also include certain privileged communications such as the statements made during Parliamentary proceedings. The ten exceptions under Section 354 are: 1. Truth for Public Good: True statements made for the public good are not defamation. 2. Public Servant Conduct: Good faith opinions on a public servant’s official conduct are exempt. 3. Public Questions: Good faith remarks on a person’s conduct in public affairs are allowed.4. Court Proceedings: Accurate reports of judicial proceedings are not defamatory. 5. Merits of a Case: Fair comments on the merits of a case or conduct of involved parties are exempt. 6. Public Performances: Honest reviews of works submitted to public judgment are not defamation. 7. Censure by Authority: Lawful censure by someone in authority made in good faith is protected. 8. Accusation to Authority: Complaints made in good faith to proper authorities are not defamation. 9. Protection of Interests: Imputations made in good faith to protect one’s or another’s interests are exempt. 10. Caution for Good: Warnings given in good faith for someone’s or public benefit are not defamatory. Comparison with the IPC-Era Even as the substantive content of the law on defamation remains the same, the procedural and evidentiary frameworks have changed. The BNSS introduces faster timelines for investigation and trial [BNSS, 2023, Chapter XII], which can expedite defamation cases. Legal explainer: Chapter XII of the Bharatiya Nagarik Suraksha Sanhita, 2023 deals with police procedures for investigation, mirroring CrPC’s Chapter XII but with modern upgrades. Key points for defamation cases: ● Section 173: FIRs must be registered promptly for cognizable offences. ● Section 176: Police can…

REDEFINING THE ROLE OF SECURITY IN THE CORPORATE WORLD ANIL PURICMD, APS Group A first generation serial entrepreneur, thought leader and an action catalyzer rolled into one – Anil Puri is a rare combination of a visionary, an innovator and a strategic thinker. He has used this combination to innovate and implement on-ground many new business ideas. His rich experience in various businesses has enabled him to nurture & mentor innovative ideas and scale them up. “In a world of rising risks, security is the new RoI” Introduction In today’s volatile, unpredictable, complex, and ambiguous (VUCA) world, corporations face a wide range of threats – cyber, physical, reputational, and geopolitical. Security, once considered a passive cost burden, is now being redefined as an active protector of profits, business continuity, and corporate reputation. With rising incidents of cyberattacks, insider threats, industrial sabotage, and disruptions caused by natural disasters and civil unrest, the role of corporate security has expanded from guarding gates to safeguarding value chains. It makes a bold move and great sense to transform the corporate mindset – from viewing security as a cost center to appreciating it as a strategic investment that protects profits, fuels resilience, and builds competitive advantage in the global market. “When security leads, losses retreat” 1.Understanding the Legacy Perception: Security as a Cost Center Security was traditionally viewed as a non-productive overhead. Historically, security was confined to physical guarding, with minimal alignment to strategic business goals. This perception relegated it to a cost on the profit and loss account without tangible contribution to revenue or growth. Security budgeting is often reactive and not outcome-linked. Corporate boards often allocate security budgets after an incident, making it reactive rather than preventive. There’s minimal linkage between security inputs and organizational outcomes or profitability. RoI of security investments is difficult to quantify. Unlike marketing or production where inputs and outputs can be directly measured, the returns from security (e.g., prevention of incidents, reputation protection etc.,) are intangible. This causes reluctance in investing significantly in security measures – poor integration with business strategy. In many organizations, security functions operate in silos without integration with operations, HR, finance, or IT, further weakening their strategic relevance and visibility. 2.Evolving Threat Landscape: A Paradigm Shift in Risk Perception “Every breach avoided is revenue protected – security is silent profitability“ Rise of hybrid and complex threats Modern threats are no longer isolated – cyber and physical threats now converge. For instance, a disgruntled insider can physically access a server room and launch a ransomware attack. This hybrid nature makes security far more strategic. Globalization and expanded risk perimeters Global supply chains, remote operations, and digital platforms mean that organizations now face risks from multiple geographies, jurisdictions, and threat actors – ranging from state-sponsored espionage to transnational crime networks. Political, economic, and environmental risks Geopolitical tensions, trade wars, climate-induced disasters, and pandemics like COVID-19 have demonstrated how non-traditional threats can cripple operations and cause massive financial losses. Regulatory tightening and compliance pressures From GDPR in Europe to India’s Digital Personal Data Protection Act, and evolving ESG norms – security and privacy compliance have become core to business licensing, investor trust, and global market access. Increased accountability of C-suite and Boards Security breaches now result in reputational damage, legal scrutiny, and even removal of CXOs. Leadership is increasingly accountable for lapses in data protection, crisis management, and employee safety. “Security transforms from expense to asset the moment a threat is blocked” 3.Security as a Profit Protector: Strategic Reframing Loss prevention equals profit protection Security measures reduce theft, fraud, and operational disruptions – translating directly to cost savings and enhanced margins. Retail chains globally invest heavily in surveillance and analytics to prevent inventory loss (shrinkage). Security sustains business continuity and investor confidence A well-secured environment ensures minimal operational downtime during crises, assuring investors and clients of organizational resilience. For example, firms with robust Business Continuity Plans (BCP) performed better during the COVID-19 lockdown. Brand trust is rooted in security and compliance Customers, regulators, and stakeholders are more loyal to companies that protect their data, ensure safe workplaces, and comply with laws. A breach in security can wipe out years of brand building – as seen in high-profile data leaks. Security mitigates legal and regulatory penalties Failure to implement adequate security can lead to lawsuits, sanctions, and insurance claim denials. Proactive compliance with security standards (e.g., ISO 27001, ISO 18788) reduces liabilities. Cybersecurity is a competitive differentiator In sectors like BFSI, IT, and e-commerce, robust cyber defense systems enhance customer confidence, driving sales and global competitiveness. “No margin is safe without protection – security defends the bottom line” “In today’s volatile, unpredictable, complex, and ambiguous (VUCA) world, corporations face a wide range of threats – cyber, physical, reputational, and geopolitical. Security, once considered a passive cost burden, is now being redefined as an active protector of profits, business continuity, and corporate reputation. With rising incidents of cyberattacks, insider threats, industrial sabotage, and disruptions caused by natural disasters and civil unrest, the role of corporate security has expanded from guarding gates to safeguarding value chains” 4.Case Studies: Global and Indian Examples Target Corporation, USA. A 2013 data breach led to 40 million customer credit card details being stolen. The company faced $200 million in losses and lost customer trust. Since then, they have invested heavily in cybersecurity, positioning themselves as an industry leader in retail security. Tata Consultancy Services (TCS), India TCS integrates information security within its project lifecycle, ensuring client data protection and compliance with global norms like GDPR. This has made it a preferred vendor for Fortune 500 clients. Taj Mumbai 26/ 11 Attack Response During the 2008 Mumbai attacks, security and hotel staff protected guests and facilitated emergency evacuation. Their preparedness became a global case study in disaster response and resilience. Amazon’s Security Architecture Amazon deploys AI-driven surveillance, warehouse robotics, and encrypted data architecture to ensure smooth operations even under peak demand. This contributes directly to customer satisfaction and profitability. “In today’s corporate battlefield, security…

Technological advancement has ushered in a new wave of innovation and efficiency – but it has also opened the door to vulnerabilities that cyber attackers are eager to exploit. With billions in damages and reputational costs at stake, businesses must evolve their security posture to match these emerging threats. As cybersecurity continues to evolve in 2025, organizations around the world will have to rethink their approach to protecting their most critical assets and operations. Here are five cybersecurity trends to watch in 2025 and beyond. Attacks on operational technology will increase No longer content to target IT, cyber attackers are increasingly taking aim at critical operational technology (OT) systems. Prominent examples like the Colonial Pipeline [i] and MGM Grand [ii] attacks demonstrate the way that threat actors are now more focused on completely shutting down facility operations instead of just stealing information. This shift shows how cybercriminals and state-sponsored groups are evolving their tactics to inflict a more direct, crippling impact on business operations globally. In 2025, protecting OT systems from these types of targeted, disruptive attacks will be a major cybersecurity challenge for industrial organizations. Cybersecurity regulation will intensify Globally, governments are recognizing the systemic risks posed by attacks and are taking a more active and collaborative role in driving cybersecurity best practices. This will significantly impact the way that organizations approach security. For instance, there are now regulations like the European Union’s NIS2 Directive [iii] that can hold executives personally liable if appropriate security measures are not implemented at their organizations. This will drive stronger collaboration among government and the C-suite, boards and cybersecurity leaders. As cybersecurity continues to evolve in 2025, organizations around the world will have to rethink their approach to protecting their most critical assets and operations. Here are five cybersecurity trends to watch in 2025 and beyond In the U.S., there are new SEC rules [iv] that require prompt reporting of cyberattacks to provide greater protection for investors. Meanwhile, Australia is set to implement stringent cyber regulations of its own through the Security of Critical Infrastructure (SOCI) Act [v] . Though SOCI was first enacted in 2018, the grace period for compliance ended in August 2024. This means that going forward, Australian organizations in critical infrastructure sectors will now be required to comply with this enforceable regulation or face potential fines. Overall, organizations across the globe will have to closely monitor evolving government regulations and align their security strategies accordingly to avoid penalties and reputational damage in the coming year. Asset visibility will improve In 2025, a key cybersecurity challenge for organizations, particularly building operators, will be gaining full visibility into the myriad connected assets on their networks. Many building owners struggle to identify all the connected devices, from security cameras to HVAC systems to access control panels, which make up their OT infrastructure. Without a clear understanding of their complete asset inventory, organizations are unable to effectively defend against threats. Attackers who gain access to unmonitored systems can disrupt critical building functions and cripple operations. Honeywell’s Cyber Insights is an OT-focused solution designed to help provide building operators with near real- time visibility into their full asset landscape. It delivers the comprehensive asset discovery and management that is essential for protecting OT environments in 2025 and beyond. AI’s role in security will grow In 2025, there will be greater reliance on AI-powered solutions to enhance cybersecurity capabilities. For example, in the building operations space, AI can be used to automate patch management and mitigate disruptions. Instead of simply deploying patches, AI can analyze the risks and impacts, and selectively apply patch updates in a way that minimizes downtime. AI is also enhancing security monitoring and incident response. For example, AI can help in analyzing log data to quickly identify true threats and prioritize the most critical issues. This allows organizations to eliminate false positives and respond to incidents faster and more effectively. OT security expertise will be in demand As cyberattacks are increasingly targeted at OT systems, organizations are recognizing the critical need for security teams to deeply understand OT infrastructure and its unique vulnerabilities. Traditional IT personnel often lack the specialized knowledge required to secure OT assets like HVAC, access control and building management systems. Going forward, security leaders must make sure that their teams can identify and mitigate risks across the full IT-OT convergence. This includes understanding OT communication protocols, equipment architectures and the potential cascading impacts of disruptions. Without comprehensive OT security expertise, organizations remain dangerously exposed to attacks that could cripple critical systems and operations Read more