Category: Feature

By Anand Bhat, Chairman & Managing Director, BNB Security & Automation Solutions Why the conversation is shifting Until recently the goal of most safety or security projects was clear-cut – install the right sensors & equipment, route alarms to a control room, keep false positives manageable and respond within a written SLA. That formula is no longer enough. Three forces are reshaping expectations: 1. Data saturation Modern campuses already host thousands of points – surveillance cameras, access control systems & readers, fire smoke & heat detectors, intrusion & occupancy sensors, range of ambient & energy measurement sensors – yet nearly 70 percent of that data is never correlated. 2. Business continuity pressures Downtime is now measured in reputation minutes as much as in rupees. Stakeholders want documented proof that small incidents are isolated before they interrupt service. 3. Regulatory tightening India’s Digital Personal Data Protection Act, the revised National Building Code, Public Safety Act and emerging ESG disclosure norms all require real-time evidence, not retrospective logbooks. Sensor orchestration – turning every sense point into a single, contextual feed for the operations centre – moves from ‘nice to have’ to ‘table stakes.’ A simple definition Sensor orchestration is the practice of: ● Collecting data from every relevant safety, security or environment- related sensor, regardless of brand. ● Normalising it into a common, time-aligned stream. ● Fusing multiple streams into a higher-level event (e.g., ‘over-temperature + carbon-monoxide rise + camera flame pattern = verified fire’). ● Responding according to a playbook that blends automation (doors release, HVAC dampers close) with human escalation. ● Auditing the entire chain in a way that regulators and insurers can examine the audit trail. A typical 3-6-9-year outlook (next decade) Timeframe What will change Implications for professionals Next 0-3 years – Integration phase •Most large projects will specify open protocols (MQTT, ONVIF, BACnet/ IP) as mandatory.•Sensor fusion will tackle the everyday irritants first – false fire alarms, redundant guard patrols,energy waste. •Engineers must learn basic data normalisation and security segmentation. •Engineering design spec teams must/ will write ‘deliver raw API data’ into ‘actionable intelligence’ and ‘performance contracts.’ Next 0-3 years – Integration phase •AI models trained on multi-sensor data sets become common in GSOCs. • Routine incidents (80% today) trigger full closed-loop responses without operator intervention. • Insurers start discounting premiums when buildings prove sub-10-second incident containment. •Security & Facility managers’ upskill in AI ‘explainability’ – being able to justify how amodel chose an action.•Legal and data-privacy officers are increasingly involved in sensor placement and data retentionpolicies. Next 6-9 years – Predict-and prevent phase •Digital twins combine BIM, real-time sensors and historical fault data.•Regulations shift from ‘respond within x seconds’ to ‘show that you can predict and avoid.’•Smart-city feeds (weather, crowd density, air quality) mesh with building sensors. •Risk managers prioritise scenario modelling over traditional checklist audits.•Vendors differentiate through ‘micro-services’ (e.g., lithium-battery thermal-runaway predictor) that plug into a common orchestration platform. Key capability gaps to close now 1. Open data skills Most teams still rely on proprietary GUIs now. They need fundamentals in: ● Time-series basics – sampling, latency, synchronisation. ● Lightweight messaging – MQTT topics, REST calls, simple JSON parsing. An operator does not need to code AI models, but must understand how ‘sensor A’ synchronises with ‘sensor B’ and what happens if one timestamp drifts. 2. Cyber-physical discipline Multiple small breaches in the last 24 months began with an unsecured surveillance camera and ended in an HVAC shutdown. OT segregation, encrypted NFC-enabled devices, certificate management and patch cadence must become part of the FM playbook, not an afterthought delegated to IT. Those low-code design inclusion competencies must now be at the edge. 3. Playbook design Automated response is only as good as the playbook behind it. Each event class requires: ● Threshold (when to trigger). ● Dependencies (which other sensors confirm or cancel). ● First automated act. ● Operator escalation path. ● Audit closure. Writing clear, testable playbooks is a new professional skill set somewhere between process engineering and emergency planning. Until recently the goal of most safety or security projects was clear-cut – install the right sensors & equipment, route alarms to a control room, keep false positives manageable and respond within a written SLA. That formula is no longer enough 4. Continuous audit culture The future regulator will ask for a digital traceability, audit trail & explainability, not a binder. Life-safety drills, valve closings, data-retention decisions – all must leave an immutable log. Building teams should practice incident retrospectives the way airlines analyse near misses. Product and solution directions BNB and its OEM partners will plan to collaborate on four solution stacks aligned to the roadmap above. 1. Multi-sensor edge gateways – Devices that accept legacy 4-20 mA loops, modern IP streams and encrypted wireless payloads in one enclosure, forwarding normalised MQTT to the GSOC. 2. AI-ready data lake – A dedicated cloud or on-prem storage that keeps raw and derived sensor data for at least five years for customers, ready for carbon reporting, forensic analysis or model retraining. 3. Low-code playbook engine – Drag-and-drop logic so security supervisors, not programmers, can update responses when floor layouts or customer needs change. 4. Assurance dashboards – Simple widgets: average response time this week; top three sensor faults; compliance score against energy, water, wellness targets. Modern campuses already host thousands of points – surveillance cameras, access control systems & readers, fire smoke & heat detectors, intrusion & occupancy sensors, range of ambient & energy measurement sensors – yet nearly 70 percent of that data is never correlated Preparing the workforce 1. Short, targeted training – Certified 20-hour or similar micro-courses on basic sensor networking, AI alarm correlation and OT cyber hygiene. 2. Cross-functional drills – Quarterly exercises where security, MEP, IT and data-privacy teams walk through one orchestrated event.3. Graduate outreach – Partnering with universities to include sensor-network basics in mechanical and electrical engineering electives. How the industry should cooperate 1. Shared taxonomies & ontologies – Agree on naming conventions for devices and events….

Dr Banusri VelpandianSenior Law Specialist Bhavya JhaLaw Graduate Co-author Though it sounds very personal, the nature of harm caused to one’s reputation and dignity also has public aspect inherent to it. Even the Apex Court of our country gives reasoning that individuals constitute the community and the law relating to defamation protects the reputation of each individual in the perception of the public at large. In this age of all pervasive freedom and preference to privacy, a delicate balance between free speech and expression that is considered to be a fundamental right, and certain reasonable restrictions have to be arrived at. Starting July 1 last year, three criminal laws, of the British-era viz; The Indian Penal Code of 1860, the Code of Criminal Procedure of 1973 and the Indian Evidence Act, 1872 have been replaced by the Bharatiya Nyaya Sanhita (BNS), the Bharatiya Nagarik Suraksha Sanhita (BNSS), and the Bharatiya Sakshya Adhiniyam (BSA) respectively. Not only are these laws a part of the Government’s efforts to decolonising our legal system, but they also seek to create a more accessible and efficient justice delivery mechanism. The laws are more comprehensive and in tune with the needs of the present-day system. For instance, the BNS places greater emphasis on national security and public order, removes colonial terminologies and expands the scope of some definitions in sexual offences. On the other hand, the BNSS has integrated technology into criminal proceedings, is transparent and more citizen-centric. The BSB makes a massive difference by adopting 21st Century evidence standards and greater reliance on electronic data. This article specifically focuses on the basic principles and established norms related to harms caused to any ones’ reputation and associated dignity. It also focuses on the growing role of AI and IT in harming reputation, and to gain a basic understanding on the subject. Harm to Reputation under India’s new Criminal Laws: Legal continuity, Digital threats, and Emerging jurisprudence The right to reputation is fundamental for individual dignity and personal liberty, and is protected under Article 21 of the Indian Constitution. It operates in harmony with the freedom of speech and expression guaranteed under Article 19(1)(a), subject to reasonable restrictions under Article 19(2). The constitutionality of criminal defamation was also upheld by the Supreme Court in Subramanian Swamy v. Union of India, (2016) 7 SCC 221, stating that reputation is intrinsic to Article 21, and that reasonable restrictions under Article 19(2) are justified. The implementation of the new criminal laws set in motion a transformative shift in its criminal justice framework. One key area of continuity and adaptation is the law relating to harm to reputation. Now that the world is perpetually online, and new technologies such as AI are emerging every day, the facets of both harm to and protection of reputation are increasingly evolving. In light of this, the matter of how the legal system deals with these issues becomes even more pertinent. As far as defamation under tort (Civil wrongs) law is concerned, as a general rule, the focus is on libel (i.e., written defamation) and not on slander (i.e., spoken defamation). In order to establish that a statement is libelous, it must be proved that it is (i) false, (ii) written; (iii) defamatory, and (iv) published. Defamation under BNS: Retaining the Legacy of the IPC The Bharatiya Nyaya Sanhita, 2023, which replaces the Indian Penal Code, retains the offence of criminal defamation under Section 354, reproducing nearly verbatim the language of Section 499 of the IPC. It defines defamation as ‘making or publishing any imputation concerning a person with intent or knowledge that it will harm their reputation.’ The punishment is prescribed under Section 354(2) as imprisonment up to two years, or fine, or both. The essential elements in causing harm to reputation involve the following and it depends upon their interpretation: a. Imputation and targeting. b. Means of communication and causal link. c. Harmful intent or knowledge or reason to believe. Further, the principle of noscitur a sociis, a Latin term meaning ‘it is known by its associates,’ is a rule of legal interpretation. It states that the meaning of an unclear or ambiguous word should be determined by considering the other words and phrases surrounding it The ten exceptions listed under the IPC have been retained without any changes. This continuity ensures doctrinal consistency while simultaneously allowing for newer procedural and evidence mechanisms under BNSS and BSA. The exemption will also include certain privileged communications such as the statements made during Parliamentary proceedings. The ten exceptions under Section 354 are: 1. Truth for Public Good: True statements made for the public good are not defamation. 2. Public Servant Conduct: Good faith opinions on a public servant’s official conduct are exempt. 3. Public Questions: Good faith remarks on a person’s conduct in public affairs are allowed.4. Court Proceedings: Accurate reports of judicial proceedings are not defamatory. 5. Merits of a Case: Fair comments on the merits of a case or conduct of involved parties are exempt. 6. Public Performances: Honest reviews of works submitted to public judgment are not defamation. 7. Censure by Authority: Lawful censure by someone in authority made in good faith is protected. 8. Accusation to Authority: Complaints made in good faith to proper authorities are not defamation. 9. Protection of Interests: Imputations made in good faith to protect one’s or another’s interests are exempt. 10. Caution for Good: Warnings given in good faith for someone’s or public benefit are not defamatory. Comparison with the IPC-Era Even as the substantive content of the law on defamation remains the same, the procedural and evidentiary frameworks have changed. The BNSS introduces faster timelines for investigation and trial [BNSS, 2023, Chapter XII], which can expedite defamation cases. Legal explainer: Chapter XII of the Bharatiya Nagarik Suraksha Sanhita, 2023 deals with police procedures for investigation, mirroring CrPC’s Chapter XII but with modern upgrades. Key points for defamation cases: ● Section 173: FIRs must be registered promptly for cognizable offences. ● Section 176: Police can…

REDEFINING THE ROLE OF SECURITY IN THE CORPORATE WORLD ANIL PURICMD, APS Group A first generation serial entrepreneur, thought leader and an action catalyzer rolled into one – Anil Puri is a rare combination of a visionary, an innovator and a strategic thinker. He has used this combination to innovate and implement on-ground many new business ideas. His rich experience in various businesses has enabled him to nurture & mentor innovative ideas and scale them up. “In a world of rising risks, security is the new RoI” Introduction In today’s volatile, unpredictable, complex, and ambiguous (VUCA) world, corporations face a wide range of threats – cyber, physical, reputational, and geopolitical. Security, once considered a passive cost burden, is now being redefined as an active protector of profits, business continuity, and corporate reputation. With rising incidents of cyberattacks, insider threats, industrial sabotage, and disruptions caused by natural disasters and civil unrest, the role of corporate security has expanded from guarding gates to safeguarding value chains. It makes a bold move and great sense to transform the corporate mindset – from viewing security as a cost center to appreciating it as a strategic investment that protects profits, fuels resilience, and builds competitive advantage in the global market. “When security leads, losses retreat” 1.Understanding the Legacy Perception: Security as a Cost Center Security was traditionally viewed as a non-productive overhead. Historically, security was confined to physical guarding, with minimal alignment to strategic business goals. This perception relegated it to a cost on the profit and loss account without tangible contribution to revenue or growth. Security budgeting is often reactive and not outcome-linked. Corporate boards often allocate security budgets after an incident, making it reactive rather than preventive. There’s minimal linkage between security inputs and organizational outcomes or profitability. RoI of security investments is difficult to quantify. Unlike marketing or production where inputs and outputs can be directly measured, the returns from security (e.g., prevention of incidents, reputation protection etc.,) are intangible. This causes reluctance in investing significantly in security measures – poor integration with business strategy. In many organizations, security functions operate in silos without integration with operations, HR, finance, or IT, further weakening their strategic relevance and visibility. 2.Evolving Threat Landscape: A Paradigm Shift in Risk Perception “Every breach avoided is revenue protected – security is silent profitability“ Rise of hybrid and complex threats Modern threats are no longer isolated – cyber and physical threats now converge. For instance, a disgruntled insider can physically access a server room and launch a ransomware attack. This hybrid nature makes security far more strategic. Globalization and expanded risk perimeters Global supply chains, remote operations, and digital platforms mean that organizations now face risks from multiple geographies, jurisdictions, and threat actors – ranging from state-sponsored espionage to transnational crime networks. Political, economic, and environmental risks Geopolitical tensions, trade wars, climate-induced disasters, and pandemics like COVID-19 have demonstrated how non-traditional threats can cripple operations and cause massive financial losses. Regulatory tightening and compliance pressures From GDPR in Europe to India’s Digital Personal Data Protection Act, and evolving ESG norms – security and privacy compliance have become core to business licensing, investor trust, and global market access. Increased accountability of C-suite and Boards Security breaches now result in reputational damage, legal scrutiny, and even removal of CXOs. Leadership is increasingly accountable for lapses in data protection, crisis management, and employee safety. “Security transforms from expense to asset the moment a threat is blocked” 3.Security as a Profit Protector: Strategic Reframing Loss prevention equals profit protection Security measures reduce theft, fraud, and operational disruptions – translating directly to cost savings and enhanced margins. Retail chains globally invest heavily in surveillance and analytics to prevent inventory loss (shrinkage). Security sustains business continuity and investor confidence A well-secured environment ensures minimal operational downtime during crises, assuring investors and clients of organizational resilience. For example, firms with robust Business Continuity Plans (BCP) performed better during the COVID-19 lockdown. Brand trust is rooted in security and compliance Customers, regulators, and stakeholders are more loyal to companies that protect their data, ensure safe workplaces, and comply with laws. A breach in security can wipe out years of brand building – as seen in high-profile data leaks. Security mitigates legal and regulatory penalties Failure to implement adequate security can lead to lawsuits, sanctions, and insurance claim denials. Proactive compliance with security standards (e.g., ISO 27001, ISO 18788) reduces liabilities. Cybersecurity is a competitive differentiator In sectors like BFSI, IT, and e-commerce, robust cyber defense systems enhance customer confidence, driving sales and global competitiveness. “No margin is safe without protection – security defends the bottom line” “In today’s volatile, unpredictable, complex, and ambiguous (VUCA) world, corporations face a wide range of threats – cyber, physical, reputational, and geopolitical. Security, once considered a passive cost burden, is now being redefined as an active protector of profits, business continuity, and corporate reputation. With rising incidents of cyberattacks, insider threats, industrial sabotage, and disruptions caused by natural disasters and civil unrest, the role of corporate security has expanded from guarding gates to safeguarding value chains” 4.Case Studies: Global and Indian Examples Target Corporation, USA. A 2013 data breach led to 40 million customer credit card details being stolen. The company faced $200 million in losses and lost customer trust. Since then, they have invested heavily in cybersecurity, positioning themselves as an industry leader in retail security. Tata Consultancy Services (TCS), India TCS integrates information security within its project lifecycle, ensuring client data protection and compliance with global norms like GDPR. This has made it a preferred vendor for Fortune 500 clients. Taj Mumbai 26/ 11 Attack Response During the 2008 Mumbai attacks, security and hotel staff protected guests and facilitated emergency evacuation. Their preparedness became a global case study in disaster response and resilience. Amazon’s Security Architecture Amazon deploys AI-driven surveillance, warehouse robotics, and encrypted data architecture to ensure smooth operations even under peak demand. This contributes directly to customer satisfaction and profitability. “In today’s corporate battlefield, security…

Technological advancement has ushered in a new wave of innovation and efficiency – but it has also opened the door to vulnerabilities that cyber attackers are eager to exploit. With billions in damages and reputational costs at stake, businesses must evolve their security posture to match these emerging threats. As cybersecurity continues to evolve in 2025, organizations around the world will have to rethink their approach to protecting their most critical assets and operations. Here are five cybersecurity trends to watch in 2025 and beyond. Attacks on operational technology will increase No longer content to target IT, cyber attackers are increasingly taking aim at critical operational technology (OT) systems. Prominent examples like the Colonial Pipeline [i] and MGM Grand [ii] attacks demonstrate the way that threat actors are now more focused on completely shutting down facility operations instead of just stealing information. This shift shows how cybercriminals and state-sponsored groups are evolving their tactics to inflict a more direct, crippling impact on business operations globally. In 2025, protecting OT systems from these types of targeted, disruptive attacks will be a major cybersecurity challenge for industrial organizations. Cybersecurity regulation will intensify Globally, governments are recognizing the systemic risks posed by attacks and are taking a more active and collaborative role in driving cybersecurity best practices. This will significantly impact the way that organizations approach security. For instance, there are now regulations like the European Union’s NIS2 Directive [iii] that can hold executives personally liable if appropriate security measures are not implemented at their organizations. This will drive stronger collaboration among government and the C-suite, boards and cybersecurity leaders. As cybersecurity continues to evolve in 2025, organizations around the world will have to rethink their approach to protecting their most critical assets and operations. Here are five cybersecurity trends to watch in 2025 and beyond In the U.S., there are new SEC rules [iv] that require prompt reporting of cyberattacks to provide greater protection for investors. Meanwhile, Australia is set to implement stringent cyber regulations of its own through the Security of Critical Infrastructure (SOCI) Act [v] . Though SOCI was first enacted in 2018, the grace period for compliance ended in August 2024. This means that going forward, Australian organizations in critical infrastructure sectors will now be required to comply with this enforceable regulation or face potential fines. Overall, organizations across the globe will have to closely monitor evolving government regulations and align their security strategies accordingly to avoid penalties and reputational damage in the coming year. Asset visibility will improve In 2025, a key cybersecurity challenge for organizations, particularly building operators, will be gaining full visibility into the myriad connected assets on their networks. Many building owners struggle to identify all the connected devices, from security cameras to HVAC systems to access control panels, which make up their OT infrastructure. Without a clear understanding of their complete asset inventory, organizations are unable to effectively defend against threats. Attackers who gain access to unmonitored systems can disrupt critical building functions and cripple operations. Honeywell’s Cyber Insights is an OT-focused solution designed to help provide building operators with near real- time visibility into their full asset landscape. It delivers the comprehensive asset discovery and management that is essential for protecting OT environments in 2025 and beyond. AI’s role in security will grow In 2025, there will be greater reliance on AI-powered solutions to enhance cybersecurity capabilities. For example, in the building operations space, AI can be used to automate patch management and mitigate disruptions. Instead of simply deploying patches, AI can analyze the risks and impacts, and selectively apply patch updates in a way that minimizes downtime. AI is also enhancing security monitoring and incident response. For example, AI can help in analyzing log data to quickly identify true threats and prioritize the most critical issues. This allows organizations to eliminate false positives and respond to incidents faster and more effectively. OT security expertise will be in demand As cyberattacks are increasingly targeted at OT systems, organizations are recognizing the critical need for security teams to deeply understand OT infrastructure and its unique vulnerabilities. Traditional IT personnel often lack the specialized knowledge required to secure OT assets like HVAC, access control and building management systems. Going forward, security leaders must make sure that their teams can identify and mitigate risks across the full IT-OT convergence. This includes understanding OT communication protocols, equipment architectures and the potential cascading impacts of disruptions. Without comprehensive OT security expertise, organizations remain dangerously exposed to attacks that could cripple critical systems and operations Read more

Sudhakar Aruchamy Chief Technology OfficerEverestIMS Technologies Artificial Intelligence isn’t just another tech buzzword – it’s a runaway train barreling through the global technology landscape, tearing up the tracks of convention and leaving a trail of awe, disruption, and existential questions in its wake. In 2025, AI’s fingerprints are everywhere – from the networks humming beneath 5G cities to the autonomous drones delivering medical supplies in war-torn Ukraine, from the AI-crafted climate models guiding Pacific Island nations against rising seas to the deepfake controversies rocking democratic elections worldwide. This isn’t a quiet evolution – it’s a seismic shift, and the world is still scrambling to catch up. The Global AI Arms Race: Innovation Meets Chaos Start with the numbers – AI investment is forecast to approach $200 billion globally by 2025 (Goldman Sachs). Beijing’s state-backed push has birthed AI-driven surveillance systems so advanced they can predict social unrest by analyzing crowd behavior, while Silicon Valley’s tech giants – Google, Microsoft, and xAI – counter with models like Grok, Deepseek and Manus AI powering everything from chatbots to quantum computing simulations. Meanwhile, Europe’s AI Act, now in full swing, tries to rein in the chaos with strict ethical guidelines, but enforcement feels like a game of whack-a-mole against a flood of innovation. Artificial Intelligence isn’t just another tech buzzword – it’s a runaway train barreling through the global technology landscape, tearing up the tracks of convention and leaving a trail of awe, disruption, and existential questions in its wake In Africa, AI is a double-edged sword. Startups in Kenya are using it to optimize solar grids for off-grid villages, but the continent’s digital divide means many are left out of the AI boom – exacerbating inequality while others reap the benefits. Across the Middle East, AI-powered oil extraction algorithms are slashing costs for Saudi Aramco, but they’re also raising alarms about job losses in an already volatile region. This isn’t just tech; it’s geopolitics, economics, and culture colliding at warp speed. AI’s Tech-Space Makeover : From Networks to Creativity Dig deeper, and AI’s reshaping the tech stack itself. Take networks – like those powered by EverestIMS Technologies Infraon IMS, are using machine learning to predict failures, allocate bandwidth, and fend off cyber threats in real time. 5G’s rollout, now covering 60% of the globe, relies on AI to manage its insane data throughput, but it’s also creating new vulnerabilities – DDoS attacks doubled last year, with AI both the culprit and the cure. In the future, Infraon IMS will enhance its capabilities to drive self-optimizing systems, enabling intelligent automation and adaptive performance improvements. Then there’s the creative frontier. The 2024 Writers Guild strike over ‘AI replacement’ fears showed the human backlash brewing. In music, platforms like Suno use AI to generate chart-topping tracks, but artists like Billie Eilish are crying foul, accusing the tech of stealing soul. Meanwhile, in gaming, NVIDIA’s AI-driven DLSS 4.0 is rendering photorealistic worlds in real time, but it’s also sparking debates about accessibility – can every gamer afford the hardware to keep up? The Ethical Quagmire: AI’s Dark Mirror AI’s promise is intoxicating, but its shadow looms large. Deepfakes – once a niche trick – went mainstream in 2024, with AI-generated videos swaying elections in Brazil, and the U.S. The tech’s so convincing that even seasoned fact-checkers are stumped, eroding trust in digital media. In China, AI surveillance is tracking citizens’ every move, raising Orwellian alarms, while in the West, facial recognition controversies – like the U.K.’s scrapped live facial recognition trials – are forcing a reckoning over privacy versus security. Climate tech, too, is a mixed bag. AI models predicting sea level rise are saving lives in the Maldives, but their energy hunger – data centers now consume 4% of global electricity – is accelerating carbon emissions unless paired with renewable grids. And let’s not forget the jobs question – McKinsey predicts 800 million jobs could be automated by 2030, with AI-driven logistics and manufacturing already displacing workers in Detroit and Shenzhen. The tech boom is brilliant, but it’s also brutal. The Human-AI Frontier: Who’s in Control? What’s most mind-bending is how AI is forcing us to redefine ‘intelligence’ itself. In 2025, xAI’s Grok 3, Deepseek and Manus AI aren’t just answering questions – they are sparking philosophical debates, writing poetry, and even advising CEOs on strategy. But as AI creeps into decision-making – think AI judges in Estonia’s courts or AI doctors diagnosing patients in rural India – we’re grappling with a core question: Who’s in the driver’s seat? Humans or machines? Philosophers like Kate Crawford warn we’re sleepwalking into a ‘technological unconscious,’ where AI’s black-box algorithms make life-altering choices we can’t fully understand or audit. Yet, innovators like Demis Hassabis at DeepMind argue AI could solve humanity’s grand challenges –cancer, climate change, even interstellar travel – if we harness it right. The tension is palpable: AI’s a tool, a threat, and a mirror, reflecting our hopes and fears back at us. Start with the numbers – AI investment is forecast to approach $200 billion globally by 2025 (Goldman Sachs). Beijing’s state-backed push has birthed AI-driven surveillance systems so advanced they can predict social unrest by analyzing crowd behavior, while Silicon Valley’s tech giants – Google, Microsoft, and xAI – counter with models like Grok, Deepseek and Manus AI powering everything from chatbots to quantum computing simulations. Meanwhile, Europe’s AI Act, now in full swing, tries to rein in the chaos with strict ethical guidelines, but enforcement feels like a game of whack-a-mole against a flood of innovation. The Road Ahead: A Call to Shape the Future So, where does this leave us? AI’s not slowing down – it’s accelerating, reshaping tech, society, and our very notion of progress. In Japan, AI-powered robots are caring for an aging population, while in South Korea, AI-driven urban planning is reimagining Seoul’s skyline. But the stakes are sky-high – if we don’t address the ethical gaps, digital divides, and job disruptions, we risk a world where AI’s…

Aditya Khemkha In a defining move that signals the rise of a more secure, self-reliant, and quality-assured surveillance ecosystem, the Ministry of Electronics and Information Technology (MeitY) has introduced a new compliance requirement for the CCTV industry in India. As per the official gazette notification dated April 9, 2024, MeitY has made STQC certification mandatory for all CCTV cameras – whether manufactured, imported, or sold across the country. This change falls under the updated Electronics and Information Technology Goods (Compulsory Registration) Order, 2021, and mandates compliance with Essential Requirements (ERs) and BIS certification (IS 13252 Part 1). All non-compliant models will be barred from sale or distribution post April 9, 2025. The decision marks a pivotal shift in India’s approach toward surveillance technology, one that reinforces national security, data privacy, cybersecurity resilience, and consumer trust. Understanding STQC: The new quality gatekeeper for CCTV Standardisation Testing and Quality Certification (STQC) is a set of quality assurance frameworks developed by MeitY. STQC focuses on rigorous technical validation to ensure electronics, especially security and surveillance equipment, meet defined standards of safety, reliability, and performance. It goes beyond functional efficiency and delves deep into the core of cybersecurity, hardware resilience, and data protection protocols. STQC certification for CCTV cameras demands comprehensive testing of encryption mechanisms, firmware integrity, secure communication protocols, and physical robustness, setting a new benchmark for surveillance products in India. Key provisions of the mandate ● Universal Applicability: All analog, IP, and speed dome cameras must obtain STQC certification under IS 13252-1 (IEC 60950-1) standard. ● Cybersecurity by Design: Every certified product must comply with stringent ERs, including:• Secure communication via TLS/ HTTPS. • Enforcement of strong, unique passwords. • Disabling of debugging/ test ports in shipped devices. • Uniformity in firmware versioning and patch management ● Tamper-Resistance & Physical Security: • Devices must feature secure enclosures • Physical ports must be access-controlled or locked • External interfaces must be designed to deter unauthorized access ● Certification Deadline: Effective from April 9, 2025, all non-certified models will: • Be removed from the BIS license databases • Be ineligible for new model approvals • Face prohibition from manufacturing, sales, or imports within India A boost for Atmanirbhar Bharat & indigenous innovation The STQC mandate is not just a regulatory milestone; it is a strategic enabler of India’s ‘Atmanirbhar Bharat’ vision. By enforcing stringent quality and cybersecurity parameters within the national ecosystem, the regulation actively discourages substandard, foreign-dumped products and opens new doors for domestic manufacturers and indigenous innovations. For Indian brands, the path forward is not just about compliance, but about leading with conviction, capability, and country-first commitment. CP PLUS: At the forefront of India’s secure surveillance revolution India’s leading surveillance brand, CP PLUS, has long believed that surveillance is not just about watching –it’s about protecting, preventing, and preserving. With a well-established ecosystem of design, development, and manufacturing facilities in India, CP PLUS is uniquely positioned to meet and exceed STQC standards. Having already invested significantly in R&D, firmware security frameworks, and hardware hardening protocols, CP PLUS is fully equipped to align its product portfolio, including IP cameras, analog cameras, PTZ solutions, and smart edge devices, with the new STQC requirements. From encryption standards embedded into every transmission to physical designs engineered for tamper resistance, CP PLUS products are built with a vision to offer trustworthy, high-integrity surveillance for every Indian household, institution, enterprise, and government body. This proactive compliance readiness, backed by decades of market leadership, positions CP PLUS not just as a manufacturer but as a national partner in security sovereignty. Impact on the surveillance ecosystem The introduction of STQC compliance brings with it significant ramifications, some challenging, but many promising, for the surveillance industry at large: Enhanced Security and Trust: With encrypted data transfers, consistent firmware, and tamper-proof designs becoming mandatory, consumers and institutions can trust their surveillance systems like never before. Operational Challenges for Some Manufacturers: The path to compliance is not without its hurdles. From obtaining testing approvals to updating legacy firmware, and from redesigning physical components to aligning supply chains, the industry must prepare for transformation at all levels. Supply Chain Realignment: Manufacturers relying on imported, non-compliant components may face disruptions. India-based supply chains, however, will benefit from renewed focus and investments. A Rise in Standardization and Benchmarking: The move encourages surveillance systems to be assessed on standardized parameters – enabling fair comparison, consistent performance expectations, and better buyer awareness. The way forward: Standardised, secure & sovereign India’s move to mandate STQC certification for CCTV cameras is more than regulatory enforcement, it is a declaration of security independence and consumer dignity. In an age where surveillance systems can be the first line of defense against everything from local crime to cyber intrusion, ensuring that every device is secure by design is not just prudent, it is essential. By championing this regulation, MeitY has created a model for proactive, pre-emptive cybersecurity governance, one that puts India in the global spotlight as a nation where digital trust is engineered into every device. And with brands like CP PLUS leading the way, the future of surveillance in India looks indigenized, intelligent, and impregnable. Read More

By Milind BorkarMD, Systematica Suyog Security Consultants(Sr. Consultant & Security Expert) As technology evolves very fast from year to year, it becomes a challenging task to determine the requirements to build a secure, robust and almost fool proof system that will fulfill all basic security parameters. These parameters will vary for each new system as the same parameters cannot be applied across the board for all systems. A robust system that meets the security requirements for any new and or green field project, the following points will drive the decision-making process. We will use a CCTV system as an example As one can see there are several factors that influence the decision-making process in building a security system. We will briefly go over each one of them in the following sections Budget and time available As in any and every sphere of life the available budget is the key factor. Based on the available budget and time available, a determined effort needs to be put in place to first build a project specific requirements document. Several trade-offs will need to be considered if the project requirements cost exceeds the available budget. This could be an iterative process that will consume time and money in the planning phase. Each new or green field project or an update/ refresh cycle of an existing deployment must go through this elaboration process to avoid nasty surprises in the implementation/ build phase. Site survey Conducting a site survey is the basis of building a security system. This phase is the most critical where a thorough site survey is conducted to determine security vulnerabilities. Along with this a determination needs to be made as to what other systems are required to complement the main CCTV system. The illustrative airport diagram should give a very good idea of the other security components that need to be explored. Once this information is gathered and documented, then this information becomes the driving force for subsequent phases of the project. We will use the following diagram to highlight all the components that constitute a surveillance/ security system. We have used an airport as a used case. A typical airport is a super-set of any security deployment The best way to illustrate the process of building a security system is through an example. We are using an airport as an example as it has a super-set of inputs that can be applied to any security system design. The following color-coded table is used to distinguish the various inputs/ requirements received from the customer. The following table is a standard template that can be used to capture security requirements. These inputs are used to design the entire security system which can then be used to calculate the cost of the implementation. Using the above inputs from the customer and the respective BOQs for each airport, a complete design can be derived. The following table shows the output of the design process for 24 airports. Each airport has the same security requirements but BOQs are different Once the design is completed to a 90% level of the target specification, the budgetary process can be started. Several vendors, RFQs etc. will be involved to go through an iterative process. This process will vary for each geographical region and must be considered. Without going into the details that vary for different geographical regions the important point to consider is the vendor selection process as it has a significant impact on the quality, robustness and overall cost of the system. Customers desirous of building a security system can engage subject matter experienced consultants who can guide and evaluate all the variables/ entities in the decision-making process. Cost optimization through simulation A security system design, implementation and build out are a complex system with many sub-systems that need to work with each other flawlessly. Every care must be taken in the early phases of the project as many variables are involved which can have a significant impact on the overall cost. One of the ways to help this process is to run a simulation based on the customer inputs. Through experience the ‘SYSTEMATICA SUYOG SECURITY CONSULTANTS’ has determined the following: ● The customer knows what he wants but does not know how to get there. ● Almost all vendors over sell their products and services which do not benefit the customer in any way. ● A consultant is required in all cases to systematically guide and evaluate all the options available to provide the highest performance at the lowest cost to the customer. The SYSTEMATICA SUYOG SECURITY CONSULTANTS provides consulting services through all phases of the project. They have built a proprietary ‘Design Engine’ as well as a proprietary ‘Simulation Engine’ through years of experience dealing with customers and their security requirements. We at SYSTEMATICA SUYOG SECURITY CONSULTANTS always put the customer FIRST and provide professional consultancy services. We will now go through a simulation for one of 24 airports. We will show how our simulator determines the highest performance at the lowest cost. The following graph illustrates this. The X-Axis shows the percentage of cameras running video analytics (VA). The Y-AXIS shows the cost in a standardized format. The DELTA between the lowest cost and the highest cost is 3X. VA stands for Video Analytics; VMS stands for Video Management Software. The GREEN line is the overall COST with the other colored lines that sum up to the overall GREEN line cost. Impact of Cost of Running Video Analytics for 24 airports ● Percentage of cameras running Video Analytics is the only single tactor that influences overall CCTV system design and hence overall Cost. ● Can Apply same Design Template across all airports as far as Video Analytics is concerned. ● Each Airport has unique characteristics because of different BOQ camera quantities and functionality grouping of cameras. ● If one uses a Single Design Template per airport then we run the risk of under served or over served airports unless a thorugh analysis is done….

Prashanth G J, CEO, TechnoBind Solutions Traditional cybersecurity defenses are no longer sufficient in an era where attackers exploit identity vulnerabilities rather than breaching network perimeters. Cybercriminals increasingly rely on stolen credentials, privilege escalation, and social engineering to infiltrate enterprise environments undetected. As organizations embrace digital transformation, securing the identity layer is imperative to building a resilient cybersecurity posture. Enterprises must shift their security focus inward, starting at the identity layer to build a resilient cybersecurity posture. The identity layer: The new frontline of cybersecurity The rise of cloud computing, hybrid work environments, and an increasingly interconnected digital ecosystem has rendered traditional firewalls and network defenses less effective. Attackers are bypassing these barriers through credential theft, phishing, and privilege escalation, gaining unauthorized access to critical business systems. Identity is now the primary attack vector. According to Verizon’s Data Breach Investigations Report nearly 74% of all breaches involved a human element such as stolen credentials, phishing, or social engineering. This statistics underscores the urgent need for enterprises to place identity security at the core of their cybersecurity strategy. Why identity-centric security is non-negotiable 1. Zero Trust Requires Identity Verification The Zero Trust model operates on the principle of ‘never trust, always verify.’ Identity and access management (IAM) is fundamental to this approach, ensuring that only authenticated and authorized users can access sensitive resources. Without strong identity controls, organizations risk unauthorized access and data breaches. 2. Insider Threats and Privilege Misuse: Insider threats – whether malicious or accidental – pose a significant risk. Implementing identity governance solutions helps enterprises monitor and control access permissions, reducing the chances of privilege abuse. The principle of least privilege (PoLP) ensures users have only the access they need to perform their roles. 3. Regulatory Compliance and Risk Management: Data privacy laws like GDPR, CCPA, and India’s DPDP Act mandate stringent identity and access controls. Enterprises failing to implement robust identity security measures face regulatory fines, legal repercussions, and reputational damage. Strong IAM frameworks help businesses remain compliant and mitigate security risks. 4. Phishing and Credential-Based Attacks: Cybercriminals are using advanced social engineering tactics to trick employees into divulging credentials. Multi-factor authentication (MFA) and passwordless authentication methods, such as biometrics and behavioral analytics, significantly reduce the success rate of these attacks by eliminating reliance on static passwords. 5. Cloud and SaaS Expansion: With businesses increasingly adopting cloud and Software-as-a-Service (SaaS) applications, managing access across multiple platforms has become a challenge. Identity as a Service (IDaaS) and Single Sign-On (SSO) solutions streamline access management while enhancing security through centralized control and monitoring. Building a strong identity-centric cybersecurity strategy To transition from perimeter-based security to identity-first security, enterprises should adopt the following best practices: ● Implement Strong Authentication Mechanisms: Enforce MFA, adaptive authentication, and password less login to strengthen identity verification. ● Adopt Identity Governance and Administration (IGA): Continuously monitor and manage user identities, roles, and access privileges to prevent unauthorized access. ● Deploy Privileged Access Management (PAM): Secure privileged accounts and enforce just-in-time (JIT) access to critical systems. ● Utilize AI-Driven Threat Detection: Leverage artificial intelligence and machine learning to detect and respond to anomalous identity behaviors in real time. ● Educate Employees on Identity Security: Conduct regular cybersecurity awareness training to mitigate phishing and social engineering risks. Read More

Dr Rajiv MathurPartner, MIGS Global Consulting Pvt. Ltd. In recent times, the debate around long workweeks has sparked conversations across India. When industry stalwarts like N. R. Narayana Murthy and S. N. Subrahmanyan suggested extended work hours, and Hon’ble Union Minister Piyush Goyal urged startups to aim higher, their words were not meant to be taken literally. Instead, they serve as a clarion call for young entrepreneurs to embrace hard work, innovation, and resilience. Before, we pass our judgement on their statements; let us learn a bit about them: India stands at the cusp of a transformative era. With aspirations to become a $5 trillion economy and the third-largest global power, the road ahead demands more than just effort – it requires vision, determination, and a relentless pursuit of excellence. The spirit of hard work Narayana Murthy’s journey exemplifies the power of perseverance. From humble beginnings, he built Infosys into a global IT giant. His call for a 70-hour workweek is not about overburdening employees but about fostering a culture of dedication and ambition. It’s a reminder that success often demands going the extra mile. Similarly, S. N. Subrahmanyan’s leadership at L&T showcases the importance of pushing boundaries. His advocacy for a 90-hour workweek reflects his own commitment to excellence. Under his guidance, L&T has executed some of the most challenging infrastructure projects, setting new benchmarks for the industry. A vision for the future Minister Piyush Goyal’s recent remarks at the Startup Mahakumbh resonate deeply with India’s entrepreneurial spirit. By urging startups to move beyond grocery delivery apps and focus on high-tech sectors like AI, robotics, and semiconductors, he is challenging the nation to think big. His message is clear – to lead the world, India must innovate and invest in cutting-edge technologies. Goyal’s vision is not about dismissing the achievements of existing startups but about inspiring them to dream bigger. His emphasis on deep-tech innovation aligns with India’s goal of becoming a global leader in technology and sustainability. The path forward The essence of these leaders’ messages lies in their shared belief in India’s potential. They are not advocating for unsustainable work practices but are encouraging a mindset of continuous improvement. Their words are a call to action for young entrepreneurs to rise above complacency and strive for greatness. Narayana Murthy: Known as the ‘Father of the Indian IT Sector,’ Mr. Murthy co-founded Infosys in 1981. Under his leadership, Infosys became a global leader in IT services, pioneering the Global Delivery Model. His vision and ethical leadership have inspired countless entrepreneurs. He has received numerous accolades, including the Padma Vibhushan and the Padma Shri. S. N. Subrahmanyan: As the Chairman and Managing Director of Larsen & Toubro, Mr. Subrahmanyan has been instrumental in transforming L&T into a global engineering and infrastructure powerhouse. With a background in civil engineering and business management, he has led iconic projects like the Statue of Unity and the Ayodhya Ram Mandir. Piyush Goyal: A seasoned politician and Union Minister of Commerce and Industry, Piyush Goyal has played a pivotal role in India’s economic reforms. Known for his strategic vision, he has spearheaded initiatives such as the Production Linked Incentive (PLI) schemes and the Startup India Desk to support entrepreneurs. As India marches towards its ambitious goals, the youth must embrace this spirit of hard work and innovation. The journey to becoming a global powerhouse will not be easy, but with the right mindset, it is achievable. The debate around long workweeks and the push for innovation is not about numbers or hours – it’s about attitude. It’s about believing in the power of dreams and the strength of determination. As Narayana Murthy, S. N. Subrahmanyan, and Piyush Goyal have shown through their own journeys, success is not a destination but a continuous process of growth and learning. How does this represent India’s Private Security Industry? India’s private security sector stands as evidence to resilience, scale, and the indispensable role of human vigilance. Despite the rapid convergence of technology and innovation in recent years, manned guarding continues to dominate the industry landscape, employing nearly 10 million security personnel across the nation. This workforce, operating 24/7, forms the backbone of countless institutions – ensuring safety, order, and peace of mind. Behind the scenes, the operational machinery of the industry is constantly in motion. Security teams – especially on the operations side – often stretch beyond standard work hours, remaining on high alert to swiftly respond to emerging challenges. Their unwavering commitment and agility are vital in an environment where threats can be unpredictable and the margin for error is minimal. Yet, while human presence remains critical, India is also experiencing a remarkable surge in technological innovation in private security. From AI-powered surveillance systems and advanced identity authentication tools to risk intelligence platforms and mobility monitoring solutions, the country is embracing a new era of smart security. What’s particularly notable is that many of these cutting-edge technologies are being developed domestically, signalling India’s growing self-reliance and expertise in this domain. The fusion of manpower and machine is shaping the future of private security in India. With a robust workforce and a burgeoning tech ecosystem, Bharat is not just securing its present – but also redefining how it safeguards its future. India’s Private Security Startups: Challenges and the road ahead India’s security landscape is evolving rapidly, with startups playing a crucial role in strengthening industrial and homeland security. From AI-driven surveillance to autonomous defence systems, Indian innovators are developing cutting-edge solutions to address emerging threats. However, while progress is evident, there are challenges that must be overcome to ensure sustained growth in this sector. The rise of security startups in India India has witnessed a surge in security-focused startups, driven by government initiatives like iDEX (Innovations for Defence Excellence) and the push for Atmanirbhar Bharat. Companies like idea Forge, Optimized Electrotech, Sparsh CCTV, and Big Bang Boom Solutions are pioneering drone technology, AI-powered surveillance, and defence automation. Additionally, cybersecurity startups are addressing vulnerabilities in critical infrastructure, financial…

By Kunwar Vikram Singh,Chairman, CAPSI Introduction In India, the Constitution enshrines the fundamental right to security for every citizen, placing the onus on the government to uphold law and order. The security of citizens is explicitly stated as a fundamental right in the Indian Constitution. It is implicitly covered under the right to life and personal liberty (Article 21) and the right to constitutional remedies (Article 32). The state has a duty to protect citizens from harm and ensure their safety. However, due to various challenges such as inadequate police forces, resource constraints, and rising security threats, the government has increasingly relied on private security agencies to fulfill this critical function. This note examines the role of private security agencies in this context and argues that the government should support them financially, as they effectively act as proxies for state security. Private security agencies as proxy providers The emergence of private security agencies has filled a significant void in the public security framework, particularly in urban areas where crime rates are higher. The Private Security Agencies Regulation Act was enacted to provide a legal framework for these entities, allowing them to operate within a regulated environment while addressing the growing demand for security services. Fulfilling security gaps As the government faces limitations in terms of manpower, funding, and resources, private security agencies play a pivotal role in enhancing safety for individuals and businesses. They not only provide physical security but also contribute to surveillance and risk management, thereby complementing the efforts of public law enforcement. Legitimization through regulation The regulation of private security agencies signifies the government’s acknowledgment of their importance in the security landscape. However, this regulatory framework also implies that the state recognizes these agencies as extensions of its responsibility to secure the populace. Proxy functions and financial responsibility Since private security agencies are effectively performing a proxy role for the government, it raises key questions about accountability and funding: Government responsibility The government is fundamentally responsible for ensuring the safety of its citizens, and when it delegates this function to private entities, it must acknowledge this responsibility financially. The burden of security provision should noat primarily rest on citizens, who are entitled to the fundamental right to security guaranteed by the Constitution. 2. Financial support for private agencies Given that these agencies are performing essential functions traditionally associated with law enforcement, the government should allocate funds to private security firms. This funding can support operational costs, training, and resources needed for effective security provision, ensuring that these agencies can operate efficiently without passing the financial burden onto the citizens. 3. Ensuring access to security By providing financial support to private security agencies, the government can ensure that security services remain accessible and affordable for all citizens especially those living in housing societies. This acknowledgment of the state’s role in bolstering private security efforts is crucial for upholding the spirit of the fundamental right to security. Constituting National Citizens Security Fund We propose that the government consider implementing a structure that encourages or mandates corporations to allocate a portion of their CSR budgets to the National Citizens Security Fund. This fund would be specifically aimed at enhancing public safety infrastructure, community policing initiatives, and other security-related programs that benefit citizens directly including the payment to private security agencies which are providing security to housing societies. Many corporations have significant CSR budgets that are not effectively utilized for pressing social challenges. Redirecting a portion of these funds to national security can enhance their impact and address critical needs. By linking CSR funds to national security, corporations can demonstrate their commitment to societal well-being, which can also enhance their brand image and consumer trust. Funding allocated to local security initiatives can foster stronger community relations, as citizens observe tangible benefits stemming from corporate contributions to their security. Establish guidelines The government should develop clear guidelines outlining how corporations can contribute to the National Citizens Security Fund through their CSR budgets. Awareness campaign A nationwide campaign to educate corporations about the importance of contributing to national security can encourage participation. Monitoring and reporting: Establish a transparent mechanism to track contributions and measure their impact on citizens’ safety, ensuring accountability and encouraging further participation. Conclusion The security of our citizenry is paramount, and it is essential that suggested funding sources are explored to bolster our national security framework. By encouraging corporates to support the National Citizens Security Fund from their CSR allocations, we can create a synergistic approach that not only addresses pressing security challenges but also enhances corporate engagement with communities. The reliance on private security agencies to supplement governmental security efforts highlights a critical intersection between public responsibility and private provision. As these agencies undertake roles traditionally expected from the government, it is necessary for the state to support them financialy. This approach not only alleviates the burden on citizens but also reinforces the government’s commitment to protecting the fundamental right to security enshrined in the Constitution. By recognizing the importance of private security agencies and providing the necessary support, the government can create a more integrated and effective security framework for all. We urge the government to consider this proposal seriously and take proactive measures to facilitate corporate contributions to the National Citizens Security Fund. Read More