Category: Feature

Major Sadhna SinghConsultant (Security and Law Division)NITI AAYOG In today’s increasingly interconnected world, the internet is an essential part of daily life, offering numerous opportunities for education, entertainment, and social interaction. However, this digital landscape also poses significant risks, especially for children. As young users navigate online spaces, they are exposed to threats such as cyberbullying, inappropriate content, online predators, and privacy violations. As guardians of the next generation, it is crucial to understand these dangers and take active steps to protect children online. This article explores the importance of online safety for children, the risks they face, and the strategies parents, educators, and policymakers can adopt to create safer online environments. India’s population is characterized by a rich diversity of socio-economic backgrounds, leading to a wide range of devices in use- from advanced, secure electronics to budget-friendly mobile phones. This diversity poses challenges for authorities in establishing uniform legal and technical standards for data protection. Moreover, low levels of digital literacy and awareness further complicate efforts to ensure effective data security across the country The growing presence of children online Children and young people around the world are among the most active users of the Internet and web based services in today’s increasingly connected digital landscape. It is estimated that one in three children globally uses the Internet, meaning that one in three Internet users is under 18 years of age. Young people use the web for a variety of purposes, including accessing educational resources, entertainment, developing digital skills, and maintaining social connections and online identities. However, the widespread availability of online content also exposes children to age-inappropriate material and various online risks. Children are particularly susceptible to abuse and exploitation by cyber-predators and other malicious actors at this young age and in their developmental stage. The COVID-19 pandemic further intensified this challenge. Lockdowns and restrictions on movement made digitalization an urgent necessity, with schools shifting from in-person classes to remote learning through virtual platforms. While this transition ensured continuity in education, it also dehumanized learning environments, disrupted social interactions, and isolated children in the digital space. This surge in digital exposure introduced new risks to their safety, well-being, and mental health. There was steep rise of 32% in cyber-crime against children from 2021 to 2022 as per National Crime Records Bureau official data. Emerging child concerns in this digital era include digital addiction, cyberbullying, exposure to inappropriate content, and the prevalence of Child Sexual Abuse Material (CSAM) online. Additionally, social media platforms, chat rooms, and online games present further threats to children’s security. Often, parents and guardians lack the digital literacy needed to understand and mitigate these risks, leaving children vulnerable to the negative impacts of their online experiences on their mental and emotional health. In today’s increasingly interconnected world, the internet is an essential part of daily life, offering numerous opportunities for education, entertainment, and social interaction. However, this digital landscape also poses significant risks, especially for children. As young users navigate online spaces, they are exposed to threats such as cyberbullying, inappropriate content, online predators, and privacy violations With the widespread availability of smartphones, tablets, and personal computers, children spend increasing amounts of time online. According to recent data, the majority of children are accessing the internet from an early age. Table 1: Trends in children’s Internet isage (2023) AgeGroup AverageHours SpentOnline perDay PercentageOwning aSmartphone Most Common Activities 0-5years 1.5 hours N/A Educationalvideos, games 6-10years 2.5 hours 60% Social media,gaming,videos 11-15years 4 hours 85% Social media,online chats,gaming 16-18years 6 hours 95% Social media,online forums,shopping Source: Child Internet Safety 2023 Report This table demonstrates how internet usage increases with age. However, it also highlights the vulnerability children face as they grow up in a digital world. In addition to spending hours online, children often interact with others across various platforms, which can expose them to new risks. Risks Children Face Online While the internet offers great educational and entertainment value, it also brings a set of significant risks for children. The most common risks include: Cyberbullying Cyberbullying is one of the most prevalent online risks for the young people around the world. It involves the use of digital platforms to harass, threaten, or manipulate others. It is one of the major threats that the children and teens face incessantly via social media sites and video games and can affect young people each time they are exposed to hate speech, violent content including messages that incite self-harm and suicides. Approximately 20 percent children face bullying through social networks and additional 8 percent through the video games chat rooms. Cyberbullying can have severe emotional and psychological impacts on children, leading to issues such as depression, anxiety, and even suicidal ideation. As children become more engaged on social media platforms, the risk of encountering bullying increases. As guardians of the next generation, it is crucial to understand these dangers and take active steps to protect children online. This article explores the importance of online safety for children, the risks they face, and the strategies parents, educators, and policymakers can adopt to create safer online environments Inappropriate content Another significant threat is the exposure to inappropriate or harmful content. With billions of videos and websites available online, it’s not uncommon for children to stumble upon explicit or distressing material, even when browsing innocently. Sometimes under peer pressure, accidental searches or curiosity they stumble upon explicit material on the internet that they should not see at this impressionable age. Online predators The anonymity of the internet creates opportunities for online predators to engage with children. Predators often exploit the vulnerabilities of young children by accessing social networking sites and chat platforms to engage with them, taking advantage of the anonymity, these spaces provide. This can put children at significant risk of abuse, exploitation, and other threats to their safety and security. Additionally, cyberbullying has become a widespread danger on social media platforms, further endangering children’s well-being. Privacy concerns Privacy violations are another critical concern. Many children unknowingly share personal details online,…

Anil PuriCMD, APS Group A first generation serial entrepreneur, thought leader and an action catalyzer rolled into one – Anil Puri, Chairman & Managing Director (CMD), APS Group is a rare combination of a visionary, an innovator and a strategic thinker. He has used this combination to innovate and implement on-ground many new business ideas. His rich experience in various businesses has enabled him to nurture & mentor innovative ideas and scale them up. Introduction As we stand on the cusp of unprecedented technological transformation, future industries are witnessing a tectonic shift in how business is conceptualized, risk is managed, and leadership is exercised. In this context, Chief Security Officers (CSOs) and Risk Leaders are emerging not merely as custodians of safety and compliance, but as strategic partners in innovation and business evolution. This article delves into the profound expectations placed upon CSOs in this evolving landscape and examines how their empowerment is crucial to aligning security with opportunity across emerging industries such as artificial intelligence (AI), fintech, biotechnology, smart manufacturing, aerospace, and the green economy. As the global industrial landscape transforms at unprecedented speed, driven by disruptive technologies and evolving socio-political dynamics, a silent revolution is underway – reshaping the very fabric of how organizations perceive risk, resilience, and security. Innovation today is not a choice; it is an imperative. But where innovation thrives, so does uncertainty. And in that fragile space between potential and peril, Chief Security Officers (CSOs) and Risk Leaders emerge not just as sentinels of protection, but as strategic enablers of progress. Expectations and Empowerment of Chief Security officers and Risk Leaders in the Journey In the new era of smart manufacturing, autonomous logistics, digital finance, hyper-connected cities, and AI-powered services, the role of the CSO has transcended conventional security paradigms. They are no longer confined to operational silos; instead, they sit at the intersection of innovation, governance, and enterprise value creation. With great opportunity comes heightened expectation – organizations now demand that risk leaders not only anticipate threats but shape pathways for safe, sustainable, and agile innovation. The Future doesn’t belong to those who avoid risk, but to those who know how to master it. That’s the CSO’s new frontier The new paradigm: Innovation-driven risk landscapes The 21st century ushers in a paradigm where innovation itself becomes both the catalyst for growth and the creator of unprecedented risks. As organizations rapidly integrate cutting-edge technologies – ranging from AI and block chain to biotech and quantum computing – their operational environments evolve into dynamic, hyper-connected ecosystems. These ecosystems are, while fertile grounds for exponential value creation are also increasingly vulnerable to novel and unpredictable threats. In this innovation-driven landscape, risk is no longer confined to traditional silos such as physical security, compliance breaches, or financial fraud. Instead, it manifests across converging vectors – ethical, technological, reputational, and systemic. For example: ● AI and machine learning systems can perpetuate algorithmic bias, hallucinate, or make autonomous decisions that carry legal and societal consequences. ● Quantum computing poses existential threats to current encryption standards, potentially rendering today’s cybersecurity protocols obsolete. ● Industrial Internet of Things (IIoT) in smart manufacturing exposes machinery and operational workflows to cyber-physical sabotage. ● Digital assets and decentralized finance (DeFi) platforms challenge regulators and introduce liquidity and custodial risks that bypass conventional risk controls. Where innovation meets opportunity, risk leaders become the navigators – not of danger, but of bold, intelligent growth Thus, the risk landscape is no longer reactive – it is predictive, real-time, and interconnected. CSOs must shift their orientation from reactive gatekeeping to proactive, innovation-aligned security strategy. They must understand emerging tech not just as threats, but as transformative tools to detect, deter, and even displace risk at its inception. This new paradigm requires that CSOs be fluent in technology foresight and lifecycle risk mapping, cross-sectoral threat intelligence analysis, designing adaptive, embedded security frameworks, and driving resilient innovation ecosystems with governance-by-design. In essence, the innovation-driven risk landscape does not merely redefine the threat environment – it redefines the CSO’s purpose. Risk is no longer just something to be avoided; it becomes something to be navigated with precision, vision, and strategic foresight. With innovation driving new business models, security challenges are growing in complexity and scale. For example – AI and machine learning introduce new ethical and operational vulnerabilities, quantum computing disrupts cryptographic protections, smart factories are exposed to industrial cyber-physical threats and digital finance platforms face targeted fraud, identity theft, and systemic risks. Expanding expectations from CSOs in future-driven industries In the wake of accelerated digitization, global volatility, and complex stakeholder ecosystems, the role of Chief Security Officers (CSOs) is undergoing a profound transformation. No longer limited to managing physical threats, compliance obligations, or incident responses, CSOs in future-driven industries are now expected to serve as strategic enablers, systems thinkers, ethical stewards, and transformation catalysts. From operational silos to strategic leadership Future-ready enterprises are integrating security strategy directly into their business DNA. This implies that CSOs must co-create business strategies that are both growth-oriented and risk-conscious, influence product roadmaps, supply chain resilience, and investor risk transparency and shape market-entry strategies in volatile regions through risk modeling and scenario planning. Expectation: CSOs must now operate at the C-suite core, influencing decisions not just reactively, but proactively – and often preemptively. From static protection to dynamic innovation enablement Innovation is not inherently secure, and security is not inherently innovative – but the new CSO must ensure both coexist harmoniously. Future industries demand CSOs who enable agile product development by building ‘security by design’ into every sprint cycle, leverage AI, blockchain, and IoT as not just risk points but risk-solving tools, and architect zero-trust environments that are resilient yet flexible for innovation. Expectation: CSOs are now expected to be innovation accelerators, not brakes – aligning transformation with trust. From physical and cyber risk managers to societal and ethical guardians Technological evolution is outpacing regulatory evolution. In this gap, CSOs are expected to champion ethical risk governance, ensuring that innovation respects privacy, dignity, and…

Colonel Arun HariharanVice President, National Head – Nodal,Security and EHS, Bharti Airtel Ltd What is Risk Management? The term Risk Management is loosely used both in the military as well as the corporate environs. It is nothing but something we do in our day to day lives, all the time – whether it is a decision to buy a new car, changing jobs or even a simple thing such as crossing the road. To put it across simply, Risk Management is the process of identifying, assessing, and controlling potential risks that could negatively impact an organization or project. These risks could arise from a wide range of sources, including financial uncertainties, legal liabilities, strategic management errors, accidents, natural disasters, cybersecurity threats, or operational failures. Effective risk management helps organizations minimize losses, protect assets, ensure compliance with regulations, maintain operational continuity, and enhance decision-making. In a rapidly changing and uncertain world, proactive risk management is vital for achieving long-term success. Let us now examine how this works in the military and in the corporate – the differences and the overlaps. Risk Management in the Military Risk management in the military is a systematic process used to identify, assess, and control risks associated with military operations, training, and other activities. Its primary goal is to preserve combat power, conserve resources, and increase operational effectiveness while minimizing unnecessary loss or damage. Military risk management typically follows a structured approach such as the U.S. Army’s 5-step model: 1. Identify hazards: Recognizing potential dangers in various military activities. 2. Assess hazards: Evaluating the likelihood and severity of identified hazards. 3. Develop controls and make risk decisions: Developing and implementing measures to reduce or eliminate risks, by using risk information to inform operational planning and execution. 4. Implement controls: Implementing strategies to minimize the risks. This could involve reducing the probability of the risk happening or lessening its impact if it does occur.5. Supervise and evaluate: Continuously tracking risks, reviewing the effectiveness of risk mitigation efforts, and adjusting strategies as needed. This process helps military leaders balance mission requirements with personnel and equipment safety, ensuring that risks are taken only when the potential benefits outweigh the possible losses. Risk Management in a Corporate Scenario vs the Military Risk management in the corporate world shares some similarities with military risk management, but there are notable differences in focus, scope and implementation. This stems from the basic purposes of both these organisations. Whereas, in the armed forces focus is on effective training, seamless logistics and winning wars, in a business enterprise it is about staying competitive in the market, generating profits, regulatory compliances, organisational reputation etc. Hence, though at a high level the process remains same there are nuanced differences. In simple terms, here’s how corporate risk management differs in the two fields: Parameter Corporate Military 1 Focus Primarily focused on financial risks, reputation, and business continuity. Centred on operational effectiveness andpreserving combat power. 2 Types of risks Market risks, credit risks, operational risks, legal/ compliance risks, strategic risks. Combat-related risks, equipment failures,personnel safety, mission failure. 3 Regulatory environment Governed by various laws and regulations (e.g., Unified Licence for telecom operators, RBI regulationsfor banks). Follows military doctrine and governmentregulations. 4 Stakeholders Shareholders, customers, employees, regulators. Government, soldiers, allies, civilians inoperational areas. 5 Risk appetite Often defined by board of directors, balancingrisk and reward for profit. Determined by mission objectives andstrategic importance. 6 Time horizon Can range from short-term to long-term, often with a focus on quarterly or annual results. Mission-specific, can be immediate (tactical)or long-term (strategic). 7 Tools and methodologies ERM framework, ISO 31000, financial modelling, scenario analysis. Specific military risk assessment tools,after-action reviews. 8 Reporting Regular risk reports to management, board, and sometimes public disclosures. Often classified, reported through chain of command. 9 Risk transfer Can use insurance, derivatives, or other financial instruments to transfer risk. Limited options for risk transfer; risks areusually managed internally. 10 Cultural aspects Risk culture varies widely between organizationsand industries. Strong emphasis on safety and operational security across the organization. 11 Consequences offailure Financial losses, reputational damage, legal liabilities. Potential loss of life, mission failure, national security implications. 12 Innovation andrisk-taking Often encourages calculated risk-taking for competitiveadvantage. Emphasizes following established protocols, with innovation focused on enhancing capabilities and safety. While both sectors endeavour to manage risks effectively, the corporate world generally has more flexibility in its approach and can often take on more risks in pursuit of profits. The military, given its critical role in national security and catastrophic nature of failure, tends to be more conservative in its risk management practices. Transitioning Military Personnel and Risk Management as a Career Transitioning military personnel often possess skills such as leadership, decision-making under pressure, operational planning, and risk assessment – qualities that naturally align well with various subdomains of risk management. Hence risk management is a good career option for veterans seeking jobs in the business sector. The term Risk Management is loosely used both in the military as well as the corporate environs. It is nothing but something we do in our day to day lives, all the time – whether it is a decision to buy a new car, changing jobs or even a simple thing such as crossing the road Based on exposure to the sector, here are some recommended subdomains and related industries that could be a good fit: Operational Risk Management ● Fit: Veterans excel in understanding and mitigating risks tied to processes and operations. ● Industries: – Manufacturing. – Logistics and Supply Chain. – Aviation and Aerospace. – Healthcare (hospitals, emergency services). Security Risk Management ● Fit: Military backgrounds provide excellent training in physical security, threat assessment, and protection. ● Industries: – Corporate Security– Critical Infrastructure(telecom, energy, water, utilities).– Event Management.– Financial Institutions(fraud, cybercrime prevention). Cybersecurity Risk Management ● Fit: Many veterans come from IT, communications, or intelligence backgrounds and can transition well into cybersecurity roles. ● Industries: – Technology and Software Development. – Telecommunications . – Financial Services. – Healthcare (patient data protection). Compliance and…

What if you could create a stunning desert landscape or an alien world in real-time? No need to wait for hours of post-production. Productions like The Mandalorian have highlighted this new frontier, where the line between physical and virtual worlds is becoming increasingly blurred. Today, a major shift is taking place – moving from traditional green screens to immersive LED backdrops. The legacy and limitations of green screens Green screens have long been a cornerstone of filmmaking, enabling breathtaking scenes and unseen galaxies to come to life in post-production. However, they also introduce challenges like color spill and uneven lighting. As most creative crews know, addressing shadows, green tones, and precise color keying is time-consuming, often stretching both budgets and patience. For actors, performing against a blank green stage can be disengaging. It disconnects them from the authenticity of their craft. It’s not easy to work up subtle reactions to surroundings that will exist only later. Additionally, compositing work, such as matching lights, removing color spill, and refining edges, requires painstaking effort. Each pixel demands attention, adding pressure to both timelines and production costs. The rise of LED backdrops These disadvantages have, however, been overcome by filmmakers and studios as the usage of LED technology is becoming more common. Rich in detail, adaptable, and vibrant, LED screens have opened a fresh level of filmmaking immersion. LED screens allow dynamic landscapes to be projected, creating the feeling of a real set. Actors can interact with their surroundings, while directors and camera operators capture shots with clarity that previously required post-production. Moreover, LED screens blend seamlessly with real- world lighting. Costumes beam naturally under a desert sun, as reflective surfaces may capture neon skies and radiate light in truly realistic ways, already helping out the visual workload but also empowering the all-around realism of every shot. The most amazing thing is the flexibility. Switching from a futuristic city to a lush forest or creating an alien world can be done instantly. Filmmakers no longer need to build elaborate sets and then dismantle them, saving time and resources. Real-world transformations: Elevating studio production with advanced LED solutions Media24, South Africa’s leading media company, faced limitations with traditional studio setups. Physical backdrops were time-intensive to set up and lacked flexibility during shoots. What if you could create a stunning desert landscape or an alien world in real-time? No need to wait for hours of post-production. Productions like The Mandalorian have highlighted this new frontier, where the line between physical and virtual worlds is becoming increasingly blurred. Today, a major shift is taking place – moving from traditional green screens to immersive LED backdrops To address these issues, Media24 installed a 51.84m² LED backdrop using 256 Hikvision P1.2 COB LED units. The Flip-Chip COB technology improved brightness and resolution by eliminating bonding wires and enabling closer LED spacing. This transformation boosted production flexibility while saving time and resources. Digital displays allowed seamless background changes, and real-time control made scene adjustments quick and efficient. High-quality visuals also enhanced VR shoots and live TV shows, elevating Media24’s productions. Across the Atlantic, Brazilian audiovisual company Neto Eventos installed a 10.24-meter wide and 2.88-meter tall arc LED wall with a 2.5mm pixel pitch. The immersive backdrop created vivid environments for live broadcasts. Hikvision’s advanced technology ensured excellent image clarity and color accuracy, empowering the studio to produce creative and compelling content. As LED technology becomes the new norm, innovators like Hikvision are playing a pivotal role in helping creators bring captivating worlds to life, bridging the gap between imagination and reality. Committed to advanced manufacturing and innovative solutions, Hikvision is supporting creative teams in realizing even their boldest visions. From the legacy of green screens to the embrace of LED walls, the journey ahead marks a significant evolution in filmmaking and broadcasting. Read More

Harikrishna PrabhuCOO, Technobind Solutions As cyber threats evolve at an unprecedented pace, organizations find themselves entangled in a web of fragmented security solutions, each promising protection but collectively creating chaos. From endpoint security and cloud protection to identity access management and compliance tools, the sheer complexity of managing multiple platforms often leaves security teams overwhelmed and vulnerable. This disjointed approach not only increases operational inefficiencies but also widens security gaps – offering adversaries an opportunity to exploit weaknesses. A unified platform can bridge these security silos, transforming risk management from a reactive burden into a proactive, intelligent defense mechanism that simplifies operations, enhances threat response, and fortifies an organization’s cybersecurity posture. The Complexity Conundrum Traditional cybersecurity strategies rely on disparate security solutions, forcing security teams to juggle multiple dashboards, policies, and alerts. This siloed approach creates blind spots, delays incident response, and increases the risk of misconfiguration – often the weakest link in cybersecurity defenses. The Shift to Centralized Risk Management A centralized risk management platform consolidates security functions into a single pane of glass, providing real-time visibility, streamlined workflows, and automated threat intelligence. By integrating risk assessment, compliance tracking, and threat detection into one ecosystem, organizations can proactively manage vulnerabilities before they escalate into breaches. The Benefits: Efficiency, Accuracy, and Compliance As cyber threats grow in sophistication, businesses must transition from reactive defense to proactive risk mitigation. A centralized security platform isn’t just a convenience – it’s a necessity for organizations looking to simplify security operations while fortifying their cyber resilience. By embracing centralized cybersecurity risk management like ESET Protect Platform, enterprises can reduce complexity, cut costs, and ensure a more resilient security posture in an era of relentless cyber threats. ● Holistic Visibility – Security teams can correlate data across endpoints, cloud environments, and networks, reducing the time to detect and respond to threats. ● Automation and AI-Driven Insights – Leveraging AI and machine learning, centralized platforms can identify anomalies, prioritize risks, and automate remediation, reducing human error.● Regulatory Compliance – Organizations can maintain compliance with industry standards (e.g., GDPR, NIST, ISO 27001) by aligning security policies across the enterprise in a structured manner. ESET PROTECT Platform: A Paradigm of Centralized Cyber Risk Management In the quest for streamlined and effective cybersecurity, the ESET PROTECT Platform stands out as a quintessential example of centralized cyber risk management. This cloud-first, AI-native cybersecurity platform integrates a comprehensive suite of tools designed to provide robust protection while simplifying security operations. Key Features of ESET PROTECT Platform ● Unified Security Management: Offers a centralized console that provides real-time visibility and control over all endpoints, facilitating seamless policy enforcement and incident response. ● Advanced Threat Defense: Utilizes proactive, cloudbased defenses to guard against zero-day and never- before-seen threats, ensuring that emerging vulnerabilities are promptly addressed. ● Extended Detection and Response (XDR): Enables comprehensive threat hunting and incident response capabilities, allowing security teams to investigate and remediate sophisticated threats effectively. ● Multi-Factor Authentication (MFA): Ensures that access to organizational data is protected through seamless MFA, enhancing security compliance and reducing unauthorized access risks. ● Vulnerability and Patch Management: Actively tracks and addresses vulnerabilities in operating systems and applications across all endpoints, mitigating potential security threats from unpatched systems. As cyber threats evolve at an unprecedented pace, organizations find themselves entangled in a web of fragmented security solutions, each promising protection but collectively creating chaos. From endpoint security and cloud protection to identity access management and compliance tools, the sheer complexity of managing multiple platforms often leaves security teams overwhelmed and vulnerable In conclusion, the future of cybersecurity lies in simplification without compromise. As businesses continue their digital transformation journeys, embracing a centralized risk management approach is no longer optional—it’s a critical imperative. Platforms like ESET PROTECT exemplify this strategy by unifying security functions, automating threat detection, and providing real-time risk insights. By adopting such comprehensive solutions, organizations can transition from fragmented defenses to a streamlined, proactive security posture, effectively mitigating cyber risks while freeing up valuable resources to focus on innovation and growth. About TechnoBind TechnoBind is the first Specialist Distributor in the Indian IT channels space offering a hybrid distribution model placed synergistically between broad-based and niche distribution, to deliver high business value for its reseller partners. TechnoBind helps partners to implement solutions, which solve specific business pain points arising out of the rapidly changing facets of technology for businesses. TechnoBind’s sole focus is to help enterprises manage and make the most of their most precious asset which is data. The portfolio of thirty cutting-edge brands spanning Access, Management, Security, Infrastructure and Cloud enables TechnoBind to uniquely address data management. Read More

Sergio BertoniLeading Analyst atSearchInform 71% of small and medium-sized businesses experienced attempts by employees to leak data, SearchInform research states. However, employees often leak data accidentally and without any malicious intent, for example, because of negligence or cyber illiteracy. Today, establishing control over employees’ actions with data is a common practice, but it is impossible to ensure without specialized software – DLP systems, which have become a basic tool for protecting companies against data breaches caused by insiders. DLP systems are also used to avoid data misuse, improve the level of work discipline, and retain valuable staff. Control within the Law The employer has the legal right to control employees to protect sensitive information such as personal data, banking and commercial secrets, data collected by state information systems, and data in industrial control systems at critical infrastructure facilities. For example, an employer is responsible for keeping passport scans and other documents of employees, the company’s partners, and clients’ data safe as well. This is enshrined in the laws of many countries, as well as in international legislation such as GDPR. However, personnel must be informed that the organization where they are employed is using an automated monitoring system (like DLP). The fact that an organization uses specialized software for employee control must be documented in corporate policies. Employees, in their turn, should be informed about what the protective system is used for, and sign a consent for their activity to be monitored. For the employer it is necessary to draw up an additional agreement to the employment contract and outline all the tasks of using the system which could be the following: ● Oversee employees’ compliance with job descriptions and internal labour regulations; ● Control the appropriate use of the company’s information resources and technical means to fulfill job duties; ● Ensure protection of commercial, trade, official, and other secrets as required by national and international regulations. The DLP systems are also deployed to maintain discipline and evaluate staff productivity. In case of such system implementation in corporate IT infrastructure, the employer should take measures to avoid conflicts and misunderstandings between the team and management. Introducing corporate regulations on working with information will help solve this task. Besides, a separate policy on how documents need to be stored, and whether it is permitted to use clouds and personal email to communicate work-related tasks and other questions is a must. This way employees will understand what is allowed to do at work and what is prohibited for them. For example, an employer may not allow an employee to use a corporate PC for non-work related activity on social networks, storing personal photos etc. What are the benefits of being monitored? The issue is that employees often interpret various monitoring systems as excessive control and distrust. In this case, it is crucial to communicate to the team the advantages employees receive from being monitored by protective software. Providing employees with real life cases will help in this regard. The first case from SearchInform practice proves that DLP systems help employees avoid being accused of a crime they never committed: ● The security department specialists found on the employee’s corporate PC confidential data that he did not have access to. Investigation revealed that the remote access tools were regularly run on his computer, however, the employee hadn’t noticed it. It turned out that the network administrator temporarily stored confidential data on the ‘victim’s’ PC before transferring it to third parties. Thus, the DLP system helped identify the real intruder and save the honest employee from being dismissed. 71% of small and medium- sized businesses experienced attempts by employees to leak data, SearchInform research states. However, employees often leak data accidentally and without any malicious intent, for example, because of negligence or cyber illiteracy. If our client did not have a DLP system, it would have been very difficult for the guiltless worker to avoid suspicion and prove that he was not involved in the data leak. Unfortunately, such cases are not uncommon. In this way, modern control systems help to avoid situations when staff members need to justify themselves. In some organizations where DLP is not implemented, in the same cases, the employees may be required to undergo polygraphs or other stressful procedures. DLP at employees’ service There are major ways, how DLP system brings important benefits to the employees. Firstly, the DLP system reduces the risk of accidental data leakage, which could lead to sanctions against the employee. The system is equipped with proactive blocking functionality, which is fine-tuned by an Information Security specialist. The feature reduces the chances of confidential documents intentionally or unintentionally leaving the company’s information perimeter. DLP also notifies the user (InfoSec specialist or another professional in charge) about suspicious employee activity. In addition, DLP systems can be equipped with the open mode of operation that empowers the user not to commit dangerous actions with the help of special notifications. It is also possible to customise alerts about dangerous actions or enable the user interface – a visible window on the taskbar so that personnel can communicate freely with the InfoSec professionals. ● Case: The employee of the research institute was preparing documentation containing data from clinical trials of the drug. Out of habit, he sent the documents for review to a former manager, who at the time was already working for a competitor. The incident that occurred by mistake severely damaged the reputation of the institute. However, it could have been avoided if the DLP was deployed. Secondly, DLP ensures confidence that all incidents will be investigated objectively and thoroughly. This applies not only to prevent false accusations but also to verifying complaints from employees about arbitrary behavior by the company’s top management. ● Case: One of our clients, a retail company deployed a DLP system. Then, a suspicious email to the CFO from one of the dismissed employees was found. Ex-worker accused the CFO of taking full advantage of the CEO’s trust to fire valuable…

By Milind BorkarMD, Systematica Suyog Security Consultants(Sr. Consultant & Security Expert) Surveillance and Security in the traditional sense is now moving forward in leaps and bounds. Gone are the days of CCTV using analog cameras that are being replaced by digital cameras that enable video analytics to be performed on an incoming digital stream. Also, between year 2005 and year 2010 there was a massive push to standardize the interface between the camera and the software that talks to it over an ethernet cable. This standard is ONVIF (Open Network Video Interface). Though many camera manufactures claim ONVIF compliance one must check the following link prepared by onvif.org – https://www.onvif.org/conformant-products/. This development disrupted the stranglehold of camera manufactures with their partners and allowed many other players to enter the market as proprietary protocols were no longer required. Most of the terabytes of stored video is useless as it does not carry any useful information. Manual searches need to be conducted to find the relevant information one is looking for. This turns out to be a time-consuming process and by the time information is found it might be out of date. This is where Video Analytics can help to some degree by looking for only relevant information thereby saving time and resources. Even though Video Analytics saves a considerable amount of time, it still does not avoid the manual process involved in looking at video instead of data. Here is where Artificial Intelligence (AI) and Machine Learning come in. AI/ (neural networks) builds a model based on a few initial parameters that are input by the user. Without getting into the details, it quickly builds a neural network and tells you the confidence level of each object found in the video frame. This is a highly mathematical process involving convolution, calculus, probability and statistics. Based on the confidence level of each object found in the frame, one can fine tune the neural network by changing the input parameters. This fine tuning is called Machine Learning by which the neural network gives confidence levels above 95% for each object found. We have done this in our product where object confidence levels went from as low as 60% to as high as 98%. One can now put the neural network in training mode telling it what the target end result the user wants. The machine then self learns by varying the hundreds of input parameters till the end target is met. At this stage the model is what the user was expecting and he now continues to use this highly accurate model to build his or her applications to solve problems specific to their market vertical. So, what AI/ ML has done is that video examination is no longer required but extracted data from the video stream is examined. This is a far more intelligent way of examining video streams and far more efficient allowing the end user to build multiple intelligent applications on top of this. This is the WAVE of the future as multiple PETABYTES of data cannot be examined after the fact. With the number of cameras increasing exponentially all across the globe, the best way to process video is on the fly in real time as it saves time, money and resources across the board. However, for a particular use case some time and money have to be invested to fine tune the neural network model. Once this process and methodology is mastered, one can use it for other use cases. In our case, some of our models took up to 30 minutes to bring up the confidence level above 95%, while in other cases it has taken up to a week. Factors that affect this training period are following: (a) Lighting, (b) Number of objects in the frame, and (c) Complexity of the shape of the object. Diagram describing our Object Classification Engine We will now describe a couple of used cases to make this clear: Used case 1: Implementing Standard Operating Procedure (SOP) Suppose a SOP is defined for a drug testing methodology in a pharmaceutical laboratory. Requirements are as follows: ● Capture and time stamp when an employee enters and exits the laboratory. ● Measure procedure when the drug testing starts. ● Identify colored flasks and test tubes and their movement from one step to the next.● Identify microscopes and other medical instruments used in measurement and how they are being used. ● Flag any deviation from SOP and report to administrators. As one can see, one can use identifying objects in the video stream and determine whether the SOP is being followed. This can be used by the laboratory management team to improve overall efficiency of the laboratory and its’ employee performance without looking at video streams. A snapshot of our current Object Classification Engine for illustrative purposes Used Case 2: Measuring queue lengths at bank counters, airport check in lines, hospitals etc. ● Determine queue lengths to determine arrival and service rates. ● Queue lengths will increase if service time is greater than person arrival time. ● Flag these so the service efficiency can be improved. Summary The neural network model has over 25 million pre-defined objects in the database. These have been developed using artificial intelligence techniques. In a typical end user case, a very small subset of these 25 million predefined objects is required. New objects are continuously being added to the database. The model also allows itself to be put in training mode based on what the end user really wants Our Object Classification Engine takes advantage of this and provides interfaces so that end user case applications can be developed rapidly and be put to use. We provide extracted data, interface to the ML neural network model as well as we provide application development services for the customer. Read More

Its Total Cost of Ownership May Surprise You! By Gaurav TaywadeDirector, India Operation, Vicon On-premise enterprise video management systems (VMS) can be a huge investment – one of the priciest elements of a company’s physical security technology infrastructure. They’re also one of the most critical. Without eyes on a property, there’s no way to ensure that other systems are doing their job. Since the pandemic, spending on VMS solutions has continued to rise. Commercial office space vacancies are high, hybrid and remote work models have businesses operating with far fewer onsite workers, crime is up, and security guards are in short supply. Building and security managers are determining that existing cameras provide insufficient coverage under these new conditions, and are therefore seeking to expand their systems. Quickly evolving technology is complicating matters, making legacy VMSs obsolete. Companies unable to leverage the latest generation of cameras, analytics, and integration opportunities are deciding that it’s time to upgrade to a new platform rather than continue to throw money into a substandard solution. After 5-10 years, the actual cost of one system may be as much as 50% lower than another As stakeholders wrestle with how to upgrade or replace their VMS network, performance and operational needs take top priority. However, once specifications are agreed upon, and various manufacturers have been identified that meet a project’s requirements, price can become the deciding factor. Unlike the straightforward comparison of technical specs between offerings, calculating and comparing the total cost of system ownership is much more elusive. The total-cost-of-ownership (TCO) is affected by many factors – some of which come as an unwelcome surprise to system owners after their VMS is up and running. At that point, it’s too late to reevaluate the wisdom of their investment. There is no magic formula for estimating TCO. Manufacturers structure their licensing, warranties, upgrades, maintenance, training, and other policies in different ways, and their promotional materials rarely spell out these distinctions. After 5-10 years, the actual cost of one system may be as much as 50% lower than another. To accurately evaluate TCO, decision-makers must know where to look for hidden expenses and the right questions to ask. We hope this whitepaper helps readers do just that. Device Licensing Practices are Sometimes Tricky Licenses are part of any on-premise VMS solution. The licensing model makes systems scalable; users pay more for larger deployments. In enterprise systems with hundreds or thousands of cameras, licensing represents a significant expense. That said, there is tremendous variation in how much licensing will cost a company throughout its VMS’s lifespan. The price-per-license differs by manufacturer, but that is only part of the story. Some manufacturers require a license for each camera. Others charge licensing fees for servers, workstations, storage, and edge devices. Licensing tied to NVRs and servers can pack a disproportionate financial wallop – especially when NVR licenses are calculated based on the number of streams supported. For example, let’s take one 12MP camera that features triple-streaming. With NVR licensing, the camera requires three licenses if all three streams are used, even if the same NVR records all three. Recording redundancy doubles the price. With two servers recording each of the three camera streams, that single camera represents six licenses! By contrast, a camera-only licensing model would require one license for this device, period. Consider how this policy substantially impacts a network with hundreds of cameras. When NVRs are licensed, adding or upgrading cameras also becomes more expensive. Let’s say a customer wishes to replace several 1MP cameras with 5MP models. The 5MP devices will impose more demand on the server. VMS systems may be infinitely scalable, but individual NVRs or servers have their limits. Adding new cameras, or replacing existing ones with higher resolution models, can result in the need for more network hardware. Once again, paying per camera – and only per camera – keeps TCO in check as systems grow. By contrast, when VMS software is free and licensing is only required for cameras, the options for keeping systems current remain uncomplicated and less expensive However, even with camera-only licensing models, there are still ‘buyer beware’ issues to consider. Some manufacturers link each license to the MAC address of a specific camera, making the license non-transferable. Limiting software in this manner is an antiquated approach that takes advantage of the user. When hardware needs to be replaced, there’s no reason the software license should need replacing too. Imagine if your laptop died and Microsoft said you must buy all new software rather than transfer your licenses to the new device. You would be irate. Finally, some manufacturers charge premium licensing fees, per device, to access certain VMS features. A camera’s specifications may indicate it “can do” certain things, but it’s possible that they are not included with a basic license. When calculating a system’s TCO, make sure you understand what your licenses include and what they don’t! Keeping Current is Critical; It Shouldn’t Be Costly Like any software, VMS platforms are constantly improving. The DevOps process used by many software development teams, with its focus on continuous feedback, collaboration, and communication, has accelerated the speed and frequency with which updates are released. Unlike business software for sales or marketing – for which new releases may be helpful but unnecessary – security software provides a mission-critical function. It should be kept current at all costs. How VMS manufacturers charge for updates affects TCO. Some updates, like those addressing bugs and vulnerabilities, may be free, but others come with a fee. Before purchasing a system, prospective owners should understand what to expect. Are upgrades mandatory? How frequently do they typically happen? Are upgrade protection plans available? How is the price calculated? Even if manufacturers do not mandate upgrades, they may ultimately discontinue support of earlier software versions, rendering the NVRs and servers running them obsolete unless the customer invests in an enterprise-wide software upgrade and relicensing. Without a systemwide update, the system owners cannot even add a single new camera….

In the high-stakes world of border security, fog and other adverse weather conditions create critical blind spots that smugglers and criminals easily exploit. Sight- Booster, a real-time software solution from ThexoVision, gives border guards the clear vision as they need to stay one step ahead and keep borders secure. Why is fog a critical risk and challenge for border security? ● Smugglers take advantage of poor visibility: Drug and human smugglers often carry out their operations in foggy weather, when surveillance is at its weakest. ● Limited detection performance and range: Security cameras lose effectiveness in fog, which reduces their effectiveness, making it harder for border guards to identify threats. ● Delayed reaction time: Officials only detect intrusions when it is too late, making it impossible for them to react in time to prevent border violations. ● Thermal cameras have limitations: Although thermal cameras can help, they do not always provide enough detail to identify vehicles, faces or contraband, making it difficult to act. SightBooster: From poor visibility to clear detection SightBooster, developed by ThexoVision, is a real-time software solution that improves surveillance images in poor visibility conditions – without the need for expensive hardware development. ● Instantly improves camera image clarity: Officers can see clearly even in dense fog. ● Identifies threats from long distances: Border Patrol can spot and track smugglers from 1km or more, reducing security gaps. ● Seamless integration with existing cameras: Interoperates with CCTV, thermal, PTZ and drone cameras for improved visibility. ● Faster response time: Security teams can act before border intruders cross the border. Top: original video frame in dense fog, Bottom: processed video frame with clear visibility via SightBooster software solution Proven success: SightBooster in action Kazakhstan field trial In real-world tests with our partner TNS Service, Sight- Booster processed live footage (H.264, 20Mbps bitrate) from a standard PTZ security camera monitoring a 1km target in dense fog. The original footage was almost unusable, but the video enhanced with SightBooster showed remarkable clarity of detail, enabling effective surveillance. Border patrol vehicles in the UK SightBooster is integrated into Presidian® Smart Mobile Monitoring Stations developed by DJ Byers Security Solutions® (UK). These mobile units improve real-time situational awareness for border patrol officers, ensuring that officers are never blinded by fog, heavy rain or low light conditions. The future of border security With increasing pressure on border security forces, technology must evolve to outpace the strategies of smugglers and criminals. SightBooster offers a cost-effective, high-performance solution that gives security teams the visibility they need when they need it most. SightBooster : A versatile software technology for various conditions ThexoVision’s proprietary real-time video enhancement software technology is capable of revealing scene objects under constrained visibility conditions in camera-based systems. This capability not only works in fog, but also aids visual detection and identification in the presence of a wide variety of obscurants such as haze, smog, smoke, dust, rain, or snow. In addition, it can also cope with use cases in night vision and underwater scenarios of low visibility. AI or not to AI? Whilst in today’s technologies artificial intelligence is becoming more and more pervasive, ThexoVision believes in a balanced approach on application of AI. In fact, the core of SightBooster software technology avoids using AI in producing the clarified version of the input stream. The reason – when dealing with surveillance or border security, we don’t want to introduce non-existing objects or details into the processed image. Nevertheless, when need be, SightBooster can be efficiently combined with other AI-based methods, like object detection. Fog and bad weather don’t stop smugglers, so border security can’t afford to be blind. Sight- Booster gives officers the clear vision they need to stay one step ahead and keep borders secure Milan Tresch, CEO of ThexoVision. Founded in 2019, ThexoVision evolved from a post-processing software initiative towards fulfilling the promise of real-time processing capabilities. Recognizing its potential for widespread industrial applications, the team took a hands-on approach to development, establishing a four-camera test system at Budapest airport’s control tower. This rigorous testing validated the technology and significantly boosted its market credibility. Our technology that is primarily available as a software development kit (SDK) can be incorporated into server – and desktop-based configurations, as well as into small-sized, embedded solutions for mobile applications. The SDK has been designed to allow for a streamlined integration into vastly differing products, systems Ramon Hegedus, CTO of ThexoVision. The company represents a fusion of two generations of expertise among its six owners. The senior partners include the project’s original visionary and co-founder who continues to drive market development and funding, a former chief commando officer who later became a successful international trader of military technologies, and an ex-head of a police counter-narcotics unit, today leading a company that develops sensitive military and civilian electronics solutions. The younger generation features the company’s CEO and two exceptional software developers – one of them a specialist in computer vision and graphics, while the other, also co-founder and CTO, an expert in optical sciences and imaging. Their joint innovative efforts put ThexoVision ahead of competitors. Read More

Dr. Suman GhoshProject Management ProfessionalBritish Telecom In the digital age, data breaches have become a pervasive threat, impacting organizations across all sectors. Since 2021, the frequency and severity of these breaches have surged dramatically, posing significant risks to both personal and organizational security. This article delves into the alarming rise in data breaches, the financial implications, and the critical need for enhanced security measures, particularly in email protocols. The surge in data breaches Data breaches have increased by a staggering 72% since 2021. This surge can be attributed to several factors, including the proliferation of digital data, the increasing sophistication of cyberattacks, and the expanding attack surface due to remote work and cloud adoption. In 2024 alone, there were over 422.61 million data records leaked in various breaches. This unprecedented rise underscores the urgent need for robust cybersecurity strategies. Financial impact of data breaches The financial repercussions of data breaches are profound. The average cost of a data breach reached $4.88 million in 2024, marking a 10% increase from the previous year. This cost includes several components such as business disruption, customer loss, regulatory fines, and post-breach remediation efforts. For instance, the healthcare sector, which handles highly sensitive patient data, reported the highest average breach costs at $9.77 million. Similarly, the financial sector faced substantial costs due to the value of financial data and the potential for significant financial losses from fraud and theft. Email: The primary vector for malware Email remains the most common vector for malware delivery, accounting for 35% of all malware incidents. Cybercriminals exploit the inherent trust users place in their inboxes, using tactics such as phishing, malicious attachments, and deceptive links to infiltrate systems. The Verizon 2021 Data Breach Investigations Report highlighted that 94% of malware is delivered via email. This statistic emphasizes the critical need for enhanced email security protocols to protect against these pervasive threats. Case studies and real-world examples Several high-profile data breaches in recent years illustrate the devastating impact of these incidents. For example, the 2023 breach of a major financial institution resulted in the exposure of millions of customer records and a subsequent $100 million fine. Another notable case involved a healthcare provider, where a ransomware attack led to the compromise of patient data and a $50 million settlement. These examples highlight the severe consequences of data breaches and the importance of proactive security measures. The role of advanced security measures To combat the rising tide of data breaches, organizations must adopt advanced security measures. This includes implementing multi-factor authentication, encryption, and regular security audits. Additionally, the use of artificial intelligence (AI) and machine learning (ML) can enhance threat detection and response capabilities. Organizations that extensively use security AI and automation reported an average cost savings of $2.22 million per breach. The importance of employee training Human error remains a significant factor in data breaches. Therefore, comprehensive employee training programs are essential to educate staff about the risks and best practices for data security. Regular phishing simulations and cybersecurity awareness training can significantly reduce the likelihood of successful attacks. Conclusion The rise in data breaches is a stark reminder of the evolving cybersecurity landscape. With the average cost of breaches reaching unprecedented levels and email remaining a primary attack vector, organizations must prioritize robust security measures. By adopting advanced technologies, enhancing email security protocols, and investing in employee training, organizations can mitigate the risks and protect their valuable data. Read More