BT CCTV Digital Video Recorders (DVRs)  (1)

Cyber threats hit the headlines every day; however digital hazards are only part of the security landscape. In fact, for many organisations - physical rather than virtual security will remain the burning priority. Will Liu, Managing Director of TP-Link UK, explores the three key elements that companies must consider when implementing modern-day business surveillance systems.  1) Protecting more than premises Video surveillance systems are undoubtedly more important than ever before for a huge number of businesses across the full spectrum of public and private sector, manufacturing and service industries. One simple reason for this is the increased use of technology within those businesses. Offices, workshops, and other facilities house a significant amount of valuable and expensive equipment - from computers, and 3D printers to specialised machinery and equipment. As a result, workplaces are now a key target for thieves, and ensuring the protection of such valuable assets is a top priority. A sad reality is that some of those thieves will be employees themselves. Video surveillance system Of course, video surveillance is often deployed to combat that threat alone, but actually, its importance goes beyond theft protection. With opportunist thieves targeting asset-rich sites more regularly, the people who work at these sites are in greater danger too. Effective and efficient surveillance is imperative not just for physical asset protection, but also for the safety From this perspective, effective and efficient surveillance is imperative not just for physical asset protection, but also for the safety of colleagues as well. Organisations need to protect the people who work, learn or attend the premises. A video surveillance system is, therefore, a great starting point for companies looking to deter criminal activity. However, to be sure you put the right system in place to protect your hardware assets, your people, and the business itself, here are three key considerations that make for a successful deployment. 2) Fail to prepare, and then prepare to fail Planning is the key to success, and surveillance systems are no different. Decide in advance the scope of your desired solution. Each site is different and the reality is that every solution is different too. There is no ‘one-size-fits-all solution and only by investing time on the exact specification can you arrive at the most robust and optimal solution.  For example, organisations need to consider all the deployment variables within the system’s environment. What is the balance between indoor and outdoor settings; how exposed to the elements are the outdoor cameras; what IP rating to the need? A discussion with a security installer will help identify the dangerous areas that need to be covered and the associated best sites for camera locations. Camera coverage After determining location and coverage angles, indoors and outdoors, the next step is to make sure the cameras specified are up to the job for each location. Do they have the right lens for the distance they are required to cover, for example? It is not as simple as specifying one type of camera and deploying it everywhere. Devices that can use multiple power sources, Direct Current, or Power over Ethernet well are far more versatile You have to consider technical aspects such as the required level of visual fidelity and whether you also need two-way audio at certain locations? Another simple consideration is how the devices are powered. Devices that can use multiple power sources, Direct Current or Power over Ethernet as well are far more versatile and reliable. Answers to these questions and a lot more need to be uncovered by an expert, to deliver a best-of-breed solution for the particular site. 3) Flexibility breeds resilience Understanding exactly what you need is the start. Ensuring you can install, operate and manage your video surveillance system is the next step. Solutions that are simple to install and easy to maintain will always be favoured - for example, cameras that have multiple sources of power can be vital for year-round reliability. Alongside the physical aspect of any installation, there is also the software element that needs to be considered. The last thing organisations need is a compatibility headache once all their cameras and monitoring stations are in place. Selecting cameras and equipment with the flexibility to support a variety of different operating systems and software is important not just for the days following the installation, but also to future-proof the solution against change.  Easy does it Once the system is up and running, the real work of video surveillance begins. Therefore, any organisation considering deploying a system should look to pick one that makes the day-to-day operation as easy as possible to manage. And again - that is all about the set-up. Cameras can also provide alerts if they have been tampered with or their settings changed The most modern systems and technology can deliver surveillance systems that offer smarter detection, enhanced activity reporting so you learn more about your operations, and also make off-site, remote management easy to both implement and adjust as conditions change. For example, camera software that immediately notifies controllers when certain parameters are met - like motion detection that monitors a specific area for unauthorised access. Cameras can also provide alerts if they have been tampered with or their settings changed without proper authorisation. Remote management of HD footage What’s more, the days of poor quality or unreliable transfer of video are long gone. The high-quality HD footage can be captured, stored, and transferred across networks without any degradation, with hard drives or cloud-based systems able to keep hundreds of days of high-quality recordings for analysis of historical data. Finally, the best surveillance solutions also allow for secure remote management not just from a central control room, but also from personal devices and mobile apps. All this delivers ‘always-on’ security and peace of mind. The watchword in security Modern video surveillance takes organisational security to the next level. It protects physical assets, ensures workplace and workforce safety, and helps protect the operations, reputation, and profitability of a business.  However, this is not just an ‘off-the-shelf purchase’. It requires proper planning in the form of site surveys, equipment and software specifications, as well as an understanding of operational demands and requirements. Investing time in planning will help businesses realise the best dividends in terms of protection. Ultimately, that means organisations should seek to collaborate with vendors who offer site surveys - they know their equipment best, your needs, and can work with you to create the perfect solution.

From analogue to digital, from stand-alone to interlinked, building systems are in a state of transition. Moreover, the rate of change shows no sign of slowing, which can make it difficult to keep up to date with all the latest developments. If asked to pinpoint the single biggest driver of this revolution, one could point out the growing clamour for platform convergence. A security guard in a building doesn’t want to use different systems to check video cameras, fire alarms or if someone has entered a restricted area: – it simply isn’t efficient. For similar reasons, a building manager wants a single interface to control heating and lighting to match fluctuating occupancy levels, particularly in a hybrid working model. Applying the digital glue The demand from end-users for system convergence is growing, but to achieve full interoperability you still need to apply some ‘digital glue’ and that requires expertise. Yet bringing together disparate systems from different manufacturers can be problematic. Just as you get things to work, someone upgrades their solution and your carefully implemented convergence can start to come unstuck. Managing an implementation can quickly become more complicated, today’s quick-fix can become tomorrow’s headache This is one of the principal issues with all types of new technology; not everyone will choose the same path to reach the desired goal – it’s the old VHS/Betamax argument updated for building management and security systems. Managing and maintaining an implementation can quickly become more complicated than it first appears and without proper oversight, today’s quick-fix can become tomorrow’s technical headache. Effective support for a hybrid workforce Today’s hybrid workforce is a response to the pandemic that looks set to become an established part of working life for many companies across the world. Security systems have a massive role to play in facilitating this transformation that goes beyond simple intrusion detection, access control, and video monitoring. They can identify the most densely populated areas in a building to comply with social distancing guidelines and provide efficient use of space. The insights gathered from a security system can also be used to identify patterns of behaviour, which can then be used for planning and directing the use of building space to help create the best possible working environment while also minimising heating, lighting, and air conditioning expenditures. Identity credentials can help manage compliance with industry regulations by limiting access to certain areas Similarly, identity credentials – either biometric or mobile-based – can help manage compliance to industry regulations by limiting access to certain areas only to approved employees. Creating and maintaining the appropriate level of functionality requires a combination of innovative solutions and industry experience. The complete security package It’s not just physical security that’s important – cybersecurity is a major focus, too. Bringing together both the physical security and cybersecurity realms is increasingly becoming a ‘must have’ capability. What is evident is that the pace of technological change is faster than ever. Today’s functionality simply wouldn’t have been possible just a few years ago, while today’s leading-edge developments may seem commonplace in five years.

Cloud-based technology can reduce IT costs, streamline application management and make infrastructure more flexible and scalable. So, it’s no surprise that cloud video surveillance solutions (also known as video surveillance as a service or VSaaS) are gaining momentum in a big way. In fact, according to recent reports, the VSaaS market is forecasted to increase at a compound annual growth rate of 10.4% by 2025. But some company owners may wonder – what services does a cloud model deliver and is such a solution right for my business? This article aims to help you determine what cloud video surveillance solution is right for your business and the benefits you can enjoy if you decide to deploy a VSaaS solution. Full cloud-based recording vs cloud-managed First, a bit of clarification on cloud video surveillance models, as definitions can vary from provider to provider. A full cloud-based recording solution is one in which both video recording and management are done offsite (for example, cameras streaming directly to the cloud). While this model can be a good option for some, many large enterprise businesses simply don’t have the bandwidth capacity or network resources required to upload all of their videos to the cloud. Even with the bandwidth capacity, this can be a cost-prohibitive model when hundreds or thousands of IP cameras are involved. A full cloud-based recording solution is one in which both video recording and management are done offsite But that doesn’t mean enterprise businesses can’t take advantage of cloud-managed video surveillance. With this solution, video recording and storage happen on your premises (with network video recorders (NVRs) or a video management system (VMS)), but the video management aspect is handled in the cloud by a third-party provider, usually as a subscription-based service. The provider hosts the central video server overseeing your on-premises devices. Some providers also allow you to back up portions of the video to the cloud, so you can store and share video evidence or select clips needed for investigations. This model combines the performance benefits of local recording with the convenience and cost savings of the cloud. Centralised video surveillance solution Perhaps the greatest benefit of using this type of cloud-managed video surveillance solution is centralisation. Because all of your devices are centrally managed in the cloud, you don’t have to travel to a distant location to update a recorder or camera’s software – it’s all done remotely by the provider from a central location. This can save you both time and money, especially since it’s necessary to consistently monitor the configuration settings on cameras and NVRs to ensure they’re correct and functioning properly. If your hardware malfunctions and it isn’t detected immediately, instances of lost video can occur. And business owners know that losing video evidence of theft or fraud could have significant consequences to the efficiency and effectiveness of an investigation. Round the clock monitoring Some providers monitor for changes in cameras’ field of view, so if a camera is blocked or moved, you’ll be alerted  With a cloud-managed model, you can rest assured that if a camera goes down or another technical issue arises, the provider will know and will handle it immediately so you can avoid unnecessary truck rolls, which can be costly. Some providers will even monitor for changes in your cameras’ field of view, so if a camera is blocked or moved, you’ll be alerted right away. This type of around-the-clock monitoring eliminates your need for an in-house data centre and the IT staff necessary to maintain the video system. This is particularly important if you don’t have the infrastructure or the personnel to host your own video networking equipment. You can also save time with the deployment of your video surveillance solution since your provider will get your system up and running quickly. There’s no need to worry about setting up or configuring the central server or any application software – it’s all taken care of by your provider. Flexible and cost-effective In many cloud-managed solutions, you can also skip the large upfront capital cost of a video surveillance investment and pay a monthly fee for all of these services. This is particularly helpful if it’s difficult for your organisation to make large capital investments. You may or may not have to invest in onsite devices (cameras and NVRs), depending on the provider you choose. Some providers will allow you to finance your hardware, while others will want you to purchase it upfront. Many cloud providers also offer robust web clients for viewing video and conducting investigations remotely Many cloud providers also offer robust web clients for viewing video and conducting investigations remotely. These do not require any local downloads, which saves you time and money by avoiding the need for additional IT resources. It also alleviates worrying about whether or not you have the latest version, as the clients are automatically updated. And if you don’t want to spend a lot of time on video analysis, some cloud-managed models offer predefined reports on what’s most important to you. For example, a list of potentially suspicious transactions matched with video – so you can quickly scan to investigate. Getting the right solution Determining whether a cloud-managed video surveillance solution is right for your business is a big decision involving many factors, including your business’s size, bandwidth, and network infrastructure, and overall budget for physical security. By considering the points above, the hope is that you can more easily determine which model is best for your business.

Arc Monitoring will share their range of services at Security TWENTY 20 Birmingham. Set in the central location of the Hilton Metropole NEC in Birmingham on Thursday, 20th February 2020, the Conference will bring together top security industry speakers and is supported by a large exhibition of cutting-edge security products and services. Doors open at 8.30am allowing access to the exhibition with the conference running between 10.00am and 1.30pm. The exhibition will close at 3.30 pm.  Lone worker protection Arc Monitoring will be sharing its CCTV & Alarm Monitoring services Confirmed speakers so far are Arad Parsi of the Suzy Lamplugh Trust talking about lone worker protection, Julian Hurst of Secured by Design and there will be manufacturer updates from Hikvision, BT, HID Global, Seagate and 6S Global. The conference will be chaired by Security TWENTY regular, Michael White. Most importantly if one registers in advance and is an installer, an end user, a consultant, or someone to do with private security, in the police or the armed forces, or a buyer of security services they will be able to attend the Conference for free. Arc Monitoring will be sharing its CCTV & Alarm Monitoring services. This is a chance to discuss face to-face with Arc’s team about the benefits of its CCTV Monitoring, Alarm Monitoring and Keyholding services. Please come along and join Arc to keep yourself up-to-date with its latest innovations.

ETSI's new Industry Specification Group on Securing Artificial Intelligence (ISG SAI) announced that they met recently for their second meeting and appointed Alex Leadbeater (BT) as the Industry Specification Group’s new Chair. Dr. Kate Reed (NCSC) was appointed as First Vice Chair and Tieyan Li (Huawei) was appointed as Second Vice Chair. The second meeting of the ISG SAI, after the launch of the group in October 2019, was also the place to discuss work priorities and future scope of action. Industry Specification Group ISG SAI will work on securing AI from attack, mitigate against malicious AI and using AI to enhance security The Industry Specification Group on Securing AI (ISG SAI) was created to develop technical specifications to mitigate threats arising from the deployment of AI throughout multiple ICT-related industries. The group will work on securing AI from attack, mitigating against malicious AI and using AI to enhance security measures. The purpose of the ETSI ISG SAI is to develop the technical knowledge that acts as a baseline in ensuring that artificial intelligence is secure. “I am delighted to be appointed as the Chairman for this exciting new group. Ensuring the security of Artificial Intelligence is a vital topic that affects many stakeholders and I look forward to seeing what work the group produces as it begins its work programme in earnest,” says Alex Leadbeater, Chair of the Industry Specification Group on Securing Artificial Intelligence (ISG AI). AI Threat Ontology report The ISG AI group will create an AI Threat Ontology report to align terminology, a Problem Statement that will guide the work of the group, a Data Supply Chain Report summarising the methods used and risks associated with sourcing data for training AI, a mitigation strategy report with guidance to mitigate the impact of AI threats, and security testing of AI. The next meeting of the Industry Specification Group on Securing Artificial Intelligence (ISG SAI) will be held in Sophia Antipolis, near Nice in France on 2 – 3 April 2020.

ETSI is pleased to announce the creation of a new Industry Specification Group on Securing Artificial Intelligence (ISG SAI). The group will develop technical specifications to mitigate threats arising from the deployment of AI throughout multiple ICT-related industries. This includes threats to artificial intelligence systems from both conventional sources and other AIs. The ETSI Securing Artificial Intelligence group was initiated to anticipate that autonomous mechanical and computing entities may make decisions that act against the relying parties either by design or as a result of malicious intent. Conventional cycle of networks risk analysis The conventional cycle of networks risk analysis and countermeasure deployment represented by the Identify-Protect-Detect-Respond cycle needs to be re-assessed when an autonomous machine is involved. The intent of the ISG SAI is therefore to address 3 aspects of artificial intelligence in the standards domain: Securing AI from attack e.g. where AI is a component in the system that needs defending Mitigating against AI e.g. where AI is the ‘problem’ or is used to improve and enhance other more conventional attack vectors Using AI to enhance security measures against attack from other things e.g. AI is part of the ‘solution’ or is used to improve and enhance more conventional countermeasures. Developing technical knowledge Three main activities will be undertaken and confirmed during the first meeting of the group The purpose of the ETSI ISG SAI is to develop the technical knowledge that acts as a baseline in ensuring that artificial intelligence is secure. Stakeholders impacted by the activity of ETSI’s group include end users, manufacturers, operators and governments. Three main activities will be undertaken and confirmed during the first meeting of the group. Currently, there is no common understanding of what constitutes an attack on AI and how it might be created, hosted and propagated. The work to be undertaken here will seek to define what would be considered an AI threat and how it might differ from threats to traditional systems. Hence, the AI Threat Ontology specification seeks to align terminology across the different stakeholders and multiple industries. Prioritising potential AI threats ETSI specifications will define what is meant by these terms in the context of cyber and physical security and with a narrative that should be readily accessible to all. This threat ontology will address AI as system, attacker and defence. Data is a critical component in the development of AI systems, both raw data, and information This specification will be modelled on the ETSI GS NFV-SEC 001 ‘Security Problem Statement’ which has been highly influential in guiding the scope of ETSI NFV and enabling ‘security by design’ for NFV infrastructures. It will define and prioritise potential AI threats along with recommended actions. The recommendations contained in this specification will be used to define the scope and timescales for the follow-up work. Data is a critical component in the development of AI systems, both raw data, and information and feedback from other AI systems and humans in the loop. Developing data sharing protocols However, access to suitable data is often limited, causing a need to resort to less suitable sources of data. Compromising the integrity of data has been demonstrated to be a viable attack vector against an AI system. This report will summarise the methods currently used to source data for training AI, along with a review of existing initiatives for developing data sharing protocols and analyse requirements for standards for ensuring integrity in the shared data, information and feedback, as well as the confidentiality of these. The founding members of the new ETSI group include BT, Cadzow Communications, Huawei Technologies, NCSC and Telefónica. The first meeting of ISG SAI will be held in Sophia Antipolis on 23 October. Come and join to shape the future path for secure artificial intelligence!