Axis Communications Intruder Alarms: Communicators & Communication Systems

In 2017, IoT-based cyberattacks increased by 600%. As the industry moves towards the mass adoption of interconnected physical security devices, end users have found a plethora of advantages, broadening the scope of traditional video surveillance solutions beyond simple safety measures. Thanks in part to these recent advancements, our physical solutions are at a higher risk than ever before. With today’s ever evolving digital landscape and the increasing complexity of physical and cyber-attacks, it’s imperative to take specific precautions to combat these threats. Video surveillance systems Cybersecurity is not usually the first concern to come to mind When you think of a video surveillance system, cybersecurity is not usually the first concern to come to mind, since digital threats are usually thought of as separate from physical security. Unfortunately, these two are becoming increasingly intertwined as intruders continue to use inventive methods in order to access an organisation's assets. Hacks and data breaches are among the top cyber concerns, but many overlook the fact that weak cybersecurity practices can lead to physical danger as well. Organisations that deploy video surveillance devices paired with advanced analytics programs often leave themselves vulnerable to a breach without even realising it. While they may be intelligent, IoT devices are soft targets that cybercriminals and hackers can easily exploit, crippling a physical security system from the inside out. Physical security manufacturers Whether looking to simply gain access to internal data, or paralyse a system prior to a physical attack, allowing hackers easy access to surveillance systems can only end poorly. In order to stay competitive, manufacturers within the security industry are trading in their traditional analogue technology and moving towards interconnected devices. Due to this, security can no longer be solely focused on the physical elements and end users have taken note. The first step towards more secured solutions starts with physical security manufacturers choosing to make cybersecurity a priority for all products, from endpoint to edge and beyond. Gone are the days of end users underestimating the importance of reliability within their solutions. Manufacturers that choose to invest time and research into the development of cyber-hardening will be ahead of the curve and an asset to all. Wireless communication systems Integrators also become complicit in any issues that may arise in the future Aside from simply making the commitment to improve cyber hygiene, there are solid steps that manufacturers can take. One simple action is incorporating tools and features into devices that allow end users to more easily configure their cyber protection settings. Similarly, working with a third party to perform penetration testing on products can help to ensure the backend security of IoT devices. This gives customers peace of mind and manufacturers a competitive edge. While deficient cybersecurity standards can reflect poorly on manufacturers by installing vulnerable devices on a network, integrators also become complicit in any issues that may arise in the future. Just last year, ADT was forced to settle a $16 million class action lawsuit when the company installed an unencrypted wireless communication system that rendered an organisation open to hacks. Cybersecurity services In addition, we’ve all heard of the bans, taxes and tariffs the U.S. government has recently put on certain manufacturers, depending on their country of origin and cybersecurity practices. Lawsuits aside, employing proper cybersecurity standards can give integrators a competitive advantage. With the proliferation of hacks, malware, and ransomware, integrators that can ease their client's cyber-woes are already a step ahead. By choosing to work with cybersecurity-focused manufacturers who provide clients with vulnerability testing and educate end users on best practices, integrators can not only thrive but find new sources of RMR. Education, collaboration and participation are three pillars when tackling cybersecurity from all angles. For dealers and integrators who have yet to add cybersecurity services to their business portfolios, scouting out a strategic IT partner could be the answer. Unlocking countless opportunities Becoming educated on the topic of cybersecurity and its importance for an organisation is the first step Physical security integrators who feel uncomfortable diving headfirst into the digital realm may find that strategically aligning themselves with an IT or cyber firm will unlock countless opportunities. By opening the door to a partnership with an IT-focused firm, integrators receive the benefit of cybersecurity insight on future projects and a new source of RMR through continued consulting with current customers. In exchange, the IT firm gains a new source of clients in an industry otherwise untapped. This is a win for all those involved. While manufacturers, dealers and integrators play a large part in the cybersecurity of physical systems, end users also play a crucial role. Becoming educated on the topic of cybersecurity and its importance for an organisation is the first step. Commonplace cybersecurity standards Below is a list of commonplace cybersecurity standards that all organisations should work to implement for the protection of their own video surveillance solutions: Always keep camera firmware up to date for the latest cyber protections. Change default passwords, especially those of admins, to keep the system locked to outside users. Create different user groups with separate rights to ensure all users have only the permissions they need. Set an encryption key for surveillance recordings to safeguard footage against intruders and prevent hackers from accessing a system through a backdoor. Enable notifications, whether for error codes or storage failures, to keep up to date with all systems happenings. Create/configure an OpenVPN connection for secured remote access. Check the web server log on a regular basis to see who is accessing the system. Ensure that web crawling is forbidden to prevent images or data found on your device from being made searchable. Avoid exposing devices to the internet unless strictly necessary to reduce the risk of attacks.

Johnson Controls recently unveiled the findings of its 2018 Energy Efficiency Indicator (EEI) survey that examined the current and planned investments and key drivers to improve energy efficiency and building systems integration in facilities. Systems integration was identified as one of the top technologies expected to have the biggest impact on the implementation in smart buildings over the next five years, with respondents planning to invest in security, fire and life-safety integrations more so than any other systems integration in the next year. As advanced, connected technologies drive the evolution of smart buildings, security and safety technologies are at the center of more intelligent strategies as they attribute to overall building operations and efficiencies. SourceSecurity.com spoke with Johnson Controls, Building Solutions, North America, VP of Marketing, Hank Monaco, and Senior National Director of Municipal Infrastructure and Smart Cities, Lisa Brown, about the results of the study, smart technology investments and the benefits of a holistic building strategy that integrates security and fire and life-safety systems with core building systems. Q: What is the most striking result from the survey, and what does it mean in the context of a building’s safety and security systems? The results show an increased understanding about the value of integrating safety and security systems with other building systems Hank Monaco: Investment in building system integration increased 23 percent in 2019 compared to 2018, the largest increase of any measure in the survey. When respondents were asked more specifically what systems they we planning to invest in over the next year, fire and life safety integration (61%) and security system integration (58%) were the top two priorities for organisations. The results show an increased understanding about the value of integrating safety and security systems with other building systems to improve overall operations and bolster capabilities beyond the intended function of an individual system. Q: The survey covers integration of fire, life safety and security systems as part of "smart building" systems. How do smarter buildings increase the effectiveness of security and life safety systems? Hank Monaco: A true “smart building” integrates all building systems – security, fire and life-safety, HVAC, lighting etc. – to create a connected, digital infrastructure that enables individual technologies to be more intelligent and perform more advanced functions beyond what they can do on their own. For example, when sensors and video surveillance are integrated with lighting systems, if abnormal activity is detected on the building premise, key stakeholders can be automatically alerted to increase emergency response time. With integrated video surveillance, they also gain the ability to access surveillance footage remotely to assess the situation. When sensors and video surveillance are integrated with lighting systems abnormal activity on the premise can automatically be detected Q: How can integrated security and life safety systems contribute to greater energy efficiency in a smart building environment? Hank Monaco: Security, fire and life-safety systems can help to inform other building systems about how a facility is used, high-trafficked areas and the flow of occupants within a building. Integrated building solutions produce a myriad of data that can be leveraged to increase operational efficiencies. From an energy efficiency standpoint, actionable insights are particularly useful for areas that are not frequently occupied or off-peak hours as you wouldn’t want to heat or cool an entire building for just one person coming in on the weekend. When video surveillance is integrated with HVAC and lighting systems, it can monitor occupancy in a room or hallway. The video analytics can then control the dimming of lights and the temperature depending on occupant levels in a specific vicinity. Similarly, when access control systems are integrated with these same systems, once a card is presented to the reader, it can signal the lights or HVAC system to turn on. In this example, systems integration can ultimately help enable energy savings in the long run. Security and life safety systems contribute to help enable greater energy efficiency and energy savings in the long run Q: What other benefits of integration are there (beyond the core security and life safety functions)? Hank Monaco: Beyond increased security, fire and life-safety functions, the benefits of systems integration include: Increased data and analytics to garner a holistic, streamlined understanding of how systems function and how to improve productivity Ability to track usage to increase efficiency and reduce operational costs Enhanced occupant experience and comfort Increased productivity and workflow to support business objectives Smart-ready, connected environment that can support future technology advancements Q: What lesson or action point should a building owner/operator take from the survey? How can the owner of an existing building leverage the benefits of the smart building environment incrementally and absent a complete overhaul? Lisa Brown: Johnson Controls Energy Efficiency Indicator found that 77% of organisations plan to make investments in energy efficiency and smarter building technology this year. This percentage demonstrates an increased understanding of the benefits of smart buildings and highlights the proactive efforts building owners are taking to adopt advanced technologies. There is an increased understanding that buildings operate more effectively when different building systems are connected As smart buildings continue to evolve, more facilities are beginning to explore opportunities to advance their own spaces. A complete overhaul of legacy systems is not necessary as small investments today can help position a facility to more easily adopt technologies at scale in the future. As a first step, it’s important for building owners to conduct an assessment and establish a strategy that defines a comprehensive set of requirements and prioritises use-cases and implementations. From there, incremental investments and updates can be made over a realistic timeline. Q: What is the ROI of smart buildings? Lisa Brown: As demonstrated by our survey, there is an increased understanding that buildings operate more effectively when different building systems are connected. The advanced analytics and more streamlined data that is gathered through systems integration can provide the building-performance metrics to help better understand the return on investment (ROI) of the building systems. This data is used to better understand the environment and make assessments and improvements overtime to increase efficiencies. Moreover, analytics and data provide valuable insights into where action is needed and what type of return can be expected from key investments.

Across the country, law enforcement officers are finding it increasingly difficult to respond to the near overwhelming number of calls coming from security alarms. Police departments commonly define a false alarm as a call, which upon investigation, shows no evidence of criminal activity, such as broken windows, forced doors, items missing, or people injured. While false alarms bog down police, they can also negatively impact customers and integrators. End users can expect hefty fines for false alarm responses, and when these customers receive large bills from the city, many turn to installers, dealers, and even manufacturers expecting them to accept the responsibility and pay the bill. What first brought the issue of alarm verification to your attention? It is crucial to both see a situation and concurrently listen to any corresponding sounds to gain full insight I’ve been aware of the problem of false alarms for about 5 years. I believed audio capture, through microphone deployment, could be an active part of the solution when used as a second source for indicating ‘out of the norm’ activity and as an equal component with the video surveillance technology. In 2015, I found similarly minded security professionals when introduced to the Partnership for Priority Verified Alarm Response. After reading PPVAR’s paper on ‘Audio Verified Alarms Best Practices; [April 2015],’ I knew that the Partnership was on to something important. In our lives, two of the five senses we count on day-in and day-out are sight and sound. It is crucial to both see a situation and concurrently listen to any corresponding sounds to gain full insight. What is the false alarm rate? In 2016, the International Association of Chiefs of Police reported that over 98 percent of all alarm calls in the United States were false. This number is obviously staggering, and something we need to work towards correcting. Why did this issue resonate so strongly with you? When I first investigated this issue, I was sure that the security industry would have already recognised this and was acting to ensure improved alarm verification, preferably through a combination of audio and video technologies. However, I quickly saw that this was not the case, or even close to the norm. I have questioned the rationale behind the lack of adoption and found the deployment of audio is often hindered by the concern of privacy. I’ve spearheaded many initiatives to explain the monitoring policies surrounding audio As CEO of Louroe Electronics, I’ve spearheaded many initiatives to explain the monitoring policies surrounding audio. I’ve had to reassure many security personnel and customers how the law supports the use of audio in public places as long as there is no expectation of privacy. By dispelling fears with facts around deploying and implementing audio sensors, customers can confidently include audio in their surveillance systems and gain a more effective security solution. Who is affected by this? Truth be told, everyone from the end user to the manufacturer is affected by this issue. Not to mention the strain this puts on law enforcement who are tired of ‘wasting time’ and effort out in the field on these nuisance alerts. When an end user receives a bill for their false alarm, many of them will immediately blame the integrator and or the monitoring center for a faulty set up and management and expect the integrator to remedy the situation, including carry the burden of paying the fines. The integrator, on the other hand, will turn to the manufacturer, assuming faulty equipment and installation instructions; therefore, looking for reimbursement for the cost. What is the average false alarm fee? It depends on many factors, and especially your first responder assigned location for responseIt depends on many factors, and especially your first responder assigned location for response. According to the Urban Institute, fees generally range from $25-$100 for the first offense, rising as high as a few thousand dollars per false alarm if a location has a large number in a single year. What’s worse, in extreme cases, alarm systems may even be blacklisted by the police dispatch center if they have raised too many false alarms in the past. Why do you believe audio is the ideal technology for secondary source verification? Video surveillance has been the main option for security monitoring and alarm validation for decades, however industry professionals are realising that video alone is not enough. Video only tells half of the story, by adding audio capture, the responsible party gains a turnkey solution with the ability to gather additional evidence to verify alerts and expand overall awareness. In reality, audio’s range is greater than the field of view for a camera. Sound pickup is 360 degrees, capturing voices, gunshots, breaking glass, sirens, or other important details that a fixed camera many not see. How would a secondary source verification system work with audio? Using a video monitoring solution equipped with audio, the microphone will pick up the sounds at the time a visual alert or alarm is triggered. If embedded with classification analytics, the microphone will send alerts for specific detected sounds. The captured audio, and any notifications are immediately sent to the monitoring station, where trained personnel can listen to the sound clip, along with live audio and video from their station. When law enforcement receives a validated alarm, they can better prioritise the response From here, an informed decision can then be made about the validity of the alarm, along with what the current threat is at the location. If the alarm is in fact valid, the information is then passed along to the law enforcement within minutes. When law enforcement receives a validated alarm, they can better prioritise the response. It also provides more information in a forensic evaluation. Are there any additional resources you would suggest looking into? Yes, we would suggest looking into the following to see a few different perspectives on the matter: NSA Support For 2018 Model Ordinance For Alarm Management and False Alarm Reduction Partnership for Priority Verified Alarm Response Support for the Term “Verified Alarm” and Prioritising Verified Alarm Responses Urban Institute Opportunities for Police Cost Savings without Sacrificing Service Quality: Reducing False Alarms

Milestone Systems’ annual MIPS brings together a rich community of video, security, and technology solution partners focused on advancing innovation. Special guests including Milestone officers, industry leaders, renowned futurists, authors, and a popular TEDx speaker will share their inspirations. Milestone will also showcase three start-ups from its Kickstarter Contest with compelling technologies and businesses that comprehensively address pressing security and societal issues. Milestone Systems, a global provider of open platform video management software (VMS), is hosting the 2020 Milestone Integration Platform Symposium (MIPS) conference, in Dallas, Texas on February 17-19, 2020. Partners, customers and influencers are invited to register for the special two-day event. Applied innovation in video surveillance Milestone will feature a variety of speakers and topics, including TEDx speaker Anders Sorman-Nilsson, and one of the Top Ten Futurists in the world, Gerd Leonhard. The event will also include an exhibition pavilion featuring products and programs from partners including Axis Communications, Dell, Intel, Herta, Lenel S2, and Seneca Data and an innovation showcase with the three most promising ideas from Milestone’s incubator program, Kickstarter. We glimpse at the future through the ideas of our Kickstarter contestants" “MIPS is a one-stop destination for applied innovation in video surveillance,” notes Tim Palmquist, Vice President for the Americas at Milestone Systems. “Each year we hear from an array of speakers that challenge our thinking about today’s technology and the new frontiers of tomorrow. We see new products and programs from the most innovative companies in our industry. Together with XProtect, they serve the needs of our many customers. Finally, we glimpse at the future through the ideas of our Kickstarter contestants. MIPS is a hub for business, network connections and, above all, novel ideas!” Video analytics Leveraging the power of the open platform, the Milestone XProtect video management software (VMS) is compatible with more than 8,500 security and surveillance devices, and more than 450 software integrations from over 3,500 technology partners. Technology partners include providers of network video cameras, cloud solutions, DVRs and NVRs, servers and storage equipment, alarm and detection systems, video analytics, GPS technology, laser and radar scanners, emergency call boxes and more. “The open platform provides an opportunity to innovate freely as circumstances and opportunities dictate, not as a VMS provider dictates,” says Palmquist. “This freedom of innovation has already yielded some of the very best technologies and collaborations in the security industry. It has also resulted in scalable and future-proof systems in healthcare, education, city surveillance and other verticals where Milestone is the platform of choice and where professionals accept nothing less than freedom of choice to do their jobs at the best of their capacity.” Milestone Marketplace 2.0 Integrators will promote their installation experience and connect with technology partners on Marketplace Milestone will launch version 2.0 of the Milestone Marketplace on its website which will enable customers to find resellers and integrators that deliver video solutions based on their pain points or location. Integrators will promote their installation experience and connect with technology partners on Marketplace hereby allowing end-users to access information on the latest innovations. “By launching Milestone Marketplace 2.0, we are inviting customers to search for the latest and greatest technologies in our community. Milestone supports the co-creation of solutions, allowing our community to supply best-in-class technology for a variety of customer needs,” says chief sales and marketing officer at Milestone, Kenneth Hune Petersen. Integrated cloud-based solutions A large part of the MIPS 2020 Dallas event focuses on the many advantages of an open solution, with the Milestone XProtect VMS platform enabling reliable and efficient integrations with thousands of third-party hardware and software products. Detailed discussions of solution applications as well as previews of new integrations and partnerships help integrators, resellers and partners of all types to shape the future of their own businesses. Cloud-based services and integrations will soon take video management systems to a new level MIPS 2020 promises to usher in new integrated cloud-based solutions, which will greatly impact the future of how video systems are designed, deployed, and monetised. Cloud-based services and integrations will soon take video management systems to a new level, expanding how security professionals think about technology and their own business models. Open for startups Additionally, three finalists in Milestone's annual Kickstarter contest will demonstrate their visions. MIPS 2020 participants will have an opportunity to vote for their favourite software coder with the winner being announced during the gala dinner. Milestone believes in inspiring talent to make the world see through connecting new technology ideas, business strategy, and innovation. Three 2020 finalists will have a chance to showcase their visions directly to the Milestone Community of partners and customers at the MIPS2020 conference and beyond. They are: Benoit Koenig is the co-founder and COO at Veesion. Benoit was confronted with shop-lifting on a regular basis in his family-owned supermarkets. During his studies in Artificial Intelligence, he saw the great potential of deep learning applied on video data, which inspired him to start Veesion with two other engineers. Veesion are developing a gesture recognition technology to detect shoplifting in the retail industry. Commenting on Benoit’s idea and company, Palmquist noted, “Veesion is what MIPS is all about. This is an innovation that addresses a major commercial issue for retailers around the world but does so using technology in a respectful, considerate and intelligent manner. I am proud and encouraged that Veesion is enabled by the open platform.” Jennifer Ivens is the founder of Canscan, a technology company that provides automated container inspection services. It was impatience and ambition that prompted her to leave her position as a logistics analyst for an ocean carrier to go into this business for herself. Canscan’s idea is the next-level shipping container checking system, powered by artificial intelligence (AI) called Virtual Checker. “Jennifer and her team have come up with an innovation that addresses many social, economic, and criminal issues. It has the potential to avert some of the human tragedies we hear of and see on television across the globe each year,” Palmquist said. Zeljko Tepic has over 15 years of experience in the development of client/server and cloud architectures. He works on projects involving advanced algorithms, signal processing, Artificial Neural Networks, deep learning, generic algorithms, fuzzy logic, spectral analysis, and more. Venzo Secure’s idea is to provide seamless awareness of critical events by transparently displaying an intuitive “alert timeline” on top of the XProtect Smart Client camera views. The solution will give customers the option to dynamically arrange a view of the cameras in the Smart Client which are closest to the event at hand, and to handle any related events, alarms, analytics or metadata inside the Milestone XProtect video platform, including those from third parties. “Smart city managers, emergency responders, and police will benefit from this new technology enabling them to better respond during a crisis. This technology is poised to save lives, and I am proud that Milestone is supporting Venzo through our Kickstarter program,” commented Palmquist. Over 750 attendees are expected to attend MIPS 2020 at The Gaylord Texan Resort and Convention Centre on February 17-19, 2020 in Dallas, Texas.

Cloud technologies and the IoT have opened up seemingly endless possibilities for the modern retail organisation. Customers have never had as much control over purchasing decisions as they do today, with the ability to make transactions at the touch of a button for goods and services from the comfort of their own homes or on the move. However, the customer data lying at the heart of this frictionless shopping experience presents an ever more attractive commodity to cyber criminals. Attacks are growing in number and it has been reported that in the last 12 months there have been 19 significant data breaches. This presents a major problem for both retailers and customers. Cloud technologies and the IoT have opened up seemingly endless possibilities for the modern retail organisation In addition to the immediate disruption and downtime a breach can cause, the damage to the reputation of a business or brand can be lifelong. With GDPR related fines from the ICO now as much as €20m or 4% of an organisation’s global annual turnover, whichever is higher, the resulting combination of the cost of the breach itself, reputational erosion and any crippling fines can be devastating. It is therefore essential that retailers are aware of the steps and procedures they should be following to ensure full data compliance and to guarantee the integrity of their IT infrastructure. Ensuring full GDPR compliance It’s vital to ensure that everyone understands the security implications and knows how to respond effectively in the event of a breach. Internally, all teams and departments should have the confidence to raise the alert if a breach is suspected. Externally, companies should look to encourage conversations across the entire supply chain to ensure requirements are effectively met and security risks are adequately addressed. It is a requirement of the GDPR that the necessary steps be taken to guard against attack and protect existing software and systems It is a requirement of the GDPR that the necessary steps be taken to guard against attack and protect existing software and systems. Effective cybersecurity lifecycle management of IoT devices, such as network video surveillance cameras, is an example of a measure which should be put in place to help prevent such devices from being compromised, mitigating risk and ultimately maintaining customer trust. Establishing a truly secure retail solution can only be accomplished if security has been analysed at every stage. Evolving physical systems For protection of the physical retail environment, the move away from legacy security solutions such as traditional CCTV, which typically sat outside of a company’s IT operation, to the modern cloud-enabled security technologies we see today, allows retailers to unlock a wealth of business benefits previously impossible with analogue technologies. Today’s systems provide far greater accuracy of detection, vastly improved image quality, even in low light, and an array of business intelligence options to aid operations, such as people counting, queue monitoring and stock control. Protecting the physical security of the retail environment The ability to create live security alerts as well as forensic evidence for later analysis allows security teams to be proactive rather than reactive. In addition, the growing use of edge capabilities to process data within the cameras themselves negates the additional time and potential lag associated with continually passing surveillance information back and forward to servers, streamlining and therefore vastly improving operations. System vulnerabilities equals vulnerable data For network cameras being introduced onto an IT network, it’s essential to ensure that they do not become compromised and used as a backdoor to gain entrance to a business’s innermost workings and most valuable commodity; its data. The importance of guarding against system vulnerabilities cannot be ignored and it is therefore vital to ensure that all installed technologies are Secure by Default; built from the ground up with cybersecurity considerations at the forefront, to strengthen system security. In addition, software updates and firmware upgrades will keep the devices protected in line with the evolving threat landscape. The importance of guarding against system vulnerabilities cannot be ignored Forging and maintaining relationships with stakeholders is key to establishing a healthy supply chain built on mutual trust and respect. Only by following such an approach can the integrity of systems be fully guaranteed, with trusted vendors and installers working together to ensure that ethical practices are followed, and cybersecurity principles are adhered to. Due diligence should be carried out to make sure that all stakeholders involved in the manufacture, supply and installation of security software and systems understand the importance of keeping security best practice at the forefront of everything they do. Addressing the ongoing challenge Retailers must be able to rely on technologies that support their operational requirements and address associated risks, while at the same time, supporting IT security policies. By following procedures around the cybersecurity of IoT devices, and realising the importance of implementing high quality products and services through relationships with trusted vendors and partners, retailers will benefit from connected physical security systems that deliver on the promise of better protection of the business and customer, to effectively mitigate the mounting cyber security threat.

Axis Communications, the provider of network video technology, publishes its latest whitepaper, Cyber security: the biggest threat to retail which highlights the increasing threat posed by cyber-attacks to today’s retail industry. The paper documents the measures that should be understood by data controllers, loss prevention & security personnel through to heads of operations to ensure the highest levels of security and provide the appropriate education and training for all key stakeholders to effectively mitigate the mounting cyber security threat. Modern retail organisation It has been reported that in the last 12 months there have been 19 significant data breaches The growth in and use of IoT devices and cloud technologies have opened up boundless possibilities for the modern retail organisation across physical and digital platforms. However, customer data is at the heart of a frictionless shopping experience and presents an attractive commodity to cyber criminals, with attacks growing in number on those retailers whose systems are inadequately secured. It has been reported that in the last 12 months there have been 19 significant data breaches, which present a major risk for both retailers and customers. In addition to the immediate disruption and downtime a breach can cause, the damage to the reputation of a business or brand can be lifelong. Furthermore, GDPR related fines from the ICO can now be as much as €20m or 4% of global annual turnover, whichever is higher, and demands that necessary steps be taken to guard against attack and protect existing infrastructure. Personally identifiable information Axis’ whitepaper creates awareness of the challenges being faced and looks at how effective cybersecurity lifecycle management of IoT devices will help to better manage security and ultimately maintain customer trust. Collaboration with system vendors, integrators and installers is also hugely important" “Any organisation that generates or manages personally identifiable information (PII), effectively any data that could potentially identify a specific individual, must comply with GDPR. Establishing a truly secure retail solution can only be accomplished if security has been analysed at every stage. The key is to ensure that everyone involved understands the security implications of a breach and how to prevent one.” “Collaboration with system vendors, integrators and installers is also hugely important, and conversations across the supply chain will ensure requirements are met and security risks are adequately addressed,” Steven Kenny, Industry Liaison Architecture and Engineering, Axis Communications. Surveillance camera technology Alongside greater awareness of the need to comply with the GDPR, the Axis whitepaper stresses the importance of looking to guard against system vulnerabilities by working with trusted vendors who can install only those security technologies that are deemed to be Secure by Default. These technologies have been built from the ground up with cybersecurity considerations at the forefront. Technologies that are cyber secure offer peace of mind when connected to a network Technologies that are cyber secure offer peace of mind when connected to a network, and come with assurances that stringent guidelines are followed during the design and manufacturing process. Surveillance camera technology designed and manufactured in this way assures retailers that these security solutions will not be used as a backdoor into the network; such is the risk of introducing non-secured hardware. Addressing cybersecurity risks Key points covered in the retail whitepaper include: Review of cybersecurity challenges – Supply chain attacks, IoT vulnerabilities, the impact of operational downtime GDPR, data protection and privacy – Examining the necessary actions to ensure full compliance with the GDPR and DPA 2018 Video surveillance insights – Understanding how data analysis can inform security and business decisions, and supply chain evaluation Managing security effectively – Processes and tools to help the design, development and testing of systems in accordance with cybersecurity principles Converged security – A collaborative approach to addressing cybersecurity risks Video surveillance systems Many organisations have re-evaluated their entire strategy in order to ensure full GDPR compliance" “The retail industry is deemed the most at risk to cyber threats. It is crucial to find the balance between enhancing the customer experience and maintaining GDPR compliance; providing adequate security whilst not violating customer privacy,” says Graham Swallow, Retail segment lead, Northern Europe, Axis Communications. “While video surveillance systems are a necessity within the retail environment, many organisations have re-evaluated their entire strategy in order to ensure full GDPR compliance. Retailers must be able to rely on technologies that support their operational requirements and address associated risks, while at the same time, supporting IT security policies.” Connected physical security systems This whitepaper provides retailers with expert guidance, highlighting the appropriate policies and procedures around the cybersecurity of IoT devices, and reinforces the importance of selecting trusted vendors and partners. Axis is passionate about using technology to help create a smarter and safer world. This is demonstrated by a commitment to helping retailers understand the benefits of connected physical security systems that deliver on the promise of better protection of the business and customer.