On the Fast Track

Data has been with man since the dawn of time

Today’s integrated systems are generating more data than ever before. For some perspective on just how much data we’re talking about, consider that from the dawn of civilization to 2003, humankind created two exabytes of data. Since 2012, it’s estimated that five exabytes of data are being generated every single day by internet-connected devices and this number continues to grow. In addition to computers, tablets and smartphones, we’re also surrounded by a wide variety of other Internet-connected objects including refrigerators that can alert us when we’re almost out of milk or cars that can send an email when windshield washer fluid is low.

These are just a few examples of the expanding number of objects in our daily lives that are equipped with an IP address and integrated sensors that allow them to communicate. Technologies like GPS and RFID also help to connect these objects in an expanding network known as the Internet of Things (IoT).

Security technologies also are part of the IoT and contribute to the amount of data that’s created. A typical VMS, for example, may record 200 frames per second of surveillance video, while a large, distributed access control system may record thousands of transactions per minute during certain times of day. This is excellent data to have available, but the challenge is the tremendous quantity of data to be processed. In some ways, the term big data doesn’t come close to describing just how much is out there.

For an incident management system, the key is sifting through all the data produced by these connections and identifying the most relevant information for analysis. However, given the almost incomprehensible amount of data that’s created every day, that task of identifying, extracting, and analyzing the right data is a tremendous challenge.

In addition to massive data sets, how systems integrate with each other has also changed drastically in recent years. At one time, the paradigm was that one system would connect to another in a linear fashion to facilitate a simple data exchange.

Today, these integrations are much more complex and flow in multiple directions simultaneously as systems constantly communicate and share data with each other. This new data model can be termed HV3, which stands for high volume, high velocity, and high variety. All these systems and source points are generating huge numbers of transactions and other data creation events, which are happening very fast on a constant basis. As more and more devices are connected to the internet, those five exabytes of data we currently generate per day will only continue to grow.

It’s important to note that data is not information. Whether big or small, data is simply binary. In order to understand it and make knowledge-based decisions, data needs to be extracted, analyzed and visualized to solve a puzzle. Under the linear paradigm, data produced by machines and systems would be seen and evaluated by a human, who would draw conclusions based on what they saw and understood within the data. This meant the greatest challenge was to identify and collect relevant data for human analysis. What hasn’t changed is security practitioners’ need to proactively analyze information streams to detect, prevent, and solve issues. That is made more difficult with the HV3 model because there is so much data available that it’s no longer possible to process it using traditional methods and applications. Fortunately, there are innovative new tools available that more effectively and efficiently extract and analyze incident-related data and turn it into usable intelligence to help organizations predict vulnerabilities to mitigate or eliminate threats.

During the response and recovery phase, an organization collects data about an incident from multiple systems and sources and funnels it into an incident management solution, where it is analyzed for indicators or anomalies that help determine why the incident occurred in the first place.

The intelligence gleaned from the data is then shared with departments within an organization, management, and even outside organizations like public safety entities. Using the intelligence generated by data analysis, an organization can then implement protocols, change processes and procedures and educate employees to help prevent similar incidents from occurring in the future.

Incident management comprises four steps: plan and prepare, identify and respond, document and collaborate, and analyze. For every incident, there are patterns and points of reference that precipitate the actual event. These may include someone suddenly coming in to work earlier and staying later or accessing particular information frequently and for longer than normal periods of time, or may be the seemingly simple act of a door being propped open. Advanced incident management tools bring all that incident-related data that’s been collected from multiple sources and systems together, as the solution reviews the datasets to look for commonalities and identify relationships between occurrences.

Those relationships are not always obvious to a human and may not even occur at a single site, but they are discoverable by the algorithms within the software solution. By analyzing data on a global scale, incident management solutions identify specific events, activities and occurrences that have something in common. Those commonalities paint a picture of a potential threat, hazard, or vulnerability. The information is then used to identify patterns and anomalies that normally precipitate an incident, which are instrumental in instituting processes that allow incident management tools to identify a potential occurrence before it occurs, rather than detecting an event as it is happening.

Incident management also automates these tasks, allowing intelligence to be developed much more efficiently and effectively than human analysis. Data is collected immediately, creating a record of an event, such as an unauthorized access attempt, that may signal the beginning of the type of pattern that could lead to a threat occurring. If an organization relies on human analysis, this type of needle in the haystack might have been missed. With automated software solutions, the software does the work of gathering data from any system or sensor for later use.

For security practitioners, awareness is the main key to incident management and risk mitigation. Despite the sheer amount of data available today, collecting and analyzing the relevant information is crucial for managing threats and vulnerabilities, so it’s important to not only understand but embrace the HV3 data model created by the complex integration and data flow among people and the growing number of internet-connected devices and systems.

There is no need to fear the mountain of data. It’s also important to understand that these functions cannot be adequately performed by humans only. Having an advanced incident management system that automates data management and analysis in your security toolbox ensures that raw data is transformed into the actionable intelligence necessary to mitigate and prevent incidents from occurring in the first place, ensuring a higher level of safety and security for organizations.

This article originally appeared in the February 2015 issue of Security Today.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3