What is Innovation?
Is innovation simply developing NEW products? We are told, new products are the result of the innovation process. So, how does this thinking apply to the Security Industry?
True innovation requires insight, vision and APPLICATION! The insight to recognize the underlying need. The vision to imagine the solution and the knowledge and skills to design the product(s). Think of defining security as – securing environments: virtual, and/or physical. The process should begin with recognizing evolving threats, their severity and then defining scenarios to mitigate the associated risk, before investigating a new commercially viable product. Are you asking your customers to share their concerns? Do you actively listen and bring back the market intelligence to discuss the associated business opportunities internally?
Threats Forcing Convergence
Earlier this year I attended the largest physical security trade event in the U.S., the 2016 International Security Conference West (ISC West) sponsored by the Security Industry Association (SIA). It was very well attended and I think a productive event for most vendors with a presence… but I was personally very disappointed.
In my recent experience, the security topics end-users and consultants want to discuss today are being driven by the challenges emerging from Information Security (InfoSec) concerns. The growing influence of Chief Information Officers (CIO), Chief Information Security Officers (CISO), Chief Technology Officers (CTO) and I.T. Directors is changing organizational security practice and policy. Those concerns are impacting physical security systems design and building a business case for emerging areas of convergence: Encryption, Penetration Testing and Identity Management (authentication). It is time for growing awareness to be leveraged into solutions… finding equipment, systems and the expertise to design, sell, deploy and service them.
ISC West Trade Show Floor
I walked every foot of the enormous ISC West show floor and found only two manufacturers showing serious IPSec/InfoSec solutions. Internet-of-Things (IoT) devices are forcing a growing demand for products and services that address the security of data in this new network environment.
I am just one voice yelling into gale-force winds. Large companies, even when recognizing the need, find it difficult to turn on a dime and pursue emerging business opportunities like this. Honestly, in many conversations with PSP, RCDD and CISSP certified individuals recently, they were not aware of available physical security technologies to address these concerns, let alone solutions ready for deployment. I will continue to bring the message of security convergence to the different disciplines and encourage their cooperation and mutual effort to provide solutions for use in this new emerging area.
Two IPSec/InfoSec Solution Providers Showing at ISC West
Here is a quick shout-out to both Quantum Secure (www.hidglobal.com/quantum-secure) and Stratus Technologies (www.stratus.com), acknowledging their foresight to invest in their view of future convergent solutions:
- HID Global offers Quantum Secure, a powerful identity management tool that can incorporate Active Directory (AD) integration via LDAP protocols already being used by virtually every IP data network designer. One day, AD (or something like it) will be used by ALL intelligence associated with IP Addressable appliances. The threat of unauthorized access to data networks is becoming too great a risk to ignore the need for a common identity management solution across all IP connected devices and applications.
- Stratus Technologies has been evolving their Sightline Assure application from an industrial automation tool to an ACTIVE (not passive) network security tool. This solution includes a redundant server fail-over system for use with critical infrastructure. These types of products ensure continuous operation of critical automated systems. I have worked with solutions like this before. As interesting as it is, their real innovation comes from the associated dashboard that can be used to monitor data traffic across individual segments of the broader network. The application:
- Think Distributed Denial of Service (DDoS) attacks, or for that matter, any unauthorized use of private network bandwidth. If you could monitor real-time fluctuations in data network traffic, set thresholds and provide alerts (text/email)… DDoS would become a thing of the past.
- Now, let’s take this a step further… What if, upon recognizing a spike in data traffic, you could lower the available bandwidth for that network segment? Next, what if you could re-route that network segment through a virtual switch instance, segregating the traffic from other network resources and assets?
This site is maintained by Douglas Levin, PSP, AHC, LEED AP. It is intended to be a personal professional blog. The content reflects my personal opinions and observations regarding the Physical Security Systems industry and Technology Sectors. The opinions expressed herein reflect my personal viewpoint/ideas and do not in any way represent the position of any other person, organization or company.