Security Trends in 2023
by Arindam Bhadra
Although some of the worst disruption caused by the global Covid-19 pandemic is hopefully behind us, 2023 is shaping up to be another challenging year for business and society.
Cyber security in physical security:
Adoption of digital technology and internet have also led to increase in cybercrime incidents. It can be controlled or minimized with care, precaution, awareness and with the use of appropriate tools to secure the information. Indian Cyber Crime Coordination Centre (I4C) under Cyber & Information Security (CIS) Division of the Ministry of Home Affairs, has prepared one manual to disseminate Cyber Hygiene Best Practices for the benefit of Industrial Bodies/General Public/Government Officials.
Many large buyers now provide a cybersecurity questionnaire that integrators and solution vendors must complete, leading to creation of new roles in some companies just to respond to such questionnaires that are required in bid processes. Vendors, integrators and the practitioners themselves are simultaneously chasing cybersecurity talent to add to their employee teams, a challenging proposition given the overall difficulty to hire technically skilled workers of any type.
Cybersecurity has to be managed on multiple levels, requiring constantly expanding investments in:
- • Device-level cybersecurity (e.g., cameras, readers, panels)
- • Infrastructure cybersecurity (wiring, networks, switches, etc.)
- • Software and Server cybersecurity
- • Configuration cybersecurity (correct implementation of cybersecurity features)
- • Cloud cybersecurity
- • Mobile device cybersecurity (particularly as security and employee bases become more mobile or remote)
- • User cybersecurity (e.g., social engineering attacks, insider threats, etc.)
Security practitioners today seem to have three general choices when it comes to convergence:-
1. Ignore: Disregard the need to converge a wholly unwise choice, by most accounts.
2. Strongly Interrelated Teams: Continue to manage security in two, separate but equal channels, but strongly define team relationships such that constant open dialogue and cross-investigation exist between the two specialized teams.
3. Fully Converged: Fully merge security leadership and tactical security management to link cybersecurity protections and physical security protections, given converged threat vectors that impact information, data, people and assets.
Artificial Intelligence (AI):
In 2018, a NITI Aayog report stated that India will hold a late-mover advantage in real world application of artificial intelligence (AI). Worldwide, spending by governments and business on AI technology will top $500 billion in 2023, according to IDC research. Moreover AI applications on top of security solutions helps break the boundaries of our industry's value to practitioners, by embedding non-security applications that take data from the proliferation of sensors of all types to correlate data points or find trends that can save businesses money or enable them to act more swiftly.
In a pre-event discussion with panel lists from an AI panel held at SNG 2022, the expert panel lists (reflecting integrators, vendors and practitioners) indicated they see sweeping AI frameworks coming, but admitted the industry is not yet prepared to define a framework for AI, noting that the technology's rate of change is likely outpacing our ability to construct implementation frameworks, particularly ethical frameworks.
“IN 2023, ARTIFICIAL INTELLIGENCE WILL BECOME REAL IN ORGANIZATIONS. NO-CODE AI, WITH ITS EASY DRAG-AND-DROP INTERFACES, WILL ENABLE ANY BUSINESS TO LEVERAGE ITS POWER TO CREATE MORE INTELLIGENT PRODUCTS AND SERVICES.”
-TRENDS FUTURIST BERNARD MARR, WRITING FOR FORBES IN NOVEMBER 2022
☆ Autonomous Devices
Autonomous devices are a physical form of autonomous technology. Robots, both functional and humanoids, drones and vehicles are a few examples of autonomous devices. Autonomous devices learn from their surroundings and complete tasks without continued human input.
Automation of repetitive security tasks in lower-risk environments (think robots doing automated patrols in unstaffed facilities) and partly about highly responsive situational awareness (flying a drone to a remote or dangerous location for visual input back to the command post), but the real opportunity being seen for 2023 is connecting improved robotics with AI-embedded intelligence to finally put more “autonomous” in “autonomous devices,” some of which required an operator to previously drive the robot. Notably the International Standards Organization narrowly defines robots to not include remote-controlled solutions such as remote-controlled drones and ground vehicles.
Over half a million industrial robots were installed in 2021 according to the International Federation of Robotics (IFR), and that doesn't even include robots for security applications, which are outside of the scope of the IFR's annual World Robotics research.
Workforce Development:
Workforce development from the societal centric perspective is defined as initiatives that educate and train individuals to meet the needs of current and future business and industry in order to maintain a sustainable competitive economic environment.
In a survey they found attracting skilled labor is a top concern, and there's only one solution in today's hyper-competitive labor market: “We must train our own.” Long established as a factor limiting companies' growth (especially that of the systems integrators), expanding the workforce has become a key focus of organizations like SIA, which partnered with the Electronic Security Association to cofound the Foundation for Advancing Security Talent (FAST) to drive awareness of security industry employment opportunities.
Smart practitioners, particularly larger corporations with extensive security teams, are also hiring talent from their integrators and vendors in some cases, recognizing that they need internal personnel with the skillsets that they once could wholly outsource. Others are instead outsourcing or embedding integrator talent into their organization.
70% of employees work through mobile devices, with 200 million worldwide using mobile business apps. What's more, 84% of decision makers plan to increase spending on mobile applications that drive employee productivity, reduce costs and enhance customer satisfaction.
The mobile workplace is a place that offers a host of benefits. Its core objective is to make employees as productive as possible, whether they are at their desks, in the field or working remotely. It's all about equipping staff with the tools they need to do their jobs more efficiently, putting those tools conveniently at their fingertips, and connecting processes so that everything within a business works more cohesively.
Smartphone applications will increasingly be employed in 2023 to control physical security systems. Managers will have fingertip control over who has access to certain zones and facilities, and will be able to set those controls from wherever they happen to be working.
Security analytics will collate rich data insights from a suite of IoT connected devices, delivering them into the hands of decision makers via their smart devices, helping to inform security and operational strategies.
Data Privacy:
Data privacy is the right of a citizen to have control over how their personal information is collected and used. Data protection is a subset of privacy. This is because protecting user data and sensitive information is a first step to keeping user data private. US data privacy laws are regulated at the federal level. Data privacy is typically applied to Personal Health Information (PHI) and Personally Identifiable Information (PII). This includes financial information, medical records, video footage security, social security or ID numbers, names, birthdates, and contact information. You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation).
By 2024, 75% of the Global Population Will Have Its Personal Data Covered Under Privacy Regulations. Ultimately, the practitioner is responsible for ensuring that their data is protected and that systems are used ethically. This had led to pullback from many practitioners on their pace of adoption for some technologies like facial recognition to ensure that they have not only justifiable use cases but the procedures in place to ensure that advanced systems are used responsibly, and that data is only collected when it is needed.
☆ Contactless Security
Contactless technology has become hugely important post-Covid, due to the strong reaction against physical contact. It's also about the user experience, with people increasingly wanting things to be instant and simple.
Contactless security is therefore, unsurprisingly, becoming more commonplace. Biometric access, using the likes of fingerprints, iris scans and facial recognition to identify authorised personnel for physical access into a building or specific part of it, is already becoming the norm, whilst other contactless entry technologies that are set to be even more widely adopted during 2023 and beyond include Bluetooth Low Energy (BLE), and smartphone NFC (Near Field Communication) keyless entry, as well as QR code entry for temporary access.
For added security, Multi-Factor Authentication (MFA), the use of more than one method of identification, is likely to become more widely adopted, as organisations batten down the hatches, making it harder for would-be unauthorised entrants to gain access.
(This "Security Blogs" Published in January 2023 Edition)