At my SecurityDreamer event at the Hard Rock Cafe in Atlanta a few years ago I discussed the idea of the difference between video analytics one-dot-O (1.0) and video analytics 2.0
The idea I wanted to get across was that popular video analytics vendors at the time were already appearing stuck in processor-intensive analysis of pixel changes. Video analytics products that were fashionable then, such as Object Video, ioimage, Cernium, Vidient and others had products that were limited by the specific algorithms they used, the types of cameras or images they supported (day/night/indoor/outdoor/scope/frame rate/etc), and the amount of configuration and tweaking once deployed. Unless a video analytics product was perfectly matched with the optimal camera, environment and algorithm, the results were always disappointing.
That description of video analytics sounds very similar to the way the first computer-based access control products of the 1980s were described. It is similar to the first firewalls and IT-intrusion detection systems. It sounds just like the first Microsoft Windows operating systems. In other words, It had all the characteristics of a “version 1.0″ technology.
1.0 is always exciting. 1.0 introduces new ways of solving problems, opens new avenues and gets our creative juices flowing. 1.0 gets us turned on and many of us want to use the technology because we are fearless or desperate for some solution. But 1.0 always comes with a price of inefficiency and ineffectiveness. 1.0 always makes us long for a new version that will achieve the desired end less painfully and more effectively.
2.0, in an operating system, IT software, or any technology generally represents a quantum leap forward. A rethinking of the problem and an entirely new approach. Consider the breathtaking difference between Microsoft DOS 3.3 and Windows 95. It was like the PC had been reinvented. Suddenly processes that took dozens of configuration steps were automatic and graphically appealing. DOS 3.3 became obsolete.
Video analytics 2.0 had that same promise – the attractive idea that the headaches and misfires of video analytics 1.0 would be replaced by an automatic, intuitive system. The company that seemed to have a true video analytics 2.0 approach at the time was BRS Labs – A startup in Texas that had yet to be proven. The BRS difference was its use of machine learning. An analytics system that was self learning seemed to be exactly what the end users were hoping video analytics 1.0 should have provided. Those who were not exposed to BRS scratched and clawed their way through video analytcs 1.0 deployments, steadily reducing their expectations. Today Video analytics 1.0 vendors have happy customers – customers who expect little and receive what they expect.
Fast forward to today and we see Vidient out of business; Object Video is no longer a technology competitor and has instead reoriented it’s business to patent protection; other analytics vendors are selling very specialized solutions. And then there is BRS Labs – making money, growing every quarter, and silently showing the world what video analytics 2.0 truly represents. As more prospective customers see what video analytics 2.0 represents, the 1.0 vendors will drop like flies.
Video Analytics technology has struggled over the past decade with products that require expensive and time consuming installations, high ongoing maintenance costs, and unacceptably high false alarm rates and overall poor operational performance. In short, traditional video analytics technology has not proven viable and the market, as all markets do, requires innovation. The market craves an operationally effective solution and innovation is the key to satisfy market demands. As I have said since 2008, the learning approach taken by BRS Labs is ushering in video analytics 2.0. The broader market is now coming to this same realization.
For several years I’ve thought Verint had the best slogan: Actionable Intelligence. I also thought that Nextiva, Verint’s flagship video surveillance product, could not really live up to the slogan. Adding Israeli software vendor Rontal to the portfolio certainly gets Verint’s technology closer to the promises of the marketing department.
In the past I have resisted placing Rontal in the PSIM category. It always struck me as a tool for improving incident response but fell short of the information analysis I like to see in a PSIM solution. Nextiva + Rontal does it for me. The various components of Nextiva, when combined with Rontal, tell a satisfactory security information management story.
Last month Martha Entwistle, editor of Security Systems News posted an interesting article commenting on the nature of PSIM (physical security information management) and a new report by IMS Research. First I’ll comment on the content of the report, and then I’ll comment on the origin of the term PSIM (which she credits to me).
Thanks for writing this article, Martha. As a security industry analyst for the last 15 years, I can say I’m not surprised. I’ve seen reports like IMS’ before. You can’t blame them for confusing the issue, really. Young researchers with no field security experience partially digest and regurgitate conversations with paying vendor marketing executives who have tremendous stake in the status quo.
The article here says “IMS’s Wong notes that products such as VMS and ACS software, which meet some, but not all, of the criteria above, are not considered to be PSIM for the purposes of the report.”
Hmm. I read these functional descriptions and think to myself that simply combining any popular VMS and ACS and you’d have 80% of the functionality IMS declares to be PSIM. So what does that mean? a solution has to have 100% of these technical requirements to be considered PSIM? Does it mean that “real” PSIM is actually and merely the 20% delta of functionality between an access control/video solution and the remaining functions?
Regarding the term PSIM. Yes, I was the first person to publish the term PSIM and launch the global discussion on physical security information management. When Chuck Teubner, CEO of VidSys, was CEO of e-Security (around 2003-04), he and I sat in the e-Security offices and discussed a new idea I was working on in my research: Security Information Management (SIM) for the physical security world. At that time, SIM was a popular concept in IT security management. Sadly, after I left Forrester and could no longer control the Forrester-Gartner debate on the topic, the acronym degraded to the current, utterly ridiculous SIEM. Anyway, I digress.
About the same time, Kobi Huberman of NICE and I drew a PSIM-like diagram on the back of a napkin in London. He was the VP of corporate strategy for NICE. Shortly thereafter, Arcsight, a leading vendor in the IT SIM world, contacted me and we brainstormed about SIM for the physical security world. Then NetIQ guys started talking about a similar concept.
When Chuck Teubner called me again in 2006 and suggested that we name the new concept, PSIM was born. I published it on my blog then. I can also say definitively that VidSys was the first company to clarify the PSIM vision and set the standard for PSIM definition and execution.
As a footnote, NICE later got into the PSIM game by acquiring PSIM vendor Orsus in 2009. NetIQ guys started PSIM-vendor Proximex. ArcSight, dabbled in PSIM but has not yet come up with an effective strategy to penetrate the market.
Please watch securitydreamer.com for more to come on PSIM.
I performed an independent, no-money-changed-hands evaluation of three products advertising video surveillance management plus video analytics management. Here is a short video explaining my process and what I learned from my experience with Milestone XProtect, Aimetis Symphony, and Verint Nextiva.
All three products performed admirably, but there was one standout. A few vendors chickened out, er, I mean, decided it was not of interest to them to participate. :) So kudos to Milestone, Aimetis and Verint for being proud of their products – as they should be.
If we limit the conversation just to the technology, you’ll hear me sing the praises of DVTel. The command center console is attractive and intuitive and very functional. I especially liked the simple, centralized management of video, access control, perimeter sensors and the flexible reporting capabilities. DVTel’s iSOC v6 is a refreshing reinvention of the standard command center interface.
I see a transformation in modern security practice. There is a new appreciation for the primacy of data. Certainly the financial institutions are forward thinkers in this regard, along with insurance companies and most of the heavily regulated industries and some retailers. Apart from those folks, however, I think there is a lot of awareness about the bad things that can happen. Many purchase decisions today, however show signs that the tail is wagging the dog – so many vendors are pushing data loss prevention solutions, then it MUST be a badwagon I should jump on. If I don’t, I might end up on the front page next to TJX.
A CISO at a Fortune 500 telecommunications company in the US said his organization is improving three classes of security activity: prevention, detection and corrective action. In a phone conversation he reminded me that a few years ago, data classification was all the rage. But the point was well taken, he said. We all needed to step back and say "wait a minute. What are we really trying to protect here?" One key to success he discovered was asking his legal department for help. "Take a look at the records retention guidelines that legal departments crank out. You’ll find an excellent starting point for identifying the most important information in your organization." It is just a start, but it’s better than most IT security folks can do by themselves.
Well, there were a few technical difficulties, and I picked up some annoying static on my little Sony Digital Recorder, but all in all I’m very happy to present the first podcast of 2008. My conversation with Dan Dunkel, sales guru and President of New Era Associates, explores how new technologies are forcing changes in sales and channel strategies, and what makes a successful security technology sales person. Pelco, Honeywell, Cisco, IBM, Vidsys, Quantum Secure, and other vendors are discussed.
The podcast is 23 minutes. Enjoy!Download podcast_1__dan_dunkel.mp3
When the story broke that Sony was loading unauthorized rootkits on the PCs hosting the
Sony USB memory stick, I was baffled. Surely all the idiots were fired last time this happened – when it was discovered that rootkits were loaded from Sony DVDs. Either Sony engineers are supremely stupid, thinking we wouldn’t object to a rootkit installed on our machines, or they are supremely stupid by thinking that we are supremely stupid – which we ain’t.
read up on this Wired magazine blog, or on engadget.
It’ll take me awhile to digest all the technology I observed (and all the yummy Israeli food I ate), but here is a sample
Here are a few of the companies I had the pleasure to visit while
Applicure Technologies www.applicure.com
Web application security software.
Applicure’s dotDefender software-based web application
firewall is a solution for web application protection when appliances are not
attractive or are less applicable. Small
and mid-sized companies will likely prefer dotDefender’s simple online download,
straightforward installation and its moderate
pricing compared to the more complex architectures of appliance vendors like
Imperva, F5 or netContinuum. However, dotDefender will be even more attractive
to web hosting companies looking for security add-on services like web
application protection to upsell to their customers.
Persay Ltd. www.persay.com
Real time and recorded voice analysis for
authentication. When a call center
employs a Persay product like Vocal Password™ 6.0 users may opt to enroll their
voice as one factor in a multi-factor authentication event. About 300,000 Bell Canada
customers did just that as soon as they called in to set up over-the-phone
account management. This is just one of
Persay’s impressive line of practical and accurate voice biometric solutions.
ControlGuard Ltd www.controlguard.com
Endpoint device security
ControlGuard Endpoint Access Manager is a powerful, mature
software solution for controlling the use of removable storage devices. Employees are forever attaching USB memory
sticks, iPods, PDAs, phones and whatnot to their PCs. Security administrator my use Endpoint Access
Manager to set up quite specific granular rules for who may use what devices
with which types of files when. The product also records all activities related to data on removable
media for forensic reference.
Biometric access devices
The company manufactures a line of devices utilizing
fingerprint readers such as a door lock, door controllers, and time and attendance
A one-stop security shop in Israel (more along the lines of kiosk-on-Diezengoff than SuperSol, but useful anyway)
Mr. David Hava, the CEO of MIW, Ltd. (Managing Investments Worldwide)
explained how his business development firm came to invite Eleanor and me to Israel. Over
coffee (café afouk, naturally) he described MIW as the coordinator and manager
for a few technology consortia. The I-Safe group is one, focused as you might imagine on
security, and consisting of just over a dozen companies. The slogan for the I-Safe
group is “One Stop For All Your Security Solutions.” (That reminds me, for a few years when I was
much younger I worked as a locksmith at Chicago’s
Security Shop whose slogan was the same.) At first glance through the list of companies I saw only IT and network
security firms. If this is one stop for
all my security, where is physical security? Where is homeland security? A
closer inspection turned up Sdema Group, a consulting firm offering physical
security risk assessments, information security best practices consulting, and
employee background checks.
I’ll let you know later this week if the biometrics vendors
in the I-Safe group qualify in my mind as physical security solution providers or if they are stuck in an infosec mentality.
The idea of the consortium is to qualify for government
support monies, share marketing expenses, and collaborate on business
development. No direct competitors may
belong to the same consortium. For example, Safend is not in the I-Safe group
because ControlGuard is already a member – both being device security vendors
protecting against data leaks to USB sticks and other peripherals.