Companies use thousands of security assets from numerous vendors including video cameras, intrusion sensors, access control readers, servers and controllers. They amass enormous amounts of data that is vital to conducting business.

While these assets are typically interconnected to a single IT network, their data remains separate, and it can take hours and countless resources to make sense of what is happening in various facilities to act.

Compliance risks

Proper security compliance protocols provide assurance that network and devices are safe. Cyber-attacks on security networks have drastically increased. According to ITRC1 there were 1,244 breaches in 2018 which exposed 446 million sensitive records. The risks and fallout for businesses becoming a victim are greater than ever. Hackers’ motives are wide ranging from selling PII (personal identifiable information) which can be monetized and exploitable on the dark web, to holding businesses and municipalities hostage with ransomware. State-sponsored hackers have notoriously penetrated businesses seeking trade secrets and using cyber-hacks as a political weapon. Regardless of the type and motive of attacks, a common theme has emerged, and attacks have become more numerous and sophisticated over the last seven years. Growing threats influence the need for better compliance, which in turn drives better solutions to combat those threats.

Compliance fallout

It’s an unforgiving position to be a key stakeholder responsible for keeping a security network safe, only to find out the network was hacked. At any point in time, 5 to 8 percent of physical security devices like cameras, access control, door contacts and motion sensors are non-functional. Multiply that statistic across a large enterprise with 50,000 devices, and that’s 2,500 to 4,000 devices offline or in a state of non-compliance. Out-of-compliance devices add risk which could manifest into cameras and recorders missing vital evidence such as perpetrators conducting nefarious activities.

Another important consideration are network vulnerabilities created by unknown attached devices and ensuring all devices are accounted for and that security protocols such as penetration testing have been conducted. Without accountability for every device on the network, how do FMs know vulnerabilities don’t exist and that the network is secure? Most companies can’t account for all their devices. This includes knowing the type, make, model, working condition or their location of devices. A proper security device data management platform is the first step in securing overall security posture, and selecting the right data schema is the foundation for their digital transformation journey.

Digital twin transformation

No one disputes companies want better security to protect their property and people. There’s an overwhelming opportunity to help companies realize the value of organizing and collecting metadata to build data models and digital twins of their devices for the next evolution of compliance. The concept of the digital twin was presented by NASA nine years ago in their technology2 roadmap. Many leading tech companies like GE and Microsoft have used the term to market their products. For NASA, their digital twin use case was a predominate way to replicate and test space flight control maneuvers from the ground before sending commands to spacecraft.

Think of a digital twin as every physical security device’s avatar representing itself in the virtual cloud domain. For security devices, this has practical and evolutionary advancements for improving security and smart building compliance. A digital twin is a replication of the device’s attributes in a data management platform which acts as virtual risk scenario planning tool. For example, an enterprise security system can send hundreds of thousands of events. Simulations are run throughout the network topology to ensure 100 percent compliance all the time, every time. The combination of events sent (or not sent) paint vivid insights into the health and performance of the system that directly impacts compliance KPIs.

Digital twinning should be considered a required step in a digital transformation journey, allowing artificial intelligence and machine learning to help improve performance and security compliance. A comprehensive asset inventory of all connected devices is the first critical step in creating a digital twin asset repository. Using a similar analogy to security networks, simulations and testing of various attack vectors can be run checking for vulnerabilities in the virtual system before verifying in the physical system. Also, event processing of each individual device can immediately identify device health issues and trace the root cause through the hierarchy of parent/child relationships. The result can predict preventative maintenance and thus minimize costs and out-of-compliance risks. Once a discrepancy is identified, the system automatically creates a work order ticket and follows the service operations workflow until resolution, keeping track of the progress until compliance conformity is satisfied.

Redefining compliance

New monitoring technologies are generating “always-on” compliance to ensure network and device health performance. The shear complexity of keeping the plethora of security devices and network operational in the most performance-efficient and cost-effective way is challenging. The security market is mature and fragmented, with thousands of hardware and software vendors in a competitive market. Integrating with leading manufacturers of access control, video platforms and IT network systems is critical for overall compliance performance. Regardless of integration, digital twinning is a system-agnostic model that unlocks value and reinvents the definition of compliance performance.

For example, compliance auditing is an activity which typically happens once or twice a year and involves manual processes of verifying every device works as designed. Manual auditing is a resource intensive activity, and exponentially compounded when a company acquires another company, leading to integration of two security networks as part of a corporate mandate. It’s also impacted by the natural decommissioning and upgrading of equipment over time – a 15-20 percent continual change impact year-over-year. By reconstructing the needs of the organization and applying digital transformation best practices, much of the repetitive compliance audits can now be automated, adding insight into device health, asset lifecycle management and system operational performance.

Whether a company uses integrators to manage the service workload or is a self-maintainer, without a device compliance data management platform in place and proper governance models, the traditional inefficient break/fix model still reins. The problem with the break/fix model is it’s still dependent on security personal to find non-functional devices, hidden vulnerabilities and report discrepancies by creating work order tickets. New compliance platforms use machine learning to identify non-functional devices by scanning the system and automating service tickets which can be directed to a predefined integrator or internal owner. Since virtual audit scanning is conducted in real-time with high accuracy compared to a human manually stumbling upon a non-compliance device, it dramatically improves the cycle time or “case-condition” period, thus greatly reducing the time devices remain in non-functional/non-compliant state.

Digital transformation journey

It is an FM’s responsibility to keep up with latest threat trends and propose solutions and budgets to keep the environment and network safe. Physical security networks are comprised of access control, cameras, door locks and motion sensors, and are meant to keep unauthorized people out. It’s also the first line of defense in protecting access to data, people and property, and unfortunately takes a lot of resources to keep in working compliance. A data management compliance platform using Brick3 data schema, digital twins, machine learning and AI can dramatically improve your overall compliance and reduce overall operating costs by 15-30 percent.

The journey starts by creating a device inventory using geospatial mapping. Next, device monitoring is configured for every accountable device and scans the system for any device or network health issues. Any device abnormalities are compared against a constantly learning AI engine which decides which actions to take. The device AI engine reports on a host of compliance metrics and risk ratings for future considerations.

The benefits of a data management compliance platform can used for an expanded portfolio of security offerings. For example, Converged Cyber-Physical Security (CCS) platforms have emerged to converge asset device compliance with other threat intelligence data sources such as social media, news and weather to provide contextual awareness of threat risk by geographic location. It receives geospatial floorplans and mapped device data to provide tools for real-time collaboration in order to speed the dissemination of threat data using advancements in standard operating procedure (SOPs). All of these technologies lay the digital groundwork for a semantic aware virtual security operating centers (VSOCs), which are expected to replace traditional security operating centers (SOCs) in the near future.

Next steps

The rise of cyberthreats and even the proliferation of IoT devices in building systems is a growing security threat. Doing the research and taking the time to find a solution that can help tackle this problem by centralizing security asset management and remotely monitoring equipment is critical to future success and security of your data and assets.