Far from simply transmitting images to a screen, surveillance in today’s environment entails a range of connected technologies and disciplines that make CCTV a powerful force in security and business optimisation. With this in view, iLegal 2019 focused on the ways and means companies and individuals can realise the full potential of their CCTV installations through the use of new technologies as well as well-trained people.
This year’s conference was sponsored by Johnson Controls and Secutel Technologies. Starting out with a look at how the latest technology can enhance and be enhanced by trained human operators, iLegal 2019 welcomed back Mike Neville (MCSFS), CEO of Super Recognisers International, as the keynote speaker. Neville first keynoted at iLegal 2009, where he described his work with the UK authorities in getting more out of their surveillance operations.
Since his initial keynote, Neville has left his position in the police force, taking his surveillance insights to the rest of the world, to both law enforcement and commercial organisations. He set up the world’s first Super Recogniser Unit using officers with fantastic, innate face memory skills to identify offenders and link crimes by the images. As a result, the Super Recognisers have been called on to assist in enquiries all over the world.
In 2019, Neville introduced South Africa to Super Recognisers, a new breed of surveillance operators that have taken CCTV operations to a new level.
How Super Recognisers are redefining CCTV in the UK and Europe
Neville explained that Super Recognisers are made up of a small percentage of people who have an incredible ability to remember and recognise faces – less than one percent of the population qualifies. This is not simply an idea Neville came up with, the Super Recogniser concept is recognised in academia, with Neville being the first to take it into the real world with his vision of making images as effective in the safety and security world as fingerprints and DNA.
Sadly, a person cannot be trained to be a Super Recogniser. The 1 percent of the population can be trained to be more efficient, but those of us with normal recognition capabilities will never be in the same league, no matter what training we receive.
The need for these Super Recognisers has been made clear over the years. Massive investments in surveillance have produced results, but technology alone has not been as successful as it could have been. Issues such as image clarity and so forth have left many surveillance installations delivering far below what they should. With the increase in crime and terrorism in many countries, this is unacceptable and video images need to be reliable enough to assist in prosecutions.
In addition, the ability to source images has evolved far beyond the realm of CCTV cameras. Today we have body-worn cameras and even smartphones that are able to collect information from a crime scene and assist in resolving the case.
Automated or assisted facial recognition?
Facial recognition technology can and does play a role in resolving the problem, but it is not the ultimate in facial recognition as poor images are rarely recognised. And the fact is that many surveillance images are poor due to poor decisions when setting them up, older technology still in use and the realities of capturing video in the real world where lighting fluctuates, hands shake and people aren’t nice enough to always look directly at the camera. Of course, those with criminal intent have taken to wearing hoodies, caps and other disguises in order to keep their faces hidden.
The benefit of Super Recognisers is that they can find faces in images technology would simply discard, explained Neville. This has been proven in many scenarios where riots have resulted in criminal acts and only through the efforts of this group of observers have people been charged. Some of the successes Super Recognisers have chalked up in this field were the sex attacks in Germany on New Year’s Eve 2015, the Hillsborough disaster and numerous cases Neville mentioned where individuals were identified by the Super Recognisers and subsequently had their day in court, followed by numerous days in jail.
This does not discount facial recognition as it still has value, but combining technology and people delivers the optimal results. Neville quoted Dr Anna Bobak from the University of Stirling, who said: “The data … shows that combining the latest algorithm and a Super Recogniser … leads to near-perfect performance”.
And as Prof Martin Innes from Cardiff University noted: “…it is more helpful to think of AFR in policing as ‘Assisted Facial Recognition’ rather than a fully ‘Automated Facial Recognition’ system. ‘Automated’ implies that the identification process is conducted solely by an algorithm, when in fact, the system serves as a decision-support tool to assist human operators in making identifications.”
The key is a balance between technology, people and processes in addressing crimes through CCTV. Neville also provided some statistics about the conviction success rate of Super Recognisers in the UK: The UK has an overall conviction success rate of 64% which rises to 86% with CCTV identification, and 92% when Super Recognisers are added to the mix.
Neville ended his presentation by testing the delegates’ super-recognition capabilities. The images shown were proof enough that Super Recognisers are the 1% and the rest of us would struggle to obtain a fraction of the convictions they have produced. Readers who wish to test their super-recognitive abilities can take a test at www.securitysa.com/*super (redirects to greenwichuniversity.eu.qualtrics.com/jfe/form/SV_e3xDuCccGAdgbfT).
Mike Neville can be contacted at [email protected]
Control rooms that add value
Augmented or not, control rooms are expensive to plan, build and run. Those responsible for running a control room, whether on a residential estate or a vast exercise covering multiple properties and locations, must ensure that the money spent on their control rooms and the people working in them delivers value.
Adriaan Bosch, the group security manager for a multinational retailer, was on hand to provide some insights into how security leaders should ensure that their control rooms actually produce the value they are supposed to. Bosch took the military approach to developing an effective strategy for control rooms, noting that the strategy and aims for the control room (or command centre) impact on every element within the command centre that connects to the broader security environment.
Starting out, he said: “Strategy impacts every single aspect of a control room, amount and type of staff, layout, software, communications, data usage, edge devices and type, number and size of monitors, etc.”
He also quoted Sun Tzu, who famously wrote, “Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise before defeat.”
Your control room, and consequently your entire security infrastructure must therefore align to the broader strategy, with every member of the team knowing what the strategy is and being acutely aware of their role and that of others. This will allow everyone to do their job according to the predefined processes of the strategy, but will also allow individuals to make decisions ‘at the coal face’ when supervision is not immediately available. This is another aspect of military success.
Bosch then addressed the five basic building blocks of strategy, as they relate to security operations in general, and more specifically to successful control rooms, going into detail for each aspect:
1. Situation.
2. Goal.
3. Execution.
4. Service support.
5. Command and communication.
Using these building blocks, Bosch covered numerous aspects of control room security, from trained personnel, processes and technology, through to less acknowledged risks like cybercrime – which is a significant risk to control rooms. The risks of cyberattacks on control rooms was once again highlighted and expanded upon during a later presentation.
The potential and pitfalls of facial recognition
Herman Walsh, CEO of HP Walsh & Associates, then took the delegates through what is quickly becoming the minefield of facial recognition. While the technology is constantly improving, there are many raising privacy issues and in some cities facial recognition has already been banned. On the other hand, human rights advocates are highlighting possible abuses of facial recognition in some countries where the technology has been integrated into governmental control programmes.
This minefield is actually a good thing as it will lead to more care being taken and the relevant legislation passed to ensure it is handled appropriately by all and not abused. Walsh said facial recognition is simply one of the technologies in the digitisation process that is disrupting our societies and the way we live, work and relate to each other. While politicians are full of meaningless platitudes about the Fourth Industrial Revolution, the underlying technologies are changing the social and economic landscape significantly.
Walsh then gave some examples of what facial recognition technologies can do, from identifying people to mood and emotion analysis, lie detection and more. Of course, for facial recognition to make a positive difference in society, Walsh added that it needs to be used in an integrated fashion with other security and behavioural technologies. There also needs to be clear lines drawn regarding the use of this data in order to protect privacy without compromising security and legitimate law enforcement.
Governance models are a key component in these efforts and Walsh also highlighted a 7-point governance model that would be appropriate in creating a framework that will work for the best interest of society as a whole. He said that while the focus is often on technology and what it can do, we should first look at the framework in which it should be used before a broad and unregulated rollout occurs.
Herman Walsh can be contacted at [email protected]
Identifying suitable CCTV service contractors
Kevin van Zyl, MD of Horizon-Umsobomvu Risk Solutions, followed Bosch with a presentation highlighting the issues and challenges involved in selecting a CCTV service provider. Van Zyl used his experience in finding and retaining a new service provider for a mining giant as the basis for his talk, making it clear that there is more to choosing a service provider than getting the right price and the right promises.
Starting out, Van Zyl advises companies to understand their own value chain and frame of reference, incorporating all their requirements before they even consider which company can meet their needs. This includes establishing a strong, cross-disciplinary project team consisting of team leaders and the various process owners.
This must be followed by planning and preparation, repeatedly, until the organisation is sure it knows exactly what it requires from its service provider. Then one gets to formulate the bid document and meet with potential bidders, with the document in hand to explain exactly what will be required. This document and meeting must not only tell the bidders what is required, but explain the minimum criteria the company wants – bidders also need to understand that compliance is paramount, promises and best efforts don’t count.
Following this is a period of orientation for the bidders as they submit their proposals and the company works on the formation of a shortlist. Once compiled, the project team must visit the relevant prospects to ensure they are able to handle everything required, from minimum standards, operational criteria, pricing and so forth. Some of the issues (definitely not all) that should be considered:
• The company profile.
• Expertise in the customer’s field.
• Detailed operational specifications.
• Key competitive advantages.
• Case studies.
• Management and supervision, as well as the quality of personnel.
• Operational procedures.
• Legal and governance.
Referring to a mining project Van Zyl headed, he said it was found that many companies in the bidding process could not make the minimum criteria. Some bidders tried to put on their ‘game face’ during on-site visits, but the team was able to see through their sales pitch quite easily. In the end, he said all the facts need to be considered and the team also needs to trust its gut instinct.
Kevin van Zyl can be contacted at [email protected]
Intelligent options for surveillance storage
iLegal 2019 included presentations about the large amounts of data surveillance operations collect and what to do with it in terms of deriving useful information from the data. Jason McGregor, regional sales manager for digital security & CCTV at Dell Technologies, then offered a presentation on the best way to store and manage that data securely, with the goal of easy access in mind.
One certainty in the surveillance world is that the amount of data being collected is continually growing, as are the various analytical tools able to analyse and transform that data into useful information. McGregor said that as we move into the IoT world, the data we collect will simply increase even more (currently, 40% of all IoT data is video surveillance data). This will simply be expanded by the adoption of higher resolution video, new sources of video such as drones and body-worn cameras and other mobile devices, and an increase in the length of time the data needs to be stored.
Putting the challenge in numbers, McGregor said 4K cameras require about 110 GB of storage per hour if used at their maximum capacity, as opposed to around 12,7 GB per hour for standard definition cameras. Furthermore, research expects the enterprise surveillance market to post a CAGR (compound annual growth rate) of 42% through 2021. The term ‘big data’ is therefore very relevant in the surveillance world and beyond.
Importantly, video data is not only meant for security purposes. There is a growing requirement that this data be used in enhancing business processes and policies as more companies digitise. Therefore, organisations are looking for architectures to store and process data that are open, scalable and enterprise-ready, and able to easily manage current and future disparate data sources.
The traditional surveillance architectures used in the past can simply not keep up. McGregor therefore highlighted that new architectures need to be designed and implemented that are able to offer centralised management of any amount of data that is recorded and stored in various places – remotely, in the cloud or on site – and be equipped with intelligent hardware and software that allows for automated expansion and contraction as the organisation requires. More importantly, it also needs safety structures that ensure availability and minimise downtime. In other words, a hyperconverged infrastructure.
McGregor then went on to speak about how Dell has partnered with various surveillance companies to offer solutions that are easily deployed and configured, guaranteed to work optimally on the hardware provided. He added, “Dell offers custom orchestration tools that enable customers to deploy and configure surveillance systems with just a few clicks, which can even be done by non-IT staff.
“We automate installation and configuration of the video management system of your choice and the corresponding software and hardware without any specialised IT support, reducing the installation time from days to a couple of hours.”
In addition, the infrastructure provided caters to small operations and can scale to large deployments where additional storage may be required over time. However, he said the Dell systems are designed for scalability in a way that avoids bottlenecks and hence does not reduce performance.
Jason McGregor can be contacted at [email protected]
Big data: real world challenges
Big data is a phrase that has been doing the rounds for some time, but in the surveillance field, dealing with large amounts of unwieldy data in the form of video is a significant challenge. Michael Lever, director of Metagrated, offered iLegal 2019 delegates some insights into the world of big data, stressing that video data is packed full of information that should not be ignored or simply stored somewhere ‘just in case’.
Lever said that effective analysis of data can provide a treasure trove of useful information that can be vital to a successful security function in terms of its descriptive, definitive and scene and/or objective attributes. Moreover, when combined with other data sources, this information transforms security from a reactive exercise into a real-time and even proactive discipline.
Of course, the ability of technology to analyse data effectively, no matter how powerful the artificial intelligence (AI) software is, depends on the quality of the data and its integrity.
Lever went on to look at how data is analysed currently, and also presented a picture of the future as even more data is collected in real time, providing more opportunities for finding valuable information to enhance the safety and security of environments. Key to the future will be technology’s ability to offer situational contextualisation, which moves from static object classification to classifying scenes based on numerous data sources.
In keeping with the topic of augmented surveillance, Lever also touched on just how augmentation will assist in security and operations. For example, augmenting a drone’s video stream with house numbers, street names and other data will assist control rooms in finding the exact location of an emergency and dispatching the appropriate response.
He also provided examples of a local company turning control rooms into 3D virtual control rooms where operators wearing virtual reality headsets are able to view and manipulate their environment with hand gestures. This ‘control room of the future’ will empower operators to keep tabs on much more than they can at the moment, while providing access to almost unlimited data sources to enhance (or augment) their field of view and consequent actions. For example, real-time language translation will allow any operator to assist in any situation without having to wait for someone to translate speech they don’t understand.
Michael Lever can be contacted at [email protected]
Augmented surveillance is critical
Dr Craig Donald, CEO of Leaderware and co-host of iLegal, was up next with a look into the control room of the future in his presentation titled ‘What is augmented surveillance and why is it going to be so critical in your control room.’
Many people think that technology is a great way to do away with the need for people in the surveillance world. As noted in Mike Neville’s presentation, that is not really the case as the best results are forthcoming when the people and technology work together. When talking about ‘augmented surveillance’, Donald stated that augmented means “something has been made greater or enhanced, or complemented” – as opposed to something that is replaced.
Highlighting the need for augmented control rooms, Donald provided statistics from one municipal police department in the USA where, in 2013, the department had to handle 331 surveillance videos consuming about 19,7 GB of storage. In 2019, the same department had to handle 22 334 videos consuming 1838,9 GB (and that was only until the end of June).
With this type of expansion, humans are not able to handle the surveillance video effectively unless they have some assistance from technology. Donald said that while technology is not able to replace humans, it is good at doing many of the routine tasks that free up people for more complex things. This allows a surveillance project to cover more areas, more consistently than would be possible with only people. Additionally, technology can combine information from various sources quickly and provide new insights a person may have missed, presenting the data in novel ways.
As an example, Donald noted the ability of AI algorithms to determine the mood in a crowd, which may assist in preventing a riot or some other mass reaction in which people could be hurt or crimes could be committed. He also noted that in many instances, social media feeds are being monitored as a means of ‘sensing’ mood changes with respect to companies, people or events, or even picking up on criminal or terrorist intentions. Monitoring these two aspects on their own would be difficult for humans to do, even if there was scope to employ and train large numbers of people, because one of the things technology does very well is to integrate information from multiple sources in real time to enable timely intervention.
When it comes to augmented surveillance, Donald summed up: “We are not eliminating the need for people. We are increasing the responsibility and skills requirements of fewer, more highly paid people.”
Craig Donald can be contacted at [email protected]
Hacking your control room
Ending the day, Craig Rosewarne, CEO of Wolfpack Information Risk spoke about the significant opportunities open to the security industry in cyberspace, as well as the significant risks. In particular, he focused on control rooms.
A control room is a location that is highly dependent on technology, from computers and servers, through to different communications capabilities. It is also home to the weakest link in all security operations: people. So, while organisations rely on their control rooms as the nerve centre for their security operations, and increasingly to manage more than security, these locations must be cybersecure since disrupting the control room can put an end to your ability to run your security operation.
Rosewarne focused on two vulnerabilities every control room must take into account when securing itself: people and technology, and then offered some guidance in terms of cyber self-defence. Key to the vulnerabilities and security of control rooms is the continuing convergence of cyber and physical security. While many companies still separate cyber and physical security operations, the overlap between the two is increasing with alarming speed and ignoring either component leaves them both and the organisation itself at risk.
He provided an example of how easy it is for knowledgeable people to attack a bank that has not put the appropriate security processes in place on its banking website. And if a bank is at risk, how much more would a control room be at risk?
Rosewarne introduced the audience to OSINT (Open Source Intelligence), a way to find out frightening amounts of information about anyone and any business. OSINT makes use of online sources such as social media and government databases, as well as call centres where people persuade operators to provide information or change passwords, etc. Humans in a control room (or any job function) can be targeted by finding out where they work and what they do, and then targeting a phishing attack at them, for example.
Targeting a control room’s technology is also a simple matter. For example, one can find out what technology is in use and then use a website such as shoden.io to find out more about the technology and its security status, providing insights into how best to attack the system. Of course, this is only necessary if you can’t get an employee to put a USB drive into their machine (promising them the latest music or movies while also loading malware). The ways criminals can gain access are almost endless.
Even though it should be ‘old news’ by now, he also touched on the importance of managing passwords properly, showing how people can judge how easy their password is to break (password.kaspersky.com/).
Ending his presentation on a positive note, Rosewarne went on to talk about the similarities in cyber and physical security. He provided brief insights into a proper risk assessment process a control room should go through to identify their own vulnerabilities, as well as the structure of an integrated security operating model incorporating operational, technological and governance aspects in securing the whole organisation.
Craig Rosewarne can be contacted at [email protected]
Sponsor presentation: Secutel Technologies
Brendan Whelan, sales manager from gold sponsor Secutel Technologies, offered delegates a brief presentation about the company and its market offerings. Founded in 2008, the company consists of a distribution network that sells products such as Longse, Matrix, AxxonSoft and ProxyClick, as well as technical and integration services, and a cloud service platform.
Over the years Secutel has gain clients in a variety of industries throughout South Africa, from banking to industrial and retail. It has a range of products it sells (as mentioned above), but also locally develops and manufactures a range of products to enhance customers’ security operations, from body-worn cameras to management platforms. It also offers cloud-based video analytics solutions (provided as a service), as well as workforce tracking and management solutions.
Tel: | +27 11 543 5800 |
Email: | [email protected] |
www: | www.technews.co.za |
Articles: | More information and articles about Technews Publishing |
© Technews Publishing (Pty) Ltd. | All Rights Reserved.