If you are an infosec practitioner it is pretty clear that you are in the data business. After all, your whole world revolves around gathering, understanding, manipulating, and protecting data. If you are a physical security practitioner, on the other hand, it may not be as obvious that your world revolves around data, but it does – or at least it should.
Brilliance Security Magazine talked with John Omernik, Distinguished Technologist for MapR Technologies, to find out why he believes security practitioners, both physical and infosec, should be turning into data scientists. John is nothing if not passionate about the need for security practitioners, of any ilk, to have liberal and nimble access to the data they need to do their jobs quickly and effectively. MapR Data Technologies is a Silicon Valley enterprise software company that pioneered the concept of providing one platform for all data across every cloud. They claim their approach to be the industry’s first modern data system. At the core is the MapR Converged Data Platform that enables simultaneous analytics and applications as data happens for companies to create new, intelligent and modern applications.
“There is a lot of information being generated around physical security sensors. It’s not just camera data, rather it’s WiFi data, door data, and all kinds of security sensor inputs. There is room for significant growth and improvement of physical security in that too often the security practitioner is not aware of what can be done with this data that is being collected,” John said. Conversely, a data scientist is always looking for ways to analyze, compare, and manipulate data to bring into focus a clearer picture of what the data means.
The physical security domain has come a long way. They have come from a paradigm that says cameras are primarily for watching to see what the bad guy is doing or has done to a view that includes analytics of the video data so that the right video is presented to the operator and therefore not missed or overlooked. This has made video data much more efficient and useful.
But what of correlating video data with the other data streams available to the physical security practitioner?
John gave us an example of a scenario that he has thought about. “Imagine,” he says, “a video feed that watches an ATM and the surrounding parking area. This video is compared to the transactions taking place at the ATM. Any number of alarms could be generated given just these two data streams. For example, what if a person, or persons, loiter near the ATM but no transactions take place for a specified amount of time. Wouldn’t the security guard want to know about that? Maybe someone just needs assistance or maybe something more nefarious is being contemplated.”
To John’s earlier point about the need for rapid access to data; if video data is going to move from being primarily forensic in nature, in that it is mostly useful for figuring out what has already happened, to a real-time tool for preventing or stopping an event, video data needs to be paired with other real-time data streams.
But, in reality, all this data originates from disparate systems that have no ability to share with each other. Where the need to share data between systems is obvious and compelling integration between systems has been developed. This is a slow and time-consuming process and this type of integration requires a financial ROI for developers of at least one of the two systems. The integration is then “hard-coded” into the systems and must be maintained to accommodate changes over time to either system. This is not a workable model from the perspective of a data scientist.
Thus the need for a single platform for capturing and distributing all data across the enterprise. In our previous example, if the data from the ATM machine was easily accessible by physical security practitioners and could be looked at in light of the video stream from the camera watching the ATM, the possibilities are impressive. Now factor in cell phone MAC address tracking, facial recognition, and license plate recognition and you begin to see the power of thinking like a data scientist.
For this to happen, however, the security practitioner needs to have the skills, the tools, and the inclination to think like a data scientist.
So, are you in the security business or the data business? Well, hopefully, the answer to that question is – both! Security is the objective of your efforts, but the understanding of how to manipulate data is what is going to get you to that objective. Organizations need tools that standardize data from systems across the enterprise and make it rapidly accessible while keeping it secure. Security practitioners need to become data scientists or risk losing much of their influence to those that are.
Steven Bowcut, CPP, PSP is the Editor-in-Chief for Brilliance Security Magazine