Managing and Mitigating Business Risk with Security Software
This issue Security Technology Executive editorial director Steve Lasky sits down with several of the industry’s top experts to find out what’s trending and what issues are shaping the future of PSIM and VMS solutions. Here is what the experts had to say:
STE: What’s the difference between PSIM and VMS solutions? Are they interchangeable and able to integrate function?
Adlan Hussain, VP Marketing at CNL: At the lower end of the market we see some level of overlap in terms of functionality, but on the whole PSIM has its place as the integration, intelligence and front end of a large scale security system. This works hand in glove with a VMS system, and increasingly we are working closely with manufacturers of VMS systems to provide deeper integrations of functions. A VMS has limited use. Typically it is purchased as a system to prevent security problems. In reality, the value that it provides is to help piece together the chain of events after a security incident has taken place. Video analytics have promised to make surveillance systems more proactive. In practice, these software and hardware additions have been greatly oversold in their capabilities. Even those VMS whose users have attained an acceptable level of functionality with their video analytic systems do not have the tools to integrate into the company’s key operational business needs.
Kurt Takahashi, Senior VP at AMAG Technology: The purpose of a PSIM is to provide total situational awareness. However, in better terms, providing those people responsible for responding and making security decisions with the entire picture. Today’s security environment is challenged with presenting the entire data set to a decision maker. Because alerts/alarms, video surveillance, building management alerts/alarms, social media information, and natural disaster events hold all their information within their own data silos, it becomes virtually impossible for someone in a command center to make decisive correct decisions. Imagine trying to respond to a situation when you only have access to part of the information. Imagine trying to respond when the policies and procedures are ever changing. Imagine trying to respond when you are brand new on the job and you only have access to portions of information. Fully functioning PSIM gives you the ability to aggregate all the disparate silos of data and present everything in one place and provides a workflow engine to help automate how people respond to situations based on company policies and procedures. VMS systems have PSIM like functionality but are very limited in their ability to consume all pertinent data from third party siloed data sources. Some VMS systems have the ability to apply workflow to alarm handling providing some automation, but still are limited in their ability to present the entire data set. It would be like trying to solve a crime with only part of the information. There is a value proposition for both. Both have use cases, but it really depends on what Risk and Compliance needs the organization is faced with.
Jimmy Palatsoukas, Senior Manager of Product Marketing at Genetec, Inc.: One of the main differences between a PSIM and a VMS is each solution’s intended purpose, as well as their core capabilities. VMSs are designed and purpose-built to help organizations secure their facilities through the direct configuration, management, monitoring and recording of video cameras, first and foremost. PSIMs are not designed to configure and manage video cameras. They offer a secondary or alternative interface to monitor third party video and offer features like visualization, integration, situational awareness, and incident management. A PSIM cannot replace a VMS solution, but an advanced or enterprise class VMS usually can, given the fact that these VMS solutions offer capabilities such as integration to third party systems, situational awareness, visualization through embedded dynamic graphical maps, and incident management, that are similar to PSIM. In the vast majority of scenarios, a VMS will fulfill the needs of a security team. In these instances, a PSIM is not required. A few enterprise class VMS solutions are part of a Unified Security Platform which offers embedded video management, access control, intrusion monitoring, and communications. Unlike PSIMs which will monitor these third party systems, a Unified Security Platform will actually offer these capabilities out of the box and will not rely on third party access control, video, or communications systems like a PSIM does.
Chriss Knisley, VP at Haystax Technologies: The significant difference between PSIM and VMS is the ability to integrate all kinds of security-related data into a PSIM, whereas a VMS is designed just to control cameras, capture, and archive and search video. That being said, some VMS vendors are moving into PSIM territory by integrating other building automation technologies like fire detection and access control with capabilities such as turning a camera to a point of concern. The PSIM is there to provide ongoing situational awareness, and help manage a response.
VMS systems generally feed into or are integrated with PSIM solutions given video is one of the most common ways to identify events and issues. In some cases, VMS may just be the actual management of the video, and you may need to consider Video Content Analytics in order to get truly useful information into analytics in a PSIM. Having the cameras on a map is a good start, but being able to identify specific incidents is much more useful, i.e. person crossed a fence, entered a restricted area, left a bag unattended, etc. Generally, you want to be able to access and control your VMS from the PSIM as well.
Dr. Bob Banerjee, Global Marketing Manager at NICE Systems: In short, VMS manages video; PSIM manages incidents. If you want to watch a museum break-in, buy a VMS. If you want to manage that same break-in, you’ll need a PSIM (you’ll invariably want a VMS too). A video analytics-enabled VMS or a VMS with an economical integration to an intrusion panel or access control system would detect a break-in and communicate: “Here’s the alarm and video of something bad happening … good luck!” If all you need is notification that an incident is taking place, a VMS is perfect. Likewise, a PSIM detects an intrusion and sounds the alarm via its integration to the VMS or intrusion panel, or any of the many other systems it integrates to out of the box. But its capabilities go far beyond that initial situational awareness. PSIM takes into account the many questions that fuel ongoing situational awareness, such as:
- Where are the guards and who is closest to respond?
- Is the intruder armed, and is that guard qualified to handle the situation?
- In the case of a lockdown, how many people are at risk and where are they?
- If there is an injury, who do I call? What is the museum’s standard operating procedure for armed intrusion?
- Will I use it or not?
- Will I follow it consistently or skip a step?
- What if I have never faced this scenario before?
- What if I am relatively new?
- What if I am overloaded?
PSIM levels the playing field, allowing security officers to do the right thing at the right time. That’s PSIM situation management.
And after the incident has been resolved, PSIM helps explain what happened. Security operators can pull together the audio, video, intrusion, access control, mass notification, 911 calls, and other related data into one coherent story. That is PSIM situation reconstruction, using a 21st century report.
Brian Lettiere, Vice President of Product Management at Verint Systems: PSIM and VMS solutions were designed to exist independently from one another, but can also coexist and be utilized interchangeably. PSIM solutions, also known as situational awareness platforms, incorporate the video from a VMS system because traditional PSIM platforms do not have the ability to record static video. Rather, these solutions record and store event and alarm video to enable users to gain new levels of real-time situational awareness as an incident evolves. VMS solutions, however, have the capability to record and protect the video data after the incident has taken place. When an alarm is triggered with a PSIM solution, there is a string of events to follow, also called standard operating procedures (SOP) that guide the operator’s actions. With a VMS solution, there is video that can be seen and used for playback or gathering images, however, it essentially stops there. Situational awareness technology allows end users to gain the functionality of both VMS and PSIM platforms, providing high-resolution images for both recording and live video viewing that enable security staff to react quickly to potential threats.
James I. Chong, CEO and Founder at VidSys Inc.: PSIM software provides meaningful and actionable information that is based on situations driven by operational policies and procedures. PSIM software also provides an integration framework for collecting data, including video-data, from video management systems, codecs, cameras, and other sensors, but it is not a video management system (VMS) in itself. Some VMS solutions have basic device integration capabilities but it does not have the business logic or correlation and rules capabilities, which are key elements of a true PSIM platform. The very nature of true enterprise PSIM software is that it has the capability to connect to other systems using open standards. One additional fundamental difference between a PSIM and VMS is that a true PSIM does NOT provide nor replace the video recording and storage capabilities which a VMS must provide. Because the application and integration possibilities are almost limitless when considering a PSIM, how does the end user focus a functionality roadmap to match their needs?
The key to any successful deployment is not to focus first on the integration capabilities or the technology, but to focus on defining and understanding the Concept of Operations (Con-Ops) and business needs that are critical for reducing or mitigating risk and defining a better business process. Also, phased approach for deploying a PSIM solution is highly recommended as it is oftentimes beneficial operationally and financially. The Con-Ops can be used to help define and develop rules and work flow to assist security management the ability to pre-define what data should be correlated and what should be filtered out. For example, from a video analytics alert from a potential intrusion as seen on the screenshot below, a command center operator can be instantaneously presented with the exact location of the potential security breach and surrounding assets on a map, along with step-by-step instructions for evaluation and resolution. This includes pushing crucial information through the mobile interface, to a responding officer. Once the situation is resolved and closed, a reporting feature provides detailed reports for after action analysis, or as part of a forensic record.
STE: PSIM is often viewed as a high-priced solution by some users. What are the current cost trends and implementation strategies users are employing to make this option viable?
Adlan Hussain: This is a simple question to answer, we are not comparing like for like. PSIM creates business value by levelling proprietary physical security systems and bringing security operations in line with other business systems. This in turn allows physical security to interact with other business systems and take its place within corporate governance. Vendors who describe these systems as expensive most often do so to push an inferior solution, and understand the only advantage they have is price over a PSIM based solution. What they often fail to do is understand what the customer wants to achieve in the short term and in the long term.
It is true to say PSIM solutions started life at high end / high security facilities, as this is where the need was greatest several years ago. Things have moved on since then, and PSIM solutions are much more widely used. Today deployments of PSIM can be found in education, corporate enterprise, ports, Critical Nation Infrastructure, law enforcement, homeland defense, plus many more sectors. The reality is PSIM solutions have become significantly more sophisticated in the last few years, and by their nature are a lot more emphasis on adding organization value, whether this is through hardened security, increase efficiency or reduced ongoing costs. The crucial factor being that the customer can decide what their priority is. The cost for PSIM solutions is also coming down. There are several drivers which are allowing this to happen, not least of which are;
- COTS – This allows for the use of templates, which can be quickly customized for individual organizations. Furthermore as governments get involved with specifying guidelines for security best practice, these policies are starting to look even more similar to one another.
- Automation - The deployment cost of these solutions is coming down as they become easier to implement. The use of wizards and plug and play technology is making PSIM solutions much more viable for medium sized organization to use.
- Modular Systems - Real PSIM solutions are modular, which mean organizations only pay for the functionality they need, again bringing down the cost of these solutions.
- Use of existing infrastructure - As PSIM manufacturers generally have integration to a larger number of security systems, they allow greater use of existing infrastructure. This alone can provide sufficient saving to warrant the use of a PSIM platform.
Kurt Takahashi: The cost factor is PSIM's number one barrier to market. Therefore, the business justification must match the Risk and compliance tolerance of the organization. The HARD cost ROI is very difficult to attain. There is clearly SOFT cost savings, but historically this is where PSIM struggles. Furthermore, the compliance requirements become limited as it pertains to this element. Command and control have policies and procedures but are mostly predicated upon internal business needs, not external regulators. This also lessens the ROI because the penalty for failure is not as great. Lastly, the soft cost savings of continuous improvement primarily benefits those behind the desk in a command center and does not extend out beyond the security department.
Jimmy Palatsoukas.: PSIMs tend to be very expensive propositions over the lifetime of a project. What we are noticing is a growing level of awareness on the part of end users in trying to map their needs with the actual product category that can address their needs. End users are coming to realize that leading VMS, access control, and especially unified security platforms offer many of the capabilities customers look for in PSIMs and more, but at a fraction of the cost and with lower levels of risk. This is helping end users fulfill their security needs (greater situational awareness, maps, event correlation, integration, incident management) at a much lower price point and with less customization.
Chriss Knisley: This is true for any newer technology, not just PSIM. SaaS offerings can obviously help drive down the costs, as well as purchasing components of the security enterprise that adhere to open standards or are easily integrated. Many of the point solutions in the market for things like badging or managing videos, physical security alarms or smoke alarms were not designed to be part of a larger system.
This is a relatively new trend -- think of it like the connected home. A few years ago, you wouldn't have dreamed there would be a reason to connect your thermostat and light bulbs to the Internet. Now, those things work in conjunction to turn off the lights and turn down the AC when you leave the house -- all based off of cloud-based analytics.
If you tried to retrofit your existing thermostat into that system, you'd have the huge expense of building some custom controls for the thermostat, determining a custom protocol for making it talk to the lights, and building a custom application to control it all. That would certainly seem very expensive. The alternative is to buy a Nest thermostat and Hue Lights and use an app in the Cloud to tie it all together through their APIs.
Dr. Bob Banerjee: Cost is often a deciding factor for organizations on the fence about using a VMS or PSIM. However for organizations trying to address obstacles to business continuity, the cost of failure is much larger. If your oil rig is spilling oil at 60,000 barrels per day and you are missing 11 people, do you want to pull up a camera to view the incident or manage the crisis in its entirety? Emptying an airport terminal because of a TSA violation, evacuating a town because of a train derailment, or locking down a campus because of a perceived threat are all crises. However due to their infrequency, they may not justify buying, implementing, and maintaining a PSIM.
Other organizations are finding they have plenty of less critical incidents that might warrant it. Many have realized that if a PSIM can catch failures or anomalies, they can prevent them from escalating. Better handling these smaller but more frequent incidents quickly adds up, and can have as large and positive an impact on the organization as averting or effectively managing the infrequent massive crises.
Brian Lettiere: Users today look to invest less and gain more value from their security systems. Mobile technology, cloud computing and social-media tracking have changed the technology landscape as companies seek to integrate these vehicles into their security and risk mitigation efforts. Both cloud computing and mobility allow users to have servers and databases offsite, which decreases the need for physical space, as well as saves on maintenance and hardware costs. This capability lowers total cost because of decentralized and automated administration and maintenance. Situational awareness platforms have been developed in this regard to help organizations respond to security incidents more efficiently and intelligently, while reducing costs and improving compliance.
James I. Chong.: True Commercial Off-the-Shelf (COTS) PSIM solutions provide significant benefits to the end-user that result in a greater value to the organization, both during implementation and also operational expense for support and maintenance.
The cost of implementation is coming down as there are now more administrative tools that both integrators and partners can use for deployment, such as device plotting, subsystem auto-discovery, and standard templates for rules and action plans. As the market adoption has occurred and also more systems integrators have become IT and enterprise application savvy, we are seeing the deployment capabilities of integrators increasing each quarter, on each new project.
The other helpful strategy that is now considered best-practice is to establish separate test environments where initial software and integrations can be pre-tested and configured prior to rolling over to the production environment. Basic and manageable steps, along with IT-knowledgeable field engineers are helping to drive overall implementation cost down, as well as time to deployment. We expect to see this grow as IT organizations within the enterprise customers also are starting to manage the PSIM software as part of their overall enterprise application suite.