Axis execs talk AI regulation, cloud economics, cybersecurity and more
Consternation about supply chain issues that darkened the mood at last year’s Axis Communications’ Connect and Converge (ACCC) event had mostly vanished this week as the opportunities and challenges of emerging technology took center stage in Kansas City, Mo.
In an exclusive interview with SecurityInfoWatch, Axis co-founder and Swedish entrepreneur Martin Gren, and Fredrik Nilsson, Vice President of the Americas for Axis, talked about the future of artificial intelligence in the industry, the prospects for regulation in the U.S., and the challenging cybersecurity environment that vendors are facing.
They also shared what innovative systems integrators will need to do in the future to be successful and profitable in their trade.
SIW: There is a lot being said about AI hype in the security industry. But what is technology’s actual importance to the security industry and your company’s goals as well?
Gren: Since ARTPEC Eight, all Axis cameras have been equipped with deep learning and AI abilities. That has made our analytics and object recognition more reliable and accurate than it was before. AI makes engineers a lot more productive, and we have a lot of tools that we’re using now.
One challenge that has grown bigger is the use of intellectual property. If you are using open platforms and innovations, you must make sure you have done the training and done all the parts of the code so you get all the rights properly done. It’s been made easier for the engineers, but there are new issues that you need to consider with the R&D team.
We can use this technology for other purposes as well – to make customer service better.
We also have the ethical side of AI. In Europe, we’re trying to regulate the use of AI to generate human-centric, ethical and trustworthy technology for neural networks. This is necessary because you can do a lot of evil things, such as social scoring that some countries are using, or you can use bad applications based on facial recognition.
SIW: What do you feel is a fair level of regulation to protect the public that is not going to stifle innovation?
Gren: There are many levels of what you can do. With facial recognition, for example, having a blacklist is obviously super sensitive. Having a whitelist is also quite sensitive. If it's passport control, I think it's okay. And then if you use video management software and if you have a human who's looking for a certain individual, and you feed in that photo or you let the machine do it, well, that's another level but more acceptable than having a blacklist or a whitelist. It is very difficult to set the level at an acceptable and ethical correct place.
Nilsson: Think about facial recognition. We use face ID on our phones. You use it all the time and you’re happy with it. You volunteered your face to your phone and it’s only your phone, right? Or does anyone else have it? You don't really know. It comes down to who you trust. You trust Apple. Will you trust the U.S. government with your photo? Well, if you travel in the U.S. today and come from abroad and you go through global entry, I don't have to share my passport or anything. I just have my face. I get a slip and that's it.
People don't like to be spotted out on the streets, of course, and that's typically what you are talking about with social scoring. Back in Massachusetts in 2015 with the Boston bombings, they were searching for a couple of suspects. Everyone would be in favor of facial recognition for those guys. And that is a very specific application of AI. Regulations are almost like standards. They are always two to four years behind. Whatever they're going to regulate is what we developed three or four years ago. I think it must be done with good intentions and serve as guiding legislation.
SIW: Clearly you see AI as having a huge future in your products.
Nilsson: Back in the mid-2000s, we had the analytics hype cycle. There was a tremendous amount of money being thrown into that technology coming from DARPA. After 9/11 there was a couple of companies doing facial recognition. Then suddenly every company got funding to do technology that finds bags left behind, and all those, to minimize the threat of terrorism. It was a tremendous amount of money and people didn't get it to work. And then it gradually got better and better and better. By about 2019, because of deep learning processing at the edge, it started really to improve and suddenly people just tag it as ‘AI.’ I think it’s a good thing that it’s getting some attention from our industry, and people are a little excited about it.
SIW: Some researchers and futurists are talking about AI-driven technology taking over certain jobs performed by humans. Do you feel that will happen?
Gren: We've been discussing this forever and I hope that will happen because a lot of boring jobs should be automated. If you look in the security industry, 80% of the spend is typically on manual labor, like maintenance and monitoring -- not to mention all the guards.
SIW: A typical network camera today generates five gigabytes of data every day. Most cameras store this video for 7, 30, 60 days in the U.S. and there are close to 100 million cameras installed and 10 million new ones being installed to replace older ones. Will all this data be stored in the cloud market?
Gren: Absolutely not. Video storage produces a lot of data, and the cloud is a lot more expensive than people tend to think. The costs today are much higher and there are so many issues with guaranteed bandwidth and the cost of providing that. Think of the amount of data and solutions that would be needed. It’s just not viable. I believe it will be a hybrid model that will include not only the cloud but local storage on a spinning disc or SD cards.
SIW: What about managing devices in the cloud?
Gren: If you have a lot of cameras in the cloud, you obviously need to manage them. And if you are spread out and have many locations -- like a customer I was visiting a few weeks ago -- obviously being able to maintain and upgrade those cameras is quite essential. We have developed some tools such as the Access Device Manager and now we’re having the device manager extend, which is the best cloud-based solution for maintaining running background.
SIW: Will everything be connected to the cloud?
Gren: Of course, we will see more products connected to the cloud, and I think Axis already has the highest number of cloud-connected cameras in the world. But a lot of applications will never move to the cloud because it's high security and you're not allowed to share the data with somebody else.
SIW: If you go back to the first ACC 15 or 20 years ago, the four-letter acronym ‘BRIC’ walked talked about Brazil, Russia, India, and China. Fast forward to today, Brazil is still challenged with political issues and problems. Axis backed out of Russia before the invasion of Ukraine for ethical reasons. China is an open market, but in our business and in technology, it's becoming more and more polarized and the vendors from China are banned for different reasons in a lot of countries. What do we have going on in India and Europe?
Gren: India is still thriving and growing, and we just opened a new office with a complete experience center in Bangalore in addition to the offices we have in Delhi and Mumbai. At least something is happening. Making an impact in Europe is GDPR (General Data Protection Regulation), a law for protecting privacy and integrity. It also means you should train AI in an ethical way, which means you do it in-house. GDPR contains plenty of good things that I believe will be implemented globally.
SIW: The National Defense Authorization Act (NDAA) also impacts the security industry in terms of vendors and supply chain, particularly with China. But what other implications come with these rules besides federal projects or federally funded projects?
Gren: There is a lot of large enterprises, private customers and public companies that implement the same rigorous rules when it comes to procuring products because they want to be compliant with the federal government. In Australia, the U.K. and even Sweden similar regulations are being put in place. Remember also that there’s no way to certify if a company is NDAA compliant. You must read all the documentation and guarantee yourself that you’re NDAA compliant. If you are wrong, or if the vendor you work with is wrong, and you sell something and (the regulators) come after you, it will be a very, very expensive problem for that company.
SIW: What are your biggest priorities as far as cybersecurity for the immediate future and trying to keep your products safe and people protected?
Nilsson: When it comes to cybersecurity it’s not a technology, it’s a process. It starts with product development and having a systematic process and culture in the company so people can challenge each other in how the code is developed. And you can repurpose on prior knowledge to make sure the code is as cyber secure as possible. It really starts from years before the product is being produced. There are always going to be vulnerabilities in a product that you never thought about. You must have a process internally to develop products that allow for quick updates and new firmware.
SIW: Have you heard anything from your channel partners that has surprised you or highlighted areas where you can help them?
Nilsson: We had conversations called lunch with leadership. Marketing was sitting at the table with eight integrators, I had another eight integrators. One thing I heard, which is both good and something we must work on, is that we have a lot of different tools. We have ADM Extend, which is a cloud-based tool and ADM, an on-premises tool. We have a Site Designer, Audio Manager and access camera stations. They said, ‘Could you please do one system that works with everything because you have so many different tools?’ The good thing is that they like and use the tools. They would like to have one system that does everything, which might be a little bit complex. But you can see how we like to have the same interface, the same setting, and they could work as plug-ins.
SIW: During a forum on AI at GSX last year there was a debate about whether large firms investing in AI would be vying for the integration market. What do you think the integrator of the future needs to be to keep up with the technological changes and cybersecurity requirements?
Nilsson: For most end-user customers, whether it is an airport, a school, a retail store or a government facility, security is not their full competency. I think they’d pay a lot more to the integrators who can not only install a project, drop the keys, and move away, but go in and say, ‘We’re going to install, maintain and upgrade the system to make it cyber secure with the tools we have for the next five to 10 years. Here is the price of that contract. Because most of the end customers don't really want to deal with it.
Being ready to make a long-term commitment to the end customers is important. There are also a lot of new technologies coming out and things are happening quickly. They need to be well-educated and up to speed on what’s going on. There is a tremendous opportunity for integrators to do things right. We see a couple of them that work in that long-term way that has tremendous growth organically or acquired growth in this industry.