Visualisation platforms are essential for an effective Security Operation Centre (SOC)

0
41

Display solutions play a key role in SOCs in providing the screens needed for individuals and teams to visualise and share the multiple data sources needed in an SOC today. Every SOC has multiple sources and inputs, both physical and virtual, all of which provide numerous data points to operators, in order to provide the highest levels of physical and cyber security, including surveillance camera feeds, access control and alarm systems for physical security, as well as dashboards and web apps for cyber security applications.

Today’s advancements in technology and computing power not only have increasingly made security systems much more scalable, by adding hundreds, if not thousands, of more data points to an SOC, but the rate at which the data comes in has significantly increased as well. This has made monitoring and surveillance much more accurate and effective, but also more challenging for operators, as they can’t realistically monitor the hundreds, even thousands of cameras, dashboards, calls, etc. in a reactive manner.

In order for operators in SOC’s to be able to mitigate incidents in a less reactive way and take meaningful action, streamlined actionable data is needed. This is what will ensure operators in SOC truly have situational awareness. Situational awareness is a key foundation of effective decision making. In its simplest form, ‘It is knowing what is going on’.

Lacking situational awareness is often one of the primary factors in poor decision making and in accidents attributed to human error. Situational awareness isn’t just what has already happened, but what is likely to happen next and to achieve ‘true’ situational awareness, a combination of actionable data and the ability to deliver that information or data to the right people, at the right time. This is where visualisation platforms (known as visual networking platforms) that provide both the situational real estate, as well as support for computer vision and AI, can help SOCs achieve true situational awareness

Proactive situational awareness is when the data coming into the SOC is analysed in real time and then, brought forward to operators who are decision makers and key stakeholders in near real time for actionable visualisation. Computer vision is a field of Artificial Intelligence that trains computers to interpret and understand digital images and videos. It is a way to automate tasks that the human visual system can also carry out, the automatic extraction, analysis and understanding of useful information from a single image or a sequence of images.

When considering a Computer Vision application, it’s important to ensure that the rest of the infrastructure in the Operation Centre, for example the solution that drives the displays and video walls, will connect and work well with the computer vision application. The best way to do this of course is to use a software-driven approach to displaying information and data, rather than a traditional AV hardware approach, which may present incompatibilities.
Software-defined and open technology solutions provide a wider support for any type of application the SOC may need, including computer vision.

In the modern world, with everything going digital, all security services and applications have become networked, and as such, they belong to IT. AV applications and services have increasingly become an integral part of an organisation’s IT infrastructure. IT teams responsible for data protection are more in favour of a software-defined approach to AV that allow virtualised, open technologies as opposed to traditional hardware-based solutions.
Software’s flexibility allows for more efficient refreshment cycles, expansions and upgrades.

The rise of AV-over-IP technologies have enabled IT teams in SOC’s to effectively integrate AV solutions into their existing stack, greatly reducing overhead costs, when it comes to technology investments, staff training, maintenance, and even physical infrastructure.
Moreover, with AV-over-IP, software-defined AV platforms, IT teams can more easily integrate AI and Computer Vision applications within the SOC, and have better control of the data coming in, while achieving true situational awareness. Situational awareness is all about actionable data delivered to the right people, at the right time, in order to address security incidents and challenges.

Often, the people who need to know about security risks or breaches are not physically present in the operation centres, so having the data and information locked up within the four walls of the SOC does not provide true situational awareness. Instead there is a need to be able to deliver the video stream, the dashboard of the data and information to any screen anywhere, at any time — including desktops, tablets phones — for the right people to see, whether that is an executive in a different office or working from home, or security guards walking the halls or streets.

New technologies are continuing to extend the reach and the benefits of security operation centres. However, interoperability plays a key role in bringing together AI, machine learning and computer vision technologies, in order to ensure data is turned into actionable data, which is delivered to the right people to provide ‘true’ situational awareness. Software-defined, AV-over-IP platforms are the perfect medium to facilitate this for any organisations with physical and cyber security needs.