You can’t isolate, so integrate

July 2019 Industrial (Industry), Integrated Solutions

As if security in this day and age weren’t complex enough, industrial sites have to contend with a barrage of health and safety risks, strike action and sabotage to machinery. As events in recent years have shown, they have also proven to be particularly prone to cyberattacks, whether through random acts of vandalism, or more targeted and profitable ransomware attacks. And then you get the really bad guys: governments.

At the risk of sounding all ‘The Commies are coming!’ paranoid, one only has to follow the news to know that many of the current diplomatic tensions between the world’s major nations are centred on their cyber-warfare activities against each other. The ability for nation states to probe, and potentially disrupt, other nations’ critical infrastructure has never been more enticing.

According to a 2019 Forrester Consulting study commissioned by Kaspersky Lab, the number of successful breaches to industrial/manufacturing organisations has risen more than 27%, from an average of 102 to 130 per organisation per year. The financial impact of cybercrime is also getting worse, averaging over $10 million for the sector in 2017.

Throw into that volatile mix the fact that many industrial plants still run on ‘brownfield’ systems that are, at their core, decades old and, at best, upgraded with modern bells and whistles, and you have a recipe for disaster. The result is that security professionals in this sector are often left scrambling to manage risks within outdated infrastructure that is not up to the job of dealing with modern threats that can emerge and evolve within a matter of days, or even hours.

One of the most exciting trends to emerge from the Industry 4.0 revolution is that technologies and hardware that were originally developed for the security market are increasingly being co-opted to enhance organisational productivity: think CCTV camera feeds being used to monitor production lines, or access control systems providing a time and attendance function.

Therein lies a further pitfall, however. The increasingly hyper-connected nature of these complex systems leaves them vulnerable to cybersecurity risks from within and without. According to a 2018 study by the research firm Gartner, whereas most threats to operational technology (OT) systems traditionally originated from internal actors with access to physically secured and unconnected components, the opening of these systems to external networks and devices has driven the need to add and integrate information security measures to counteract the growing eventuality of Internet Protocol (IP) or other network-based, external attacks.

Integration is critical

Primarily due to their size and location, industrial sites are generally difficult to protect against intrusion as perimeters may be extensive. This leads to tighter security measures being centred around main buildings and entrances more often than not, and necessitates a more holistic approach to security, in the view of Axis Communications’ Sasha Bonheim. “All stakeholders also need to be involved in the discussion from the get-go: the IT department, operations department, security and SHEQ (safety, health, environment and quality). The security deployment strategy needs to have input from all departments to ensure that there is no duplication of physical security measures, and that vital areas are not overlooked.”

As she points out, the requirements of a process manager are vastly different from those of a security manager: whereas the former wants visual confirmation that the conveyor system is operational, the latter is more interested in observing that no one is trespassing in an area. These days it is trivial to satisfy both these requirements with a single camera, but cross-collaboration across departments is vital if such solutions are to be planned and deployed properly.

Such inter-disciplinary collaboration has to be based on an integrated approach, says Bonheim. “On many industrial sites, most security solutions are standalone. Your surveillance platform, the access control and even your fire detection are on separate servers, being managed by separate departments, and there is no central control of any of these.

“All these solutions should be integrated – they should speak to each other at all times for clear control of the site, from one central point. This allows for faster response to any type of emergency or breach, and also allows for the right response. Should it be a fire in the production area, you would want the control room personnel to call the right people to respond. By having an integrated solution, there is still accessibility for each department, and they do not lose control of their own process or requirement for information.”

Putting it into practice

By way of example, Bonheim says Axis Communications has recently been involved in the upgrading of an unnamed ‘global industrial customer’ to a comprehensive IP-based system. The surveillance system in this application is required to operate in conjunction with a weighbridge, licence plate recognition and visitor access control.

High-level analytics are being employed at the site to identify unusual behaviour. “The unusual behaviour application is based on SHEQ requirements as well as process control,” Bonheim explains. “In essence the cameras have analytics that will identify if someone is on a cell phone in a dangerous area, or if they are moving/walking in an unusual area.” The analytics algorithm differentiates between normal and abnormal behaviour and alerts the control room operator via a dashboard, allowing them to react in the appropriate manner.

“If the normally moving conveyor belt stops moving, this is also deemed unusual and once again an alert is sent. The idea is to minimise the number of screens an operator is looking at, as well as diminish the number of alarms that get missed or dismissed intentionally without review. Furthermore, by utilising crowd identity applications and a PTZ camera, the site can be forewarned about any impending strike or riot action. In the bigger picture, how this helps in the long run is that the customer can now view trends in their processes, and minimise any future disruptions.

“According to Wikipedia, ‘Industry 4.0 is a name given to the current trend of automation and data exchange in manufacturing technologies’. It includes cyber-physical systems, the Internet of Things, cloud computing and cognitive computing. In terms of this description and where IP surveillance and the various subsystems intersect, security has absolutely become part of Industry 4.0. Customers are realising the benefits of having their solutions integrated, for operational processes as well as streamlining of business intelligence. By using the big data and applying rules to filter information, the customer has a much better idea of how their site is operating,” she summarises.

For more information contact Axis Communications, +27 11 548 6780,,


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The arms race of AI in cybersecurity
CCTV Handbook 2020, Axis Communications SA , Cyber Security
Cybersecurity goes further than network video and audio, but these are as likely to be targeted as much as any network-connected device.

The impact of AI on surveillance
CCTV Handbook 2020, Technews Publishing, Axis Communications SA, Hikvision South Africa, Cathexis Technologies, Dahua Technology South Africa , Editor's Choice
Artificial intelligence is a popular buzzword in the security industry that has us expecting real-life science fiction, but what is its real impact?

The future of the VMS
CCTV Handbook 2020, Technews Publishing, Cathexis Technologies, Arteco Global, XtraVision , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Will AI-enhanced video analytic apps that can be downloaded and installed directly onto cameras take business away from the VMS market?

A fresh look at TCO
CCTV Handbook 2020, Axis Communications SA , Editor's Choice
Total Cost of Ownership is a way for strategic buyers to move beyond looking at the upfront price to understanding all costs associated with procuring, deploying and operating a system.

Throwing light on low-light technology
CCTV Handbook 2020, Axis Communications SA, Bosch Building Technologies, Dahua Technology South Africa, Hikvision South Africa, Technews Publishing , CCTV, Surveillance & Remote Monitoring
How far have manufacturers advanced in developing low-light technology that can deliver colour images in almost total darkness?

Secure by default
Issue 7 2020, Axis Communications SA, CA Southern Africa , Editor's Choice
A Secure by Default strategy means taking an holistic approach to solving security problems at the root cause, rather than treating the symptoms of a cybersecurity defect.

The development of on-board cameras in transportation
Issue 7 2020, Axis Communications SA , Editor's Choice
On-board cameras can boost the security inside vehicles, enhance safety in passenger boarding and alighting, improve driver behaviour and reduce maintenance costs.

The evolution of security in residential estates
Residential Estate Security Handbook 2020 , Editor's Choice, Integrated Solutions, Security Services & Risk Management
Two large estates discuss their security processes and the ever-expanding scope of responsibilities they need to fulfil.

Home-grown, cloud-based safety and security solutions
Residential Estate Security Handbook 2020 , IT infrastructure, Integrated Solutions
BeSecure has taken security and communications technologies and turned them into what is best described as care and safety solutions for the estate community in South Africa.

Thermal continues to evolve
Residential Estate Security Handbook 2020, Technews Publishing, Axis Communications SA, Bosch Building Technologies, Dahua Technology South Africa , CCTV, Surveillance & Remote Monitoring
Thermal cameras have made an enormous impact to perimeter security, with more to come as artificial intelligence enhances analytics.