KUWAIT: Virtual agents need to evolve towards Smart virtual intelligence, delivering big data through real-time smart analytics, said Jean Turgeon, Avaya’s VP & Chief Technologist, Software Defined Architecture, World Wide Sales, during an interview. Excerpts:
Q: Scanners, CCTV, detectors, are all in place to prevent crime, loss of lives, etc. What is the advantage of all this data?
A: While various technologies continue to evolve and are ‘coming online’ today to address specific security or business needs, the real impact on citizens will only be seen when analytics allow them to be combined in real-time, simultaneously with a layer intelligence over it. Virtual agents need to evolve towards Smart virtual intelligence, delivering big data through real-time smart analytics.
For instance, somebody going to an ATM machine at midnight and being captured on a CCTV system is hardly unusual, but if that same individual was to withdraw the maximum amount from all their accounts, it could be a trigger that there may be something suspicious. Further analytics can be quickly applied – what if those analytics now confirm this person has outstanding infractions, has not paid their loans or has a criminal record?
What we want is for the system to be able to notify the police, inform them of the exact location of the individual, enable tracking through their mobile device by enabling GPS location overriding settings from the Service Provider’s network, automatically update or create a record for tracking, and document actions for future analytics.
Through this, the technology elements on the city-wide network feed in data to a centralized intelligence centre, which can then look at patterns, trends, and identify the best approach. Essentially, it’s about bringing it all together to a difference.
Q: Can technology really be deployed to prevent human mistakes?
A: In some cases it certainly could, as virtual intelligence takes emotions out of the equation. When you have a sophisticated database generating the best possible outcomes based on past experience and lessons learned, there is definitely a strong possibility of eliminating human error. Imagine a person responding to a critical situation where their stress levels are at the highest, you can easily imagine that they may react quickly to a noise or movement in a way that doesn’t generate the desired outcome.
Now picture the same scenario, but this time with a robot, which would be directed by a system devised for these situations, with the backing of a wealth of data. This could definitely give us a much better outcome. If you apply this to an enterprise under cyber-attack, an automated business workflow could be triggered as the attack is detected, enabling the system to take the necessary action to either redirect, isolate, quarantine, or even stop the attack – and also possibly notify a government security agency to also take action.
Q: How do we define security in today’s threats: public security, business security, national security, personal security? What can governments, businesses large and small, do to proactively manage security?
A: Cyber security impacts everyone in this connected world. Every time you connect to an infrastructure you have potential threats – that doesn’t mean we should be paranoid about it, but it is a fact in this hyper-connected world. The old approach of relying on perimeter defense and rule-based security are now inadequate, especially as organizations consider deploying a hybrid cloud model with potentially open API’s accessible to partners and customers to easily integrate with their systems in the new SD-x (Software Defined Everything) world.
At a personal level, think of all the ways you may be connected as you read this article. You could have a range of devices at hand, and even an access card, a Bluetooth headset and so many more things that connect near and wide. Each of these is potential for a personal security breach, if you think of it.
Public or national security is clearly different to business security but all of them impact personal security in some ways. Public security is often related to the transportation industry such as trains, airports, and highways, while national security is typically associated with much broader-impact events we see around the world.
While business security is related to protecting intellectual property or customer data, the key is to ensure reduced surface exposure (meaning all the entry points that an attacker can use to enter an environment) to the public infrastructure, without losing sight of the number of attacks originating from within private infrastructures. Some necessary steps are:
* Reducing surface exposure: No statically accessible services (functionalities that are less used or unnecessary)
* Strong authentication factors (minimum of three) should always be used before extending services to a human being or a machine.
* Frequent monitoring
Take the example of connecting at a hotel – there are now solutions to deliver a secure personal Wi-Fi experience and provide guests with completely isolated zones that others guests cannot access. This is the type of model we must extrapolate and apply to reduce the risk associated with potential cyber-security.
Q: In many countries, there are a number of social and political security issues that come to mind – While there is no magic fix, can you give examples on how technology can be built to solve some of our most pressing issues (national, social and environment related disasters for example)
A: Well, as you state there are no magic fix to these on-going threats but the best way in my view is to continue to reduce the services exposure to the public internet, while imposing stronger authentication methods – even to services you want your citizens or customers to use. While at first it may appear to be annoying to some, the benefits and ability to track individuals or machines trying to gain access to confidential or corporate information will substantially out-weight the few steps individuals or automated system would have to go through to reduce the risk.
External threats are in fact in my view sometimes easier to prevent: I am not suggesting in any way it is easy, but you typically know where the entry point is and what information they are trying to get to. Internal threats are in many cases more difficult to deal with, but when one looks into it, the industry makes it way too easy for people to penetrate an internal infrastructure. Just simply look at various institutions and how easy it is to get into the building, or once you are in the building how you can easily have access to the entire facility, connect via wi-fi or ports pre-configured for a specific service such as a phone, video conferencing unit, and so on.
You should also be implementing stronger multi-factors authentication systems while you leverage the technology to track people and automate security response based on intelligent real data analytics. We have GPS, Wi-Fi triangulations, iBeacons, RFID, Video Surveillance Systems with sophisticated movement, gesture or presence detection, in addition to biometric systems to control access to areas or systems.
All of these can provide much stronger security implementation but yet, the market seems resistant to changes where the legacy IT is holding businesses back for the wrong reasons. The world has moved to the human and device mesh, the infrastructure supporting the connectivity can’t continue to be based on a legacy client/server architecture. The technology is here today, but too many vendors try to continue to convince customers the old way is good enough, it is NOT the case and government, businesses and citizens have the right to demand a change.
For instance, why can’t I have a one-click button to push at any time on my smart phone to call for help, why do governments continue to tolerate service providers not allowing data services on mobile devices which MUST be used to provide exact location and ability to deliver content or enable the smart devices as video inputs for the emergency response team?
The same applies to the transportation industry. Why is it we let citizens head down a highway when we know there is an accident and the highway is fully congested? Why is it we don’t inform the population when a storm is nearby through all the mode of communications we have? It is great to use radio or TV for this, but why can’t the government mandate service providers to immediately send an SMS to ALL of their subscribers when a critical situation is on-going?
We need to see changes in this space, some countries are further along but there are still too many organizations living in the past and not taking full advantage of the technology available to them. The status quo is NOT acceptable.