Identifying the Future. Physical Security Information Management (PSIM) The Transformation of Gaming Security and Surveillance

Identifying the Future Physical Security Information Management (PSIM) The Transformation of Gaming Security and Surveillance April 20 th, 2011

The application of advanced technologies over the past decade has transformed the manner in which security and surveillance functions have been performed. This transformation has led to a new defined category, Physical Security Information Management (PSIM). PSIM is and will greatly enhance the level and quality of service provided to gaming operations, ensuring gaming integrity and the capacity to meet regulatory requirements. This presentation will address the history, current market trends, components, capabilities and future development of Physical Security Information Management and what this means for the support and enhancement of gaming operations.

Physical Security Information Management Topics What is it? Traditional Physical Security Elements Convergence Structure Driving Forces Market, Background and History Why it Matters Elements Convergence and the Enterprise Operational Examples Gaming Correlation Challenges and Obstacles Adoption and Best Practices Conclusions

Physical Security Information Management What is it?» Converging video surveillance and other physical security systems with IT security and reporting» Combining the enormous amount of information being collected (alarms, events, etc.)» Using business logic to reduce the most relevant and important information and details for: analysis and action Improvement of cross-organization communications, collaboration and reporting building a comprehensive security position» PSIM provides a more flexible and useful way of managing security events and the information needed to respond to incidents than traditional command centre solutions

Traditional Physical Security Elements Video Surveillance Access Control Sensors and Alarms Intrusion Detection Visitor Management Identity Management Information Security Guard Tour Dispatch Asset Management Emergency Communication Mobile Reporting Unified Incident Reporting

PSIM Convergence Structure

PSIM Driving Forces Requirement to share and access information in real time Value shift from physical to information assets New compliance and regulatory issues Dynamics of the security environment Economic, cost reduction pressures Security and Risk Management as an integrated element of the overall business strategy New perception of security operations as value added

Safety and Security Complexity Survey 91 percent of respondents stated that they are using security systems and devices from 2 or more different manufacturers 46 percent use solutions from at least 6 different manufacturers 14 percent leverage technology from 11 or more manufacturers 2010 National Safety and Security Survey of senior-level IT and physical security professionals

PSIM Market Size at a Glance The worldwide physical security information (PSIM) software market is expected to grow from $80 Million in 2009 to $544 million in 2015, with a compound annual growth rate (CAGR) of 37.6% There is a mix of companies which are either very strong in pure PSIM solutions and others that are adding functionality to basic video management systems (VMS)

PSIM Market Life Cycle Analysis Frost & Sullivan 2009

PSIM Threat Detection and Unified Interface Frost & Sullivan 2009

PSIM Background Security event management (SEM) or security incident management (SIM), in the IT security field have long served as the correlation that enables IT security to identify false alarms from true events that require attention and response. Companies are now applying these concepts to the physical security domain, producing greater insight into what is going on around the facility, and how to best handle a given situation. By correlating the data feeds and alarms from various sources, a physical security information management solution can provide the context that enables the right response to real threats and security events and disregard those that are not. The shift towards an integrated physical and IT security system is underway with the convergence of analog and IP video and other data sources into a physical correlated environment that leverages an organization's existing technology investments (Server Farms).

PSIM History 2006 witnessed the beginning of a convergence between physical and IT security, driven largely by the greatest fear of security professionals» a coordinated assault that combines an attack on the IT network to eliminate an organization's ability to command, control and communicate with a physical security attack. In order to get a firm grasp of an organization's overall security position, it was increasingly important to integrate the various physical and IT security systems» systems that until now have been managed and run in separate silos. For an organization to adequately protect itself from today's increasingly sophisticated threats, it was critical to leverage advancements in technologies that cater to both physical and IT environments.

Why PSIM Matters At the moment, improvisational, disjointed, ad-hoc security management is normal. It is common to find security operations and traditional command-andcontrol centres using paper-based processes and not sharing information. Business units and IT departments rarely have access to data in corporate physical security departments. Events are managed separately and not correlated.

PSIM & Reporting That Was Then... I m positive we ve got a file on that guy, it s in here somewhere... Or is it in one of the boxes in storage? And I m sure his picture is here somewhere?! And where is the report?

PSIM & Reporting This is Now

Key Components of PSIM Solutions 1. Collection: Device management independent software collects data from any number of disparate security devices or systems. 2. Data Analysis: The system analyzes and correlates the data, events, and alarms, to identify the real situations and their priority. 3. Verification: PSIM software presents the relevant situation information in a quick and easily-digestible format for an operator to verify the situation. 4. Resolution: The system provides Standard Operating Procedures (SOPs), step-bystep instructions based on an organization s best practices to resolve the situation. 5. Reporting: The PSIM software tracks all the information and steps for compliance reporting, training and potentially, in-depth investigative analysis. 6. Notification: Allow for configuration of business notifications based on event types 7. Compliance & Audit: Audit operator behaviour by recording all responses to all alerts for later analysis.

PSIM and Convergence (The Result) Comprehensive integration of systems. Single view of events and incidents. Process-driven event management. Analysis, status and management information. Best practices The behind-the-scenes security policy executed whenever an incident occurs. Preconfigured policies, notifications and alarming.» For example: a Response Plan can draw the user screens to highlight a specific action, or request an action or wait for user input such as an acknowledgement or the response from a communication such as a particular E-mail message

PSIM Across the Enterprise Organizational - Reorganization is happening under the risk management umbrella. Now, there is a single organization responsible for all security related activities - whether physical or IT - enabling a coordinated view of the situation and prompting the right response to a given event. Facility -The facility is evolving as well. Through highly connected facilities, sophisticated software and collaboration technology, organizations are able to better manage a collocation facility or a virtual location. Physical Security and Video Technology - New video technologies are enhancing the abilities to protect physical plants. However, this wave of new technologies must co-exist and work seamlessly with existing video solutions Physical and Logical/IT - Connecting network and IT access to systems and applications with the physical access of a facility, building and/or room is gaining significant interest, with major physical security players partnering with logical security vendors to broaden protection from people and assets to information and infrastructure.

PSIM Operational Examples Employee injury Fraud Exclusions Vehicle Theft Player Transaction Guest injury Trespass Vehicle Accident Assault Security Investigations and Surveillance Reporting Converged PSIM Platform HR Guest Relations Compliance Legal Safety Facilities General Managers Gaming Workers Comp

PSIM - The Gaming Correlation The revenue for the Canadian Gaming industry fell 2.3 percent in 2009/10 to $13.96 billion. The revenue for the U.S. casino industry fell 5.7 percent in 2009 to $30.7 billion.» Due to the recession and increased options for entertainment, adults are watching their entertainment spending more closely.» Casinos must try to level their spending and minimize losses in order to enjoy the same revenue. Reducing fraud, cheating and law suits have become increasingly more important.» Additionally quality customer service and identification of high value players becomes critical Canadian Gambling Digest 2009-10. American Gaming Association, Christiansen Capital Advisors LLC.

Gaming and Physical Security Components Video Surveillance Access Control Sensors and Alarms Intrusion Detection + Visitor Management Identity Management Information Security Guard Tour Dispatch Asset Management Emergency Communication Mobile Reporting Unified Incident Reporting License Plate Recognition Valet Event Driven Video Analytics (People counting, etc.) Facial Recognition AML/Foreign Exchange Point-of-Sale (POS) Casino Management System Ticket-in/Ticket-out Responsible Gaming Analysis ATM Transaction AML Buy Ins/Disbursement Transactions RFID (Chips) Player Analysis & Gaming Reviews

Gaming Data Casinos and the gaming industry historically have collected large amounts of data on their customers. This data is stored across numerous disparate locations, such as the hotel systems, slot systems, games systems, security systems, surveillance systems, human resource systems, marketing systems, and accounting systems. To search for data on an individual player, casino personnel have to perform separate searches on each of these systems and manually collate the data from each prior to being able to analyze it. This process is extremely time consuming and labour intensive, and due to resource constraints, is often avoided altogether.

Gaming Analysis and What it May Look Like

Challenges and Obstacles Technology Cost Operational Considerations Compliance

PSIM Technology Challenges Knowledge of IP Networks: IT Centric movement as more systems become software based. Securing Access to Data - How to manage cross platform security. Data Aggregation and Overload - There are too many cameras to monitor and too much information. Analog to Digital Migration - Organizations have to manage a large installed base of analog (90 percent-plus) plus fast-emerging digital components. Multiple Management Interfaces - Every product and system has a proprietary standalone management console. System Interoperability and Standards -- Systems such as surveillance, access control, information security, etc. to date have been built in silos. Post Event Driven - Post event review only helps "solve" the crime, and does not accomplish the primary mission of preventing it. Archive and Storage - Legacy tape systems are not suitable for fast data retrieval or event correlation.

PSIM Cost Challenges Who pays for what and who owns what?: IT vs. Physical Security vs. Human Resources vs. Facilities vs. Operations vs. Etc. Traditional hardware infrastructure replacement (i.e. analog to digital replacement) Legacy Equipment and Networks - Forklift upgrades are unrealistic and simply aren't acceptable from a cost perspective Training of existing physical security staff on new network software driven applications Interoperability costs between multiple systems and proprietary vendors (due to lack of standards and open architecture)

PSIM Operational Considerations Data Collection» Simple, fast, accurate, date time stamped, consistent, minimal typing, audited, secure, searchable, instant statistical reporting and distribution Data Searching» Search and compile by single or multiple criteria, ability to save standard daily, weekly, monthly customized report filters as required Incidents and Investigations» Ability to capture complete story, video, scanned documents, external files, links to long term DVR storage, real time video capture, legal and procedural form automation Shift and Personnel Briefing Incident and Subject Centric» Direct access to subjects, personnel and contact information with the ability to select all involved parties on an incident Centralized Multi Property (enterprise) Secure Solution Training Requirements

PSIM Compliance Considerations Compliance Managing the multitude of industry compliance requirements becomes a difficult task as systems share data» HR» Safety» ID» Financial Privacy are their provincial or jurisdictional mandates to maintain privacy and/or access to information

PSIM Adoption and Best Practices Data management best practices are more pervasive. Regulatory compliance and management best practices dictate that computer systems and data be handled in standardized ways, such as according to the guidelines established by the International Organization for Standardization. Security departments are, in general, not compliant with these best practices. Business executives are demanding more data. Business decisions are made throughout organizations by analyzing data. Security departments will be forced to share security and risk data in ways business executives can understand and appreciate. Businesses continue to adopt computers, software and networking for performing critical functions. The costs of networking sensors and components continues to drop.

Replacing the Outdated Command Centre The security command centre is not keeping up with the organizations' other business units.» IT has its network operations centre; IT security has its security operations centre; corporate security has its command-and-control centre. The physical security operations centre still looks like a 1980s police department. Today s security executives make decisions based on data. Traditional paper-based operations rely so heavily on the security management alone, that it simply does not give the data needed to make decisions. For those replacing or enhancing an existing command centre, PSIM software extracts extra value from every existing system - more relevance, context or data from alarm, access control and intrusion detection systems, etc. For those customers without a command centre, PSIM software makes a suitable foundation for incident response.

Alternatives Because security directors and integrators are so familiar with video-management systems, it is possible that they will be considered a good enough solution for a PSIM-like architecture, especially as vendors better integrate access control, video analytics and external sensors into a single view. However, such architecture would be less functional and valuable overall than a genuine PSIM architecture with cross-platform event correlation and reporting. Therefore end users with complex environments seeking to comply with security regulations, as well as those who want to improve efficiency, effectiveness, accountability or transparency, should consider a true interoperable physical security information management platform.

PSIM Conclusions PSIM is the foundation of next-generation security management. It is not a single product, but rather a set of processes and supporting technologies for physical security management and reporting. The prime value of a PSIM solution is when it is standards-based and can interconnect an organization's existing proprietary systems - be it analog or digital, cameras or alarms, firewalls or intrusion prevention systems.» This enables the organization to leverage and build off its existing investments and data rather than a forklift upgrade approach. Effective PSIM requires both integration of technologies and coordination with the IT and security processes governing the management of organizational data. Many vendors, whether physical security or IT security, will develop their own proprietary solutions that require expensive tie-ins with other products they offer. PSIM helps extend security services, improve efficiency and effectiveness, and allow for better accountability.

PSIM Conclusions for Gaming Given the increased reliance and convergence of data systems, casinos will need:» Interoperability among vendors and systems (Web Services for data sharing, communication)» Business Intelligence software for data mining and analysis across all installed platforms and Departments CMS, LPR, VMS, Hospitality, Valet, Slot Security, Surveillance, Marketing, Gaming, F&B

PSIM Results Improved Customer Service Accurate Actionable Customer Data in Support of:» Marketing Activities» Financial Vulnerabilities» Physical Access» Liability» Law Enforcement /Compliance Reporting» Customer Communication Ultimately, PSIM solutions will allow organisations to reduce costs through improved efficiency and to improve security through increased intelligence. Best Practices (Consistent Customer Interaction)

Thank You Questions & Answers James Moore iview Systems jmoore@iviewsystems.com 905 829-2500