Big Data in physical security
In our previous article about Big Data we learned that retail giants like Amazon use Big Data to analyze purchases and boost sales. But how is Big Data currently being utilized in the realm of physical security?
According to Bob Banerjee, Senior Director of Training and Knowledge with NICE Systems, it isn’t.
Wilco Van Ginkel is co-chair of the Cloud Security Alliance’s Big Data Working Group. He agrees that, while physical security may utilize a large amount of data, it has not yet truly crossed into the realm of big data.
The cameras don’t tell you anything about the underlying cause of that movement. You, the security guard, must investigate.

Bob Banerjee has developed a model to explain the different layers of Big Data in physical security. “The first four layers are the things we’re doing today. They’re the foundation to achieve true Big Data in physical security. You need them. But, on their own, they aren’t true Big Data.”
Revealing the cause
“One thing people need to realize is that just because a source generate a lot of data, that doesn’t make it Big Data,” he says. “For example, CCTV cameras have always been around and they generate lots of data – but that doesn’t necessarily make it Big Data. If you’re a security guard and you’re monitoring all sorts of entrances, and if you’re lucky, the CCTV cameras may generate an alert if they see something moving. But the cameras don’t tell you anything about the underlying cause of that movement. You, the security guard, must investigate.”
So where does Big Data come into play? It’s when the human element is removed from the equation.
“Big Data would be a proactive system that can filter data and tell the security guard: There’s a van at that door and it’s suspicious. It shouldn’t be there,” says Van Ginkel.
The seven layers of Big Data

The second layer of the Big Data pyramid is the collection of data from multiple sources, such as video surveillance and access control and alarm systems. Source: Wikimedia Commons (Hustvedt)
Bob Banerjee has developed a model to demonstrate where we are and where we’re headed.
“There are seven layers. I’ve formed them into a pyramid. The first four layers are the things we’re doing today. They’re the foundation to achieve true Big Data in physical security. You need them. But, on their own, they aren’t true Big Data.”
- The first layer is Datafication. This is the capturing of large volumes of security data in digital format so that it can be processed in a meaningful way.
- The second layer is the collection of data from multiple sources, such as video surveillance and access control and alarm systems. Banerjee points out that managing multiple streams of data can be already be achieved using PSIM (Physical Security Information management System.)
- The third layer is alarm generation. This when the system can process the data coming from multiple sources and generate an alarm. But the system still hasn’t “connected the dots” at this stage, according to Banerjee.
- That comes in the fourth layer, when a system correlates the results of various alarms.

(Click image to enlarge) The seven layers of Big Data in physical security, as explained by Bob Banerjee.
Datamining – true Big Data
True Big Data in physical security is only utilized in the fifth layer of Banerjee’s pyramid.
5. This is the layer he has dubbed Datamining.
“Datamining is all about computer crunching large volumes of data,” says Banerjee. “You need these large volumes for statistical significance. Then, from that data, you use algorithms to define patterns based on correlations. So the computer may say: If ‘A’ happened then, very often, within three minutes, ‘B’ will happen. Where you get to Big Data is when the computer thinks the next event should happen and the computer warns you it will. A human didn’t program that warning.”

Sample scenario of situation management (Click image to enlarge)
1. Gas sensor sends alert to system
2. System checks for pressure changes and pops up relevant video feeds to verify the alert
3. System accesses relevant information sources
4. System correlates data with rate of pressure change and environmental information and displays GIS plume model
5. System locates and sends task assignments to people best equipped to respond.
Using mobile devices, the system procedure asks responders: “Initiate Evacuations?” If responder answers “Yes” the system activates evacuation procedures and displays relevant GIS layers.
Source: NICE Systems.
Proactive action
The final two layers of Banerjee’s model, layers six and seven, are interconnected.
6. Proactive Action Based on Similarity
7. Proactive Action Based on Abnormality
“In the sixth layer, the computer is analyzing data to determine what is normal. For example, in an office building, employees swipe in between 8:30 and 9 AM. They swipe out between 4:30 and 5 PM. This is a normal pattern of behavior that the computer learns.”
But, in the seventh layer, the computer has analyzed enough data and determined a pattern of normal behavior that it is now capable of identifying an abnormal behavior – and taking action.
“So, for example, if an employee swipes in at 2 AM on a Sunday, the computer notices that this is abnormal. Not only that, it takes action,” says Banerjee.
“The end goal is to have a system that sets itself up to look for things that we never dreamed of. That will be the beauty of Big Data for physical security.”
By Rachel Sa
Don’t forget to read our previous article about Big Data.