If the security industry does not heed its customers' cries for convergence, IT and BAS (building automation systems) companies will.
For the foreseeable future the need for security products and services will continue to increase. However, the industry expansion is not likely to be 'more of the same' compared to past years. Security needs drive the industry's growth, but other factors shape it. There are many forces that have been at work affecting four critical factors that are set to shape security industry growth:
* Technology development.
* Customer expectations and demands.
* Financial sector and investor interest.
A security stock watch
SecurityStockWatch.com (SSW) is an independent research and analysis firm specialising in the security industry. The SSW 100 Index, developed by SecurityStockWatch.com, is the only market index dedicated to the security industry. The performance of the SSW 100 Index has sharply outperformed the Dow, Nasdaq and S&P 500, on a consistent basis since 2002. See Figure 1. Full details of the index are contained in a 261-page report by SecurityStockWatch.com titled, 'Profitability Survey, Research and Analysis of the Security Industries', available for free download at:
For investors this picture is good news, because in prior years it has been very difficult to get a handle on the security industry from an investment perspective. One reason for the excellent performance of the index is that it goes well outside of the categories of companies that most of us associate with the words 'security industry'. The index is composed of stocks "that make it their business to concern themselves with the security issues that now plague our lives on so many fronts..." The stocks fall into these groupings:
* BioDefence (11 companies).
* Environmental security (13 companies).
* Fraud prevention (23 companies).
* Military defence (18 companies).
* Network security (18 companies).
* Physical security (17 companies).
This author reclassified the companies on the SSW 100 Index into a different set of categories, to reflect the type of company providing the solution as opposed to the security area to which the solution belongs. The purpose of the reclassification was to help identify convergence factors relating to the index. Figure 2 shows the results.
* 53 companies - more than half of the index - are IT sector companies. (four of the IT sector companies also operate in other sectors as well.)
* Somewhat similar to how the SSW 100 Index included IT companies to achieve growth and performance, eventually most of today's security manufacturers, integrators and consultants must also reach out to embrace some aspects of IT. This is because the scope and direction of the four factors critical to security industry growth - technology development, customer demands and expectations, competition and investor interest - have changed significantly, as a result of one or another type of IT convergence.
IT integrators take on physical security
IT systems integrators have been eyeing physical security projects for two reasons. First, physical security is an important part of information systems security. Second, physical security access control projects are computer-based and network-based systems that often interface with human resources (HR) information systems, increasingly for the purpose of integrating physical and logical user provisioning (assignment of access privileges). This type of IT integration provides an increased ROI for physical security access control systems that are capable of being integrated. The IT side is more complex than the physical security side, which has comparatively few computers. This has led IT integrators to conclude that if they can handle the IT side, they can handle the physical security side, especially for IP-based systems.
The annual IT project revenues from any one of the eight largest IT systems integrators exceed the combined revenues of the top 100 physical security system integrators. Certainly they have the financial wherewithal to incorporate physical security products and services into their businesses.
That has been happening most significantly with IP-based digital video systems.
For example, Cisco Systems recently completed a project to migrate its 2600 cameras from a proprietary DVR solution to a network-centric Lenel Systems software application, which Cisco Security Operations controls and Cisco IT supports from its existing server and network operations centres. Prior to the project, Cisco Safety and Security department was storing digital surveillance video on DVRs, the system grew until the Security, Technology, and Systems (STS) department found itself managing more than 330 servers at Cisco facilities worldwide. The department was overburdened by the need to keep so many servers online and up to date with the latest software patches. "One hardworking IT administrator can take care of 100 boxes, and we had three times that many," says Ken Lang, STS video program manager.
"One morning, IT informed us that about a third of our [DVR] servers were infected", says Lang. "That was our wake-up call to abandon the 'silo' support model, where we purchased and self-managed equipment, and instead to work closely with IT to deploy standard server equipment for CCTV."
Cisco selected IBM Global Service Delivery (the world's largest information technology services and consulting provider) as the implementation arm for the new solution.
The benefits of Cisco's migration to CCTV over IP include:
Video storage requirements were lowered by 60%, representing US$500 000 in savings. The new system reduces storage volume requirements because it has the intelligence to store video only if motion is detected.
Operational risks were mitigated by expediting maintenance and repair. "When a proprietary box broke, we had to dispatch local security integrator technicians, who often were unfamiliar with our site requirements, to come on-site and work with in-house video system technicians," says Deon Chatterton, program manager for the STS group. "Remediation might take five days or longer. Now we have a two-hour response and 24-hour turnaround for repair."
Maintenance costs were reduced by 20% because Cisco IT has economies of scale and spends less time monitoring and maintaining servers.
System security was increased. "Now that we are standards-based, the system is much more secure," says Chatterton. "Network protection and virus definitions are implemented as soon as available instead of when we get to it." Cisco IT has contracted through IBM to provide remote security-related updates. The system has paid for itself more than once by enabling the Safety and Security department to apprehend people who had stolen equipment and then recover the stolen property.
Changing the IT elements of Cisco's video system, and switching to infrastructure management provided by Cisco IT, are what provided these and other benefits and made the project so worthwhile.
Download and read the entirety of the Cisco case study from the Cisco website at: www.cisco.com/en/US/about/ciscoitatwork/case_studies/security_dl4.html
IT projects for biometrics and ID systems dominate the corporate landscape
A visit to the websites of smartcard makers reveals that their marketing efforts are mainly oriented towards IT departments. For example, the current home page of the ActivCard website states, "ActivCard is a leading global provider of strong multifactor authentication, password management, and trusted digital identities with market-designed solutions for governments, enterprises, and financial institutions..." A September 2002 ActivCard press release states, "ActivCard identity technology selected by Microsoft IT Security Group for largest deployment of new corporate ID badges." ID badging systems have traditionally been in the province of physical security. Within recent years, as shown by this two-year-old press release, they have increasingly become IT projects.
Biometric security for PCs and networks, including fingerprint scanners built into keyboards, means that there will be far more biometric security devices employed for logical security than for physical security.
Building controls companies take on physical security
It is not just the IT sector that is bringing new competition for physical security projects. The #1 company on Security Distributing and Marketing magazine's list of 2004 Top System Integrators is Siemens Building Technologies - a building controls company for whom security systems projects are less than 20% of total company revenue.
Two major security companies, GE Security and Bosch Security Systems have both released products designed to facilitate integration of HVAC, lighting, fire alarm and security systems. They are Facility Commander from GE, and System 3T Building Management Solution from Bosch. The integration for both is based upon Ole for Process Control (OPC), a well known standard in industrial automation and building controls. OPC is a series of standards specifications, which are available from the OPC Foundation (www.opcfoundation.org). Architect & Engineering firms increasingly require product specifications compliant with OPC, and since security systems are part of building controls, it makes sense to support OPC integration capability.
Financial sector interest
John E. Mack III, co-founder and CEO of USBX, and former CEO of Protection One (one of the largest monitored security services in North America) said in a May 2004 interview with SecurityStockWatch.com, "The convergence of digital technology with security systems, has spurred capital investing in security equipment. Security systems with digital technology can yield heightened productivity because things like video surveillance can be done much more effectively today."
Mack also said, "And we have seen a more recent trend where companies involved in IT integration work are looking at the intersection of physical and logical security, or the intersection of IT infrastructure with physical security infrastructure all of which is now operating on the same network with digital systems in the security arena. All of this is causing large IT integrators to focus on acquisitions in the security space."
In 2003 three firms established the annual Security Growth Conference (www.securitygrowthconference.com), USBX (www.usbx.com), Security Systems News (www.securitysystemsnews.com) and Mitchell, Silberberg & Knupp (www.msk.com). This conference brings together CEOs of the largest global security companies with CEOs and senior executives of the leading independent security companies and members of the financial community for high-level business development, merger and acquisition opportunities, financing and networking. Participants in this conference were able to observe another trend: an increasing number of companies whose founders and CEOs come from IT company backgrounds, such as NetBotz (www.netbotz.com) and VistaScape (www.vistascape.com). Although not presenting at the conference, DVTel (www.dvtel.com) is another company whose executives come from the world of IT. The personnel of such companies can engage in productive dialogue with regard to both security and IT issues, and their products designs and marketing reflect their knowledge.
New definition of 'security industry'
As the SSW 100 Index indicates, the definition of 'security industry' is expanding. Mack explains: "Historically, the focus on the security equipment business would not have included the notion of a bomb detection business, but more likely, card access control, alarm panels, and digital video surveillance equipment. Certainly there is a broader interpretation today, which includes things like bomb detection, IT solutions and a whole range of things. We are also seeing a very broad definition of physical security from companies interested in broad exposure to the market."
The increased threat of terrorist biological, chemical and radiological weapons has also added a new dimension to security and many companies. Thus chemical and medical companies are now contributing security solutions.
To be continued next month
© Technews Publishing (Pty) Ltd. | All Rights Reserved.