Market opportunities and market risks for security providers
Companies today are increasingly faced with the need to merge the previously often separate areas of “physical security” and “cyber security”, to break down existing barriers between the two systems and thereby strengthen both approaches to protection. In medium-sized to large companies, there is often an organisational distinction between the two sensitive areas. For example, the facility team is responsible for physical security, while the IT team takes care of cyber security. Unfortunately, the two departments often do not work together – for example, the facility team reports to the COO while the CISO reports to the CEO or CIO. A study by Nemertes Research found that in only 10.3 per cent of companies are physical security and cybersecurity linked at some level.
How do physical and cyber security merge?
Until now, these areas have mostly been considered separately, but the increase in remote or home office working and the adoption of cloud-based physical security systems have blurred the lines between physical and digital security. As a result, there is now an increased need to integrate adequate security policies. These new policies need to reflect an integrated approach, rather than assuming that one type of protection is more secure than the other.
However, not every company can be expected to have the staff and skills needed to successfully address the integration challenges mentioned above. Presumably, companies have experts in either cybersecurity or physical security, but often not both. And if they do have experts, they lack, at least in part, the knowledge of the cutting-edge technologies that can best protect their business. Security integrators can help address these challenges and have proven valuable in filling skills gaps in organisations. However, this unique and important role of security integrators is now under threat and so is their position itself.
Risks for security integrators
On the one hand, macroeconomic factors and economic constraints are leading companies to scrutinise every single budget item and ask themselves whether it is really necessary. Digital transformation means they are questioning old ways of doing things and business partnerships and examining them for relevance, effectiveness, revenue potential and value creation.
On the other hand, unfortunately, many security integrators are not keeping up with the change. Research by access management expert Brivo found that only 26% of security professionals surveyed from around the world and across two dozen industries believe integrators are up to date with the latest technologies. Companies rely on these vendors to help them navigate a new and confusing security landscape, and only one in four respondents say they trust that their security partners have done a good job of researching the road ahead.
In the past, security integrators could rely on knowing better than their customers. But 73 per cent of security solution buyers do their own research into vendors and technologies. Integrators run the risk of not being adequately prepared to serve a market that is increasingly knowledgeable about the products they offer – a potentially dangerous situation.
Finding market and security gaps
Brivo’s research points to shrinking market opportunities for security integrators, but also shows how they can meet these challenges and still win the day – provided they address the risks they face.
It is true that companies are becoming more informed about the market for access control systems. They want to know what options are available to protect themselves both in a physical environment and from online threats. This is understandable, as potential threats have increased in both areas, and the cost of eliminating ransomware or similar attacks, as well as the amount of lost revenue, has skyrocketed. Any sensible business will review its protections and its future security options. But every company also makes a cost/benefit calculation as to whether it is better to run security solutions in-house or to rely on a security integrator and its solutions.
That is why it has never been more important for security integrators to expand their industry knowledge. They are the true experts, but in some cases need an even better understanding of the latest trends, advances in cloud security and changing user requirements. They also need to provide better service and even higher quality advice. As the security world becomes smarter and more cloud-based, security integrators who are well informed and trained will have a clear advantage in the market. After all, most companies don’t really want to spend time researching and educating themselves in areas they can effectively outsource. Security integrators need to be able to assure their clients that they are up to the task.
Eliminating information gaps
The challenge is rather that security integrators do not always succeed in showing their clients what benefits and improvements they can offer them. If integrators are better informed and qualified than their clients perceive, they need to do more to inform their clients exactly what they can do. This information gap could be because some security providers are too reactive – i.e. they do not anticipate their customers’ needs and simply wait for them to ask for certain services or products – or because they do not demonstrate their knowledge as part of regular customer service.
Offering lasting added value
In today’s market, there is still a big gap for security integrators. They can survive in this gap. But to thrive, security integrators need to add more value and also be perceived more as optimisers, rather than a vendor that can “just” recommend the right products for specific needs to their clients, integrate them with them and deploy the systems to their advantage. Integrators need to consult extensively with their clients so that they understand how best to ensure that online and physical security work together to make or keep their business more secure. Most importantly, they need to demonstrate their expertise to their clients and ensure that they understand and appreciate the added value.
Businesses are not safer if they rely on their own research and knowledge to purchase and install security products, but if they do not understand the benefits of a specialist integrator, they may choose to go that route. It is up to security integrators to reinvent themselves as the better alternative if they want to stay relevant. If security system integrators want to grow, they need to be flexible to ever-changing market trends, technological developments and customer needs. In order to remain adaptable and provide maximum added value to their customers, they should also train their staff accordingly.
Author: Ingo Meijer, Vice President of EMEA at Brivo