The merger of physical security and IT is known as convergence
Examining the road to convergence
The use of Internet Protocol (IP) in the security industry is increasing but little is known about the relationship between end users and the merger of traditional physical security and IT otherwise referred to as convergence in the security trade press. Markus Lahtinen of the LUSAX project examines the growth of convergence in the security industry and discusses complexities of this relationship.

The LUSAX project at Lund University in Sweden started in 2006 as a strategic research partnership together with ASSA ABLOY, AXIS Communications and Niscayah, to understand the industrial impact and end user consequences following the increased use of the IP to connect security equipment and transmit security data. The swift use of convergence can be confusing, but three main types of convergence are discerned:

  • Technological convergence: increased use of IP-enabled security equipment and technical integration of physical security systems like access control and video surveillance, as well as potential integration with other operational enterprise systems (for example staff and payroll databases)
  • Organisational convergence: the process of coordinating and integrating internal IT security, logical security and physical security for both efficiency reasons (to lower costs) and effectiveness reasons (for example, to address new organisational risks and threats that require coordination between IT and security)
  • Industry convergence: meaning the suggested merging - or even absorption - of the IT industry with the security industry

At the beginning of the research project, there was a sense of urgency in the security industry to ‘catch up' on the knowledge and efficiency associated with the IT industry. Following the terminology from above, industry convergence would push for both technical and organisational convergence. However, the diffusion pattern has not played out as fast as projected back in 2006. The verdict stands clear that technological convergence ishappening, but at an undetermined and slower pace.

The verdict stands clear that technological convergence is happening, but at an undetermined and slower pace

Despite the industry buzz on convergence, little is known and systematically documented on how security end users actually reason and act in relation to technological change. In order to understand the increased use and diffusion of advanced security technology, it is necessary to survey the preferences held by the end users to the value propositions associated with this new technology.  Yet of equal importance are questions on how security departments organise themselves internally and how they act and behave in relation to their immediate internal and external environments.  In summary, convergence cannot be meaningfully separated from the organisational position held by the security department.

Security directors and the security industry: the relationship myth

Based on survey data and interviews with top-tier security directors, several organisational concerns not previously documented have now been identified. One such organisational finding concerns the relationship between the security director and the security industry with regards to what sources are used to keep informed about industry developments.

The answers suggest that peers, colleagues and internal expert(s) matter more than trade shows, trade press, systems integrators and security consultants in keeping informed about industry development. Further statistical analysis suggests particular importance is given to internal expert(s), suggesting  that the internal expert plays a pivotal role in filtering industry noise and that peers and colleagues play an evaluative role to industry impulses filtered by these internal experts. Also, the internal expert usually collaborates with a security consultant in case of major system upgrades. This means that detailed decisions about security equipment rarely ends up at the security directors' table. This finding contradicts the commonly held view that top-tier security directors interact directly with the security industry.

Security directors recognise the value propositions of IP-based security

A second finding is the overall agreement seen by security directors in relation to the value propositions associated with new technology. Value propositions are understood as what contribution IP-based security may have to the security operations in terms of improved efficiency or increased security effectiveness. One example is scalability, meaning that adding an additional surveillance camera, for instance, does not require any costly back-end upgrades. Also, having security equipment running on the same network enables for integration beyond security purposes - for example real-time connection with the global employee database.

Understanding the organisational tree is key in understanding convergence
Knowing the place of security departments in the organisational tree is important in understanding convergence

Taken together, security directors see the value of security technology and also recognise the associated value propositions, but IP as such is not the primary item for top-tier security directors.

Standing of security departments in the organisational tree

Third and finally, the relationship between the security department and the immediate organisational environment is one sometimes described as being conflicting in the sense that physical security is portrayed only as being a cost-entry without any clear profit contribution. We believe this has mainly been used as industry-driven rhetoric to suggest a scenario of diminishing the importance of the physical security director, further bolstering the sense of urgency around the corner.

Quite the opposite, the collected data suggest physical security to be a well-established business process; and often even externally recognised as being a strategic one at that.

Consequently, the initial view describing the security department as being in an isolated position and a ‘necessary evil' is not shared by security directors. This might partially be attributed to self-preserving views held by the respondents, but too much attention has been directed into this form of simplifying security operations, unfortunately at the expense of understanding the underlying premises under which physical security operates.

Implications of convergence in the security industry

A security operation by its very nature is defensive, risk-averse and reluctant to simplify while strategic business logic often rewards risk-taking with a need to simplify complex market conditions. This implies an inherent and fundamental conflict between security decision logic and general market-oriented business logic that is not to be understood as being problematic, but in the best of cases being mutually rewarding. Management of successful security operations strike a balance between these logics.

The process of convergence will not follow a straight path
The path of convergence will follow a non-linear path

All in all, complex organisational conditions have direct impact on the diffusion speed of new security technology like converged systems. Industry-driven ‘copy and paste' deployment recipes for new technology are less likely to be adopted by advanced end users the same way it happened with the diffusion of core business-supporting software, for example software managing invoicing, inventory, and word processing software; relying only on logical components on standardised input/output hardware. Security systems rely to a greater extent on a combination of logical and less standardised physical hardware. This requires a more advanced input of system integration skills, be it skills for installing low-voltage analogue systems or network and IT skills for networked security systems.

Also, the diffusion pattern depends on the type of end user industry. Retail, for example, has a clear performance metric in the form of shrinkage that ties in directly with deliberate thefts. This enables the security operation to match accrued costs and investments to clear measures on losses. Banking and finance, a sector more regulated than most others, requires advanced security systems, where several subsystems need to be tied together to offer functionality that supports security effectiveness. Hence, procurement and major systems revisions in this sector follow a complex chain of decisions involving resellers, security consultants, architects (in the case of sustainable constructions) and internal security staff such as internal experts.

Having described a selection of organisational considerations affecting the convergence, it stands clear that this process will follow a non-linear path, more so for advanced multi-national end users focused on functionality and security effectiveness than the underlying technology providing for security services. For the same reasons, traditional security suppliers are kept insulated and are still in a position to harness their existing relations with end users. However, as a response to increased demand for converged systems, proactive security suppliers may in the long run increase their know-how and leverage their market position by following an incremental approach by engaging into end user projects requiring hybrid or full IP-based security systems.

Markus Lahtinen Markus Lahtinen
LUSAX project
Lund University
Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

In case you missed it

AI in security: The crystal ball you’ve been waiting for
AI in security: The crystal ball you’ve been waiting for

One of the biggest trends in security and technology today is centered around solutions that take advantage of the wealth of connected security systems and devices powering the organisations all over the world. As the number of cloud-powered systems and sensors have massively grown in recent years, security leaders in the private and public sectors have started to look at ways to leverage the data from these devices to better the lives of employees, customers, and residents. But while the dream of creating a smarter, safer environment remains the top priority for organisations throughout the world especially as they continue to face the ramifications of the COVID-19 pandemic, a myriad of factors hold security leaders back from implementing more advanced technologies across their infrastructures. AI as a disruptor of physical security One of the main reasons being that the advent of these cloud based technologies indubitably generate massive amounts of data that hamper any practical use by security professionals and often times create cognitive overload and paralysis by analysis. A myriad of factors hold security leaders back from implementing more advanced technologies across their infrastructures Organisations face the challenge of trying to answer numerous questions using the big data generated by the various systems and technologies. How are they going to handle the influx of information that all these disparate systems generate? How can it be analysed to extract any useful information or insight? What IT security controls are put in place to safeguard the data? How can the data be effectively curated and funneled to the right people at the right time? How can we make our security footprint be more proactive rather than constantly reactive? The answer is artificial intelligence. AI is undoubtedly one of the bigger disrupters in the physical security industry and adoption is growing at a rapid rate. And it’s not just about video analytics. Rather, it is data AI, which is completely untapped by the security industry. Improving your competitive advantage Today, all divisions of an enterprise are trying to leverage AI and big data to improve their competitive advantage and bottom line, including accounting, sales and marketing, material sourcing, and research and development. We need to ensure that the physical security industry realises they can significantly benefit from better, faster, and more accurate intelligence from the now unstructured, bottomless silos of security data; only then will this result in positioning physical security from a primarily reactive business to a revolutionary new proactive environment. AI is undoubtedly one of the bigger disrupters in the physical security industry and adoption is growing at a rapid rate As an industry, we need to focus on reinventing how security personnel and safety resources are allocated in the public safety and corporate security industry. And it all has to start with intelligence derived from big data using AI. Security leaders in the physical security and law enforcement industry can combine multiple data sources with predictive and prescriptive analytics and artificial intelligence to inform and dynamically deploy personnel, assets, and technologies. This approach drives automation of their current manual processes to maximise the effectiveness and efficiency of their entire security operations. Intelligently predicting the future? Bottom line: AI can change up your security game by automatically deciphering information to predict the future using a wide range of sources and data that have been collected, whether past, present, and future. That’s right; you can look into the future. By grabbing a hold of this AI-powered crystal ball, decision-makers can perform long-term strategic planning and informed day-to-day operational decision making. And what’s more, AI powered platforms are software-based, often delivered using as-a-service business models that empower security personnel to go beyond traditional static business intelligence visualisation and reporting systems to transformative dynamic, predictive and prescriptive decision-making environments. Today’s platforms are also not your traditional, old school, expensive PSIMs; they are cost-effective, configurable to your needs and dare we say, easy to operate. Every security leader I have spoken with lately want to extend AI to their security programs. They don't always know precisely where AI will fit, but they understand the need to operationalise more of their security practices. The overall why is that we should all work collaboratively to help organisations across the globe leverage the tools available to transition away from a reactive stance and gain informed insight into the future where we are truly prepared for and one step ahead of what is coming down the road.

Building security: How audio tells the whole story
Building security: How audio tells the whole story

Every building starts with the entrance. A solid enterprise risk mitigation and security strategy include protecting that entrance. Often, risk mitigation strategies protecting the entrance have included high-resolution video surveillance cameras, video management systems, and access control solutions. But that strategy and set of security solutions only tells part of the story. Imagine a security guard who is protecting a facility after hours, when an individual approaches the entrance and seeks to gain access. The security guard can pull up the video surveillance feed and see the individual and his movements, which appear to be suspicious. But he also needs to hear him in order to decide the next decisions and actions. Does he escalate the situation, calling for backup and for first responders’ response, or does he allow the individual access to the building because he works there and is authorised to enter?   Meet high-definition voice What the security guard needs is to be able to hear and to communicate with that individual. All enterprise security systems need three primary components in order to successfully protect the entrance and to mitigate risk – access control, video surveillance, and the ability to hear and communicate. Each component plays an integral role in supporting a unified security system, and without all three, the security system is not complete. Access control can be thought of as the brains of a security system by holding data and permissions. It serves as the arms and hands of the system; it can either keep someone out or What a security guard needs is to be able to hear and to communicate with an individualinvite them in. IP video allows a security team to remotely position a set of eyes anywhere an IP camera can be placed on a network. With a video management system, security teams can see what is happening and decide how to respond. However, with remote viewing, the event may be over by the time security physically responds.  Audio adds interactivity That three-component enterprise security system – comprising IP video, access control, and high-definition voice working together mitigates risks and provides value. It also means that security is interactive. Security teams talk and listen to the person that’s seen on a video surveillance system, no matter where the location or how remote. If the person is lost or simply needs assistance, security personnel can talk to them and provide direction and reassurance. Even more, in an emergency, an interactive solution becomes a critical life-saving tool, as it provides data that can be shared between security, police, emergency services, and more. Audio can also detect voices, noises, breaking glass, or other sounds that are not within direct view of a video camera. An interactive security system creates an informed response, by providing real-time situation awareness management. Post-event, it supports forensics and investigations to mitigate future security incidents.  Audio and COVID-19 We are living in extraordinary times. As businesses begin to reopen and stay open, they are looking for any tools that can help them overcome the enormous That three-component enterprise security system – comprising IP video, access control, and high-definition voice working together mitigates risks and provides valuechallenges they face. In buildings and facilities, the COVID-19 pandemic has created a new security perimeter, one that demands contactless access with entry and exit, and that has also created a new duty of care for security professionals. Now more than ever is the need to interact and communicate with individuals moving in and out of doors and spaces without physical intervention. Intelligent communications, integrated with contactless access control, can help a business to comply with pandemic safety guidelines and ultimately, reopen for business and stay open.  COVID-19 has also increased the need for clean-room isolation and quarantine spaces, sometimes in areas not originally intended for that use, where risk of infection is high, and equipment must be easily disinfected between patients. Here, purpose-built cleanroom intercoms, providing clear touchless communications despite the noisy environment, have emerged as critical tools for enabling patient care while reducing the need to enter the contaminated space. For example, voice communication can enable hospital staff to verify identity and to communicate with patients without entering the isolated and infectious environment, which can save on personal protective equipment (PPE) and reduce the amount of exposure to the virus. In non-emergency healthcare facilities, such as medical centers, voice can effectively relay information to building occupants and visitors for screening purposes. Visitors can be seen and heard. For example, a patient who seeks access to a medical center for an appointment can hear important instructions from a nurse via the intercom solution. Seeing the person that you talk to is one thing but hearing them conveys a much better sense of closeness, making it possible to maintain a high level of security and customer service.  The whole story Today’s security systems should no longer simply involve video surveillance cameras generating feedback and images to a security guard. Instead, a new ecosystem for enterprise security and risk mitigation has emerged, and it’s one that involves video surveillance, access control, and high-definition voice. That ecosystem can ensure well-rounded and responsive information management and security platform, all communicating with each other and offering actionable insight into risks and potential physical breaches. Audio is the new value hub of the connected and intelligent school, campus, building, correctional facility, and more. Simply put, a silent security system cannot be an effective security system. In every situation, it is crucial for all security professionals to mitigate risk, no matter what they are protecting. This emphasizes the need to hear, be heard, and be understood in virtually any environment.  

How thermal technologies improve facility security and workforce safety
How thermal technologies improve facility security and workforce safety

Blind spots in surveillance coverage, incompatible video and access control systems, lack of adequate perimeter measures—these are common issues that facility directors must address with their security teams. At the end of the day, facility executives need technology that accomplish more with less—that expand situational awareness, overall system functionality, and real-time response capabilities while generating cost-savings. By leveraging technology like thermal imaging, this is possible. Security directors who want to improve facility management—specifically 24/7 monitoring for heightened security and elevated skin temperature frontline screening for entry control—should consider incorporating thermal cameras into their next security upgrade or new installation project.  Levelling up your security with thermal By using thermal security cameras, facility directors can better protect their property and tenants from external threats. Backed by decades of successful deployment in the government and defense sector for reconnaissance, thermal imaging is a trusted technology. New innovations have expanded the use cases for thermal cameras and made them widely available to commercial and industrial facilities. Today, corporate offices, manufacturing plants and healthcare campuses all use thermal cameras as a core component of their security strategy. All use thermal cameras as a core component of their security strategy Thermal security cameras perform in adverse conditions where standard surveillance cameras cannot. Visual cameras require a light source, and thus, additional infrastructure, to produce an image. If there’s no light, there’s no video. Because thermal cameras measure infrared radiation, or heat, they do not need illumination to produce imagery. In fact, thermal cameras can see in total darkness as well as in rain, smoke, and light fog. They truly enable 24/7 surveillance. Enhancing video analytics Further, thermal cameras yield high-contrast imagery, which not only enhances video analytics performance, but also situational awareness. For example, a security operator viewing a thermal camera feed can easily spot a trespasser attempting to camouflage in the foliage at night by alerting the operator of body heat on premise. Thermal cameras also enable alarm validation. While motion sensors, laser detectors and fiber optic cables need another technology to visually verify the alert, thermal cameras already provide this function. With onboard analytics, thermal cameras detect objects, classify whether it’s a human, animal or vehicle, and provide video clips for remote operators to assess the alert. Consequently, thermal cameras minimise unnecessary dispatch of guards or police for false positives, saving valuable time, money and resource for facilities. In the event of a true alarm, thermal cameras enable superior suspect tracking. Upon receiving an intrusion alert, a long-range pan-tilt thermal camera can widely monitor the area and scan the property. The camera can then follow the movements of an intruder, and if equipped with both thermal and optical sensors, provide both thermal and color video of the person. With this data, a security officer can ascertain the threat level and determine whether the person is an employee who forgot their ID or an unauthorised person trespassing on private property. It is important to note that thermal cameras cannot detect a specific individual or their personal information, rather they classify whether the object is a human and then further analysis is required through of the use of visual cameras for identification.  For these reasons, facility directors, especially those managing large campuses or properties, should consider deploying thermal cameras to maximise their intrusion detection capabilities for stronger overall security. Thermal cameras maximise intrusion detection capabilities Streamlining entry control with temperature screening Facility executives can also improve their access and entry control security procedures by using radiometric thermal cameras for temperature screening. COVID-19, classified as a global pandemic in March 2020, has permanently changed how facility directors build security and environmental, health and safety (EHS) plans. Now, facility directors are prioritising protocols and technologies that minimise both the risk of exposure as well as the spread of infectious diseases among employees, visitors and contractors. Temperature checks have become one of the most widely adopted as a key component of frontline screening practices across facilities. In fact, General Motors plants and the Pentagon Visiting Center are notable examples of critical facilities deploying radiometric thermal cameras for skin temperature screening.  Radiometric thermal cameras for skin temperature screenings allow for a non-contact, frontline diagnostic tool that enables high throughput. These thermal cameras specifically measure skin surface temperature at the inner corner of the eye, the region medially adjacent to the inner canthus, which is known to be the best measurement spot. The most reliable thermal cameras yield accuracies of ±0.3°C (0.5°F) over a temperature measurement range of 15°C to 45°C (59°F to 113°F).  Available in a handheld, tripod-mounted or fixed-mount form factor, elevated skin temperature thermal cameras are deployed inside entryways, immediately screening people as they walk into the facility. These cameras scan a person up to one to two meters (or three to six feet) away. Premium thermal cameras can scan individuals in two seconds or less. Premium thermal cameras can scan individuals in two seconds or less Thermal cameras are intended for use as an adjunct to clinical procedures in the screening of skin surface temperature. Upon detection of an elevated skin temperature, a person must then undergo a secondary screening where a medical device can determine whether the person has an actual fever or should partake in virus specific testing. By implementing these screening procedures, facility directors ensure a faster, non-invasive method to quickly detect possible signs of infection before an individual enters a populous area. This minimises the risk of communal spread of viruses among employees in the workplace, which ultimately increases workforce health, safety and peace of mind. Today, a total security solution designed to detect both physical threats as well as environmental and health hazards is one that includes thermal cameras for elevated skin temperature screening. Facility managers can strengthen their risk management plans by proactively expanding their security systems to include these solutions. Many physical security solutions are already in place at key entry points as well as additional checkpoints, such as indoor surveillance cameras, visitor management and access control. Implementing screening stations with specific radiometric thermal cameras is a logical integration at these locations. Choosing the right solution for your facility While thermal cameras for perimeter protection and elevated skin temperature screening are valuable components to the overall security system, facility directors need to know that not all thermal is created equal. Thermal cameras need to be carefully researched and evaluated before deployment. Here are a few best practices for choosing the right thermal camera for your facility and application. Define your application: A thermal camera made for long-range perimeter monitoring functions differently than a thermal camera built for elevated skin temperature screening. Make sure to choose a camera designed for your specific use case. Know the distinguishing characteristics: Be aware of which technological features separate high-performing cameras from low-end options. For perimeter thermal cameras, resolution, detection range and integration capabilities matter. For elevated skin temperature screening cameras, resolution, sensitivity, accuracy and stability are critical. Check for certifications: Select a thermal camera with proven interoperability. Consider one that is ONVIF-compliant to ensure integration with the overall security system and chosen video management software. Additionally, for elevated skin temperature cameras, consider one that has a 510(k) filing (K033967) with the U.S. Federal and Drug Administration as well as one that supports other screening standards such as ISO/TR 13154:2017 and IEC 80601-2-59:2017. Work with experienced partners: Work with a system integrator who is knowledgeable in thermal. Choose thermal cameras from manufacturers with a solid track record of success for both security and elevated skin temperature screening deployments. Leverage guidebooks, site planning tools and online trainings that these experienced manufacturers have to offer to maximise performance.