The physical security industry is rapidly changing, ever evolving, and one that is growing faster than most other sectors of the greater global market. The latest research shows that the forecasted growth rates will be a compound average growth rate (CAGR) of 7.2% and a total market revenue opportunity of $41.27B through 2022.

These economic indicators make the industry a very attractive investment for entrepreneurs and for investment from large corporations from other industries. At ISC West 2018, this was extremely evident as there was a palpable buzz from technologies such as artificial intelligence (AI), machine learning, cloud-based video management systems and cloud-based access control systems.

New market entrants such as Amazon, and a seemingly increased interest and investment from the likes of Intel, IBM, and even Microsoft were present and contributed strongly to the buzz of the industry’s largest tradeshow.The global managed security services market is projected to reach nearly $40.97 Bn, with a CAGR of 16.6% over the next five years

Need for education and enhanced security

With the increased profile of the industry, one can clearly see that the physical security industry is expanding globally to new consumers; bringing with it an increased need to further secure products and services with comprehensive physical and cybersecurity protocols and the need for education.

This convergence of physical security and cybersecurity will create new industry leaders that will emerge to lead a new segment of the combined market through strong investment and leadership.

According to a report published from Allied Market Research (AMR), the global managed security services market is projected to reach nearly $40.97B, with a CAGR of 16.6% over the next five years.

Correlating these two market data points, the forecast for the physical security market is expected to have nearly 18% of the total market opportunity comprised of cloud services at nearly $7B.

Sharing security service best practices

In September 2017 at the Cloud+ Conference in Austin, Texas, the leaders of the Access Control as a service (ACaaS) and Video Surveillance as a Service (VSaaS) markets, converged to share industry trends, observations of customer adoption, best practices in implementation and service, financial models, and several in-depth discussions on securing physical security of cloud implementations through cybersecurity.

The security protocols of a cloud service provider is central to the business’s value proposition
The physical security market will have nearly 18% of the total market opportunity comprised of cloud services

These cybersecurity discussions absolutely dominated every discussion with the clear message that as a cloud service provider, manufacturers and integrators must continue to create robust and scalable cybersecurity offerings to protect customer data and facilities.

Interestingly, an analysis of all of the past cyber breaches was presented by keynote speaker Dean Drako of Eagle Eye Networks, who, through a powerful visual diagram, noted that all existing breaches in the physical security industry were entirely on manufacturer provided hardware solutions; VMS physically installed on customer premises, and camera specific vulnerabilities across multiple providers.Network personnel, cybersecurity personnel, firewall experts, and cloud-specific software development staff all need to be added to core physical security engineering expertise

Cloud versus non-cloud services

The insight that one was able to glean from this information and, that of a greater analysis of cybersecurity hacks across all industries, was that manufacturers and providers of cloud services were more secure and reliable by orders of magnitude than non-cloud solutions.

The reason for these phenomena also became glaringly evident; the security protocols of a cloud service provider is central to the business’s value proposition and as such should be addressed across all levels of manufacturing, implementation, and customer utilisation.

Conversely, non-cloud deployed products rely on field implemented cyber strategies from integrators and end users which often expose lack of skills, education and budget to fully secure these physical security products.

Ensuring successful deployment

As a SaaS service provider, the technical personnel makeup results in an expansion of staff and expertise. Network personnel, cybersecurity personnel, firewall experts, and cloud-specific software development staff all need to be added to core physical security engineering expertise to ensure that the product developed can be successfully implemented and deployed.Implementing a process to protect millions of customer’s data records and facilities begins with mapping out a strategy to secure software and hardware.

These new jobs in the physical security industry will astronomically expand as the market continues to grow $6 Bn in a little over 4 years providing new opportunities to existing and new personnel to enter the industry.

As a leader in access control hardware and an ACaaS provider, ISONAS has taken it upon themselves to implement a process to ensure that their customers can easily implement their products and gain great peace of mind in regard to the security of the solutions.

Data security strategies

Implementing a process to protect millions of customer’s data records and facilities begins with mapping out a strategy to secure software and hardware.

This means employing high-level, seasoned cloud deployment experts to create a strategy in our AWS infrastructure and all ancillary supporting technologies to minimise attack surfaces, create complex, proprietary associations in a multi-layered and multi-tiered connection throughout the application and lastly ensuring that all communication to and from customers’ devices are encrypted and secured.

Manufacturers and integrators must create robust cybersecurity offerings to protect customer data and facilities
Implementing a process to protect customer’s data records and facilities begins with mapping out a strategy to secure software and hardware

Once implemented ISONAS took it upon themselves to validate the infrastructure and the customers experience by subjecting the environments to 3rd party penetration tests.

Addressing cyber threats

These tests, taken up quarterly, ensure a customer that the latest in cyber threats are being addressed and that the manufacturer is providing the latest solutions available in the market.Integration implementation personnel should gain greater knowledge in networks and cybersecurity best practices for their solutions

An added benefit is that customers gain the scalable benefits of enterprise corporate cybersecurity protocols at a fraction of the cost of implementing these on their individual premises.

As an industry, however, it is not simply the responsibility of the cloud service provider to ensure that the customers data in video and access control are being protected.

It is also incumbent on the integrator to ensure that the installation and implementation of the products and solutions are deployed in an educated and skill-based manner.

Knowledge of networks and cybersecurity best practices

The products and services utilised must be easy to implement, be clear in their requirements of the end user networks, and simplistic to apply. Nearly all manufacturers of these products are working diligently to ensure that the integrator has all of the tools at their fingertips to ensure a successful implementation.

However, it will remain important that the integration implementation personnel gain a greater knowledge in networks and cybersecurity best practices for their solutions.The products and services utilised must be easy to implement, be clear in their requirements of the end user networks, and simplistic to apply

In most cases, this will mean additional jobs for new higher-level personnel, access to additional services to provide to end users, and an elevation of networking and security expertise within their business.

Expanding the reach of physical security

These new-found skills and expertise will likely bleed into new markets and expand the reach of the traditional physical security market. It truly is an exciting time to be a part of a rapidly expanding market in the physical security space and to watch the industry react to the growing need for cybersecurity within products and services.

In the next four years, there will be new innovations, new investments, and new winners and losers in products and services. It seems clear that those integrators and manufacturers who have begun to create the strategies and products for tomorrow will be well ahead of those who are not actively addressing the need for SaaS products, yet the window to opportunity remains wide open.

Download PDF version

Author profile

Robert Lydic Global Vice President of Sales, ISONAS, Inc.

In case you missed it

2019 to see a rise in cyber and cloud security solutions
2019 to see a rise in cyber and cloud security solutions

2018 was a good year for integrators and manufacturers across the board. The economy has been strong which manifested itself in many ways but in particular construction was booming. This was very good for the security industry, especially those integrators and manufacturers who provide services and products in the commercial space. Two of the most unexpected things that impacted the market, and will continue to impact it into 2019, are the trade war and the rapid rise of interest rates. I have been monitoring both very closely and didn’t expect the trade ‘skirmish’ to escalate into the trade war it has become. Similarly, interest rates have started to rise which was a bit of a surprise and one that will definitely impact the nation’s economy and by extension our market. Upcoming cloud-based trends Cyber has definitely taken a strong foothold in the industry and with the continued expansion of cloud-based services I see three main trends coming in 2019. The first is the rise of cloud-based products and service offerings that security integrators will have access to. While we have had a few key players already offering cloud-based solutions for a couple of years on the video side in particular, I see this really picking up steam across all other security and life safety solutions. This really leads into the second trend which is integrators adjusting their business models to leverage these cloud-based solutions into recurring revenue models as managed security service providers (MSSP). The ability for integrators to develop their own managed service portfolio will be key; PSA is already working with several partners to help bring a portfolio offering to our membership which is really exciting. I anticipate that we will see about 10% of security integrators take hold of this new model in 2019 and then expect that number to increase by around 10% each year until the majority of the security business is cloud-based and integrators accept the new model of being an MSSP. Finally, of course is cybersecurity. Cyber has definitely taken a strong foothold in the industry and with the continued expansion of these cloud-based services, it will be more important than ever to integrators, manufacturers and end users alike. MSSP portfolio offering The more progressive security professionals will see cyber as an opportunity, a part of the MSSP portfolio offering, rather than just a threat that we have been talking about for going on five years. The winners in this market will be the integrators and manufacturers who can adapt to all these changes, leverage new technologies we are seeing with AI and cloud-based solutions, and those who stick to commodity-based solutions will be left behind. There are some remarkable things happening with AI technology, analytics, biometrics PSA’s growth has been remarkable. We have exceeded our own growth plans year over year and have also exceed the market projected growth marks as well. We continue to add more offerings to our membership to help them stay ahead of the curve, which in turn helps us to do the same. Right now, we are investing in programs that provide data to our integrators to help inform their business decisions. Data is key for any business and PSA has spent a lot of time working with developers and our integrators to understand what the most meaningful data is they need and how we can best deliver that to them by way of dashboards and reporting tools. Future technology advancements The biggest challenge we face is really tied to the higher interest rates that we have seen so far this year and what lies ahead. We help future fund projects for our integrators so when we see higher interest rates, we must closely monitor that and make business adjustments along the way as well to flex along with those rate hikes. I have been in this industry a long time so clearly my enthusiasm for what the industry is doing doesn’t fade. But what makes it really exciting right now is really related to technology advances. There are some remarkable things happening with AI technology, analytics, biometrics – you name it. It is a very tech heavy industry that people can feel good about being a part of and is an industry that will continue to grow so the opportunities are endless.

Balancing the scales: how Open Options acquisition complements new owner ACRE
Balancing the scales: how Open Options acquisition complements new owner ACRE

Open Options, based in Addison, Texas, provides a truly open access control architecture that will strengthen the ACRE portfolio and increase the breadth of solutions offered by the global provider of security systems. The acquisition of Open Options is also an opportunity for ACRE to focus on growth opportunities in North America and “balance the scales a bit,” says Joe Grillo, CEO of ACRE, which significantly grew its reach in Europe, the Middle East and Africa with the acquisition of Siemens Security Products in 2015. “Open Options is also a company that's growing, is profitable and fits seamlessly into our vision for the access control space in which we operate,” says Grillo. Independent operations The strength of Open Options in the Southwest provides significant additional coverage for ACRE in that region of the United States The Open Options brand will continue to operate independently under the ACRE umbrella. Open Options CEO and Founder Steve Fisher will continue in his role as leader of the company, says Grillo. “There is a strong and competent management team in place that will continue to provide leadership going forward.” Open Options’ open-architecture access control solutions will add value to the solutions ACRE already offers under the Vanderbilt brand. In a market that has traditionally been proprietary, the open-platform solution offered by Open Options helps deliver more opportunity to offer customers a full-scale solution based on their needs, says Grillo. In addition, due to its origin as a Texas-based company, the strength of Open Options in the Southwest provides significant additional coverage for ACRE in that region of the United States. Technical and financial resources On the other hand, ACRE provides a greater level of technical and financial resources that Open Options can utilise to help them grow even faster. These resources were not as available to the company if it remained independent, Grillo notes. ACRE’s divestiture of Mercury Security in 2017 facilitated this investment. As discussions began earlier this year, ACRE realised the potential of adding to its access control portfolio in the North American market, says Grillo. Open Options and Mercury have been "partners" for 20 years; Mercury provides hardware panels for Open Options systems. Each company will manage and make decisions about their reseller channels independently “The Mercury brand continues to be a strong one, so we're interested in continuing to nurture that relationship, and in fact we have become a larger and stronger partner to Mercury as ACRE,” says Grillo. “After owning Mercury for a number of years, we had the understanding of the company, the product portfolio and the partner relationships that defined it, so we were confident that the deal would be a positive one for the ACRE brand.” Meeting customer needs “Open Options and Vanderbilt share some customers already and we can leverage that by gaining more share of their business while providing them with a portfolio that will meet a broader set of customer needs,” says Grillo. “Where possible, we can look for synergies in channel partners that are not currently shared to provide access to both brands. This will be a benefit to Open Options, Vanderbilt and our customer base. However, importantly, each company will manage and make decisions about their reseller channels independently.” Are there more acquisitions on the horizon for ACRE? “We're always looking for opportunities that fit into the nature of our business,” says Grillo. “Companies that have growth potential and share similar go-to-market strategies and visions for the future are of particular interest to ACRE. "We're still operating in a highly fragmented market, so we're going to see continued consolidation in both access control and beyond, which means ACRE will be looking for the right opportunities to follow along that path.”

Access Control as a Service (ACaaS) solutions growth with mobile access in 2019
Access Control as a Service (ACaaS) solutions growth with mobile access in 2019

IHS Markit projects that the market for physical electronic access control solutions has grown to over $5.2 billion in 2018. The market has experienced stable and predictable growth rates that have hovered around 6 percent over the past several years. Electronic locks remain both the largest and the fastest growing product type in access control, representing nearly 40% of the global market size for all access control equipment. Impact of technological developments While market growth rates have been consistent, technological developments have dramatically impacted the market in 2018. The most prominent trend involves mobile credentials, which are poised to revolutionise the longstanding business model for access control system sales. The mobile credentials market was still in its infancy in 2018, but many end-users are already anticipating a transition to these credentials by installing compatible readers in their systems. By 2020, over 10 percent of all new readers sold in the market will be compatible with mobile credentials. Access Control as a Service Other trends to watch in 2019 and beyond include Access Control as a Service (ACaaS), which allow end-users to avoid the need to invest in costly on-site IT infrastructures to support their access control equipment. ACaaS solutions will be particularly popular to support small and mid-sized projects that service less than fifty doors. In addition, Bluetooth Low Energy (BLE) beacons will support geopositioning in an increasing number of the world’s most advanced access control systems. Through geopositioning, the exact location of specific personnel can be identified at any site in real-time. The top fifteen access control vendors represent more than half of the total size of the global access control market, but there are pockets of opportunity for new vendors, particularly to accommodate small and mid-sized projects. The mobile credential and ACaaS markets will also be highly competitive in 2019 and should attract an influx of new market entrants.