Today, technology is evolving at a faster rate than ever before. As a result of the rapid rate of change, we are creating an ever-increasing amount of data. In fact, more than 90 percent of the data that has ever been generated was created in only the last three years alone.
As enterprises strive to become more agile in order to keep up with technological progress, we’ve seen a sharp increase in the use of digital technology and IoT devices in the workplace. With this increase in devices, the number of avenues for a cyber-attack has inherently multiplied. Corporate and organizational security teams must come up with new tactics to fend off the advanced threats being launched against our increasingly interconnected digital infrastructure. The need for converged security solutions that can combat both physical and cyberattacks is greater now than ever.
Today’s landscape has evolved from three distinct eras security that have taken place over the last 20 years. Here, we reflect on each of those eras and take a look at where the industry may be headed in the future.
Migration Era (2003-2013)
The Migration Era marked the first time that digital video recorders out-sold VHS and cassette recorders, moving the security industry from traditional analog tools to the digital ones we use today. Before this time, cyber and physical security efforts had operated in separate silos. However, during this period of digital migration, every technology platform, from computers, to the internet, to digital cameras and more, were quickly transformed. By the end of this era, the rise of smartphones in particular, had begun disrupting the use of analog video conferencing methods and traditional cell phones, enabling more personalized, on-demand methods of communication.
Integration Era (2005-2018)
By 2015, the options for connectivity had become virtually endless. Companies struggled to tackle this new frontier of security as technology became increasingly integrated into daily business operations.
In accordance with the continued boom in smartphone use, this era saw a rise in technology that allowed web applications to extend beyond browsers to mobile phones, tablets and other digital devices designed for personal use. Increased access to, and reliance on, the internet transformed the web into a standard part of everyday life.
These new devices and platforms created a demand for a more viable way to deliver digital access. However, this monumental transition also placed more demand on IT networks. In order to handle the growth of integration between mobile devices, companies began to turn away from on-premise hardware towards more agile solutions, such as cloud-based networks, replacing inefficient client-server network architecture.
This era also saw the entrance of large, Federal systems integrators into the security space. Companies quickly expanded their operations in the IT world, and this brought an influx of technology expertise into the security industry.
During this era, Physical Security Information Management, or PSIM, was also introduced to the market for the first time. True, intelligent PSIM software works to convert large amounts of data into meaningful and actionable information by filtering and correlating this data based on criteria such as time, location, duration, frequency and type. The specifics of these criteria are defined by an enterprise’s risk policy, standards and compliance requirements.
When PSIM software first arrived on the market, there was a great deal of confusion about what exactly constituted a true PSIM solution. PSIM is not simply an integration platform – nor is it a command and control platform. True enterprise PSIM software is capable of fully integrating disparate organizational systems and subsystems, including sensors, devices and even related non-security devices, using industry-approved open standards.
PSIM gave enterprises the necessary ability to quickly assemble enterprise systems integrations without having to rebuild their entire security system. While the end of the Integration Era has overlapped slightly with our current era of security, the rise of PSIM set the stage for the state of the security industry today.
Convergence Era (2015-2025)
The current, Convergence Era, refers to ongoing convergence within three distinct areas of the security industry – organizational convergence, technological convergence and operational convergence.
Organizational Convergence
In the field of IT, the network and security operations, led by the CIO and CSO (or Director/VP of Corporate Security) respectively, have typically been managed separately. Today, many enterprises are converging these operations into a combined Chief Information Security Officer role, bringing together cyber and physical security strategies.
The rise of the CISO role signals the strong integration between IT network security and physical security. This convergence has pushed the need for unified security operation centers, or “SOCs,” which are made possible by the technological convergence of digital devices.
Technological Convergence
As a result of ongoing organizational convergence, companies have looked towards new technology to enable the unified management of security and risk. With the introduction of improved digital tools and infrastructure, such as the upcoming 5G network, we will have the bandwidth and ability to scale security efforts more effectively. Additionally, improved software technology will allow us to fully migrate security operations to the Cloud. Technology convergence will eliminate the practice of operating hardware on disparate systems allowing enterprises to achieve the highest level of operational security.
Operational Convergence
Once organizational structures have converged to aid effective, top-down security strategy, and the necessary technological tools have been made available, we must improve industry standard workflows, compliance and regulations to fully enable operational convergence. This will ensure that we are operationally unified and able to execute on the strategy of convergence.
Beyond the ongoing convergence in these three areas of security, one of the most important markers of the Convergence Era has been the shift away from PSIM solutions to the use of Converged Security and Information Management, or “CSIM,” solutions. CSIM extends the capabilities of PSIM software beyond physical security by capturing and correlating data from multiple IT-security and information management systems. With its ability to support large-scale, widely dispersed networks, this more advanced approach to security enables Smart City and IoT applications, as well as variety of other use cases such as supply-chain systems, logistics management and manufacturing.
CSIM can also support global enterprises for which enhanced data visualization and business intelligence are integral features for real-time reporting. Its overall capabilities go beyond security and risk management by offering insights that drive intelligent business decisions. Today, CSIM software solutions are enabling all three areas of convergence within the security industry.
IoT Era (2020-2030)
Currently, there are an estimated 26 billion devices connected to the internet, worth a total of nearly $1.7 trillion. This is almost double the number of connected devices that existed five years ago and includes an increasing number of everyday objects that have been equipped with web connectivity, such as internet-connected vehicles. In fact, it is estimated that 98 percent of cars will be connected to the internet by next year.
As IoT devices become more sophisticated, data correlation technology will move beyond real-time monitoring and begin using predictive analytics. Companies will invest in resources that will help them move beyond the current reactive approach to managing operational risk, towards more proactive methods.
One such way that we will continue to see the use of IoT security grow is through the expansion of Smart City projects. While several such projects have recently begun in the U.S., more extensive Smart City projects have been underway internationally for a while now.
In 2017, the UAE passed legislation mandating that all addressable buildings must connect to the Ministry of the Interior’s Hassantuk Security Network via monitoring equipment and provisions of service. The Hassantuk Smart and Safe City program aims to provide central monitoring of fire and life safety events and reduce the cost of inspections for more than 150,000 buildings across the UAE.
For cities looking to modernize, revamping transportation networks are a good first step towards the Smart City evolution. Many transportation enterprises are starting to tap into the massive amount of data being generated by the public, and using that to data to determine how to restructure or improve their current infrastructure.
Additionally, cities can make use of integrated sensors in public transit systems as well as on trains, local roads and highways to capture and analyze large amounts of data in converged Security Operation Centers. This effort might include identifying areas where traffic lights are not performing optimally, areas where STOP signs should be installed, or monitoring crosswalk safety, amongst other uses. Using the Internet of Things to manage security improves both short-term responses and longer-term risk mitigation strategies. Intelligent data management, aided by the use of new AI tools, will further simplify these efforts, creating a more streamlined and effective urban transportation ecosystem.
Looking forward to the rest of this year and beyond, we are sure to see the trend towards increasingly sophisticated and interconnected security systems, enabled by technology and IoT continue. As the industry moves steadily towards the use of better, more complete tools and strategies to manage organizational security, we improve the ways in which we manage both physical and digital, security risks.