Share this article:
The Five Technological Forces Disrupting Security
We are fortunate to be living in one of the most exciting times in the history of modern technology. Dozens of technological currents have converged and amplified and remixed with each other to accelerate the pace of innovation beyond anything mankind has ever seen. We are simultaneously living in a time when physical security—or, more to the point, lapses in physical security—has become a regular and unfortunate part of the daily news. But physical security is no longer just physical. Modern security systems are now thoroughly cyber-physical systems, which means that they have inherited both the power and the pitfalls of the digital world.
The past 30 years have witnessed many major technology explosions that have changed the way we interact with each other and our world. Millions gained their first computing experience during the PC era. The Internet—with a little help from some friends—coalesced these individual computing experiences into the collective experience of social networks that have the potential to connect every person on the planet. The smartphone then assured that we didn’t have to leave home without it. And now, before our eyes, we are watching the rise of the Internet of things, along with the big data and analytic systems necessary to make sense of the unprecedented volumes of data they create.
Physical security is right in the middle of these upheavals. It is being transformed by the five technological forces that have become the signature change agents of our era: cloud, mobile, IoT, big data, and social networks. How and where these changes are taking place, as well as the effects they will have on the practice and business of security, are the subjects of this book.
The technology adoption life cycle is a widely used framework for understanding the acceptance of new technologies, and it fits the change we are witnessing across the physical security market. The life cycle consists of five stages of adoption. The so-called “innovators” and “early adopters” and “early majority” are at the front end, while the “late majority” and “laggards” take up the rear.
When I venture to observe to industry insiders that the physical security industry has generally fallen in the middle of the adoption pack—somewhere between the early and late majority—most of them remark that I might be a little too generous. The industry is slower than that, they say. The languid adoption rate of Internet Protocol (IP) technology is a case in point, where security products were late to the game by a good 10 years compared with our brethren in IT. More recently, for a market shift as major as cloud computing, the industry has been just barely in front of the laggards. Need proof? Contrast the current sub-five-percent cloud adoption rate in commercial security with the eighty-plus-percent adoption across the rest of the IT spectrum.
This circumspection isn’t all bad: customers know what to buy, producers know what to make, and investors know where to place their bets.
But the playing field is changing. The five forces of technological transformation—cloud, mobile, IoT, big data, and social networks—have become too strong to ignore, even in a context of cautious adoption. In combination, they are producing security products that are vastly better than their forebears. In combination, they are lowering the cost of entry for innovators. In combination, the historical barriers will not stand.
While the interplay and interdependence between the five forces are impossible to ignore, my book The Five Technological Forces Disrupting Security: How Cloud, Social, Mobile, Big Data and IoT are Transforming Physical Security in the Digital Age, is organized to examine each of these forces in turn. Naturally, there is some crossover within each topic, but for the most part, you can follow your interests along the lines of the five major sections.
In Section 1, we look at the current state of cloud computing in the physical security industry and how it is disrupting the on-premise computing paradigm. While the industry has always recognized the power of centralized computing for alarm monitoring, it has been paradoxically slow to widen that stance for cloud computing in general. By the same token, the subscription model of software-as-a-service (SaaS) should have been a cinch for an industry that has been largely structured around recurring revenue business models. Instead, the inertia of perennial concerns about cloud security and reliability has dampened the acceleration common across other markets. We’ll look at what’s happening next as fears subside, distribution models adapt, and new entrants disrupt the status quo.
In Section 2, we look at how mobile technologies are changing security administration, the interaction between buildings and their occupants, and identity and access management. As in almost every other software domain, the notion of “mobile first” is changing the product priorities of security system developers and changing the job description of practitioners from guards to CSOs. Previously constrained to the desktop, professionals who interact with modern electronic security systems are freed from their desks yet retain the same richness of data, command, and control. As every major security event reminds us, the ubiquity and connectivity of mobile networks are an indispensable tool in emergency response. On a less dramatic note, mobile is changing the customer experience of employee, tenant, and guest interactions from an inconvenience to a positive “customer interaction” opportunity for security organizations.
In Section 3, we see that the Internet of things (IoT) phenomenon finds one of its most fertile fields of use in the physical security domain. That’s no surprise, because conceptually, the electronic security industry has been using IoT since well before it crested the current hype cycle. The largest contribution that IoT will make to security is in the proliferation of sensors that add to the data available for decision-making. Even devices that are not formally a part of the security system will generate “data exhaust” with security value we can all mine. But along with this rise of available data, there will be a huge increase in the available attack surface to be exploited by hackers. The challenge for practitioners will be to leverage these technologies while harnessing the data and protecting both physical and network infrastructures.
In Section 4, smart data, the use of large scale data analysis is examined as an up-and-coming tool in the future of security. But we are not there yet. While big data has made huge inroads in fields from medicine to physics to retail behavior and stock market analysis, it has been curiously absent from the physical security domain. The delayed adoption of cloud computing has been a major impediment in this regard, because it is the platform on which big data systems naturally flourish. Instead, what we find across the electronic security landscape is an archipelago of millions of small systems that each keep their data separate from the others, thereby thwarting large scale analysis.
In Section 5, social networking technologies are viewed as an example of how identity and access management (IAM) is moving onto new platforms. Using the organizing principle of “social spaces,” we identify how social technologies will impact the physical security domain. The use of social log-ins, previously confined to accessing virtual spaces such as web sites, is becoming available as a means to authenticate ourselves to real physical spaces. This works because social identities are a unique identifier that can replace the many tokens we carry around for each individual space we interact with today. Currently used by billions of people, social networks may also prove to be a valuable communication channel to enhance the practice of security. With the networks in place, crowdsourcing may become a way to harness the power of the crowd for participatory security.
In closing, we look at adoption rates for each technology and what these changes might mean to the future of the physical security. The consumerization of commercial security is a thread that runs through many of the anticipated changes, shadowing the consumerization of IT that has been remaking that industry since the new millennium.
I’ve taken the literary license of opening this book with a somewhat personal narrative that describes the origin story of Brivo Systems. This start-up was my vehicle into the security industry and followed a path that wove its way through all five of these forces. I hope that in sharing this journey, I can convey the deep passion and optimism that I have for our industry and our future.
The above article is from the Preface to the author’s book The Five Technological Forces Disrupting Security: How Cloud, Social, Mobile, Big Data and IoT are Transforming Physical Security in the Digital Age. If you would like to order a print or ecopy of the book, visit the Elsevier Store here. Apply discount code STC317 at check-out to receive 30% off the list price and free global shipping.
Securing computer systems is crucial in our increasingly interconnected electronic world. With so many business, consumer, and governmental processes occurring online, a growing potential exists for unauthorized access, change, or destruction of those processes. For years, Elsevier’s Syngress imprint has helped computer and information security professionals learn theory, strategy, and tactics for protecting digital assets in this constantly evolving field.
Our books and eBooks in areas such as info security, digital forensics, hacking and penetration testing, certification, and IT security and administration.
Click here for Syngress companion materials
Click here for access to our archive of free eBooks, booklets and downloadable PDFs for Syngress and Computer security content.
Access companion materials and instructor’s resources for all our books from the Elsevier Store. Search by author, title or ISBN, then look for the “Resources” tab on any book page.