New forms of business opportunity have emerged this past year as many organizations come to terms with a post-pandemic era that involves more remote work, heightened concerns about cybersecurity, and tighter budgets across the board. Specifically for security integrators, the main area of opportunity is in creating new streams of recurring monthly revenue (RMR) through services. While budget for largescale capital expenditures is likely to remain tight in 2023, budget is available and growing for services that directly link to compliance, cybersecurity and changes in business operations. Here are some of the key drivers behind this, and some suggestions on how to profit from these new opportunities.
Need for Remote Management
With more organizations having their workers operate remotely, there has been a focus on how to improve business continuity through remote management. Security integrators need to change the current model where the end-user finds the problem, calls the integrator to roll a truck, and then performs service onsite. With IP-based video surveillance and access control technology, many (over 75% by some studies) problems can be detected and resolved remotely — ideal for a service-based RMR offering. Tools for automated system monitoring and root-cause failure analysis are available and already used in RMR service offerings. Not only does this type of service dramatically reduce the downtime of safety-critical systems like physical security, but it also fits with many organizations need to minimize onsite visits.
New Compliance Mandates
Both federal mandates and industry-level compliance standards have been evolving rapidly over the last couple of years, specifically around extending cybersecurity requirements to Internet of Things (IoT) and operational technology (OT) devices (like physical security systems). In addition, there has been more focus on supply chain and ensuring that organizations are not using banned or end-of-life equipment. Mandates on remediating vulnerable devices (like IP cameras) typically come with a very short timeframe in order to be in compliance, making compliance a good candidate to be addressed through managed services using existing automated physical security IoT vulnerability management and asset discovery solutions.
Many cyber insurance providers are getting fine-grained in how they price and offer policies, and for organizations that rely on physical security and other IoT systems, there is a need to provide detailed information on their operations and how they are secured. Integrators who are using an automated service assurance solution to gather ongoing performance and operational data can provide that as a service to help gain or renew insurance.
As the cyberattack surface has shifted to IoT/OT devices like physical security, so has the focus by the C-suite and boards. Not only do they want to have a plan in place for finding and fixing vulnerabilities in camera devices and access control systems (where integrator-provided services are ideal), but they also will want to have historical performance data to support forensics after a breach has occurred. Demonstrating control over physical security operations now more than ever requires data, and security integrators are best positioned to gather, supply and assess that data.
The tools needed to provide the services described above exist today — specifically for service assurance, continuous system monitoring, and cyber vulnerability remediation. These are solutions that are most efficient and impactful when combined with an integrator’s deep knowledge of security best practices and the end-user’s unique environment and needs. By the nature of the integration business, the most important foundations have already been built — having a long-term perspective and the ability to execute. On other words, services like those described above are a natural extension of the relationship already in motion with the end-user.
The danger for integrators is that the severity of these needs along with the high level of visibility within the organization associated with them means that time is of the essence. Take time here at ISC West in sessions presented by end-users on these needs to deepen your understanding of changing needs of end users. Plan out your visits to the show floor, especially in the Connected IoT and Cyber Security area, to discuss with vendors how their solutions can help you build a strong, growing and profitable RMR stream. And post-ISC West, check in with key customers and discuss with them how to best address these emerging needs together. By taking these first steps at ISC West, you’ll be on a solid path towards better customer satisfaction and a growing revenue stream.