Last month I had a vibrant discussion on my blog about innovation in the security industry. I wrote that IT powerhouses like Cisco, Novell, IBM and Oracle are flirting with the physical security industry, but the effort seems muted. It sometimes sounds like those vendors are trying to re-invent the wheel - no, that’s not it. It’s worse than that. It sounds like they are trying to do what other companies are doing quite well already. Like they don’t have any special difference, any special value. They sound like “me too” vendors.

I apparently wasn’t the only one who thought that way. Commentators on the blog left further observations. One fellow expounded on my reference to disruptive innovation.

Innovations Aplenty?

Large, mature corporations generally do not spearhead disruptive innovation. It’s indeed the core of the theory of disruptive innovation (Clayton Christensen - Innovator’s Dilemma). Rather, these organizations tend to acquire innovators, package and streamline the distribution of these innovations. Christensen’s theory (which is the most well regarded on innovation) is that incumbents have difficulties with fostering disruptive innovation because of adverse incentives. The new markets and opportunities are too small and the margins too low relative to the mature markets they are dominating (classic example DEC and the minicomputer). By contrast, small companies have better motivations to tackle markets that are initially small. The smaller company gains expertise and skills over the years as they grow that business.

Another comment went further pointing out that as innovators innovate, and acquirers acquire, new standards will develop and that’s how the industry ultimately changes.

What is going to occur ultimately is these big companies (Cisco, IBM, etc.) are going to purchase the small innovative companies; and thus new standards will be born as this convergence really takes hold. The market still isn’t “certain” that the investment should be made towards better, IP-based solutions because their businesses by-and-large in the old-fashioned way of doing things hasn’t been impacted enough. The big players entering the market threaten the way many of these legacy firms will do business in the future. I wish I could point to them taking specific action (rather than just acquiring) toward disruptive technologies, but the truth is you are right – they aren’t!

If you look at how these trends affect the economy – either of an industry or a specific company – the outlook may not be rosy.

Growth Needs Alterations

The physical security market’s growth in the last 5 years has been strengthened by the global war on terror and the strong domestic economy. The country does not seem highly motivated to expand the former and the latter is slowing down. As such, it’s not hard to imagine that physical security demand will slow over the next few years.

Combine the lack of value IT companies have generated in physical security with a recession and the senior managers at these IT companies will be motivated to cut their losses into what is for them a small, peripheral and mildly attractive segment.

Six years ago I saw these big IT companies retreat in other new markets they were pursuing and would not be surprised if many do the same soon in physical security.

Though I am a believer in the long-term power of IT to transform physical security, the short-term outlook does not bode well for big IT companies to deliver those changes.

The thread goes on and on. It’s a great read. But in the end we have some cold water splashed on the IT companies and on the large, under-producing brands of physical security. It’s frustrating because I want so much change. I want transformation. I want the IT companies to ROCK the physical security industry!

I want them to create a great story and build solutions (products and services) that inspire and turn on physical security and logical security folks alike instead of preaching convergence – especially not the convergence of physical security teams with logical security teams. This would be a subtle but profound difference – but one that separates a ho-hum non-strategy from a game-changing value-creating growth strategy.

C’mon IT folks. Bring IT to the physical security industry. Bring the software, the hardware, the networks, the processes, the people, the best practices and the innovation. We’ll all be glad you did.

SIDEBAR: Data Leakage Stories Wanted

On another note, I am collecting stories for a future column about data protection and data leakage. Do you have any stories you cans share about trade secrets that slipped away, or confidential documents heading out the door, or the wrong people touching the wrong data? What did your company do about it? I’ll keep all responses completely confidential. Reply to