Q&A
Steve Hunt on the Physical Security Industry
Steve Hunt predicts a much-needed shift to end-user focus and open architectures for physical security manufacturers and integrators. (Part of the What Happens Next security predictions series.)
By Joan Goodchild, Senior Editor
November 12, 2008 — CSO — Security industry consultant Steve Hunt is a self-described rabble rouser. Hunt, a former analyst who once headed up the security research practices at Giga Information Group and Forrester Research, now runs Hunt Business Intelligence, an industry advisory firm. His additional background in physical security has made him a central figure in discussion about the interplay of physical and IT security.
On his site, securitydreamer.com, Hunt opines on anything from security trends to his love for Twitter. He recently posted a criticism of the physical security industry for a lack of innovation and spoke with CSO about the feedback he received to his comments.
CSO: You said your post criticizing large physical security companies was very popular. Can you give a brief synopsis of your argument?Steve Hunt: The physical security industry is often characterized as an old-boys network. It's an industry, in general, that is not used to public critique or criticism. There has been no Gartner group, no Consumer Reports magazine, to help customers and serve as their advocate. That means that the large companies have been able to develop sales channels that are sometimes impersonal.
These sales channels lock in customers and donâ¬"t allow for a lot of freedom or flexibility to build a best-of-breed solution. If you are going to do business with Honeywell or Tyco, you pretty much have to do all of your business with Honeywell or Tyco. It's not just because Honeywell and Tyco have a large number of products they want to sell you, but their sales channel has an incentive to lock you in. If a customer tries to add non-Honeywell or non-Tyco products to the mix on their own, the big companies can actually fight them legally or pull out their products. It's just a really mean business.
I talked to senior executive at one of these large companies and said: "When was the last time you had lunch with one of the end users of your products?" And he said: "Lunch with an end user? I donâ¬"t think I ever have."
This is a top executive selling billions of dollars in products to end users. But he argued his customers are the distributors. And their customers are the integrators. And their customers are dealers and end users. Big companies are pretty far removed from end users.
In IT, we know about dealers, we know about integrators. But in IT, an end user always feels they have some recourse with the manufacturer. An end user can always call Symantec and complain, or call Microsoft and complain. But in physical security, there is no channel of communication, no way to do that.
physical security
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- Managing A Growing Threat: An Executive's Guide to Web Application Security
- Upgrading to VMware vSphere with vWire
- Removing Barriers To Better Server Virtualization Efficiency
- Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
- Staying A Step Ahead of the Hackers: The Importance of Identifying Critical Web Application Vulnerabilities
- The Forrester Wave™: Web Filtering, Q2 2009
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
