The Physical Security segment of the security industry is undergoing the most rapid technological change in its history, akin to the advent of the digital dialer in the legacy burglar alarm industry.
Today a combination of rising Internet protocol (IP) adoption, declining legacy analog sales, emerging communication standards from broadband to 4G to Wi-Max and widening acceptance of security technologies as a service is transforming the delivery of physical security services. Security integration makes up about $8 billion of a highly fragmented $250 billion (at end-user level) industry. Although the industry grew at about 14 percent annually for the 10-year period up until 2009, the second half of 2009 and 2010 were poor years for integration, as clients reassessed capital expenditures and, within that, what value proposition they required from their security partners. Overall, the rebound we have seen in 2011 has been perceptible, but modest.
However, within the security integration community, our research has revealed huge market share shifts over the last two years, with most—but certainly not all—integrators fighting falling revenues and margins, while a minority (but still material group) of companies growing revenues, services and backlogs, if not outright installations. This is a change in the industry that looks to be fixed in place for some time and is the crux of our current work in the arena.
New services segment gaining share
With the addition of field-tested and field-selected software analytics and improved communication protocols, end-users are understandably more demanding about potential return on investment for new systems. In this environment, we detail the rise of the new integrator model. This is a model in which falling gross margins in products and installation in a slowly recovering economy is allowing those integrators with stronger “IT IQ” and a focus on recurring service to gain customer mindshare and pocketbook share. By adding a long list of pre- and post-project services, such as project planning and advisory; hosted and remotely managed access control and video; maintenance contracts; software licensing; non-security services such as training, configuration and programming; and internal or third-party monitoring, a segment of the integrator community is rapidly gaining share.
However, dropping the legacy paradigms of high product and installation margins and moving toward a customer-centric service model is an extremely difficult change for many businesses, as this transition requires significant upfront capital and cultural investment. The transformation of the security “solution” from basic physical installations to value-added business partner is creating major distortions in a security industry that is emerging from the recession.
Today for many companies, the service component is critical. When looking at such diverse companies as ADT, Siemens Industry, Diebold, RFI Communications, Interface Security and ASG Security, determining where their commercial monitoring business ends and their integration business begins can be challenging. The line is getting very blurry, as services become critical to winning and keeping the end-user.
Rising standards for video and access control devices likely will be positive for the industry and installers who need to service their projects, but they are unlikely to relieve product margin pressure. The two emerging standards organizations for video, ONVIF and PSIA, could help increase offerings of video and access control as a service and enable recurring revenues; however, these offerings will require intensive near-term capital investment. Product and installation pressures leave integrators with the “choice” of increasing their prices for pre-installation design and consulting, post-installation services (including marketing more functions and technical capabilities of in-house or third-party monitoring), or marketing access and video as a service over the Internet.
Security integrators will have to live on lower product margins than they grew accustomed to and develop long-term relationships with their customers, who will increasingly pay on an ongoing or recurring basis. While the economy appears to be improving enough to allow for sustained growth, the hard truth is that service and licensing revenues and margins—and not product and installation margins—will determine success in the industry over the next five years. While we believe that security integration will remain the province of security integrators (and not IT integrators), the business model for success certainly is undergoing forced change.
The most succinct definition of a systems integrator might be one that assumes a central command and control with a common user interface, shares data and forms a system that performs as if it were one. This can mean getting disparate security and non-security components to talk to each other, so that one system controls end users’ security and processes. As end users, both small and large, place more responsibility in the hands of an individual who functions as (or has the actual title of) chief security officer, central planning and standardized systems across the entire end-user structure are becoming more commonplace. In conjunction with these escalating requirements, increasingly greater demands are placed on the ability of security partners to become more than just an installer of good equipment. As a result, integrators’ gross margins depend directly on the level of a project’s sophistication and their value added contribution to the project.
Judged according to ADT’s now very familiar (and nearly retired) “Value Stages of Integration” as illustrated below, the industry generally has evolved up to level two and is currently fighting over who can more effectively create business at level three. Getting to level six—fully integrated business process with security as part of it—may be a decade away, if not more. Commercial, industrial and institutional end users at all revenue levels are generally demanding increasingly comprehensive solutions. They are asking for these solutions because the physical security, as well as the IT market, is now marketing “solutions” as a way to ensure an ROI conversation, which is generally higher up the corporate ladder from branch and security personnel levels of just a few years ago. VMS vendors—who are increasingly pushing to get their brand noticed by the end user (i.e., Milestone, OnSSI or Genetec), are helping integrators on the video end promote this conversation. This conversation also involves a higher level corporate decision regarding whether to allow remote hosting of access control and identification management. Indeed, hosted access control is several years ahead of video in terms of its acceptance by customers and its promotion by integrators.
The ADT table is instructive because it forces us to think about what exactly is that relationship that will maintain the 30 to 40 percent margin for integrators, when far too many commentators have already written that the IT margin (lower) is inevitable. The integration projects that become truly Business Process Improvement (BPI) in nature has impact across the entire organization, not just in security. This type of engagement typically provides a long-term partnership with a customer, generating the highest margin as a result of the premium value delivered. For example, linking changes in the customer’s data environment to actions in their security environment provides critical knowledge and operational improvements. Providing such ROI-based improvements will allow security providers to grow their revenue streams in difficult times and when there is pressure on product margins.
Integrators have traditionally depended on 30 percent-plus installation margins constituting 90 percent of revenue. The IT integrator model is already at 50 to 60 percent services mix, with the remainder from installation revenues at low-single-digit margins. We once thought that a shakeout in the security integrator market could mirror that of the IT integrator market. Along with this, we once thought that project margins were likely to trend down toward the IT channel average of eight to 10 percent.
Now we believe that this is not going to happen. Yes, we do see some parallels between the market dynamics that SSIs are currently facing, and the situation Enterprise IT service providers faced in the late 1990s—though by now it is clear that security product margins will not fall nearly as far or as fast. The answer to “why?” is simple and two-fold: (1) there is simply too much value added in the products that video, access control, ID management, analytics software, storage, CBRN,(chemical, biological, radiological and nuclear sensing), asset tracking and other technologies in the sector provide relative to IT components, and (2) the services component of integration is growing too fast for end users to ignore the overall value-add of what good integration partners can bring to their business, both today and hopefully for years to come.
While the recession did exacerbate a permanent downward push on pure product and installation margins, through it the integration community continued to show resiliency in protecting product margins. Planning and provisioning security systems will likely remain the province of the security industry. IT integrators are concerned about the capabilities, security, efficiency, storage and integrity of the network. They have not shown an interest in deciding which type of camera (infrared, megapixel, dome, compression) or access control system (ruggedized for the outside, hosted, frequency spectrum), or which types of overall monitoring and backup service the IP security system should have.
Integrators can change their business mix away from overreliance on installation and product margins toward service. Nearly all of the largest integrators (from Siemens Industry to Diebold to ADT to Niscayah) are attempting this wholesale, or in separate business units geared to be fast-growing examples for the company. For example, ADT has made a concerted effort to hire IT-oriented personnel who can ‘talk the talk’ with clients who need to talk converged physical and logical solutions at once. Siemens Industry has set up an entire division within its integration business just to install and service customers who want a network-based security solution. ASG Security, a mid-sized integrator, is finding its fastest growth coming in remotely hosted IP-based access and video services.
Mid-market growing pains
Nevertheless, the biggest disconnects, both positive and negative, are occurring among the smaller integrators (less than $30 million in revenue)—where we are seeing both the fastest business mix changeovers (less than two years) by some integrators, while at the same time the greatest indifference (“the model has worked fine for two generations, why change?”) by others.
During the recession, our surveys found a number of companies in this former category, such as Northland Controls, Dakota Security Systems and Intelligent Access Systems, that have made some hard decisions and dramatic changes to their business models. The result has been relative stability during the recession and a rebound now due to services and existing customer contracts, while the majority of smaller integrators saw sharp (15 to 20 percent) declines in their installation revenue during the recession and a hard climb back now.
There are companies that have grown through the recession. This has required a commitment to training, capital to fund a service model and the follow-through to make sure customers become long-term relationships.
Jeff Kessler is managing director, Institutional Sales and Trading at Imperial Capital’s New York office, focusing on and producing market intelligence and data for the security industry sector.