Security integration in the modern era is changing, and with that, opportunities are exponentially increasing. Today, it is possible for an integrator who has above average installation capabilities and advanced knowledge of IT/IoT/OT networks and controls can potentially be in the running for lucrative contracts in the millions.
The gap is the unwillingness of integrators to expand their knowledge to understanding IT infrastructure and its incorporation with physical and cybersecurity controls.
The traditional security solution of running a wire and setting an address is not a solution for a Smart City – integrators willing to embrace converged systems with hyperconverged solutions that have Machine Learning Augmented Intelligence, Neural Network and Deep Learning algorithms at the edge will have the advantage.
Smart Cities are not just a buzzword, but a reality that is only getting bigger. Each Smart City can bring contracts with recurring revenue and value-added revenue from an integrator’s existing customers. New markets, knowledge and technologies may mean integrators must take some new risk, but as Thomas Jefferson said: “With great risk comes great reward.”
Is it Worth It?
Integrators willing to make the investment to train and develop technicians to become proficient in the converged environment as well as IT/IoT/OT infrastructure awareness will have the potential to reap the rewards when it comes to the Smart Cities vertical.
These rewards do not come quickly, but they tend to be quite lucrative. The sales cycle for a Smart City project is at least 18 months, and it is not uncommon for a quick response requirement, with the integrator being held in limbo for months, before one (or sometimes more) integrators are selected for the project.
Once selected, the integrator receives typically a three to five year contract with system growth, a maintenance contract with recurring revenue, and the potential of additional business in several forms – from the contracted customer, additional city departments, and often private businesses that are included in the public-private partnership, such as energy utilities or the hospitality industry.
Public-private partnerships, in fact, are critical to the Smart City. While most integrators have private customers, they have not thought of bringing Smart City partnership to their existing customer base; in fact, integrators can use the partnership to breathe new life into an old account by offering value-added features that affect not only the private customer, but also the Smart City, such as parking enforcement, surveillance cameras or other means.
Concepts to Embrace
Smart Cities are a forward-thinking concept that causes the client and integrator to create a unique working system. This means using emerging technologies – not just camera analytics or Physical Security Information Management (PSIM), but cloud and cybersecurity, and the understanding and implementation of NIST standards. Many Smart City applications involve a traditional integrator offering – a top tier VMS, integrated access control, emergency call stations, etc.; however, integrators willing to embrace heavier IT concepts tend to succeed. Here are a few examples:
Hyperconverged Storage Area Network (SAN) servers with petabytes of storage for thousands of cameras are preferred for Smart City deployments. Depending on the city infrastructure, the integrator may be told what server appliance to purchase, or the server may be provided to the integrator.
Internet of Things sensors and how to secure them at the edge, will be key to successful Smart City deployments. Successful integrators also need a firm understanding of single and multi-mode fiber with bandwidth from 1GB to 40GB throughput, copper, wireless mesh, and/or cellular connectivity.
Cybersecurity may not be the norm for many security integrators, but the convergence of IT/IoT/OT has started and it will soon be the norm for any Smart City. Integrators must understand how to harden security devices against attack. Security manufacturers are already learning this, and many have cybersecurity statements, UL-2900-2-3 cybersecurity certification, or are adhering to NISTIR 8228. Successful integrators will be able to deploy and maintain a cybersecure solution that incorporates non-traditional security appliances and infrastructure.
Security as a Service (SaaS) – As the convergence of IT/IoT/OT continues, it should not be surprising that many Smart City applications are looking for the integrator to provide a SaaS model, where the integrator is required to provide the equipment and the city will pay a monthly fee for the next 3, 5 or 10 years. Smart Cities are looking for a partner who will walk with them through the lifecycle of the project. By partnering, the integrator can also lead them to where the city needs to go. While words like bucket truck and tower climbers are probably not in every integrator’s vocabulary, the successful one will grasp these concepts.
Hidden Costs
Hidden costs and a large learning curve are common pitfalls to integrators when starting out in Smart Cities; thus, successful integrators must learn quickly and be able to pivot. Understand that what worked in one city may not work with another.
A hidden cost may be the procedure for hanging a sensor (camera, radio, emergency call box, etc.). In some cities, the local energy utility may allow the integrator to hang a camera on their pole, others will not. There may be a pole attachment fee, or worse, the integrator may have to engineer and deploy their own pole locations.
Integrators who can anticipate where the fees are going to come from can make the contract work to their advantage – which requires thorough homework.
Other potential hidden costs include bucket trucks (do you purchase or sub-contract), or the cost of tower climbers in the event of city-wide surveillance (the tower climber industry is very small and prices can range up to $20K a day). Another often-overlooked cost is for insurance that many cities require – not only Errors and Omissions, but also cyber insurance. If the integrator is unprepared for these costs, it can tank a lucrative contract quickly.
Finally, Smart City contracts typically have some limitations. For integrators who like to bid low and then change order frequently, a Smart City contract may prevent change orders.
Training & Certifications
Certifications are critical to many Smart City contracts. Integrators serious about Smart City deployments will make sure that their certification list shows they are the Subject Matter Experts. At the very least, integrators should carry certifications on the VMS offering and the access control product. Other good certifications include the ASIS Physical Security Professional (PSP); BICSI Registered Communications Distributions Designer (RCDD) or Technician (TECH); and others.
Along with certification, it is important that the integrator has a trained project manager. A skilled project manager can provide good project plans, task lists, and Gantt charts; and will have the understanding on how to manage resources to make a project successful, thus ensuring future projects and work with the Smart City client. Most Smart Cities will require this project manager on any project, and certification – such as the Security Industry Association (SIA) Certified Security Project Manager (CSPM) or the Project Management Institute’s Project Management Professional (PMP) – are recommended.
Let’s NOT do Lunch
Everyone enjoys a good lunch, and most integrators are willing to buy that lunch; however, successful integrators on a Smart City project must be diligent – but with restraint. Most cities have strict guidelines that prevent city employees from being treated to a meal or entertainment. Disregarding this aspect may put the potential client into an unwanted situation, and it may disqualify a bid or nullify the contract that has been awarded. As always, do your homework.
Jon Polly is the Chief Solutions Officer for ProTecht Solutions Partners (www.protechtsolutionspartners.com), a security consulting and Project Management company, and has worked as a Project Manager and System Designer for City-Wide surveillance and Transportation camera projects in Raleigh and Charlotte, N.C.; Charleston, S.C.; and Washington, D.C. He is certified in Critical Chain Project Management (IC3PM) by the International Supply Chain Education Alliance (ISCEA).
