Convergint Calls Out Siloed Systems as Barrier to AI Progress
Key Highlights
- Most security programs remain stuck in early AI stages, limited to detection and alerting rather than integrated, outcome-driven operations
- Siloed systems and legacy infrastructure are key barriers preventing organizations from advancing to higher levels of intelligence
- Real value from AI hinges on measurable gains in efficiency and effectiveness, backed by clear strategy and governance
Security integrator Convergint has released a formal framework for advancing AI-enabled physical security operations, a resource the company says grew directly out of enterprise customer conversations about what has been a disorienting stretch of vendor hype and unclear direction.
Eric Yunag, Convergint's EVP of Products & Services, presented the findings at ISC West and spoke with SecurityInfoWatch about what prompted the effort and what the company hopes security leaders do with it.
A framework born out of customer confusion
The framework, titled "The Path to Intelligent Security," defines a five-level progression — Detect, Describe, Explain, Recommend, Act — intended to give organizations a structured way to assess where they actually are with AI-enabled security, where they need to go, and in what order.
Yunag explained the impetus was straightforward: customers were confused.
"Everything is labeled AI instantaneously, and there's a lot of confusion on what that really means," he said. "Our goal was really to help create — step back for a minute — a roadmap to help our customers think about strategically what they're going to have to do to prioritize investments, think about their strategies, governance, data strategies, technology strategies, system strategies. What are the important first principle things they need to do before they go out and buy AI, essentially, is what it boiled down to."
The framework argues that most enterprise security organizations today are stuck operating at Level 1 or Level 2 — basic detection and alerting, with some automated classification — without having yet achieved the cross-system correlation that marks Level 3, let alone the forecasting and orchestrated response capabilities of Levels 4 and 5.
According to the report, that gap exists not because the technology is unavailable, but because organizations have been acquiring AI features without the underlying architecture, data readiness, and governance structures to make them work together.
Legacy systems and silos slow progress
Yunag identified siloed and proprietary systems as one of the central obstacles.
"There's a lot of buying AI features and capabilities inside of siloed and proprietary systems," he said, "and unless customers and organizations step back, and security practitioners start to think about what is the roadmap for our entire system strategy right now, I think that is the fundamental change in thinking that this moment demands."
He was careful to draw a distinction: proprietary is not inherently a problem. "Proprietary, if it's interoperable, is perfectly fine. It's the proprietary and siloed systems ultimately that I think are going to be extreme liabilities for any intelligent security future."
He also pointed to legacy hardware as a more immediate practical challenge than many organizations may want to acknowledge. "There are prox readers sitting on the walls that are still making the door go click. There are IP cameras that are connected to networks but are end of life and won't be able to enable visual intelligence capabilities in the future."
The industry's longstanding run-to-fail mindset, he said, simply doesn't fit the moment. "This moment is demanding a shift to lifecycle management and thinking about systems in a very different way — and that means different budget cycles, different conversations with their stakeholders."
Where the business value actually begins
That argument has a business case dimension built into it. Level 1 and Level 2 are not failures — Yunag was emphatic on that point — but they are also not where the strategic returns are. The framework describes Level 3, cross-system correlation, as an inflection point where operational efficiency gains start crossing into measurable business value: reduced false dispatch, defensible evidence packages, compliance readiness. Levels 4 and 5 push further into risk prevention and scaled, automated response.
On the question of what metrics actually matter, Yunag kept coming back to labor. "The conversations that I've had — detailed and deep conversations with some of our largest customers — inevitably come down to manpower augmentation and replacement," he said. "How does technology ultimately augment or replace some level of manguarding, and then in a security operations center, some level of repetitive or mundane tasks?"
The operational metrics organizations should be tracking, in his view, are ones many SOCs already collect: time to triage, operator productivity, alerts processed per shift. The discipline he said is often missing is tying those baseline numbers to technology investment at the start of a program, then tracking them rigorously through implementation.
"AI will fail in security if we don't deliver improved security effectiveness and efficiency," Yunag said flatly. "Those are the business outcomes that all the stakeholders in organizations are expecting us to deliver with technology."
Governance becomes the gating factor
Perhaps the most counterintuitive argument in the report — and in Yunag's framing — involves governance. Organizations that want to move faster toward automation, he said, should invest in governance first.
"The hesitation to adopt? It's not a technology challenge anymore," he said. "It comes down to whether organizations have the right governance and the right overall alignment with their broader AI strategies and compliance strategies."
Getting clarity on what decisions a system can make autonomously, what requires human sign-off, and what stays human-only isn't bureaucratic friction — in Yunag's telling, it's actually the thing that accelerates adoption. "That governance conversation is probably the number one thing that helps organizations actually move faster. Seems a little counterintuitive, but I think it truly does make a huge difference."
His advice to security leaders was to not treat the current AI wave as another incremental technology cycle. "I've been in this business for nearly 30 years now, and this is the most important cycle that anybody is going to go through right now," he said. "This next six, 12, 18 months are going to be critically important to begin setting those priorities and begin to prioritize those investments."
The report, he said, is meant to give security professionals the vocabulary and structure to have those conversations with their own leadership — not just to justify purchases, but to make the case for a genuinely different kind of planning horizon.
The full report is available through Convergint and includes detailed breakdowns by system type, a compliance reference across nine regulated industries, and specific roadmap sequencing guidance.
About the Author
Rodney Bosch
Editor-in-Chief/SecurityInfoWatch.com
Rodney Bosch is the Editor-in-Chief of SecurityInfoWatch.com. He has covered the security industry since 2006 for multiple major security publications. Reach him at [email protected].