Risk a major driver of physical security and IT integration

• Access control and surveillance should be part of ICT management.

• Unmanaged physical security devices pose a significant risk.

• ISO compliance is another critical component of integration worldwide.

The Genetec Report, State of Physical Security 2025, gives a comprehensive overview of the state of physical security based on a global survey of 6000 physical security professionals.

End users are focusing on leveraging existing technology like cybersecurity tools, data analysis, and improving departmental collaboration.

Datacom’s General Manager of Protective Services, Jennifer Shadbolt, says the migration of physical security into IT environments is driven by the realisation that these systems are now true IT platforms, that require structured IT management disciplines and procedures to ensure they are secure and embedded into your organisations identity management.

Migration involves moving physical security systems from isolated networks into IT environments, implementing structured cybersecurity rules, and establishing proper support disciplines.
Shadbolt says, traditionally, physical security systems operated in isolation, often managed by electricians rather than IT professionals.

However, this approach is rapidly changing as businesses recognise the need for robust cybersecurity measures and efficient management of these systems.

"Traditionally, physical security sat to one side, isolated, on its own network, potentially within an OT [operational technology] environment. Often it was a PC running a very old version of Windows in a cupboard somewhere and managing access control and/or CCTV. It sat there with an air gap, so no connection to the Internet," she says.

This isolation often led to poorly managed systems that were not cyber secure or adequately maintained.

“Now we are seeing a lot of mature businesses, especially critical infrastructure organisations, reviewing how their environments are managed, realising there are devices which are essentially minicomputers talking on their networks, with little to no management, dedicated to physical security which need to be managed as IT assets.” 

According to the report, industry regulations globally have helped propel improvements in data protection, with 67% of end users saying they were affected by these regulations in 2024. Shadbolt says that regionally, risk management and ISO compliance are critical aspects of integrating physical security into IT environments.

"Organisations quite often don't understand the entirety of their environments, they don't really know what's there or its status. And the risk of having these physical security-dedicated devices in their environment, with no management, is significant. Overseas and in New Zealand there have been cyber-attacks via cameras and access control systems.”

IT departments are now playing a significant role in managing and deciding on physical security systems according to the report. Collaboration between IT and physical security teams is crucial for navigating technology evaluation and supporting buying decisions.

Once physical security is integrated into the IT environment, says Shadbolt, organisations can start to leverage IT solutions. For example, merging physical access and IT access into a single identity for each staff member enables automation of the onboarding and offboarding process.

Rather than a security staff member having to manage security cards and access, the IT system can provide access through delivery of tokens to people’s phones. When they leave the organisation, it can automatically revoke them and reassign, saving administrative time and cost, whilst reducing risk. 

"When organisations move their physical security across, they then start asking – how will they run it and whether this is an opportunity to migrate it into a cloud platform,” says Shadbolt. “At Datacom we run access control and CCTV as a cloud-based service and we’re finding more and more customers are interested in heading in this direction. This approach not only enhances security but also provides cost savings and efficiency.”

The adoption of cloud strategies is also influenced by the need for standardisation and efficient management, she says. "A lot of the cloud adoption is because customers want standardisation, so they may have a cloud strategy in their business. Whatever their strategy, our physical security products can simply support that strategy.”

On a global level, says the report, adoption of cloud solutions in physical security grew rapidly between 2022 and 2023 but decelerated in 2024. Budgetary reasons and fear of data loss are significant factors impacting cloud adoption. Smaller organisations are more likely to use cloud storage, while larger systems face challenges due to costs. Integration of AI into physical security systems is a promising development, with end users eager to explore its potential, says the report. However, there are challenges in understanding how to deploy AI effectively, and concerns about its design and implementation.

Shadbolt is seeing more and more organisations interested in using visual AI to automate physical security tasks. Datacom’s protective security service deploys AI in this way for several customers, including vehicle licence plate recognition, which is a form of visual AI learning.

Working with Genetec, Datacom developed a car mounted camera system that snaps the licence plate of all cars parked on a street, the wheel position of each car and whether parking rule signs are visible. Auckland Transport parking officers now only need to drive to collect the video footage rather than walk the streets marking tyres and issuing tickets. Shadbolt says health and safety surveillance is another application where customers are using AI to inroads to physical security. 

Complete the form to download Genetec's report State of physical security 2025.