PSIM—Just another four-letter word

DELRAY BEACH, Fla.—Jim Henry of systems integrator Kratos PSS described "physical security information management"—PSIM—as a term that has confounded and bamboozled the security industry for 10 years.

“It's a four-letter word that belongs with other four-letter words,” he said, laughing. However, a TechSec 2015 educational session shed light on the term's meaning and how integrators should approach PSIM sales, according to Henry, who called the discussion “the best panel on PSIM that I've seen in 10 years, hands down.”

The “Is PSIM ready for prime time?” panel brought together three PSIM manufacturers and a consultant to talk about definitions and what the term means for integrators and end users.

“It's an acronym given to this technology, but it means different things to different people,” said Ray Coulombe, founder of SecuritySpecifiers.com and moderator of the discussion.

Speakers disagreed on all aspects of the definition save one broad concept—it needs to solve an end user's problem. For some that means problems small or large, for others a PSIM should also include predictive capabilities.

Speakers included Richard Beard, president, KapLogic, and Bob Banerjee, senior director, consultants, A&Es, NICE Systems. Rob Hile, director of strategic accounts, Sureview Systems, represented the so-called “PSIM-Lite” manufacturers.

The consultant on the panel was Benjamin Butchko, president and CEO, Butchko Inc.

The speakers also seemed to agree that PSIM is marvelous for marketing.

Beard pointed out the irony. In the minds of lots of people, PSIM is a list of complaints. They say: “It's too damn expensive; it's for enterprise customers only. It's too difficult and time-consuming to install and maintain; manufacturers have to do installation. It doesn't work, too many failed installations.”

He said he is fascinated that a term that elicits such derision is so sought after. But it is.

“I see access control companies, video management companies all saying 'we're PSIM,'” he said. “They're not true PSIM, but they're wise because they see features that a PSIM has, and they incorporate those into their product.”

Beard said a PSIM is “a software platform that collects and manages information from disparate security devices and information systems into one common graphical user interface, so the user can utilize [systems] and respond to events.” The platform includes “traditional security sensors like video cameras, access, and intrusion detection sensors as well as non-conventional systems such as networks and building management systems, radar systems or weather feeds.”

A true PSIM, he said, must do the following: unify disparate systems; be vendor- and hardware-agnostic; enable the use of legacy and best-of-breed technology; and typically be based on product manufacturers' SDK or APIs.

A true PSIM provider is not also an access control or video manufacturer, he said. “A true PSIM [provider will] sit down with you to determine what you're trying to accomplish.”

The benefits of the system, Beard said, are that it will work with all manufacturers, it's easy to migrate, there's no need to rip and replace and when you upgrade the interface still looks the same to the operator/user. The system improves situational awareness and reduces costs due to operational efficiency.

Asked if a PSIM system needed to include a certain number of disparate systems, Beard said no. Some customers may only have “access control, but they use us because we give them better situational awareness [through specific information the system pulls in through graphical interface.] We have other systems that have a lot of different subsystems we tie together, so I'm not so sure it's based on the number of systems, it's what I'm producing for the end user, that operator,” he said.

Butchko, the consultant, interjected that using a PSIM may mean that “you're not married to certain access or video, but now you're married to the PSIM system.” He called PSIM “a great marketing term, but you're committing to that proprietary PSIM system.” Questions to ask, he said, include: “Are you trading high capability in spots for mediocrity across the whole system? What are you getting out of this?”

NICE's Banerjee said that “PSIM has nothing to do with integration. For ignorant people integration is at the center. From my perspective, it's the customer's incidents that are in the center.”

A PSIM provider does not need to be a standalone company, however, according to Banerjee, who pointed out that NICE was previously a video company. It got into PSIM with the acquisition of Orsus.

Banerjee admonished security directors to stop “thinking about getting a little bit better camera.” Security directors “need to think about business continuity. � If they do that [physical security] wouldn't be a cost center, in fact they'd be saving money � millions,” he said.

“You need integration to make this happen, but it's not about the integration. We are so hung up about security it makes me sick,” Banerjee said. “We have to think about how to make organizations run more efficiently.”

Integrators and end users need to� “start using the words 'operations' and 'business continuity' � [otherwise] you don't get millions of dollars of benefit from putting in your system,” he said.

To sell PSIM, integrators need to stop thinking about “building a bigger fence or a better camera” and become business consultants, Banerjee said.

Are PSIM systems only for big enterprise? According to Banerjee, PSIM is for large customers. Sureview Systems' Hile disagreed. “I'll stay with my small- and medium-sized business,” Hile said.

Butchko agreed that the business environment needs to be the focus. The questions to consider are: “Are we really talking about interconnection of capability, or are we talking about information management and presentation, or are we talking command-and-control?” He added that some systems “do nothing but interconnection.”

That interconnection is not so simple, Hile pointed out, “because of the lack of standards in this industry.”

The expense for end users comes from integration of those subsystems, the good news is that there are newer ways of doing those integrations that are lower cost, faster and more cost effective, he said.

Doing the integration at the subsystem level “is not so expensive. � That drives down cost and increases the TCO of what we call PSIM-Lite systems out there,” Hile said.

There are a lot of small- and medium-sized businesses that need these systems, especially if they're acquiring other companies, Hile said. Risk management and business continuity requirements and regulations are driving PSIM-Lite sales, as is brand awareness and protection.

PSIM-Lite is a great opportunity for SMB that do not have fulltime IT staff, he said.

Hile also noted that PSIM companies are owned by others: “Nice bought Orsus, Rontal was bought by Verint and Tyco bought Proximex.”

Coulombe asked the audience to consider whether “command and control” may be a better term for PSIM or a different classification of PSIM.

In considering a command-and-control system you need to look at “information and data. � If you don't have the data to give you information, a PSIM isn't going to create it for you,” Butchko said. “It could be just another tool you spend money on that doesn't solve your problem.”

A command-and-control system is about “decision-making to accomplish a mission, supported by information technology,” he said.� The objective is to “achieve faster and better decisions, and the system serves to continually project “future desired states and directing action to bring about future states.”

The system helps end users train their people how to react in any given situation, not just situations that are mapped out ahead of time.

Kratos' Henry said the panel brought up the issue of what integrators are supposed to be—“a trusted advisor and solution provider � not a peddler of products.”

Understanding the different definitions of PSIM and other products is vital. But, how you define the term “trusted advisor and solution provider” is something that an integrator needs to examine, evaluate and define over and over again, Henry said.