By Jennifer Goetz
From the August 2025 Issue of Facility Executive
Facility security has progressed exponentially over the years, evolving from mostly relying on human guards to man entry points alone to now having access to advanced technology like biometric screenings and AI-gun detection. This evolution doesn’t detract from the reality that threats to organizations, and their facilities, are also expanding both in person and online.
The Active Assailant Preparedness: Risks and Recommendations report from ASIS International and Everbridge discovered that the risk of active assailants, workplace violence, and cybercrime are the top concerns security professionals have for their organizations. While incident response had improved from the same survey done the year prior, managing communication during an incident still proved to be a challenge.
In addition to communication concerns, organizations have to worry about their increasing dependence on technology. There is a greater risk of having sensitive information exposed, especially as more organizations seek to streamline all company data into one cohesive system.
“Security today isn’t just about keeping people out,” says Jeremy Fromm, Mercury Security Evangelist, Mercury Security. “It’s about enabling operational resilience, simplifying management, and building an infrastructure that can adapt over time.
“Building owners and operators are looking for systems that give them both protection and flexibility, especially in the face of rising compliance demands, increasing cyber risk, and shifting tenant and employee expectations.”
Establishing The First Line Of Defense
Security technology throughout building grounds can serve as the first line of defense. Surveillance cameras or outdoor emergency alert buttons can give facility managers and security personnel real-time updates on who’s entering the grounds and the first opportunity to respond to an incident before it moves inside a building.
“With active shooter threats on everyone’s mind today, it’s important for building operators to have technology in place that can help them identify a gunshot quickly, notify the appropriate security personnel, and set security response procedures into motion,” says James Reno, Vice President of Commercial Sales, Shooter Detection Systems and Alarm.com.
Once individuals get close to a building, solutions like mobile-access or ID cards provide an extra layer of protection, only opening for building personnel with the right credentials or those authorized to be there.
From Fromm’s perspective, mobile-first access is growing, allowing organizations to issue, revoke, or adjust credentials in real time to more closely monitor visitor access.
While many facilities have access control solutions in place, they are not foolproof. An organization’s approach to security procedures can greatly affect how these systems operate and can influence their effectiveness. “Even with a visitor management system in place, significant vetting or screening of visiting individuals is not always part of the security procedure,” says Reno.
People and processes are a critical factor in the security equation that cannot be overlooked. Still, today more companies are exploring the potential of using drones, robotics, remote video monitoring and AI/machine learning integration to replace or support physical security guards.
According to RV Raghu, Director, Versatilist Consulting India Pvt Ltd and Director, ISACA Foundation, this “could revolutionize physical security efficiency while also reducing the reliance on human guards, who come with their own drawbacks.”
“In security, people offer unique benefits that are difficult to automate. While there are numerous drone and robot solutions entering the physical security space, we are still some time away from fully autonomous solutions, so people are still critical in the operation of these solutions.”
— Tim Sulzer, Co-Founder / Chief Product Officer, ZeroEyes
Even though these autonomous solutions can potentially replace human security guards, Tim Sulzer, Co-Founder and Chief Product Officer of ZeroEyes, believes that the technology isn’t there just yet.
“In security, people offer unique benefits that are difficult to automate,” says Sulzer. “While there are numerous drone and robot solutions entering the physical security space, we are still some time away from fully autonomous solutions, so people are still critical in the operation of these solutions.”
The security personnel or facility managers, with access to advanced technology, have an entirely new way to oversee a building’s security ecosystem. “The right technology is going to be key to fill in the blind spots of humans while also enhancing capabilities,” says Raghu.
The right technology will also help building owners manage tenant expectations, especially if there are differing levels of security requirements to adhere to.
“It’s important for building operators to provide a common, minimum level of security that will meet multiple tenant/resident requirements, while providing finetuning to those that require additional measures,” says Raghu.
The AI Impact On Security
With artificial intelligence (AI) advancements, building owners and operators are exploring new solutions to elevate their existing security systems. “By detailing different identity factors like vehicle type or specific descriptions of an individual, an AI-powered watch list can be used to specifically detect when someone shows up at a commercial property that should not be there,” says Reno. “When an anomaly is detected, such as a person who is considered high risk because they have made previous threats, a proactive alert can provide information to security staff who can then take the appropriate action.”
Raghu notes that AI is increasingly being integrated with physical security solutions, particularly video surveillance. “There is also a move to manage data better by triangulating various sources of data such as what you are (biometrics) or what you have (e.g. a valid ID or an invitation) into the measures used to protect locations,” he says.
“In a high-stress situation, people might not know exactly where they are, especially in complex environments like hospitals, high-rises, or multi-building campuses,” says Reno.
“Having location data and a clear digital trail of the incident allows first responders to avoid sweeping an entire building blindly and enables them to instead go directly to the source. That level of fidelity can save critical minutes and lives.”
While there is endless potential with AI technology for the security space, this current technology still has its limitations. “Many assume that an AI-enabled camera can proactively detect a person with a gun, but that kind of capability also heavily depends on factors such as camera placement and line of sight,” says Reno.
“When using gunshot detection sensors, the technology must be trusted,” Reno continues. “It’s critical to eliminate false positives and ensure alerts are delivered fast and that they are accurate.” Some systems offer dual-mode technology, which combines acoustic and infrared flash detection, to rule out false positives.
“It’s not only about detection,” adds Reno. “It’s also about having procedures in place to act on those alerts. That means sending immediate notifications not only to on-site security teams, but also to employees, visitors who have enrolled in a visitor management system, and first responders.”
Crisis communication is critical and can make all the difference in response times. Some technologies today can trigger alerts in under a second. “This quick response eliminates the delays and confusion that often come with human reporting,” says Reno.
Consolidating Systems
Beyond security-focused technology, more facility executives want to use data collected from security systems to increase operational efficiency in buildings. “Facilities also want their access control systems to work alongside other workplace tools,” says Fromm.
“More end customers are viewing their cameras not just as forensic security tools, but as valuable sources of data that can improve operational efficiency, enhance employee safety, and uncover insights that further strengthen overall security,” says Sulzer. “Higher quality cameras and additional sensors give customers a greater handle on what is actually happening during an emergency, validating the need for response and providing the tools necessary to respond effectively.”
“Few companies have holistic systems which combine all system health indicators, threat alerts and incident response into a single view,” Sulzer adds. “The separation of these systems gives security teams the ability to chase best-in-class solutions, but it’s often built on outdated or non-optimized network infrastructure being utilized beyond just physical security layers.”
Cybersecurity Concerns
There’s no denying the importance of digital security in 2025. According to a report from Claroty, around 37% of ransomware attacks on industrial organizations have an impact on IT and OT environments. This results in operational disruptions, safety hazards, and information leaks.
“Building Management Systems (BMS), including HVAC, lighting, energy management, surveillance, access control, and elevators, originated as closed, proprietary systems with limited connectivity,” says Asaf Weisberg, ISACA Board Director. “Typically siloed from enterprise networks and designed purely for mechanical control, these systems operated using components and communication protocols developed without any built-in security considerations.”
Traditionally, BMS systems have been maintained by engineering teams, with little to no involvement from cybersecurity experts. “Today, as IT and OT networks continue to converge, components of BMS such as PLCs (Programmable Logic Controllers) and DCSs (Distributed Control Systems) are increasingly exposed to cyber threats,” says Weisberg. “As a result, these systems must now be integrated into broader cyber risk management programs.”
With OT security risks, there can be direct safety implications, such as disabling fire detection systems or locking doors during an evacuation. “In response, we are seeing a shift in modern facilities toward treating BMS with the same rigor as traditional IT systems,” says Weisberg. “This includes enforcing strong authentication protocols, implementing patch and configuration management, deploying threat detection and event management tools, and establishing robust incident response and forensic investigation processes. This convergence is also supported by leading cybersecurity frameworks such as the NIST Cybersecurity Framework (NIST CSF), which has expanded its guidance to address Operational Technology environments.”
“Looking ahead, facility owners should prioritize a holistic approach to cyber risk management that covers both IT and OT/BMS systems,” Weisberg adds. “Such an approach is critical for identifying, mitigating, and continuously monitoring cyber risks that could threaten the safety, security, and uninterrupted operation of their buildings.”
The Path Forward
Integrating new technology is no easy feat, and it will take time for building staff and occupants to adjust. Some challenges facilities teams may face moving forward will revolve around privacy concerns, ensuring that security personnel are properly trained on the correct response protocols, and to be a trusted space that building occupants, and the surrounding community, can rely on.
“With the rise of new privacy laws such as Digital Personal Data Protection (Act), consent management is also going to be an area that will need focus so that visitors know what data is being collected, how the data will be used, and more importantly, the privacy protections afforded to the visitor and their data,” says Raghu.
“Strong security programs begin long before someone enters a building, with identity verification and credentialing, clear security policies and emergency response plans,” says Reno. “Gaining access should involve a rigorous vetting process. All of this underscores the importance of building a cohesive, layered security strategy rather than relying on any one tool or technology.”
Goetz is the Editorial Director of Facility Executive and its sister publications, Continuity Insights and Campus Resilience & Security.
Do you have a comment? Share your thoughts by sending an e-mail to the Editor at [email protected].
Check out all the recent Trends feature articles from Facility Executive magazine.
link