‘Data Is the New Oil’: Talking Utility Security With Axis Communications’ Scott Dunn and Convergint’s Steve Sinclair

I had the honor of being invited to attend Convergint’s Unite event in Las Vegas earlier this year. Convergint hosts this annual event to bring together its sales, operations and business leaders to learn, grow their skills, connect with key partners, and recognize individuals and teams who have achieved significant benchmarks.

During the event, I had the chance to sit down with key utility security experts to gain insights from integrators and solutions providers. My key takeaway: The world of security is evolving rapidly — and that includes utilities. The capabilities of today’s solutions are expanding into a variety of operational applications, fundamentally changing how organizations view their investments and strategies.

My first interview at Unite was with Steve Sinclair, Convergint’s utility vertical market director, and Scott Dunn, senior director of business development, solutions and services at Axis Communications. During our conversation, we discussed how the future of security lies in sensor integration — and how data management and operational efficiency will be key drivers moving forward.

We also explored utility security best practices, emerging threat concerns and how artificial intelligence is quickly impacting human monitoring.

Curtis Marquardt Jr.:
Thank you both for joining me today. I appreciate your time. I want to start off by asking you about the partnership between Convergint and Axis Communications. Talk about why it’s an important part of your respective organizations.

Scott Dunn:
We’ve been longtime partners with Convergint. I actually signed them back in 2006 to our national account program. It was the first national partnership we signed, and we were both sort of newly getting going back then.

But I think the partnership has been great because as we converted from analog to IP, Convergint was a very technically savvy organization—more so than most of the other systems integrators in the space back then. They grasped the technology. They saw it as an advantage for their customers and as new solutions they could bring in to solve problems.

And especially when you’re talking about critical infrastructure, it can be extremely complicated. So, between our diverse portfolio of products and continued innovation—and their innovation and design and support capabilities—we have meshed really well. And over the last almost 20 years, it’s worked out tremendously. Culturally, we’re also a perfect fit.

Steve Sinclair:
I don’t know if I have much to add. I mean, it’s the innovation side and it’s the culture fit, and they’ve got a dedicated focus. Like he said, he was a segment director before, and we have a utilities colleague that we work with on their side, so we’re attached at the hip with their engineering team. It’s just the next evolution to think about how we implement sensors differently in ways that expand beyond security. Axis Communications is at the forefront of that technology, and they’re a really great partner.

Curtis Marquardt Jr.:
So, Scott, I need to say congratulations to Axis on celebrating 40 years of creating security solutions!

Scott Dunn:
Thank you!

Curtis Marquardt Jr.:
On the Axis website, the focus of this celebration revolves around a pride in the organization’s innovation. Can you talk more about Axis’ innovation journey and where you see it heading as we move into the future?

Scott Dunn:
Well, it’s twofold. On one hand, you’ve got the evolving security threat landscape that you must be able to continue to innovate to address. I don’t know if you’ve read Simon Sinek’s books, but The Infinite Game, one of his most recent books, talks about setting a lofty goal. We want the world to be a smarter and safer place. Well, you’re never ever going to reach the finish line, right?

But as the threats continue to evolve, the technology we create must also continue to evolve. And what we see today is more of a holistic approach with data, right? Being able to manage that data. Data is information, right? We’re trying to not only detect the threat, but potentially we’re looking at helping end users create operational efficiencies and do things in smarter ways. We want to help them do things faster and more cost-effectively.

So, as we work on creating different types of sensors—we’ve always been an edge sensor primary business—how can we continue to develop not only edge sensors but be able to get that data creatively to our partners like Convergint, so they can help those utilities better and more cost-effectively not only secure it but also run their businesses more effectively and efficiently as well. And considering the criticality of utilities today and the potential threat factors, having partners like Convergint who understand digital transformation and understand the power of using the solutions beyond security is important.

For example, utilities can use the technology to answer the question: Are people wearing their hard hats? Convergint is great at going into the utility and understanding what their threats are and then bringing our technology and solutions out to them—not just to make them more secure, but also to help them improve their safety and their efficiency in their operations.

Steve Sinclair:
The first goal is to help be the expert in utility security, right? Understand the atmosphere, understand the environment, and then look for positive business outcomes that take it a step beyond. Convergint becomes more than a security integrator. It becomes a sensor integrator. We’re looking at the entire portfolio to learn how to apply solutions, working with our partners like Axis, and applying them to provide a positive business outcome. It goes beyond just security in the future.

Scott Dunn:
Especially when you talk about remote facilities, right? There are a lot of remote facilities when it comes to utilities. You’re monitoring water pumping stations or other types of environments. So, it’s really driven us to not only integrate to be able to survive in those remote environments and continue to operate efficiently in them, but also to be able to get data out of them in effective ways too.

Because we’re not just like, “Hey, there’s a threat at the fence.” It’s also potentially, how are the machines operating? How are people coming in and out of the facility?

So, when you think about those things, it keeps challenging us to not only improve the technology from a hardware perspective but also to smoothly and effectively get the data to the systems where someone like Convergint can actually get a holistic view of everything that’s going on—not only for situational awareness but also for monitoring efficiencies in the environment—and then be able to go back and work with those customers and say, “Hey, these are the trends we’ve seen. This is what goes on in these remote sites when nobody’s there.” This is how we can improve the safety and security of that site. Data is everything.

Steve Sinclair:
It’s the next evolution.

Scott Dunn:
Data is the new oil.

Curtis Marquardt Jr.:
The five areas of concern I keep hearing from utility security folks are theft, cyberattacks from abroad, drone attacks, insider attacks, and domestic terror groups. Can you each talk about the work you all are doing to help utilities better strengthen their security postures as it relates to those things?

Steve Sinclair:
First off, we work hand in hand with our utilities customers, industry SME’s, and our partners to benchmark and evaluate evolving threats and trends across the industry. Through Convergint hosted think tanks and customer round tables, we help drive an initiative of collaboration of information sharing and ideation to come up with solutions with our partners to address or mitigate the risks from those areas of concern that you mentioned

We look at it from a core standpoint of the facility, the corporation, the organization first, and really matrix that out in terms of what is the process of implementation of whatever technology needs to apply toward the mitigating efforts.

Then that’s where we go beyond just security—we go into safety and operations and all the things that Scott mentioned. So for us, it’s the starting point of being in the conversation together, understanding the threat landscape, and then mapping out what that process looks like in terms of the right implementation necessary to do what needs to be done.

Scott Dunn:
I think from a systems perspective, it wasn’t that long ago—surprisingly, maybe eight years ago—where security systems were thought necessary to be on a closed system. That’s not the case today, right? We need to be able to access that video and other forms of data across multiple networks and sometimes across public networks. So cybersecurity has become a really big deal.

About two years ago, we introduced something called Secure Vault, which basically locks our firmware down and creates a wall around it. Up until then, we had two priorities. One was in the initial phases in the early 2020s: How do we get our devices on the network in a world where most integrators don’t understand how to deploy things on a network?

They had kids out of high school pulling coax and hanging cameras, right? Now all of a sudden, you have to talk about installing something on a network. So, for the first sort of iteration of our technology, we focused on ease of installation.

Then, in the second phase, we created an AI platform. Back then, analytics was the term we used, not AI. And we had this analytics platform called ACAP—our camera application platform. Think of it like an iPhone with apps. We had the same thing years ago.

We weren’t concerned about cybersecurity back then. Nobody was. If you surveyed folks and asked, “How high up is cybersecurity on your list of concerns?”—it wouldn’t even make the top 10. Today, it’s way up there.

So what we did was allow people to put applications on the camera, and we had no firewall around our operating system. But today, the challenge is making sure we’re adhering to the latest cybersecurity standards in our hardware—and in some cases, going above them. We also ensure that people can run their applications securely on our devices without compromising the system.

That includes things like signed firmware, and that’s where Convergint has a major advantage because they’re very technically savvy when it comes to deploying secure systems.

Within the last year, we’ve introduced our first levels of cloud-connected services. So Convergint, in the future, will be able to manage all of our devices in an extremely secure way. And let’s face it—how often do you get cyber updates these days?

Imagine a world where you couldn’t update those devices. You had to roll trucks. That’s not cost-efficient. If I have to go around and manually update, how many thousands of cameras might one customer have?

So now, with this interconnectivity, Convergint can see the exact status of every device they manage with their customers, and they also get the latest firmware updates for cybersecurity—just like on your phone—but in a much more secure manner. That’s where it’s going. And where does it goes from there? We could talk for hours about that.

Steve Sinclair:
Like we started off saying—it’s the evolution. This is the next chapter. We had defense in depth from a perimeter standpoint. Now we have defense in depth in the cyber landscape. As the threat evolves, we must change.

We build our strategies around those use cases, and we apply best practices effectively. For our team, it’s always a methodical process of operations. You have to think about the operations and the impact on the business in order to get to the end state.

That’s why we work so well together. We’re driving innovation, but we’re also looking at what the next evolution is. That’s how we’re driving our solutions and strategies.

Scott Dunn:
Yeah. Pretty soon we’ll use AI for cyber defense. That’ll be the next big thing we do.

Curtis Marquardt Jr.:
I want to drill in deeper on the drone concerns. With the attempted attack on a substation in November 2024, along with seeing them used to attack utilities in war zones, it seems it’s a question of when, not if. Where do you see the solutions heading as it relates to defending against the threat of drone attacks?

Steve Sinclair:
I think the technology is ready for the most part, and I think the industry is ready for the most part. I think the question is, what’s going to happen from a regulatory environment standpoint? What does the future look like for interdiction? That’s the missing piece of it. There are various technologies—from a radar perspective or looking at frequencies. It’s an inevitability that will come, so we keep up with solution development and planning to be ready and nimble once the regulations hit. There’s a lot of innovation that’s occurring in that space.

Scott Dunn:
I’m very fortunate because I serve as the chairman of the Security Industry Association (SIA), and we’re very much involved in this. I also sit on the national advisory board for the National Center for Spectator Sports Safety and Security (NCS4). With those two positions—and my role at Axis—I get a really good view of what’s going on. Especially with NCS4, because if you think about it, some of the biggest soft targets you deal with are public venues like sports stadiums.

It wasn’t that long ago at Fenway Park when a drone flew over and dumped a bunch of leaflets in center field. It could have easily been something else. We see a lot of drone concerns when we talk to NFL and MLB people. Anti-drone technology is something they’re very interested in, but they’re hamstrung because of regulations.

Homeland Security does have approved solutions for drone mitigation, and you have to take their certification classes in order to be able to deploy them. However, in the last three years, they defunded that project. So, there’s no one there to teach the certifications to the people who want to use the technology. It’s kind of been stalled for the last few years, which has really hamstrung efforts. So right now, we focus on detection primarily—and then you have to leave it up to the operator to decide what they want to do.

Scott Dunn:
I know at Wrigley Field in Chicago, they work closely with the City of Chicago because there were local concerns about what they could do. So they worked with public safety to mitigate some drone activity, but it’s pretty rare to see that. They’ve been one of the few that have been able to work closely with the city and figure out what can and can’t be done.

They’re more involved with jamming technologies, but the challenge is, if you jam it inside the stadium and it falls and lands on somebody’s head, you have a big problem, right? So, there are a lot of challenges. I think municipalities are still trying to figure it out. The feds are still trying to figure it out. The technology is there, but being able to use it legally has been more of a challenge.

Curtis Marquardt Jr.:
So let’s shift to talk about the things utilities must defend. Often, vital components can stretch across a long and varied terrain into rural places. Can you talk about some best practices that are working in effectively guarding elements in that geographic footprint?

Scott Dunn:
Well, I think for any security environment, it’s about situational awareness and good decision-making. And as devices become more powerful at the edge, the better. Right now, there are limitations, even today, to what we can do at the edge. So hybrid solutions from an infrastructure standpoint are sort of being required now. We can do certain things at the edge; certain things must be done at the core as well.

And now, you have the benefits of GPUs and cloud processing. I think some of the things you see today include analyzing video and saying, “Hey, find X.” Forensically, it’s great to have the power to use a large language model to ask, “Find me all the red cars that went through this particular facility at a given time.” It makes for a more interactive human-to-human feel, even though you’re not necessarily dealing with a human.

I think the challenge for a long time, for any facility that has a lot of video, has been monitoring that video with humans. Humans become sort of immune to monitoring video after so many hours. But computers never get tired of monitoring video. They’ll look at it all day long, and it helps the operators make better decisions.

I think we’re at the point today where we’re not saying we’re going to replace the human. We’re about augmenting the human. We’re about helping them make better decisions. We’re about doing tasks that take hours and hours in a much faster way.

And it’s about bringing the right technology to bear in the right places. So when do we use edge? When do we use core? When do those things make sense? Because, one, you can’t just put everything at the edge, and you can’t put everything at the core. It just doesn’t work that way. Despite what some people may tell you, in reality, it doesn’t work that way.

And especially if you’re talking about remote facilities and challenging environments, infrastructure is key. Because if you want to make real-time decisions, you can’t do it at the edge. You’ve got to get it back somehow. So you need reliable transmission capability as well. These are the challenges that we see.

Things are getting better and faster at the edge through more processing power. We’re currently in our ninth generation of chip, and we do our own GPUs right inside our standardized chip, which is so much more powerful.

But we can’t take the human out of the equation yet. That’s where the hype is—they say, “You can remove the human.” And the reality is no, you can’t take the human out of the equation.

Steve Sinclair:
Yeah, I think there’ll always be a human element as part of the process.

Scott Dunn:
You don’t want the machine making certain decisions.

Steve Sinclair:
Right. I think the technology—it’s limitless, really. But certain questions must be answered. Is it the right solution? Is it the right strategy and the right solution that provides value safely? Have you evaluated the risk? Does it enhance the individual? Does it enhance the operation? Does it drive efficiency?

Scott Dunn:
And that really is the big sea change. For years, companies like mine and others have said, “This is what we should do from an AI perspective to make the device more effective to solve a problem.” Bag left behind was one of the first ones. Or, “That car shouldn’t be there too long.”

The shift that you’re seeing, and what the technology is bringing today, is that I don’t have to define that anymore. I’m simply a platform. I’m going to let you, the user, define what are the things that you want to track—what are the things that are unusual in your environment.

It should be someone like Convergint that’s sitting down with the customer saying, “Tell me what you perceive your threats to be. This is what we know. This is what our experience tells us.” Let’s face it, every environment can be different. Every threat can be different—even from utility to utility.

So, I don’t want to be in a position in the future where I’m telling you, “Well, you need this—but this is what I have.” Right? What I want is for Convergint to sit down with the customer, figure out what the threat is that they’re trying to protect themselves from, and allow them the tools to build that themselves. And that’s the big sea change that’s coming in the technology. Like I said, I won’t be building the use cases anymore. I won’t be telling you what it can do. You’ll be telling me what it can do.

Steve Sinclair:
And we want to ensure that it doesn’t create additional, unnecessary risks—that we’re looking at it as, “This solution needs to provide value, it needs to be safely thought out, and it needs to not negatively impact the business.” That has to be part of the vetting process.

Curtis Marquardt Jr.:
Okay. One final question I’d like to ask is around this—and you guys have touched on some views already about where the future of security is going for utilities. But if you did have a magic crystal ball that allowed you to see into the future five or 10 years, what do you see?

Steve Sinclair:
I think that what I said earlier still holds true—in terms of we, as an industry and we as Convergint, are going to become more of a sensor integrator. I think the technology has the capability to do more beyond just its beginning stages of security.

The past was guards, gates, and guns. This is now operational efficiency. This is business impact. This is safety. And this is an IT function. It follows the entire business portfolio, and I think that’s what the entire industry is going to look like.

We’re going to look at multi-departmental spending and application, and it’s going to go back to: What’s the use case? And what’s the positive business outcome? I think that having partnerships like we have is going to be extremely important—focused efforts around different industries.

Scott Dunn:
Yeah, he’s absolutely right. I think technology will continue to evolve. I think wearables will become much more common in this space. We’re starting to see wearables being used in almost every sector. Right now, healthcare has already started to adopt them very quickly—not for security purposes, but more for safety purposes.

I think everything will be connected. And being able to sort through those mountains of data—that’ll be the challenge in the future. Doing it quickly, efficiently, and cost-effectively.