Security Consultant Conflict of Interest

Author: John Honovich, Published on Mar 07, 2011

While security consultants should be totally committed to the needs of their customers, many fear that manufacturers have undue influence on consultant specifications. In this report, we examine those concerns and highlight a case where Axis recently paid for an extravagant Caribbean Cruise to 'educate' security consultants.

Role of Security Consultants

Medium to large projects in the physical security industry are often designed by security consultants, Architects or Engineers. Security managers depend on consultants to help find and plan the best solution.

Consultants are extremely powerful. Their decisions routinely impact hundreds of millions in security spending each year. The designs they select, the specifications they include and often the products they require all shape which manufacturers win and lose.

Manufacturer Motivation

Given the powerful role consultants have, manufacturers are hugely motivated to influence them. Almost all large manufacturers have sales teams dedicated to 'educating' and 'helping' consultants. The amount of help ranges from the benign (specs, webinars and whitepapers) to the dangerous (vacations, sporting events, even occasionally outright kickbacks). 

Concerns About Consultants

In our experience, security consultants are generally not well respected. Being a consultant demands greater expertise and stronger independence than most other roles. The inability of many consultants to live up to these higher standards is the likely cause of this disrespect.

Below are a few recent comments about security consultants that are representative of the frustration we hear:

  • Their knowledge: "Most I have worked with have very limited experience with security and are interested in finding someone who knows what they are doing that can assist them."
  • Working with them: "The best way to influence what ends up on the spec seem to be to offer to do the design work for them, spend money on them, or a combination of both."
  • "I assume all A&E's and sadly, even security consultants, are morons until they prove otherwise. I can count on one hand the people whose knowledge I respect."

The most consistent theme we hear is how little most security consultants know about the systems they specify - especially technologies like IP video surveillance. Manufacturers work hard to fill / exploit this knowledge gap.

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

Manufacturer Events

For decades, across technology sectors, manufacturers have run events to 'help' and 'educate' consultants. Often, these are as simple as 'lunch n learns' where the manufacturer pays for sandwiches and delivers a short presentation. Sometimes, the events are expanded into a full day workshop or series of sessions.

The pinnacle of these events is the multi-day off-site gathering where manufacturer can mix business and pleasure. While manufacturers generally pay all (or almost all) expenses, the cost is certainly worth the influence gained. Being able to become friends not only with the consultants but with their wives over the course of multiple days is a powerful sales advantage.

Axis A&E Summit Examined

Like many manufacturers, Axis holds periodic events to educate security consultants. The recent Axis 2011 A&E Event, including a 3 day Caribbean Cruise and excursions to multiple Bahama Islands, is particularly extravagant.

Here is an overview / breakdown of business and free time for the conference:

  • 3 and 1/2 days total
  • morning training / education sessions (13 hours total)
  • Afternoon: free time - cocktails, dinner, land excursions to Bahamas, etc.

Axis covered the following costs:

  • 1 night at luxurious first class resort
  • 3 days and nights on Caribbean Cruise Ship
  • Meals and cocktails (including 4 dinners)
  • Land Excursions to islands in the Bahamas
  • Includes Guest accomodations, Axis hosted meals, receptions and pre-planned excursions

Airfare was not included. We estimate Axis paid approximately $1,500 per consultant for the accomodations, meals, drinks and excursions (including costs for consultant and guest).

The event drew a sizable crowd as shown in their Event group photo.

We shared our concerns with Axis and asked them for feedback and input on the event. Here is their response:

"Multi-day events are more effective because attendees have the time to ask detailed questions, provide feedback and network with other experts and partners in the field. For Axis, we received valuable feedback that will go directly to the R&D teams. For the consultants, they received approximately 5 hours of sessions each day, with time slotted for ASIS course credits, feedback sessions, and partner technology showcases from 13 other companies. Also, each evening, specific networking receptions were scheduled so that attendees had opportunities to meet and have deeper discussions with fellow industry experts, Axis partners, and management.

The main reason we chose the cruise was because Royal Caribbean has an extensive IP camera installation on board this ship and it provided the perfect venue to show a real-world scenario, which was used throughout different sessions. While Royal Caribbean is an Axis end-user, not all cameras on board were from Axis – so it gave an example of the openness that can be achieved with network video."

Ethical Concerns of the IAPSC

We asked a leading Security Consultant organization, the IAPSC, for input on these practices. The IAPSC provides guidelines on consultant practices and allows some expenses to be paid by manufacturers during education events. We asked them for clarification on what expenses and how far manufacturers can go:

"The IAPSC's guidelines for independence allow for manufacturers to pay for simple items, such as lunch, during the course of education events. However, our guidelines do not allow for manufacturers to pay for extended trips, vacations, expenses for guests, etc. Such activities would be reviewed as potential ethical violations."

- Norman Bates, President of the IAPSC

The Conflict

Users trust security consultants to deliver the best solution for the user's needs. A clear expectation exists that the consultant's interests are aligned with user's interests. 

A conflict of interest arises when:

  • Contrary interests provide gifts or compensation to the consultant
  • The consultant develops personal relationships or friendships with the members of the contrary interest

Both of these conflicts are clearly happening in the Caribbean Cruise. Regardless of what education occurs, the event is intimately bundled with activities that raise conflicts.

Everyone Loses ... But Big Manufacturers

When the ante to 'educate' consultants is raised to giving away vacations, the only organizations that can pay hundreds of thousands to do this is very large manufacturers. The outcome is simple and obvious: the 'education' of consultants is biased to the interests and abilities of these companies. Small manufacturers, integrators and other industry members will struggle to get their voice heard as consultants minds and bellies are filled by the biggest manufacturer's largess.

 

1 report cite this report:

Top 12 Reports for 2011 on Dec 25, 2011
Here are our top 12 reports for 2011, starting with the state of the surveillance industry: 2012 Video Surveillance Guide - Key trends reviewed...

Related Reports on Criticism

'Clowns' Allege Ubiquiti 'Completely Fraudulent' on Sep 20, 2017
A short seller has alleged Ubiquiti is 'completely fraudulent'. Ubiquiti's CEO has responded calling them 'clowns'. Here is the short...
Cloud Guy Prints Book, Misses Irony on Sep 15, 2017
On-premise security systems are dead. But $75 print books are alive and well. Such are the lessons from Brivo's CEO new book "The Five...
The 3 Most Outstanding Security Manufacturers (OSPAs) Make No Sense on Sep 08, 2017
The Outstanding Security Manufacturer finalists (US edition) are here: And if you are wondering, "How did those 3 get chosen?" then you are...
Hikvision Happy With Bad Security Unless Hit With Bad Press on Aug 28, 2017
Hikvision is happy to have bad cyber security unless they are hit with bad press, as we detail inside. When you look at the pattern of their...
‘Experts' Fail On Dumbo IP Camera ‘Hack' on Aug 24, 2017
Dumbo, revealed by Wikileaks, has become big news. Unfortunately, 'experts' in the security industry have gotten it wrong, incorrectly contending...
Healthy Skepticism for Deep Learning Is Prudent on Jul 26, 2017
The hype for deep learning in video surveillance is accelerating. Between the race to the bottom and dearth of a 'next big thing', certainly pent...
Dahua Suffers Second Major Vulnerability, Silent [Finally Acknowledges] on Jul 25, 2017
Less than 3 months ago, Dahua received DHS ICS-CERT's worst score of 10.0 for their backdoor. Now, Dahua has received another 10.0 score for a new...
'Suicidal' Knightscope Robot Drowns on Jul 17, 2017
Knightscope continues its hyper growth, at least when it comes to controversy, this time with a 'suicidal' robot in Washington DC. And here is...
ONVIF Chairman Criticizes Low Cost Cameras (Also, He Works At Axis) on Jul 12, 2017
ONVIF Chairman Per Björkdahl has taken a strong public stance against low cost cameras that are 'much more vulnerable to attack' as he explains in...
Hikvision: IPVM Is "Destined To Fail" on Jun 14, 2017
Hikvision has accused IPVM of 'cyberbullying' them, declaring IPVM 'destined to fail.' This is the 3rd anti-IPVM Hikvision post in 2 weeks,...

Most Recent Industry Reports

New IPVM Calculator V3 Released on Sep 20, 2017
The New IPVM Calculator V3 is released. An entirely new architecture delivers the following benefits: Turbo The calculator is now ~50% faster in...
Automatic Door Operators For Access Tutorial on Sep 20, 2017
Opening and closing doors might sound simple, but it takes a high-tech piece of door hardware to pull it off. Integrating automatic door operators...
'Clowns' Allege Ubiquiti 'Completely Fraudulent' on Sep 20, 2017
A short seller has alleged Ubiquiti is 'completely fraudulent'. Ubiquiti's CEO has responded calling them 'clowns'. Here is the short...
HID Buys Mercury Security on Sep 19, 2017
One of the biggest access control deals in years. Mercury Security, the most widely used access hardware OEM, and partner to 20+ manufacturers,...
Hikvision Backdoor Exploit on Sep 18, 2017
Full disclosure to the Hikvision backdoor has been released, allowing easy exploit of vulnerable Hikvision IP cameras. As the researcher, Monte...
Avigilon Touting 'Made In America' on Sep 18, 2017
Canadian manufacturer Avigilon, who completed a US manufacturing facility in 2015, is now running a marketing campaign touting 'Made In America',...
Cloud Guy Prints Book, Misses Irony on Sep 15, 2017
On-premise security systems are dead. But $75 print books are alive and well. Such are the lessons from Brivo's CEO new book "The Five...
Forgotten Password Problem Importance on Sep 15, 2017
Forgotten passwords has become a major industry topic. For example, Hikvision has been emailing admin passwords in plain text until IPVM's...
September IP Networking Course on Sep 14, 2017
LAST Chance - Registration is ending. Register now. This is the only networking course designed specifically for video surveillance professionals...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact