The Modern Enterprise
The 5 Newest Threats Facing Enterprise Security
October 5, 2016 - As a new entrant to the market in 2011 Securadyne Systems saw an opportunity to build something different, fill an existing “gap” in the market, and create a company that would be both unfailingly consistent in its focus and forward-thinking in its approach. Just five years on these efforts have earned it SDM’s 2016 Systems Integrator of the Year award.
Imagine what you would do if you had the opportunity to create your ideal security integration company from scratch. This was both the challenge and opportunity facing Carey Boethel when he left his position at a large international integrator with nothing but a business plan and ambition. The concept was to create a best- in-class nationwide security systems integration firm aimed at the “middle market gap.”
Boethel saw a marketplace that was highly fragmented, characterized by hundreds of small independent companies and a few large, multinational providers — but not much in between. “This forces customers to choose between the lesser of two evils: do business with one of the few, very large providers who sometimes struggle with innovation and consistency; or do business with numerous small integrators who typically provide great service but struggle with the scale and therefore necessitate multiple vendor relationships,” Boethel says.
Beyond that, Boethel looked at the proliferation of cloud computing in electronic security and the ways in which the SMB market was already taking advantage of this. He envisioned a time when enterprise clients would also realize these benefits — although not necessarily in the same ways. “We wanted to position ourselves as thought leaders in the enterprise space and become well positioned to deploy large-scale cloud solutions for those customers once they ultimately began to adopt the technology.”
Founding a business was something Boethel had always aspired to. “For me personally, I always wanted to do something entrepreneurial and had spent my career working for both small and large companies,” he says. “I was driven by my desire to create something that, in my opinion, had never been created before in our space, and that is a service organization of scale that is national in scope and provides absolute consistency branch over branch.”
Boethel talked to potential institutional investors about the merits of what he wanted to build. Charlotte, N.C.-based Pamlico capital agreed to back the company and Securadyne Systems was officially launched in September 2011. “I was the only employee and there were no revenues,” Boethel recalls.
Unlike many startups, Boethel’s plan required an acquisition strategy up front, followed by organic growth. “We wanted to come up to scale as quickly as possible,” Boethel says. “The two industry dynamics that I felt were the rationale for Securadyne were immediate. There was a shortage of mid-sized super regional integrators and cloud was and is a compelling and disruptive trend that is changing our industry.”
Not long after the company was founded, Boethel was joined by a former co-worker, Taylor Carr, now senior vice president of business development but then tasked with devising a strategy for handling the acquisitions.
The first acquisition, of Dallas-based SecureNet, became Securadyne’s new headquarters. Barely seven months later the company acquired New England-based Surveillance Specialties. The following year, Advanced Control Concepts of Pensacola, Fla., and Intelligent Access Systems of Garner, N.C., rounded out the acquisition phase.
“We did four key acquisitions — each of which were the best integrators in their respective regions at the time — between 2012 and 2014,” Boethel says. “Since that time we have been focusing on seamlessly integrating those concerns, building scalable infrastructure to support future organic growth and synthesizing our operations.”
While each acquisition brought something specific that Securadyne was looking for, this go-to-market strategy was anything but easy, Carr says. “We acquired four companies and one was over 30 years old. Another was 12 years old. That is a lot of ingrained culture.”
The real work began when Securadyne sought to mesh business processes, employees, culture and customers into one, new, cohesive unit that would encompass Securadyne’s five core attributes: accountability, reliability, consistency, high performance and a customer-centric focus, all delivered in a collaborative team environment.
“The challenge was taking those four cultures and integrating them into what our desire was for the Securadyne culture,” Carr says. “There is a reason why not too many companies have done what we have done.
“It is arguably the most disruptive thing you can do to a business,” Carr adds. “When we built the integration program for acquisitions we took a lot of best practices and lessons learned from prior experiences — often about what not to do.”
Early on in the process, Carr and Boethel were joined by Chief Financial Officer Chris Young. “I came on board when we really hadn’t defined a culture,” Young says. “We were literally starting with a blank piece of paper.”
With a “best idea wins” approach, a very deliberate strategy and a focus on both employee development and bookend customer care, Securadyne soon found itself at the top of the heap, debuting on the SDM Top Systems Integrators Report at No. 18 in 2013, and moving steadily up to its current position at No. 9 in 2016. As last year’s Systems Integrator of the Year honoree, Securadyne Systems’ award this year may not be surprising — but it’s no less impressive with just five years under its belt.
A STANDARDS APPROACH
Talk to almost any Securadyne employee and they will tell you one thing about the acquisition process: “Change is hard.” Fortunately, both Carr and Boethel went into this process with very clear ideas of what they did — and did not — want to happen, as well as a detailed plan worked up by Carr that sought to make the process, if not painless, both fair and constructive.
“Because acquisitions were a part of our growth strategy, we had to develop a way of integrating them without undermining our national consistency value proposition,” Carr says. “If handled incorrectly, acquisitions could easily create a highly fragmented culture and infinitely many different operating methodologies. We developed a unique and proprietary means of integrating acquisitions that drives consensus and strategic alignment within our employee base — both existing and newly acquired.”
The process kicks off as soon as an acquisition occurs and lasts for 12 months, with the heavy lifting in the first six months, he explains. Carr, Boethel and Young first embark on a “road show” to meet with every single employee, as well as talk to partners, suppliers and customers.
“We have a goal when we acquire companies not to lose a single employee or customer during the integration program,” Carr states. With four acquisitions well under their belt, he reports that they have not lost any customers (except by choice), and have not lost any employees during the process. Securadyne asks acquired employees to give them a year. After that, if the employee decides it is not for them, Securadyne will help them find a place to go. “We don’t buy underperforming companies so we are not doing a bunch of layoffs,” Carr explains.
The key, Boethel says, is to involve the employees as much as possible and to get a creative “consensus” for how things will be going forward.
“When you slowly build a business one employee at a time, you are able to connect with that individual and achieve alignment of interests and goals,” Boethel says. “Frankly, I think that is the best way to grow a business in most instances. When you acquire you have to appeal to groups of people in such a way where you find consensus amongst them, and that is difficult. We work very hard during the 12 months that follow an acquisition to ensure we achieve that creative consensus. The way we do that is exactly the way we would do it if we were doing it organically — make sure every employee has a voice in the process so there is an empowerment element to it.”
Bruce A. Pontier, regional vice president, who joined Securadyne about three years ago after the Advanced Control Concepts acquisition, calls the Securadyne acquisition plan a ‘do no harm’ approach. “We take the time to go in and understand that company and how they do business. We try to learn from them and absorb their best practices. We recognize that acquisitions don’t necessarily want to be acquired. Those are the owners’ decisions. But we are acquiring staff and we want them to be part of Securadyne.”
At the heart of the acquisition integration plan is the core principle Securadyne was formed with: standardization. “We don’t want robots,” Carr says. “But we have to be standardized. I don’t believe anyone has done this really well and I don’t know that we will get there perfectly.” But for both the sake of the acquisitions plan and going forward, for employees and customers, they knew they had to try.
“No company of any scale in our space has ever achieved absolute and ubiquitous consistency across all of its branches, and that is what we have set out to do,” Boethel explains. “We have a saying that I love: ‘Being reliable comes from being consistent, and consistency comes from standardization.’ We don’t standardize to cut operating expenses — we standardize to improve the customer experience.”
Glen Weston, director of field operations, was brought on in 2014 to further the push for standardization. “When I came over to Securadyne there were some standards in play but quite frankly they were not as structured as they could and should have been. As a collaboration of four previously independent companies they were very good at what they did at a regional level, but once we started integrating them there were a lot of different policies and procedures that needed to be worked out.”
Weston took the standards committee, which Securadyne formed in 2012, and fleshed it out to be an efficient and effective operation that would take input from several sources and implement the best ideas company-wide. This volunteer committee is also completely employee driven. “The standards committee has representation from each of our four regions with approximately three individuals from each,” he says. Committee members are also encouraged to reach out to colleagues for additional input and even more employee buy-in.
“By letting the employees have a voice we stand a greater chance of the company adopting it faster than if they didn’t have any say,” Weston says.
When new acquisitions are brought on board they are immediately added to the standards committee, which further enhances the process as well as adds new ideas to the mix. For example, “Our friends from Intelligent Access had a way of doing their wiring that was a little bit better, so we adopted their naming convention,” Weston recalls.
This is exactly the way it is designed to work, Boethel adds. “When we make an acquisition we take a group from Securadyne and a group of the newly acquired employees and say, ‘You guys determine how we are going to do business, and the best idea will always win, regardless of its origin.’ In instances where acquired companies have best practices that were more efficient than our own, we simply reverse engineered that.” But that, too, takes work, he adds. To help with the process, senior managers are compensated on the extent to which their business segments and/or branches meet the standards.
Employee buy-in of standards and procedures is the tip of the iceberg when it comes to the Securadyne philosophy on its workforce. Faced with a challenge that is nearly universal in the security industry — finding, developing and keeping good workers — Securadyne takes a “grow your own talent” approach.
The company spends close to three times the industry average on training its employees, and requires managers to spend their entire training budget. “A good P&L manager will often hold back on discretionary expenses such as training if their business is performing below expectations, Boethel says. “That doesn’t happen here. We invest in our employees regardless.”
But the practice is not without its risks, Pontier says. “We have to be willing to spend the money to prepare them, but there is a certain amount of risk to increasing their value in the marketplace. We are conscious of having to keep those folks happy and aligned in their career goals with us.”
That is why in 2014 the company branded a formalized process called “Expedition Securadyne” to recruit and develop talent differently. It includes both “Project Greenhorn,” an intense training program designed to take unskilled labor and develop them into highly skilled technical resources; and the “Alpine Team,” which grooms promising candidates for leadership roles. Expedition Securadyne was also a natural outgrowth of the acquisition process as a way to encourage and retain employees.
“Historically technicians will jump ship for a couple bucks an hour,” Young says. “We would like to get to the point where they don’t take that call because they know they have a path here to become a general manager in three to four years and double their income….We don’t want this to be a place where people have jobs, but where they have careers.”
As senior director of human resources, Ernest Martinez, who joined Securadyne last January, was impressed by what Securadyne had created. “Expedition Securadyne is the journey that every employee is on. Then we have Project Greenhorn that is designed to train someone who didn’t come from the security industry but shows the aptitude. Finally, the Alpine Team takes those interested in transitioning to a leadership role and pairs them with a mentor to help them with that process.”
Ebony Haywood, director of professional services, was a member of the first Alpine team last year. An Intelligent Access Systems (IAS) employee, her department at IAS was one Securadyne identified in the acquisition integration process as something that it wanted to implement. But because she was new to her leadership role at IAS, as well as to Securadyne, she was encouraged to do the Alpine program.
“Going through the Alpine program helped me,” she says. “Everything happens for a reason and I felt like I needed that to get into the mix. Being a director and being part of this group was an opportunity to get to know people on another level.”
Alpine and Greenhorn are great, specific, programs, but Martinez wanted to find a way of benefitting all employees in a more structured way. “Our annual employee surveys showed that many within our workforce neither had clear line of sight to a career path nor a method in which to develop existing or new skills,” he says.
One of the things he is most proud of this year has been the implementation of a broader reaching goal-oriented training initiative called the Enterprise Learning Management System (LMS), a Skillsoft platform that standardizes and makes it easy for employees to access courses and training.
“Our goal is for Securadyne to be a career for them,” he says. “You have a starting point and we would like for you to develop your skills and continue moving to the peak.”
Sometimes the goal is direct, such as moving from Tech 2 to Tech 3. But other times it is harder, such as becoming a project manager, or moving to a different side of the business. Managers sometimes have to act more like a guidance counselor. “Part of the process is discussing with employees their strengths and opportunities,” Martinez says. “With that you lay out the plan of where to go from here and which courses are more beneficial.”
The LMS portal serves as a single platform for training for internal Securadyne processes, external certification courses, and even personal development such as writing and management skills. “We want it to be a one-stop-shop so the employee doesn’t have to jump through hoops to gain access to different courses,” Martinez explains.
“You can achieve whatever you determine you would like to achieve within this organization,” says Jeff Holland, regional vice president and one of the newer members of the Securadyne executive team, coming onboard less than a year ago. “It is a high- performing organization that is highly amenable to upward mobility.”
Securadyne employees are not all about training and work, however. Like many successful companies, Securadyne believes strongly in giving back to its communities. One day a year the company closes all offices so employees can participate in “Community Day,” an effort where all employees volunteer their service at a charity chosen by the employees of that branch. They are all different, but popular choices include Habitat for Humanity, a food bank and even a horse rescue.
Securadyne’s approach to customers is not unlike its philosophy in other areas: measured, considered and holistic — and of course, standardized.
Securadyne divides its customers both vertically and horizontally within three key segments, Carr says. Horizontally, Securadyne services both enterprise and commercial customers. Within those, the company also invests heavily in developing subject matter experts in six key verticals: electric utilities, oil and gas, healthcare, higher education, life sciences and federal government. “Our typical customers are end users who operate in regulated industries and that value long-term relationships built on service and trust,” Carr adds.
In fact, in his research phase, Boethel looked to the IT/telecommunications industry to better understand and predict the trends that affect the security industry. “One of the key trends we identified was the repositioning of IT industry leaders IBM, HP and Dell as they made major acquisitions of service businesses in order to diversify their revenues, improve customer loyalty and mitigate the effects of IT hardware commoditization,” Boethel says. “These revolutionary repositioning moves influenced our ‘bookend’ differentiation strategy where we provide fee-based consulting services on the front end of the customer lifecycle and professional services on the back end. By ‘wrapping’ conventional systems integration in these professional service offerings, we are able to not only create additional value for our customers, but also mitigate the adverse effects of product commoditization on our business.”
Throughout 2014 Securadyne worked on creating two brand new divisions: the Consulting Services Group (for threat and vulnerability assessments, policy and procedural development, creation of global operating concepts, and long-term planning) and the Professional Services Group (for “lifecycle” services including access control system administration, credentialing outsourcing, custom software, highly complex integration, and managed services).
“Our vision for Professional Services is to provide innovative technology-centric services that support the empowerment, growth and efficiency of our customers,” Haywood says.
To assist with that, Securadyne hired Russ White, from Bell Helicopter, as its vice president of technology and innovation. While he did not have experience in the security industry, he did have a lot of experience in high-level technology, as well as team management. White was tasked with managing IT internally, heading the Professional Services group and vetting new technology to make sure Securadyne and its customers stay leading edge but not necessarily bleeding edge.
This vetting process relies on a group of people from the solutions engineering team with technical expertise. “We look at it to decide, is it a viable new thing or just a new type of camera? We throw out the stuff that is not really unique or different,” White says. “For the technologies that make it through we use a cross-functional team to talk with suppliers and determine whether they are a good fit.”
White also runs the managed services component within the Professional Services Group. With its initial charter that focused on the potential of cloud, this is an area Securadyne continues to work toward, although it has been a slower take than they had hoped for.
Things are turning the corner, though. “Once the benefits are clearer and better understood, that will come,” White says. “There is too much value for that to just go away. Cost drove managers on the IT side and that will get to the physical security side. We are trying to lead that component with RMR types of solutions and ongoing service contracts. We push to grow that every time we can. It is harder when you are in front of the curve because you have to educate people on the benefits and that is a harder sell.”
Boethel is clear that, even though cloud was a motivating force for founding the company, it is not the only solution or even the best one for all customers. “We are going out to solve problems, not just blindly sell a technology like the cloud. We want to be a good solutions provider and help our customers solve problems. More and more cloud will be the answer, but we will let that process play out and not be overly prescriptive about it or try to put a round peg in a square hole.”
Boethel makes sure to keep a pulse on the needs of top customers by talking both formally and informally to them to see how Securadyne is doing.
“The importance of accountability cannot be overstated,” Boethel adds. “Unless you have a system of accountability, feedback and continuous improvement, you cannot ever really achieve true excellence, let alone consistency.”
He reports that demand for consulting, professional and lifecycle services has been high, particularly in the areas of threat and vulnerability assessment, development of corporate standards for technology and regulatory compliance issues.
“There are a few key components we drive towards,” White says. “One is being able to standardize for enterprise customers, another is being able to manage the lifecycle and get the service follow-on; maintaining the recurring revenue stream and value for the customer are all things we try to consistently improve on.”
For example, Securadyne created a middleware product called Invarios based on open platform components to help solve and standardize integration between HR and other systems, as well as a way to more easily transition from an old system to a new. “It saves time and we end up with higher quality that way,” White explains.
Securadyne also standardized some of the processes around customer services by implementing a Program Management Office (PMO), which is an extension of field operations. “The PMO is responsible for orchestrating, coordinating and managing projects and service agreements where the scope of the engagement is larger than the local service area of the host branch,” Weston says.
Securadyne’s key verticals vary widely in scope and needs, Holland says, but they do share some important characteristics. “When you bring in the consultative managed services, professional services and the ability to stay out in front of technology and partner with them to educate and lead them to the best and newest and proven technologies, that is a differentiator for us.”
While it started with four acquisitions, in the past two years Securadyne has focused more on growing organically, and on shifting internally to be able to take on even more growth. At the end of 2013 Securadyne had eight branches. By the end of 2015 it had 18, Carr reports. Most recently, the company opened new branches in Cincinnati, New Orleans and Fort Lauderdale.
This growth took Securadyne from $43.2 million in 2013 to a projected $78.4 million in annual revenue in 2016 — an 81 percent increase over three years. With a projected $90 million by 2017, Securadyne is on track to more than double its income in a five-year time period. However, it hasn’t all been easy. Revenues tipped down slightly in 2015, largely due to two factors: the price of oil and a planned back office implementation that took up a lot of time and resources.
“One of our challenges last year was the slowdown in the oil and gas industry,” Boethel says. “We operate in cities like Houston, Dallas, Oklahoma City and Pittsburg, all of which have a high concentration of oil and gas customers. When the spot price of oil dropped from a high of over $100 a barrel in June 2014 to a low of just over $31 a barrel late last year and early this year, [that] put pressure on our ability to grow in that key vertical.”
One of the biggest internal accomplishments in 2015 — the implementation of a complete enterprise resource planning (ERP) back office system — proved much more challenging for the company than anticipated.
“When we rolled it out it was a full quote-to-cash system and it was just tough,” Young says. “We pushed the team really hard and when it finally went live there were some challenges. We spend a lot of time dealing with ERP issues, but what doesn’t kill you makes you stronger. We learned a lot about our business in terms of how we want to measure things, how people work and what true processes are.”
Much like the start-up acquisition phase, there may have been an easier path, but the company instead chose to go through a little more pain for a faster and larger reward.
“Everybody has their back office system and some are probably more mature than others,” Young adds. “For the size of the company we were and continue to be, the investment we made was high. We invested for where we wanted to be, not necessarily where we are right now.”
The cloud-based ERP system will allow Securadyne going forward to truly standardize the business processes in the way Boethel envisioned when he started the company. And going forward, if there is another acquisition, it will simplify things immensely. “The last time we did an acquisition pre-ERP we had four different companies reporting things four different ways,” Young recalls. “It was basically Excel gymnastics.”
Now, whether incorporating a new company or just managing a large project from start to finish, the ERP provides standardization, consistency and business intelligence to make sure things run smoothly. “It’s never mission accomplished, but ultimately we wanted to make everybody’s job easier and give the company the visibility to make sure the customer is happy,” Young says.
Boethel viewed 2015 as a “regrouping” year, putting the company in an even stronger position for 2016 and beyond. “In the first two-and-a-half years we did four acquisitions, and over the last two we haven’t done any. We have looked at some, but it is no accident that you haven’t seen us acquire. We knew they would have to be integrated seamlessly and we had to have a scalable infrastructure that would allow us to continue to grow.”
And that is what happened. 2016 is projected to grow at a 15 percent rate, as is 2017, a rate Boethel views as healthy but manageable. “We are a high-performance organization interested in growth but we don’t grow irresponsibly without an eye to how we keep our existing customers happy.” While not ruling out future acquisitions, Boethel says future growth will be a “balanced approach that slightly favors the organic.”
With standards now in place at almost every level of the business, Boethel is as optimistic about the future as he is proud of what his company has accomplished so far.
“Our two primary objectives [when we began] were scale and cloud.... Our footprint today is concentrated in the eastern and southern U.S. I would say we are about halfway to where we want to be in terms of geographical footprint.
“Based on the investments we have made, which have been significant, there is no limitation on the extent to which we could grow.”
The Importance of Mentoring
Securadyne’s Alpine Program pairs high-initiative employees that want to move to leadership roles with mentors who are already in similar roles. While the intent was and is to guide and train these employees on how to be leaders, the experience for both mentor and mentee often goes far beyond that.
“It has really helped foster strong relationships between our senior executives and some of our up-and-coming individual contributors,” says Bruce Pontier, regional vice president, and a mentor. “It was intended to be a one-year program but my mentee from last year and I opted to continue those calls this year even though I have a new mentee. We both saw value in those regularly scheduled calls that not only touch on business but how we can grow each other as individuals and better citizens.”
Every member of upper management has at least one mentee and they are deliberately paired with someone outside their reporting structure. In addition to regularly scheduled calls or meetings, team members gathered for a three-day conference at the end of the year where they attended seminars, enjoyed team-building exercises and had fun.
“It is intended to foster a professional relationship that really doesn’t have any boundaries and be genuinely helping the individual by having very open and frank discussions about just about anything,” Pontier says. What surprised him as a mentor was that he got as much out of it as his mentee.
“I really did get more out of it than I thought I would. I think I learned a little bit more about myself and how to bring more value to my team because it was open feedback without penalty on both sides.”
Ebony Haywood, director of professional services, was a member of the first Alpine team as a mentee and found it particularly helpful, as an employee of one of the newly acquired companies trying to assimilate into Securadyne.
“I think for me it gave me some confidence. As a female in this industry, just being acknowledged as a leader gave me the confidence that I can be a leader and someone they see [that way]. I have been working for almost six years now in this industry and it is nice to be acknowledged and coached.”
Senior Vice President of Business Development Taylor Carr sees the Alpine program as a work in progress. With the second year well underway he envisions a time in the future when former mentees will become mentors themselves.
“We have talked about that and there is a desire to expand the program. Right now it is just EOC members but we do see that down the road.”
One-on-One With Carey Boethel
SDM spoke with Carey Boethel about the experiences and philosophy that shaped his vision for Securadyne.
SDM: Explain how you came up with your approach to acquisitions.
BOETHEL: My first job in this industry was with a small engineering firm with less than 20 employees. About four or five years later we were acquired by a publicly traded billion dollar company with which we had competed in the past. That was my first exposure to acquisition, on the other side of the table. I will never forget the CEO and founder came down and got us all in a room and gave us a big speech, centered around the notion that they had competed with us unsuccessfully and that was why they were acquiring; and the respect they had for us meant they weren’t going to change anything about our company. I remember thinking, how could that be? We are so different. And in fact they changed everything about our company. I committed to myself that if I was ever in that position to address newly acquired employees I was never going to say that. Things are going to change, but only when they are good for you, good for our company and the customer.
SDM: Some of your key employees came from outside the security industry. Was this by intent?
BOETHEL: We are not fans of going out and getting competitive retreads. It helps us immensely to get outside perspectives. Russ White came to us from Bell Helicopter where he led a team of 400 people. He is challenged with developing new strategies and new ways of thinking that will help improve our business over the long run. For example, this year and probably next year he and his team will be working on developing an IoT strategy that will help us service our customers in new and unique ways, leveraging the cloud and remote services. He brings that experience with him. You don’t find that many people in our industry with that kind of perspective and those kinds of skills.
SDM: What is your approach to the cloud for enterprise users and how is that going?
BOETHEL: We believed then, and we believe now, that the cloud is forever changing the way security systems are procured, managed, administered, monitored and maintained…. We believe that the enterprise-class market segment is now beginning to understand and embrace how cloud-based security can benefit them. The mistake many security solutions providers have made is offering the same economic value proposition to enterprise prospects that they offer to SMB prospects. Enterprise customers have very different needs, different capital structures and different appetites for investing in infrastructure. The core value proposition for enterprise-class users is not necessarily lower TCO, but rather improved resiliency, broader access to secure information and added efficiency.
Relative to the cloud, I believe we have definitely achieved thought leader status, but the enterprise market adoption of cloud has been slower than expected. If anything, I think we were probably a little early in our focus on enterprise cloud, but we are now seeing acceptance by some of the largest and most demanding companies in the world. For example, we recently witnessed a top five U.S.-based food manufacturer select a SaaS architecture for access control at over 400 of its locations around the world. That’s new.
Article by Karyn Hodgson and featured as the Cover Story in the Ocotber 2016 Issue of SDM Magazine
The 5 Newest Threats Facing Enterprise Security
Find out how to improve efficiency in your enterprise...
Securadyne Systems fills two glaring gaps in the electronic security marketplace.
The 5 Newest Threats Facing Enterprise Security