In Focus: geopolitics & security technology
Steven Kenny, ASIS Board Member, explores the uncomfortable truth about security technology and supply chain risk and whether it is worth the risk.
For years, we’ve treated security technology as a technical decision. In reality, that’s been a dangerous oversimplification. Pick the right camera. Install the system. Tick the compliance box. Job done. Except… it isn’t. Because the world has changed.
We’re now operating in a geopolitical environment where technology is no longer neutral. Conflicts aren’t just being fought on physical battlefields. They’re playing out across networks, infrastructure, and increasingly, the very systems designed to protect us.
Recent global events and open-source reporting have highlighted instances where video surveillance systems have been accessed, exploited, and in some cases, used to identify individuals and targets. That should give everyone pause.
The uncomfortable reality is this: most organisations still evaluate security technology based on performance, price, and functionality – Resolution, Storage, Analytics and Cost. These are all important, but largely missing the bigger question: Who built it, who controls it, and where does your risk really sit?
Because supply chain risk is no longer theoretical. A significant proportion of the world’s security technology is manufactured through a relatively small number of global supply chains. In many cases, brands you recognise are not the original manufacturers of the equipment.
That’s not necessarily a problem in itself. But it becomes one when geopolitical alignment, state influence, and long-term strategic positioning enter the equation.
This is where things get uncomfortable. Because if a piece of technology is widely deployed, deeply embedded, and remotely accessible, it doesn’t just represent operational value. It represents visibility. At scale.
At that point, the question changes. Because this isn’t just about system performance anymore. Security systems are no longer just protecting assets. In the wrong context, they can expose them.
Now, this isn’t about fearmongering. And it’s not about suggesting every system is compromised. But it is about asking better questions. Because in many cases, organisations are still relying heavily on system integrators to specify, install, and maintain their solutions.
Technically, that makes sense. But from a business risk perspective, it creates a gap. System integrators are experts in engineering and delivery. They are not always responsible for assessing geopolitical exposure, supply chain transparency, or vendor ownership structures.
So the question becomes: Who in your organisation is actually accountable for that risk?
Because due diligence today needs to go further than basic technical validation.
It needs to include:
- Where the technology is manufactured
- Who owns or influences the manufacturer
- How the supply chain is structured
- What level of control or access may exist beyond your organisation
And perhaps most importantly: What happens if those assumptions are wrong?
Security has always been about managing risk. But the definition of risk is evolving.
And if we continue to treat security technology as a standalone technical solution, rather than part of a broader geopolitical and supply chain ecosystem, we’re missing a critical part of the picture.
The reality is simple. You can’t outsource accountability. Not to a vendor, not to a system integrator and not to a specification.
Because in today’s environment, the question is no longer just: Does this system protect us? It’s: What does this system expose, and to whom? Controversial opinion
We’re in an uncomfortable place globally. Conflicts are no longer isolated, and alliances between nations are becoming increasingly visible in how they operate, support, and respond to one another.
So it’s not unreasonable to ask difficult questions. What happens when those same dynamics intersect with the technologies we rely on every day? When a significant proportion of global security technology is manufactured within regions that are strategically aligned, and where vulnerabilities have been publicly identified time and time again, the conversation changes. Not because every system is compromised. But because the potential impact, at scale, becomes impossible to ignore.
So we have to ask: Is this simply a coincidence of global supply chains and modern conflict? Or is it a consequence of decisions that have been building over time?
Steven Kenny
ASIS Board Member
