Outtakes:

Rethinking Security’s Place in the Market.

This article is part of the ‘Outtakes’ series: original fragments and perspectives from the forthcoming book by Steve Van Till.

Outtake #5: Software Eats Security. AI Eats Software. Man Bites Dog.

Part 1: Software Eats Security

By: Steve Van Till

"Software is eating the world," as Marc Andreessen wrote in his now-famous 2011 Wall Street Journal article of the same name. Today, from many quarters of the software industry, we now have its more ominous successor: “AI is eating software.”

The original observation suggested that software, coupled with lower computing costs, would increasingly dominate, transform, and disrupt nearly every industry. The newer prediction suggests that polymorphous AI platforms, such as LLMs, will be able to replicate the capabilities of many mature software products. All they need is some decent training and a dash of vibe coding. If true, this would imperil many established software businesses, large and small.

Security technology swims in the same waters as the rest of the tech industry, which means it will be affected by the same currents. That raises several questions. Will one or both of these trends have a significant impact on security technology? How will they affect investments in the security technology space? Who will be the winners and losers?

Part 1: Software Eats Security

In the 14 years since Andreessen's opinion piece, software has already consumed a significant swath of the physical security market. Most of us have welcomed this transformation, seeing it as our coming of age in a world that places a high value on data, analytics, and intelligence. The past five years alone show a remarkable increase in the percentage of total security product spending, or share of wallet, shifting from software to hardware.

On a global basis, the software share is estimated to have grown from approximately 5% of total security product spend in 2000 to roughly 30% in 2024. Some markets have shown an even more dramatic transformation. The U.S. market—which has traditionally led in cloud and other security technology adoption—has increased from roughly 10% to more than 40%, with further growth anticipated between now and 2030.

One of the impacts of this shift is that it opens the door to new vendors, more startups, and greater innovation. That’s because software is a more accessible means of market entry than hardware. Successful software companies can gain a foothold within their first 12 to 24 months due to lower upfront investment, shorter iteration cycles, and faster convergence on product-market fit. Meanwhile, over the same timespan, hardware companies are typically still deciding whether their prototypes are ready for production.

The addition of innovative new software providers is indisputably a net positive for the industry and its customers. New players start on modern technology platforms that better meet the needs of current customers (think cloud vs. server, API vs. SDK, and mobile vs. fixed). Startups also bring an agility and responsiveness that more established companies (or those acquired by same) find hard to maintain. And they offer the prospect of higher growth and returns for investors.

The increasing ratio of software to hardware startups (not even counting cyber) tells a familiar story to anyone who has lived through this period in the physical security industry. Well into the early 2000s, hardware led the majority of new company launches (cameras, devices, biometrics), with software accounting for only a quarter of new entrants. By 2010, the number of security software companies had increased to nearly half of new startups, aided in part by the IP revolution in camera technology, which enabled more sophisticated VMS platforms than ever before. And today, software startups are clearly in the majority, with AI likely to increase that percentage even further.

For better or worse (but mostly better), this transition also displaces established leaders—and their technology frameworks. This is classic Innovator’s Dilemma, where promising newcomers look innocuous at first but eventually eat the lunch of the incumbents. The net effect is that while security used to march to the beat of its own drummer, it now moves in concert with the larger world of enterprise software.

And this is what lands us squarely in the camp of software markets that may be permanently disrupted by the AI revolution.

Part 2: AI Eats Software. Coming Soon.