Contact Us855.787.2843

NJB Protection

Contact Us855.787.2843

The AI Layer Is Not the Moat

The AI Layer Is Not the Moat. NJB Protection explains why AI alone is not the moat, and why infrastructure, relationships, and operational depth will define the long-term winners.
NJB Protection LLC · Whitepaper · April 2026
The
AI
Layer
Is Not
the Moat.
Everyone sees an AI bubble.
Almost no one is looking at the right layer.

Infrastructure wins.

We didn’t come to this thesis from research. We came to it from twenty years of building physical security infrastructure with phones, clipboards, and people. What we learned in that time is the argument of this paper.
Authored by Michael Maiolo Chief Executive Officer NJB Protection LLC
Published April 2026 Yonkers, New York njbprotection.com
NJB Protection LLC njbprotection.com
The Core Argument

There is an AI bubble.
You’re just looking at the wrong layer.

The dot-com crash did not destroy the internet. It destroyed companies that mistook access to the internet for a sustainable competitive advantage. The infrastructure layer survived and compounded. The application layer collapsed. Cisco, Microsoft, and Google won. Pets.com did not. The technology was real. The moats were not.

AI is tracking the same curve. Thousands of SaaS companies have built businesses on a polished interface over an API they do not own, serving use cases that any moderately resourced in-house team can now replicate. When that layer commoditizes, and it is already happening, the companies left standing will be those that used technology to amplify something real. In physical security, that distinction has never been more important.

At their peak in 2021, SaaS companies traded at 20 to 40 times ARR. That multiple is already compressing for AI feature-layer companies, repricing toward 2 to 5 times as the market recalibrates what the software is actually worth without the infrastructure beneath it. The dot-com application layer collapsed over 80% from peak to trough. The current compression will not be identical. But the direction is the same.

We started building security operations before guard management software was a real category. Coverage decisions were made on legal pads. Patrol routes lived in someone’s head. Accountability meant a phone call at 3am, not a dashboard notification. Over twenty years, we watched the software promises arrive, each one claiming to solve what the last one couldn’t. Most of them were right about the problem. Almost none of them were built for the operator running the shift.

We are not engineers. We are operators. When we finally built what we needed ourselves, in nine days, using AI tools available to anyone with a subscription. The point was not that we are clever. The point is that if we could do it, anyone can. A regional operator with fifty officers and a laptop can now build the guard management platform that took a venture-backed software company three years and eight million dollars to ship. That changes everything about where the value sits in this industry.

The software was not the hard part. It never was. Knowing exactly what to build. That was the hard part. And that cannot be replicated with a subscription. I believe that distinction is what separates the companies that will compound through this transition from the ones that won’t.

“If we could build it in nine days, anyone can. That is not a technology story. That is a warning.”
Michael Maiolo
I
Part One
The Anatomy
of a Bubble.
Pattern recognition: what 1999 tells us about 2026, and why the application layer collapses the same way twice.
Pattern Recognition

Two waves. Same playbook.

When Netscape went public in August 1995 at a $2.9 billion valuation on its first day, having never turned a profit, it inaugurated a decade-defining misunderstanding. Investors, operators, and analysts conflated the significance of the underlying technology with the durability of the companies built on top of it.

The infrastructure layer was vindicated. Cisco’s routers carried the traffic. Microsoft and Oracle owned the enterprise substrate. Google, arriving late, became the defining company of the era. The application layer was largely wiped out. Pets.com, Webvan, eToys: rational ideas, built on a fundamentally flawed assumption that novelty of delivery mechanism sustains a moat indefinitely.

The mechanics of multiple inflation

Public SaaS multiples peaked at 20 to 40x ARR in 2021. The AI premium reinflated those multiples for AI-native companies through 2023 and 2024. Every enterprise buyer was allocating budget to AI initiatives regardless of demonstrated ROI. That dynamic is already reversing. The signal is quiet. But it is there.

The Nine-Day Proof

We are not a software company. We are operators. So when we spent seven years evaluating every meaningful platform in this industry and came up empty, we built what we needed ourselves, in nine days. What we built: patrol scheduling, officer tracking, incident reporting, and client-facing documentation. What it replaced: a legacy vendor platform that cost us six figures annually and still did not fit the way we actually operated. The lesson is not about us. It is about what it means when an operator with no engineering team can build that in nine days. It means the operator down the street can too. The moat was never the software. It was always what the software was built on top of.

II
Part Two
Infrastructure
Wins.
The application layer gets repriced. Who holds pricing power when the technology commoditizes, and what gets displaced first.
The Durable Winners

The real beneficiaries
of the AI wave.

Nvidia’s appreciation from 2022 to 2025 is not coincidence. Microsoft’s position, with deep investment in OpenAI and AI embedded across its entire enterprise stack, reflects exactly the lesson the dot-com era taught. These companies do not need the AI application layer to survive. The AI application layer needs them. That asymmetry defines who holds pricing power over the long run.

In physical security, infrastructure does not mean chips or cloud. It means operational infrastructure: people, processes, and response systems built over decades. The same principle applies. The same winners emerge.

Categories most exposed to displacement

  • AI writing and content tools, 12-18 months
  • AI sales coaching platforms, 12-18 months
  • AI contract review tools, 18-24 months
  • AI recruiting screeners, 12-18 months
  • AI customer support chatbots, 18-24 months
  • Single-use AI dashboards, 12 months

What survives the compression, in physical security

The companies that hold their valuations have built genuine switching costs through deep workflow integration, proprietary data, or network effects that make replacement operationally painful regardless of the underlying technology.

Companies like Trackforce already see this coming. They have built what is widely regarded as the best guard management and tour reporting software in the market, used by hundreds of thousands of officers across North America for scheduling, tour verification, incident reporting, and compliance documentation. And they understand better than anyone that the threat is not a better competitor. It is a regional operator with a few hundred officers and an Anthropic subscription who builds a comparable tool themselves in a week, at a fraction of the cost in licensing, answering to no roadmap but their own.

The question was never whether their software is good. The question is whether the software alone is the business. They know the answer is no. Which is exactly why they are positioned to excel through it.

Look at what has happened to CRM and workforce management valuations. As software categories commoditize, the multiples compress. The product becomes self-evident. And when the product becomes self-evident, the relationship becomes the differentiator. Serving approximately 75% of the North American guarding industry, Trackforce doesn’t face commoditization as an existential threat. They face it as a forcing function. The advantage isn’t standing still. It’s having the position to move from.

The software will evolve. The relationships will not have to.

Immix is a parallel case. Most enterprise monitoring centers run on Immix as their integration backbone, aggregating video feeds, sensors, access control events, and alarm signals from dozens of disparate systems into a single operational view. It is the platform that makes a monitoring center function as a single coherent operation rather than a collection of disconnected tools. Replacing Immix does not mean switching an application. It means re-engineering the operational nervous system of the entire organization. That kind of depth is not a product feature. It is infrastructure. And infrastructure survives.

Build or buy platforms with deep integration and proprietary data. Avoid paying premium multiples for point solutions whose core functionality is trending toward zero marginal cost.
“A guard showing up on time, documented and accountable, is the outcome. The app that records it is the tool. Confuse the two and you’ve built a very expensive way to miss the point.
III
Part Three
Physical Security
at the
Inflection Point.
Why the human foundation is the moat that technology cannot replicate.
The Fundamental Error

Technology is a tool.
Not the outcome.

Between 2019 and 2025, dozens of security-focused SaaS platforms emerged promising AI-powered analytics, automated incident reporting, and predictive patrol routing. Many raised significant venture capital at multiples that assume they solved the sector’s operational problem. They did not. They solved the interface problem. The operational problem remains, because it was never primarily a technology problem.

The NJB Foundation

Twenty years before
the first algorithm.

We built the infrastructure before we built a single line of code. The first officers we put in the field were managed with spreadsheets and cell phones. Patrol accountability was a signature on a paper log. Incident documentation was a phone call followed by an email. It was slow, imperfect, and entirely dependent on the quality of the person holding the phone.

That is exactly the point.

What those years produced was not inefficiency to be fixed by software. They produced an understanding of what physical security actually requires: what breaks down under pressure, where the accountability gaps live, which problems are human problems and which are coordination problems. You cannot learn that from a product demo. You learn it by being the team that gets the call at 2am when something goes wrong, and by being the team responsible for making sure it does not happen again.

Twenty years of that is the foundation. The software that sits on top of it today, the proprietary platforms, the patrol systems, the coordination tools we built ourselves, those are the dividend. Not the investment.

This is what the model looks like in practice. Guarding, patrol, and technology combined around the actual risk profile of the client. Not a product, not a platform, but a methodology. The most efficient physical security outcome scientifically possible. We didn’t arrive at that through analysis. We arrived at it through twenty years of getting it wrong, then less wrong, then right.

Over the last twenty years, NJB became a security technology company. The hard part was the infrastructure. The easy part, it turned out, was the software. Our clients don’t pay for the platform. They pay for the outcome. That distinction is the whole argument of this paper.

The scale of that infrastructure is worth stating plainly. Approximately 10,000 officers in the field. Tens of millions of protected locations across the United States. More than two decades of national coverage built before a single platform entered the picture.

What Cannot Be Commoditized

The hand that
holds the phone.

Every competitor in the security space now has access to the same scheduling tools, the same video analytics platforms, the same AI-assisted dispatch logic. The technology has commoditized. What has not commoditized is the bench of people who know what to do when the technology tells them something is wrong. People who show up when the shift is inconvenient, who represent a client’s interests as if their own reputation depends on it. It does. That culture took twenty years to build. It cannot be downloaded.

AI can tell you something is wrong. It cannot make someone care.

We know because we tried. Seven years of evaluation, four major platform migrations, and more vendor presentations than I care to count. The technology kept improving. The fundamental problem never changed. The person holding the phone either cares or they don’t. No software has ever fixed that.

Here is what that looks like in practice. We can deploy a licensed officer to any address in the United States within 90 minutes, and to 38% of the country in under 30. That is not a feature. That is infrastructure. The software that coordinates it can be rebuilt in nine days. The network that makes the response possible took twenty years.

“The best software in the world depends entirely on the individual whose hand holds the phone. That is the part we perfected first.”
Technology as Amplifier

Built for operations.
Not for the market.

It now takes days to build the software. It still takes decades to build the system it runs on.

There is a meaningful difference between technology built to be sold and technology built to be used. The tools we built ourselves were designed to solve specific operational problems that seven years of evaluating commercial solutions failed to address. Proprietary software built for your own operation, not for sale and not on a roadmap, cannot be bought by a competitor. Building it requires the domain knowledge, the specificity, and the organizational will that only come from years in the field. A subscription gets you the tool. It doesn’t get you the twenty years.

Conclusion

The bubble will clarify,
not destroy.

Technology bubbles do not destroy the technologies that cause them. The internet survived the dot-com collapse. The companies that failed were not casualties of a flawed technology. They were casualties of a flawed theory about where sustainable competitive advantage resides when a technology becomes broadly accessible.

Artificial intelligence will follow the same arc. The models will improve. The API access will become cheaper. The barrier to building functional AI-powered applications will continue to fall. The companies that built their businesses on the assumption that access to AI was itself the moat will discover that it is not.

The counterargument is that the models will eventually become good enough to replace human judgment entirely. Maybe. But not yet. Not in an industry where the outcome is someone’s safety, where a wrong call at 2am is not a bad user experience but a failure with real consequences. The gap between AI that can process information and humans who can bear responsibility is not a technical problem. It is a human one. I don’t know when that gap closes. I know it has not closed yet.

The companies that win are those that used the technology to get better at something real, something that requires judgment, relationships, and accountability that no model can replicate yet. In physical security, that means showing up when it matters, being accountable when it goes wrong, and building the trust that allows a client to sleep at night. The platforms came later. The trust came first.

“When the cost of building software goes to zero, the only thing left to value is the thing it was built for.”
Michael Maiolo
Chief Executive Officer · NJB Protection LLC
Michael Maiolo is the CEO of NJB Protection LLC. He built the company’s national infrastructure before he built its first platform, starting with spreadsheets and cell phones, arriving at proprietary technology and AI-assisted operations. He writes about the point where boots on the ground meets the future of the industry.
NJB Protection LLC · April 2026 © 2026 All rights reserved · njbprotection.com

Copyright © 2026 NJB Protection. All Rights Reserved.

Designed and Developed By: Royal Ink

Josh Offman

Vice President of Business Development, NJB Protection

Josh Offman serves as the Vice President of Business Development at NJB Protection, where he leads the company’s efforts in expanding its client base and forging strategic partnerships. With a deep understanding of the security industry and a proven track record in driving growth, Josh plays a critical role in positioning NJB Protection as a leader in both manned guarding and advanced security technology.

Known for his ability to cultivate strong relationships and identify new market opportunities, Josh focuses on aligning NJB Protection’s services with the unique needs of its diverse clientele. His expertise spans sales strategy, client engagement, and long-term partnership development, ensuring that NJB Protection continues to deliver value-driven solutions to its clients.

Josh’s leadership in business development has been key to the company’s growth, enabling NJB Protection to expand its footprint in the security industry while maintaining its reputation for excellence and innovation.

Frank Maiolo

Director of Manned Guarding, NJB Protection

Frank Maiolo brings over 40 years of leadership experience to his role as Director of Manned Guarding at NJB Protection. Previously, Frank served as President and CEO of NJB Security Services, Inc., where he built a legacy of operational excellence and client-centered service. His extensive experience in the security industry has equipped him with a deep understanding of both the operational and strategic aspects of manned guarding.

At NJB Protection, Frank leverages his decades of expertise to oversee the performance and efficiency of the company’s guarding division. He focuses on maintaining high standards of professionalism, enhancing training protocols, and ensuring that NJB Protection’s guarding operations align with the evolving needs of clients.

Frank’s leadership has been instrumental in the successful integration of traditional security personnel with cutting-edge technology solutions, helping NJB Protection remain at the forefront of the security industry. His commitment to delivering reliable, customized guarding services continues to strengthen NJB’s position as a leader in both manned and hybrid security solutions.

Matt Bischof

President of Electronic Security, NJB Protection

With nearly 30 years of experience in the electronic security industry, Matt Bischof serves as the President of Electronic Security at NJB Protection. Matt brings a unique perspective gained from his extensive background as a sales leader on both the manufacturer side and the integrator side of the industry. This dual expertise allows him to understand the full spectrum of electronic security solutions, from product development to deployment.

At NJB Protection, Matt leads the charge in developing innovative security technologies, focusing on seamless integration and tailored solutions. His leadership ensures that clients benefit from the latest advancements in surveillance, access control, and intelligent systems, all designed to enhance safety and operational efficiency.

Known for his strategic thinking and client-centered approach, Matt has been instrumental in positioning NJB Protection as a leader in hybrid security solutions, where technology and human expertise converge.

Michael Schulz

Chief Operating Officer, NJB Protection

Michael Schulz serves as the Chief Operating Officer of NJB Protection, where his extensive expertise in operational management and process optimization is pivotal to the company’s mission of delivering cutting-edge, high-quality security solutions. From overseeing manned guarding to integrating advanced technology into security systems, Michael ensures the seamless execution of NJB Protection’s services at all levels.

Renowned for his hands-on leadership style and meticulous attention to detail, Michael excels in driving operational excellence, streamlining workflows, and maintaining high standards across the organization. His efforts have been instrumental in scaling operations while continuously improving service quality.

A champion of innovation and accountability, Michael leads NJB Protection in adapting to the evolving landscape of security needs. Under his operational guidance, the company is not only expanding its footprint but also solidifying its reputation as a leader in hybrid security solutions, all while staying true to its core values of reliability and client-centered service.

Mike Maiolo

Chief Executive Officer, NJB Protection

With over 20 years of experience in the manned guarding industry, Mike Maiolo serves as the CEO of NJB Protection, where he is recognized for his forward-thinking approach to hybrid security solutions. By blending traditional guarding with cutting-edge technologies such as robotics, drones, and AI, Mike has positioned NJB Protection as a leader in modern, tech-driven security services.

Mike's unique perspective on physical security emphasizes the importance of integrating human oversight with automated systems to create more efficient and effective protection strategies. His extensive background in the industry, combined with his ability to embrace innovation, enables him to craft solutions that are both adaptable and highly reliable.

Under his leadership, NJB Protection continues to redefine what security means in a rapidly evolving world, offering clients comprehensive protection that leverages both people and technology.

Helps prevent theft, vandalism, and loitering with continuous oversight.

Strengthens overall security posture, making your business a less attractive target for potential threats.

Minimizes false alarms, reducing associated fees and disruptions.

Supports compliance with safety and security regulations.

Fast return on investment through efficient and effective monitoring.

Proactive monitoring of critical systems like HVAC and Flood Detection.

Advanced audio callouts for immediate threat deterrence.

Can Save 30% or More on Your Insurance Policy

Enhances peace of mind with robust, reliable security measures.

Backed by a team of trained professionals for rapid response and resolution.

Tailored solutions designed to meet the specific needs of your business.

Virtual greeter service to manage entry points and enhance security.

24/7/365 monitoring to ensure constant protection.

Seamless integration with your existing security systems.

Real-time surveillance to protect your assets and people.