here's my input, coming from my perspective as a systems/network architect for a security firm.
1) forget wireless whenever possible. Hard wire all the things. Definitely do not use wireless for your security system. Wifi should be on a tightly controlled part of your network and ideally should not carry sensitive data. That might be a bit Utopian in today's world of tiny devices, but aim for that goal and it'll be easier to protect the things you simply can't hard-wire.
2) Cat6a is great, but costly. If the extra expense is worth it to you for future-proofing then by all means, use it everywhere. If you want to save a few dollars, wire things like security cameras with Cat5e. The likelihood of them ever needing to do 10GbE is pretty slim. 1GbE works great with Cat5e.
3) Use patch panels in any place where you have more than about 4 cables coming from the wall outlet(s) and you can tuck the patch panel out of sight. There will come a day when you'll be very happy that you did.
4) If you have room and can hide it away properly, use a rack for your main hardware location. Get cable management for that rack. If it needs to be more presentable, use a cabinet... but if at all possible, rack mount your components within that cabinet.
5) Consider cooling requirements. Nothing is worse than getting all that equipment into place and working, then realizing you don't have enough airflow to keep it all cool. The method you use will vary greatly depending on your environment, but definitely keep it in mind.
6) Use different colored wires for different purposes in your main rack. Personally, I use red for anything outside my firewall, orange for DMZ, white for trusted, and blue for in-wall. I match keystones to cable colors. Pick whatever colors you like, but it's very nice to be able to tell at a glance that a particular wire or plug is on a particular segment of the network.
7) label *everything* you can. label each end of each wire, label wall jacks, label patch panels, label, label, label. It doesn't hurt to have a diagram or at least a list of what is where posted in or near your rack/cabinet.
8) invest in a good switch or switches. It doesn't have to be a full Cisco chassis, but get one that is managed and has more features than you currently need. Port mirroring/spanning is a great thing to have if you ever decide you want to monitor your entire network. Not a lot of consumer grade switches out there have this, but there are good options that do. Personally I really like TP-Link for a cheap but quality option. They constantly surprise me in a good way.
I could go on and on... but I think those points cover the main things. I envy that you're in a position to get this all right the first time. Best of luck!
edit: to expand a bit on cable management, since that was kinda the OP's question in the first place
- get a raceway to go over your rack, and at least some "fingers" for the cabling side of the rack. A big part of my job is deploying our proprietary hardware in customer datacenters, and I usually spend more time making the cabling look pretty than I do installing and configuring the gear. Nothing says "professional" like a well-organized rack, and no rack can be well organized without good cable management.