Emphasising proactive rather than reactive security shifts the focus from dealing with crises and damage control to prevention. Advantages of a proactive approach include cost efficiency, better business continuity, and fewer crises that draw attention away from strategic improvements. Staying ahead of threats is a core mission of the security department, and technology has evolved to enable security professionals to deliver on that mission better than ever. We asked our Expert Panel Roundtable: How are security systems transitioning from reactive to proactive, and what is the benefit?

Multiple technology trends are transforming the physical access control market. There is a fundamental shift away from physical cards and keys toward digital identities — mobile credentials, digital wallets, biometrics, and cloud-native access platforms. These next generation access solutions are radically reshaping how buildings operate, protect staff, and perform functionally. At the same time, AI and analytics solutions are being layered onto these physical access control systems to support predictive threat detection and behavioural insights. Access data itself is becoming an asset for sustainability, space optimisation, and smart building initiatives. Risk, impact operations and experience The annual HID Global Security and Identity Trends Report highlights these and other issues The annual HID Global Security and Identity Trends Report highlights these and other issues. The survey cites improving user convenience as a priority for nearly half of organisations, while 41% are focused on simplifying administration, and 28% struggle with system integration. These are not theoretical challenges, they are day‑to‑day friction points that add cost, increase risk, impact operations and experience, and, of course, must be addressed. HID Global’s commercial focus HID Global’s commercial focus is to help organisations digitise their access control — with mobile identities, biometrics, and cloud platforms — and then to use the data to deliver more value. “We are turning access control from an operational cost into a software-driven asset that improves efficiency, supports Environmental, Social, and Governance (ESG) goals and even creates new revenue opportunities,” says Steven Commander, HID Global’s Head of Consultant Relations. The impact of digital transformation Digital transformation is the method of moving access control from hardware and physical credentials Digital transformation is in the process of moving access control from hardware and physical credentials to a software-driven, integrated experience. The transformation strengthens security while also improving user convenience — transforming the “pavement to the desk” journey. HID enables this shift through mobile credentials, biometrics, cloud-native platforms, and solutions that allow third-party applications to run on door hardware. “This helps customers turn access data into operational and commercial outcomes, while also improving the overall user experience,” says Commander.  Digital transformation in access control is not focused on chasing the latest trends. Rather, transformation is about turning software, data and integration into outcomes that matter to customers, says HID. “Security becomes stronger and more adaptive,” says Commander. “Operations become simpler and more cost‑effective. Experiences become seamless and consistent. Sustainability moves from ambition to action. And the financial case becomes clearer as efficiencies are banked and new value streams emerge.” The challenge of futureproofing with long lifecycles Given that physical security technologies will be in place for 15 to 20 years, it is important to plan for how systems can evolve over time. Considering how rapidly security threats, compliance standards, and user expectations change, 15 to 20 years is a long time. The decisions made at the beginning of a system’s lifecycle can either limit flexibility later (which will be costly) or enable long-term adaptability. Support for open standards such as Open Supervised Device Protocol (OSDP) is therefore important Choosing products and platforms that are open, interoperable, and designed for updates can enable future-proof projects. Support for open standards such as Open Supervised Device Protocol (OSDP) is therefore important.  In addition, systems built on open controller platforms — such as Mercury — enable organisations to switch software providers or expand functionality without replacing core door hardware. Architectural openness is key to system lifecycles and maximising the return on investment (ROI) from a chosen solution. Digital credentials and mobile access Flexibility and upgradeability should also be top of mind when it comes to endpoints like access control readers. While RFID cards are still commonplace, there is a clear trend toward digital credentials and mobile access. Readers that support both allow organisations to transition at their own pace, without committing to a full system overhaul. A long system lifecycle does not mean technology should remain static. Security, particularly cybersecurity, demands more frequent updates. Technologies that support firmware upgrades in the field extend the value of a deployment while helping organisations keep pace with emerging threats. In that sense, lifecycle thinking is not just about longevity — it’s about maintaining resilience and readiness over time. Applying biometrics and mobile identities Biometrics is becoming mainstream as a credential alternative, strengthening security without adding friction Biometrics is becoming mainstream as a credential alternative, strengthening security without adding friction. Many organisations are now deploying biometrics to support fast, seamless access journeys, with adoption already around 39% in access control according to HID’s recent research.  In addition, 80% of organisations surveyed expect to deploy mobile identities within the next five years. Full technology integration enables tap‑to‑access without opening an app; the user journey becomes faster, safer, and more convenient. “It is where the industry is headed and we are at the vanguard of this,” says Commander.    Ongoing challenge of cybersecurity At HID Global, cybersecurity is embedded into everything, from corporate processes and development practices to the solutions they bring to market. “Our approach ensures that customers can strengthen their overall security posture, not only by deploying secure products but by benefitting from HID’s commitment to the highest industry standards,” says Commander. HID holds multiple globally recognised certifications, including ISO 27001, ISO 14298, SOC Type 2 and CSA STAR, which demonstrate their robust information security and cloud security practices. In addition, HID’s SEOS® secure chipset is independently SEAL-certified, providing one of the most advanced levels of protection available on the market today. “Ultimately, this means organisations are not just purchasing isolated secure products; they are implementing solutions developed and delivered within a comprehensive, cybersecure framework,” says Commander. “When deployed according to best practices, HID solutions enable customers to achieve the highest levels of resilience against evolving physical and cyber threats.” Developing green and sustainable solutions A huge amount of waste is generated from the manufacture of plastic RFID access cards Digital credentials align with the sustainable solutions that everyone wants. A huge amount of waste is generated from the manufacture of plastic RFID access cards. Over 550 million access cards are sold annually. This creates 2,700 tons of plastic waste and 11,400 tons of carbon, based on a PVC card weighing 5 grams.  Therefore, digital credentials self-evidently reduce the reliance on plastic cards (helping reduce carbon emissions by up to 75% according to HID’s research), while leveraging access control system data supports energy optimisation by shutting down or reducing systems in unused spaces. Energy use and CO₂ emissions can be cut dramatically, showing how access systems can contribute to sustainability goals and green building certification. What is the latest in smart buildings? Smart buildings increasingly rely on mobile access control as the backbone for digital services. Real-time access data enables new services such as automated room bookings, HVAC control, lift/elevator calling, e-bike hiring, and so on. Smart buildings increasingly rely on mobile access control as the backbone for digital services The financial upside is clear; smart, digitally transformed buildings can deliver around 8% higher yields per square foot versus traditional office space. Operational savings accrue from reduced administration, the removal of card production and shipping, and lighter IT support. This creates a value cycle — better experiences drive adoption, adoption fuels monetisation, and monetisation funds further improvements. Achieving technology impact in the real world One standout project is One Bangkok – a $3.9 billion mixed used development in Thailand – which demonstrates the scale of what can be achieved when access control data is used for optimisation, particularly when it comes to monitoring facilities usage and occupier behaviours. By switching lights off or lowering the temperature in unused rooms, for example, the One Bangkok building demonstrates this potential with a 22% reduction in energy consumption, saving 17,000 MWh and 9,000 tons of CO₂ annually.  Sustainability is a key factor in contributing to how properties are valued. And sustainability extends far beyond digital credentials having a lower environmental impact than plastic cards.  Buildings with recognised sustainability certifications often command rental premiums of around 6%, and three‑quarters of security decision‑makers now consider environmental impact in their procurement assessments.

ISC West 2025 in Las Vegas showcased the latest advancements in security technology, offering security professionals a glimpse into the future of the industry. This year's expo highlighted the growing influence of artificial intelligence (AI), cloud computing, and enhanced integration. The pioneering comprehensive and converged security event attracted nearly 29,000 industry professionals to the Venetian Convention Centre.  Integration into unified platforms Several companies emphasised the importance of cloud-based solutions and the integration of diverse security components into unified platforms. For example, Brivo's Security Suite provides “everything in one platform” – not just access control. Customers only pay for what they use because the system is flexible and scalable from a single door to enterprise level applications. Brivo’s suite includes video, but the system can also tie in with third-party “partners.” Genetec's Security Centre allows for more frequent updates through the cloud. Milestone is undergoing a two-year transition to bring its Xprotect system into the future by incorporating Arcules and Briefcam into a video-as-a service product. Suprema introduced BioStar X, which integrates access control and video analytics into a single platform. AI and mobile credentials  Axis Communications’ Cloud Connect product announced three new partnerships at ISC West 2025 Axis Communications’ Cloud Connect product announced three new partnerships at ISC West – Eagle Eye Networks, SecuriThings, and Wesco. They join the three partners announced during the first year of Axis Cloud Connect – Genetec, Kone (elevators) and Milestone. AI and mobile credentials were still hot topics at ISC West 2025, but the conversation has evolved beyond amazement at the technologies’ capabilities and now centres on more practical aspects. From the theoretical to the practical “AI and mobility are still the ‘flavors de jour,’ but messages are evolving to manifest AI for better outcomes,” says Heather Torrey, General Manager, Commercial Security, Americas, for Honeywell Building Automation. The company has reframed its security portfolio to be very building- and business-focused, continuing to grow and evolve after the recent acquisition of LenelS2. “From the theoretical to the practical, we want customers to be part of the conversation so we can deliver AI that is meaningful to them, focusing on what’s most important,” says Torrey. Under Honeywell’s new ownership structure, “each part of the business can be more focused on customers’ needs,” she says. Honeywell continues its journey around mobile access and credentialing and migrating to cloud solutions. Innovations in Access Control Gallagher’s new Quickswitch access control board simplifies the migration from legacy systems Access control remains a critical component of security systems, and ISC West 2025 showcased several innovations in this area. Acre is releasing “Gallery,” its version of the App Store for access control. DormaKaba is launching the Keyscan KC Series door controller with TCP/IP connectivity and enhanced features. Gallagher’s new Quickswitch access control board simplifies the migration from legacy systems. Johnson Controls highlighted its C-Cure command centre and C-Cure IQ web client, offering a unified approach to access control and video. Hardware integrations for security panels For service provider Alarm.com, hardware products prepare a path to greater customer experiences, says Abe Kinney, Alarm.com’s Director, Product Management, who oversees hardware integrations for security panels, sensors, video, etc., and drives new product development. “We are looking to bridge the physical world to digital world,” he says. “We want to bring an advantage to our dealers that they can bring to customers.” Because Alarm.com’s customers pay a monthly fee, the products must be durable and economical, says Kinney. “It should work with no need for truck rolls.” The importance of longevity and flexibility Products are evaluated based on features, price, and ease of installation Products are evaluated based on features, price, and ease of installation. In particular, longevity is important for the Alarm.com’s pro channel. There is also a growing emphasis on deterrence industrywide. Says Kinney: “We recognise that detection is part of it, but we need to prevent problems from happening in the first place. And the industry is re-evaluating.” When it comes to cloud intelligence, Eagle Eye Networks puts the emphasis on flexibility. They offer AI that can perform anywhere on the system infrastructure, on the camera, on their on-site bridge device, or in the cloud. They support their own AI and also any AI product from a third party. “We focus on what customers want from the data AI detects,” says Hans Kahler, Eagle Eye Networks’ Chief Operating Officer. Integration with other systems A timely alert from gun detection could save a life, but AI can also generate information that might be used and analysed later, such as point-of-sale information, dwell time, foot traffic, etc. “What people want is the ability to work with the data for business intelligence,” says Kahler. Integration with other systems provides new opportunities for customers: For example, a licence plate reader at a restaurant drive-thru could trigger customisation of the menu board digital signage based on the customer’s previous buying pattern. Relentless Innovation Assa Abloy handles more than 40 million SKUs for all its various brands, faked in 28 factories in the US Assa Abloy handles more than 40 million stock keeping units (SKUs) for all its various brands manufactured in 28 factories in the United States. Merely complying with regulations such as the “Buy American Act” is a monumental effort considering the massive product line, attendees heard at Assa Abloy’s Annual ISC West Breakfast focusing on compliance challenges in the security market. Meanwhile, back at the trade show booth, Assa Abloy focused on “relentless innovation” in every corner of its product line. Assa Abloy’s message: Innovation in security does not have to be about AI or automation. In fact, inventive approaches to products come in all shapes and sizes and at every level of the product portfolio, and innovation is happening faster than ever. For example, the Safebolt product from Securitech, a brand recently acquired by Assa Abloy, can quickly lock down existing doors with the press of a red button on a cylindrical or mortise lock. Temporary Systems to Secure Events Securing events is the focus of Allied Universal's Unified Command Solutions, which specialises in setting up temporary security systems for conventions, trade shows, festivals, construction sites, parades, and other events. They can add technology to situations where previously mostly security officers were used, providing safety/security and enabling more efficient event operation.  “We can put cameras anywhere, whether they need power or not, use cell service or WiFi, a localised network or the internet, or whatever,” says Andrew LaMadrid, VP, Sales for Allied Universal's Unified Command Solutions. Event operation and management IDIS came to ISC West looking to leverage new products that they did not promote in the past The focus is on easy implementation, flexibility, and fast setup and removal. “We look for a solution to solve each customer’s pain points,” says LaMadrid. They specialise in setting up and deploying surveillance cameras for safety/security and for event operation and management. Mobile surveillance is a relatively new “piece of our puzzle” when it comes to protecting high-profile events. “People are excited about what we can offer that’s new,” says LaMadrid. Unified Command Solutions has been around for about 12 years and was acquired by Allied Universal last summer. IDIS came to ISC West looking to leverage new products that they did not promote in the past, and visitors were very interested in those solutions, says Scott Switzer, IDIS CEO. “The progression of our product line has been tremendous,” he says. Last year, the IDIS booth offered only basic analytics, but this year they had 30 different advanced analytics including gun and aggression detection using the advanced solution “IDIS Vaidio AI.”  What Makes You Different? The most common question IDIS hears at their trade show booth is: “What makes you different?” The answer: They offer an end-to-end solution, including cameras; they manage, control, design from end-to-end; and there is no need for multiple integrations. The time needed to install an IDIS system is significantly less because of the simplicity. “We have customers we have supported and grown together for over 20 years,” says Switzer. The company previously deployed IDIS cameras under the Costar brand before the Korean IDIS brand was introduced into the U.S. (IDIS purchased Costar and changed the name to IDIS America.) “This has been a tremendous show for us; we are looking to build our momentum and let more people know about IDIS,” says Switzer. Managing real AI at the edge The depth of their metadata enables new applications, whether for security or business operations Based in Prague, Czech Republic, and with U.S. offices in Pennsylvania, FF Group provides licence plate recognition for harsh environments. Using Axis cameras, they offer “managed real AI at the edge,” selling through a nationwide distributed network, says Alex Osypov, CEO and Founder of FF Group. Markets include parking lots, cities/municipalities, police, government, water systems, etc. The depth of their metadata enables new applications, whether for security or business operations. They are looking to combine and correlate data including LIDAR, RADAR, etc. to exploit the advantages of “data fusion.” Osypov says: “The market is growing because we are involving other adjacent markets.” Unified platforms and advanced tools Several companies are focusing on enhancing security operations centres (SOCs) by providing unified platforms and advanced tools. Axon’s Fusus system “layers” onto existing infrastructure, tying together various sensors into a single interface for real-time monitoring and information sharing. Increasingly, enterprises have invested in a lot of technologies – ac, video, asset trackers – but none of it talks together. Fusus ties all the systems together so that operators no longer have to look at 10 different screens. Rather, there is a “single pane of glass” that shows everything and facilitates sharing of information with law enforcement.  Motorola also showcased its Security Operations Centre, which integrates hardware, software, smart sensors, communication radios, and broadband devices to streamline incident management.

Physical security technologies are a prominent tool used by correctional facilities to provide a safe, secure, and controlled environment for staff, inmates, and the wider community. Among several functions, security technologies are used to prevent unauthorised access, to detect contraband, to monitor inmate movements and activities, and to protect staff. For security technology manufacturers, integrators and consultants, the corrections market presents distinctive challenges. We asked our Expert Panel Roundtable: What are the unique aspects of the corrections market, and how should the physical security industry adapt?

Cyware, the pioneer in AI-powered threat intelligence management, secure threat sharing and collaboration, as well as hyper-orchestration and security automation, announced the launch of a new Cyware Quarterback AI solution delivering an AI Fabric to uniquely address security use cases. Cyware Quarterback AI was initially launched as a Co-pilot chat assistant in March 2024. Since that first release the AI market has evolved significantly and Cyware’s AI strategy and innovation has evolved as well. Various AI methods In July of this year, Cyware MCP Server was released. Now, Cyware Quarterback AI receives a major upgrade, described as an AI Fabric that weaves together a set of Generative, Agentic and In-Product AI capabilities designed to accelerate threat intelligence and security operations workflows. Built to augment security workflows, these capabilities apply various AI methods to drive unified threat intelligence, accelerating threat intel operationalisation, simplifying security automation, and enhancing analyst productivity and efficiency. AI Fabric approach “Paramount to Cyware’s direction is our customers’ success, and we are excited to be able to ease the practitioner’s day-to-day operations and accelerate their workflows with an AI Fabric approach,” said Sachin Jade, CPO of Cyware. He adds, “Our latest innovations in Cyware Quarterback AI tackle complex playbook creation, manual threat data collection, disconnected threat context, and delayed threat detection and response with the best AI methods available.” Largest threat intelligence and security operations teams As AI continues to reshape cybersecurity, its adoption brings both excitement and hesitation. In working with some of the largest threat intelligence and security operations teams, Cyware has identified where AI delivers tangible value and through its AI Fabric has embedded AI in workflows driving practical outcomes. “The advancements in AI this year have made it clear that agentic AI and its real-world application are the future of cybersecurity. We will continue to invest in that direction so our customers can respond faster, act smarter, and stay ahead of emerging threats,” said Akshat Jain, Co-Founder and CTO of Cyware.  Cyware’s AI Fabric capabilities The AI Fabric approach evolves Cyware’s unified threat intelligence management by embedding AI into security products and workflows. Unlike many AI add-ons that sit outside core operations, this integrated design brings intelligence to every stage of the threat intelligence lifecycle, from ingestion to action, helping analysts move faster and security teams scale more effectively. Key Cyware Quarterback AI features include: Playbook Builder Agent: AI agent that simplifies playbook creation for analysts through an intuitive, LLM-assisted interface that generates workflows from natural language descriptions. Custom Code Generator: AI agent that automatically generates custom code blocks for playbooks from natural language prompts, eliminating the need for advanced coding expertise.  Playbook Runlog Debugger: AI agent that assists in debugging failed playbook run logs by identifying root causes and providing step-by-step remediation guidance, simplifying and accelerating troubleshooting by analysts. Threat Summarisation: Generates instant summaries of threat intelligence reports and related objects (e.g., IOCs, malware), helping analysts cut through lengthy descriptions and avoid alert fatigue.  Advanced Threat Intel Crawler (Browser Plugin): Transforms threat intelligence from websites into structured, enriched data in real time, saving analysts time from manual scraping of threat data.  The collective capabilities expand Cyware Quarterback AI’s footprint driving AI-powered security operations where automation and intelligence work hand-in-hand to support security teams at every stage.

AuditBoard, the pioneering AI-powered global platform for connected risk, announced the findings of its 2026 Focus on the Future report, revealing the internal audit profession is navigating an environment of hyper volatility defined by accelerating, interconnected risks. The survey of 213 global internal audit pioneers shows the profession is being challenged by three converging forces: persistently tight resources, the rise of AI, and a demand for role redefinition. Overcome resource limitations The report highlights that internal auditors must overcome resource limitations by leveraging AI as a capacity multiplier, while simultaneously upskilling their teams to provide greater value.  This is the only way the function can thrive in this next-generation environment.  Key findings: converging pressures on the internal audit profession The survey identifies a dangerous gap between aspiration and capability, driven by these core challenges: AI readiness lags execution: Only 39 per cent of internal audit pioneers say AI will significantly transform the profession within five years. At the same time, readiness to provide assurance over AI lags behind adoption. Only 28 per cent of pioneers express confidence in their teams’ ability to effectively audit AI risks, and 63 per cent of organisations have not yet defined a formal risk appetite or governance framework for AI use, leaving internal auditors with little structure for oversight. The resource paradox: Internal audit continues to face expanding responsibilities with stagnant or shrinking budgets. 43 per cent of respondents reported no change in their 2025 budgets compared to 2024, and 18 per cent reported reductions. Staffing levels followed a similar pattern, with 57 per cent maintaining flat full-time headcounts despite expanding mandates. The identity crisis persists: Over half of the respondents aspire to be recognised as trusted advisors, yet fewer than a quarter currently feel their departments are perceived in this way. This is a critical vulnerability, as functions viewed purely as compliance enforcers risk being rendered irrelevant by automation. Keeping a competitive edge While AI can enhance efficiency, it cannot replicate the unique qualities that distinguish outstanding auditors. The survey identified the top skills differentiating auditors in 2026 and beyond: Professional scepticism and inquisitiveness Relationship-building and communication Ethical judgment Critical thinking Risk for the future of the profession Richard Chambers, Senior Advisor, Risk and Audit, AuditBoard, said: "Internal audit stands at a tipping point. The pressures outlined in the report create unprecedented risk for the future of the profession." He adds, "To thrive amid hyper volatility, internal auditors should utilise AI to automate routine tasks, freeing up teams to focus on more specialised tasks and move beyond merely reporting what is happening to become the foresight-driven strategic partners the business needs."

Oculeus, a major provider of innovative software solutions for telecommunications service providers, announced that the company has deployed its Captura NG solution for ONATi, the incumbent telecommunications service provider in French Polynesia.  ONATi provides national and international fixed line, mobile, wholesale transit and broadband services. The company provides its communications services under the VINI brand across the entire territory of French Polynesia, deploying advanced technologies to support high quality service delivery to 75 geographically dispersed islands. ONATi is a subsidiary of Office des Postes et Télécommunications de Polynésie Française (OPT), the state-owned organisation responsible for the country’s postal and communications infrastructure and services. Captura NG ONATi has migrated the management of its interconnect voice traffic and national and international partner management to the Captura NG solution from Oculeus. Captura NG provides ONATi with a single, converged platform to manage all interconnect billing, settlement and routing optimisation activities. The platform utilises advanced tools and automated processes for ONATi to achieve improved cost and revenue assurance for its interconnect business, while providing real-time reporting intelligence. AI-powered features The functionality of Captura NG includes AI-powered features to assist in critical operational tasks, such as the ingestion of partner pricing offers, and significantly reduces the risk of manual errors and billing disputes with partners. For this, Captura NG streamlines workflow processes through an integrated email portal for the direct publication of price and code offers and the automated exchange of interconnect invoices. The routing optimisation features further enable ONATi to maximise its margins, by delivering its outbound international voice traffic according to a controllable blend of lowest supplier cost backed by quality guarantees. Ttechnology partner “We are pleased to confirm Oculeus as our selected technology partner to further modernise our interconnect operations,” stated Olivier Chungue, Head of International Development at ONATi. “The deployment of Captura NG has been a critical project for ONATi and will directly support our commitments to delivering excellence in both national and international voice activities.”  “We are excited to welcome ONATi as another new Captura NG customer and pleased with the immediate impact our solution is having on ONATi’s interconnect business,” said Arnd Baranowski, CEO at Oculeus. “ONATi joins our community of more than 60 live customers benefitting from the advanced technologies of our latest NG version of Captura.” 

Rapid7, a pioneer in threat detection and exposure management, has released its Q3 2025 Threat Landscape Report, revealing how threat actors are accelerating the race between vulnerability disclosure and exploitation, consolidating ransomware power structures, and increasingly weaponising artificial intelligence to evade detection.  The report draws from Rapid7’s Intelligence Hub, AttackerKB, incident response, and managed detection and response (MDR) telemetry, offering data-driven insight into how adversaries are evolving and how defenders can adapt. “Ransomware has evolved significantly beyond its early days to become a calculated strategy that destabilises industries,” said Raj Samani, Chief Scientist at Rapid7. “In addition, the groups themselves are operating like shadow corporations. They merge infrastructure, tactics, and PR strategies to project dominance and erode trust faster than ever.” Critical vulnerability exploitation Rapid7’s quarterly analysis shows that the total number of newly exploited vulnerabilities trended downward, dropping 21% from Q2 to Q3. However, adversaries doubled down on older, unpatched weaknesses, including CVEs more than a decade old, indicating that historic exposures remain potent attack vectors. The mass exploitation of critical vulnerabilities in Microsoft SharePoint (CVE-2025-53770) and Cisco ASA/FTD products underscores the narrowing window between patch disclosure and in-the-wild attacks. “The moment a vulnerability is disclosed, it becomes a bullet in the attacker’s arsenal,” said Christiaan Beek, Senior Director of Threat Intelligence and Analytics at Rapid7, adding “Attackers are no longer waiting. Instead, they’re weaponising vulnerabilities in real time and turning every disclosure into an opportunity for exploitation. Organisations must now assume that exploitation begins the moment a vulnerability is made public and act accordingly.” Ransomware activity spikes The quarter also saw 88 active ransomware groups, up from 65 in Q2 and 76 in Q1, signalling an increase in activity as well as underscoring these groups’ fluidity. Groups like Qilin, SafePay, and WorldLeaks led a wave of alliances targetting industries like business services, manufacturing, and healthcare, and experimenting with fileless operations, single-extortion data leaks, and affiliate service offerings, such as ransom negotiation assistance, where a more senior member of the group partners with a less experienced player to extort the victim. Generative AI The report details how generative AI is lowering the barrier for creating convincing phishing campaigns and enabling adaptive malware, such as LAMEHUG, which can dynamically generate new commands. Meanwhile, nation-state operators from Russia, China, and Iran refine their tactics, blurring the line between espionage and disruption by targetting supply chains and identity systems with an emphasis on stealth and persistence.

Stratas is a UK-based specialist in document automation, finance automation, and intelligent document processing (IDP). Its solutions help organisations automate processes underpinned by documents and improve control across finance and operations.   Stratas needed a new, secure, and scalable data storage solution after notification that its remote storage provider planned to discontinue services. Richard Webb, the company’s Professional Services Technical Consultant, explains: “We weren’t confident that the physical servers were being properly maintained. Our provider was using older machines and running Windows Server 2012, which presented us with reliability and security challenges. If we had continued with our arrangement, things would have had to change.”    Solution   After considering several options, Richard and his team selected Node4’s Virtual Data Centre (VDC) offering – the company’s managed, hosted Infrastructure as a Service platform. As the first step in deployment, Node4 set up a bespoke landing zone to assist Richard with data migration from his organisation’s legacy servers. Node4 also configured VDC access via a secure, high-speed VPN. Public cloud solution “We told Node4 from the outset that we wanted a managed, hosted environment. We’re a lean business with no physical premises and didn’t want the overheads and complications of managing physical servers,” Richard comments. “On paper, a public cloud solution might have seemed logical. But we run several niche applications with specialised workflow and process requirements. Node4’s VDC was a better fit – we got the scalability and flexibility of public cloud without the complexity and administration headaches. But we also benefit from Node4’s support and expertise. It’s the best of both worlds.” Node4’s data centre  “We also wanted our data to remain in the UK on servers owned by a UK company,” he acknowledges. “That’s important for GDPR compliance and data sovereignty." "It was also a bonus that Node4’s data centre is just down the road from us, so we’re hyperlocal, I guess. It all adds to the feeling that we’re not dealing with some faceless conglomerate – that there are real people on hand with a genuine interest in helping our business to thrive.”     Results   Stress-free migration   With the landing zone operational and VPN connectivity established, Richard and his team began migrating applications and clients to their new Virtual Data Centre. “Clients using our invoicing and accounting service can’t be offline for a long time – especially around month-end. So, although it was slower for us, we migrated one customer at a time at a rate of about five per week,” he explains. “Node4’s landing zone also allowed us to test migrations to ensure everything worked as expected before going live. This kept downtime to an absolute minimum and reduced many of the risks associated with migration to hosted environments.”    Enhanced backup, recovery and resiliency    Richard and his team immediately benefited from switching to Node4’s virtual data centre. “Our previous provider offered only basic backups, and their infrastructure lacked resiliency,” he recalls. “We could start work on a Monday and, without any prior warning, find half our servers were down. Switching to Node4’s virtual data centre with modern, resilient servers – alongside built-in comprehensive backup and disaster recovery – improved our day-to-day operations and customer experience right from the outset.”   Richard admits that the connectivity and reliability improvements far exceeded anything he’d hoped for. “It’s amazing! Even basics like logging in are easier. On our old system, it would take several attempts, and there was always a chance you’d get kicked out after a couple of hours. Getting online first time probably saves each of us around ten minutes a day. That may not sound much, but it quickly adds up as the weeks and months go by.”    Advanced, integrated security    Richard also notes that the VDC offers a range of security benefits, including firewall defences, DDoS protection and secured instances. “We’re planning to introduce multi-factor authentication to access our VPN. It’s a vital identity management tool for all businesses,” he comments. “But especially ones like ours with a 100% remote workforce.”   Consumption-based model: Pay for used compute, network and storage    Richard is also keen to highlight the advantages of a consumption-based model. “The VDC is fully self-service. We can adjust compute, network, storage, and services on demand with just a few clicks – giving us complete control over our environment and costs." "This is important right now and also helps us plan ahead; for example, we can now see a pathway to rolling out AI and advanced automation in the coming years.”    Transparent pricing    “I like the fact that VDC pricing is transparent,” Richard admits. “We did our due diligence and looked at a few other companies. Their project and operational costs seemed lower. But there were lots of gotchas – like fixed data charges and data limits – hidden in the small print. So, when we weighed it all up, Node4, with its consumption-based pricing, was far better value and a much better organisational fit.”    He concludes: “What does that mean on a day-to-day basis? Currently, we’ve scaled requirements as we’re carrying out some server consolidation work. But all that extra capacity is still there for us. And while we’re waiting, we’re not being charged for it. That’s a huge benefit. It helps us remain competitive and responsive to changing market and economic conditions.”

3xLOGIC, Inc., a major provider of integrated, intelligent security solutions, and a three-time Deloitte Technology Fast 500 winner, announced that Panda Restaurant Group, Inc. (parent of Panda Express, Panda Inn, and Hibachi-San) has completed deployment of 3xLOGIC’s VIGIL Trends Business Intelligence software to all of its North American locations.  Interface Security Systems, headquartered in St. Louis, Missouri, is the integrator and overall project manager for this ambitious endeavour. Largest family-owned restaurant Panda Express is the largest family-owned restaurant in America, with more than 2,000 stores globally, 35,000 associates and $3 billion in sales. Since it was established in 1983, Panda has steadily grown with roughly 125 stores opening each year. Privately owned and operated, the restaurant is guided by the core values of its co-founders and co-CEO, Andrew and Peggy Cherng and is dedicated to developing its team members and giving back to the community. Business intelligence solutions “As an industry leader, Panda Express’s culture sets an expectation of best-in-class results,” explained Lyle Forcum, executive director of asset protection at Panda Express. “Accordingly, we needed a state-of-the-art business intelligence solution to provide us with truly actionable information. Intelligence we can act on is central to Panda’s business strategy, which focuses on meeting high standards through continuous operational improvement.” Starting in August 2017, 3xLOGIC and Interface Systems worked with Panda Express to customise Trends to meet the company’s unique, comprehensive needs. Interface began system deployment in QI 2018 with the first location going live in March 2018. Presently, Trends is deployed at 1,960 locations and has been integrated with existing Interface video surveillance and alarm systems. Tracking and improving operations “It was impressive that we were able to integrate Trends so seamlessly with existing intrusion and video systems,” said Sean Foley, senior vice president of national accounts at Interface Systems, “and the entire solution was rolled out without a single technician visiting any store.” Unlike many retail BI implementations, the focus at Panda Restaurant Group is not solely on retail loss prevention, but also on tracking and improving all operations at every store. Here are some of the key elements of store operations that Trends enables Panda to monitor, track, and improve: People Development: To set its people up for success, store managers are able to review all transactional behaviour and address opportunity areas with employees within two days. Comparing Store Performance: The store managers’ Trends dashboard shows very clearly how the restaurant is performing compared to other stores in the region and to their prior month’s performance. Optimising Store Efficiency: Trends visually displays how many people are working per hour, what job they are facilitating, and the revenue generated per hour. Monitoring Intrusion Data: Trends provides intrusion data, which shows in a very simple display when stores are opened and closed, deliveries are made, cleaning is done, and whether the store is being remotely armed and disarmed. Tracking Cash: Panda Express can track currency, how much is in the safe and when it was last counted, as well as petty cash spend along with scanned receipts for purchases. Custom Dashboards: The system provides an array of dashboards for all levels in the organisation that give an at-a-glance or drilled-down overview of an employee’s priorities and responsibilities. “At Panda, safety and loss prevention are key priorities in executing great operations,” said Lyle Forcum, executive director of asset protection at Panda Express. “We worked with 3xLOGIC and Interface for over a year to implement a highly-customised solution to meet these priorities. Now, we have a cutting-edge tool deployed across the entire enterprise that we can all be proud of.”

When major fire and security specialists Cornerstone were appointed to deliver the life safety systems for the refurbishment of 77 Grosvenor Street, they faced a unique challenge.   Located in the heart of London’s Mayfair district, the prestigious building features classical architecture and over 50,000 square feet of premium open-plan office space spread across six floors. The goal was to upgrade the fire protection without compromising the building’s refined aesthetics. The client, a major property management company, required a solution that was robust, reliable and unobtrusive. Working closely with the design and construction teams, Cornerstone turned to Hochiki Europe, a long-standing partner known for dependable systems that blend seamlessly into high-end environments. Latitude fire detection and alarm control system At the core of the installation is the Latitude fire detection and alarm control system. Chosen for its powerful cause and effect programming, flexible networking and modular scalability, Latitude was well suited to the demands of a multi-level heritage building. Its ability to support complex configurations made it ideal for a site where multiple zones, floors and room functions needed to be managed with precision. To deliver complete protection across the site, Cornerstone selected a combination of Hochiki's Enhanced System Protocol (ESP) addressable devices and the FIRElink aspirating detection system. The FIRElink system is adaptable to a broad range of environments and applications. ESP detectors From small, to very large areas, the system is particularly useful in protecting computer rooms or data centres but can be designed to fit almost any environment.  ESP detectors offer high performance with a minimal visual footprint, ideal for preserving the character of the restored interiors. In areas requiring an even more discreet solution, such as decorative ceilings or high airflow zones, FIRElink was installed using capillary sampling pipes hidden within the building’s structure. One of the key advantages of the Latitude platform is its ability to interface with wider building management systems (BMS). At Grosvenor Street, this opens the door to centralised monitoring and control of fire safety in conjunction with other building systems. Open integration Latitude’s open integration options mean it can share status updates and alarm events in real time with the BMS, enabling facilities teams to coordinate responses quickly and efficiently. For a high-spec office environment, this not only improves safety outcomes but also supports smoother day-to-day operation and building performance. Patrick Anthony, Project Manager at Cornerstone, explained the decision: “We have a trusted relationship with the Hochiki team. Their systems and devices are reliable, help reduce false alarms and are designed to aesthetically fade into the background, exactly what this project needed and delivers complete peace of mind for the management team.” The site at Grosvenor Street is now protected by a fully integrated, future proof life safety system that meets modern building safety standards while maintaining the building’s elegance.

With a capacity of 66,500 spectators, the MERKUR SPIEL-ARENA is the largest multi-purpose venue in Düsseldorf and home to the city’s main football team, Fortuna. Regular and constantly changing major events, both matches and concerts, present an ever-evolving security and access challenge. Stadium managers D.LIVE sought a secure, reliable replacement for their mechanical master key system; comprehensive, flexible security which would no longer create the problems and inconvenience of mechanical keys. Digital locking system Due to frequently changing event formats and service providers, keys were often lost, causing considerable administrative work and financial expense. Due to the large number and size of the areas to be secured, it became clear that only a digital locking system would combine the required performance features in a convenient solution. Another critical requirement was for robust devices which did not protrude from doors: football and music events can sometimes be a little rough. The technology installed needed to be tough and reliable enough to withstand the odd kick. Key requirements for the new system Finally, the solution would also need to simplify the management and rental of multiple private spaces inside the building, including the Promenade, Merkur Business Club and boxes in the east wing. These offer additional space for a total of almost 7,000 people for meetings, press conferences or product presentations. One of the key requirements for the new system was therefore the ability to grant and revoke access authorisations individually, especially for external event organisers and operators. Innovative key-based digital access Based on these requirements and their experience with other local venues, D.LIVE chose the eCLIQ programmable-key locking solution, part of a suite of Digital Access Solutions from ASSA ABLOY, which scores highly on security, reliability and convenience. Their new eCLIQ key-operated digital access solution has approximately 2,500 wireless cylinders; around 1,150 programmable eCLIQ Connect keys have been issued. With this solution, every authorised keyholder carries their own eCLIQ key which can be programmed with tailored access authorisations. For added security, access rights can be individually revoked at any time and lost keys can be blocked. Convenient management of contractor access “One of the reasons we chose eCLIQ Connect keys was to enable us to grant or revoke authorisations to external organisers and operators via Bluetooth in a rapid and user-friendly way,” says Lukas Angenendt, VEFK & Project Manager Electrical Engineering, D.LIVE. Powerful, intuitive software makes it easy for stadium managers to issue temporary authorisations for contractors, cleaning staff and external event service providers, which streamlines site maintenance and management. As an additional layer of security, their eCLIQ Connect keys have to be validated on site by entering a PIN code in the smartphone app. Digital security enhancements In addition to the digital security enhancements, eCLIQ’s high degree of flexibility was another big plus: eCLIQ is convenient to handle and program as, for example, the power supply and communication with each cylinder take place via the battery-powered key. There’s no need to visit every door or device to replace its battery. No wiring is required for the very low-maintenance cylinder which is fitted flush to the door and thus offers no attack surface for vandalism. Cable-free installation was also simpler and quicker: only two weeks, when no events were taking place in the stadium, were available for the conversion of all doors.