In light of the current situation, what is the level of threat that operators of critical infrastructure face, and are other companies affected as well?

Torsten Hiermann: “The threat situation has changed in recent months and has increased significantly. At the end of september, chancellor Friedrich Merz summed it up: “We are not at war, but we are no longer at peace either.” Malicious manipulation is no longer a marginal phenomenon but rather a strategic method of disrupting economic, political, and social processes. The office for the protection of the constitution and the federal office for civil protection define this approach as deliberately impairing or destroying structures to weaken or influence them. This is not just about “classic” attacks on buildings, but also subtle attacks, such as disruptions to supply chains, targeted espionage, manipulation of public perception, and spreading uncertainty to influence political decision-making or encourage anti-state attitudes.

Therefore, the perpetrator landscape is broad. According to police statistics, left-wing extremist groups in particular tend to carry out attacks on infrastructure and provide instructions on how to build incendiary devices online. We also see state actors working through “proxies,” or recruited helpers who appear inconspicuous at first but are actually pursuing foreign interests. We must also not underestimate the danger from within. Employees who are frustrated or feel unfairly treated can become saboteurs.

Additionally, we are now dealing with hybrid threats. These attacks are not only physical, such as cutting a cable or attacking a transformer station, but also combine cyberattacks, social engineering, and classic physical attacks. Perpetrators intercept data, manipulate processes, or use social media to obtain information. That’s why I say the protection of objects doesn’t end at the fence.

You mentioned the importance of information. Could you elaborate on that?

Torsten Hiermann: Many people underestimate how valuable publicly available information is to a potential attacker. Social media profiles often reveal interesting information: For example, LinkedIn profiles often reveal not only where someone works, but also the projects and technologies they are involved in. This information is an excellent recruitment and evaluation tool for external services. The fact that Google Earth can be used to evaluate the initial vulnerabilities of a location is nothing new.

Added to this is careless handling of internal information. For example: In a critical infrastructure facility, tradespeople and service providers are given a detailed site plan with corresponding facility designations as part of their safety training. This provides potential perpetrators with precise information for planning an attack. This illustrates that protection against saboteurs also requires preventive information protection. What data should I publish? How restrictive should I be when naming contact persons? Is there a social media policy? How do I educate employees so they understand they are part of the security chain?

Drones have recently come into focus as a security risk. How do you see the role of airspace in the overall concept?

Torsten Hiermann: The threat posed by drones has reached a new dimension. They can film, collect reconnaissance data—for example, on processes or response times—record digital signatures, and transport objects and “weapons,” which they can drop. The war in Ukraine has shown how rapidly technology and its applications are advancing.

Nevertheless, I advocate a differentiated approach. Not every company needs to invest in expensive anti-drone systems right away. The key factor is risk analysis. A “normal” production facility without drones poses a lower risk than an energy supplier, chemical plant, airport, or military property, for example. In particular, KRITIS operators must now “take airspace into account” in their security concepts.

Remember that drones often complete their task before being detected. Therefore, the key questions are: How do we detect drones, and how do we respond to them? Rather, the security concept must be thought out from the perspective of the perpetrator. What information will a drone be able to see and access? How can that be prevented “on the ground”?

What specific countermeasures do you recommend in terms of organization and technology?

Torsten Hiermann: It’s about a holistic approach. First, the organizational side: prohibitions on filming and photography on company premises, employee training, and checking vehicles and people for items they are carrying. Access controls must also be reliable and effective. Depending on the level of protection, this may involve biometric procedures. In short, if I don’t check at the gate to see if a service provider is bringing in something undesirable, I don’t need to worry about drones above.

Technically, we have a wide range of options, including perimeter sensors, video surveillance, motion detectors, and tamper-proof devices. Drone detection systems can also be useful. In critical areas, active defense measures, such as jammers or interceptor drones, may be considered. At the same time, however, it’s important to consider resilience, such as redundant power supplies, emergency generators, and secure supply chains. Business continuity is always part of overall protection!

What role does integrated alarm and security management play in this context?

Torsten Hiermann: A crucial one. We can introduce as many individual measures as we like, but if they are not integrated, we will end up with a patchwork again. To create an effective 360-degree security concept, all vectors must be taken into account.

Does that mean that, in the future, all companies—not just KRITIS operators—will have to address attacks more intensively?

Torsten Hiermann: It depends on the risk analysis and the level of protection. A medium-sized mechanical engineering company may not face the same threats as a network operator. However, they can still be crippled by physical or IT attacks. Just think of cyberattacks, disrupted supply chains, or power outages. Production at the Tesla Gigafactory was crippled not by a highly complex operation but by a simple arson attack on a supply line. So, the question is, “How vulnerable am I?” How resilient are my processes? Have I taken precautions to remain operational in the event of an attack or minimize damage?

This is precisely why business continuity is important. Comprehensive protection is about more than just defense; it’s also about preparation. It requires companies to consider not only the physical perimeter but also information protection, social engineering, IT security, and airspace.

Physical breaches are one of the most underestimated — yet potentially devastating — threats to modern organizations. It’s hard to predict, often strikes without warning, and can leave lasting damage. While cyberattacks like ransomware or phishing dominate the headlines, physical disruptions often go unnoticed. Yet the real danger lies in their combination: digital and physical attacks are increasingly intertwined.

In this expert interview, Björn Hawlitschka from MACONIA GmbH shares what businesses need to know now — and how to build real resilience against hybrid threats.

Mr. Hawlitschka, what types of digital or physical interference are most common today?

Björn Hawlitschka: According to the German digital industry association Bitkom, digital attacks have significantly increased in recent years. Ransomware, phishing, targeted malware infections, and other forms of cybercrime are often much easier for attackers to carry out than physical attacks. They don’t require physical presence, can be controlled remotely and anonymously, and usually involve lower risk. The rise of remote work and the growing connectivity of critical systems have accelerated this trend.
But that doesn’t mean physical disruption is losing relevance – quite the opposite. Although less frequent, physical attacks often have more far-reaching consequences, especially when critical infrastructure is involved. A recent example is the suspected left-wing extremist arson attack on the Tesla factory in Grünheide, which severely impacted the regional power supply.

Why is the combination of digital and physical threats particularly dangerous?

Björn Hawlitschka: Combined digital and physical attack strategies represent a particularly complex and challenging risk scenario. The digital component can be used for reconnaissance – reading building plans, disabling alarm systems, or manipulating access control. These vulnerabilities pave the way for targeted physical attacks that cause real damage. A cyberattack becomes the entry ticket for a physical assault. Attackers use this synergy to maximize impact and bypass defenses that are often only prepared for one type of threat.

Which internal weaknesses make companies vulnerable to targeted disruptions?

Björn Hawlitschka: One of the biggest weak points is one-sided focus – either on IT security or on physical protection. A company that installs firewalls and antivirus tools but has no access control system is just as vulnerable as one that does the opposite.
Often, basic organizational structures are missing – like a functioning crisis response team or clearly defined emergency processes. These gaps make it easy for attackers to create chaos through targeted actions. A lack of clearly communicated reporting channels and responsibilities also hinders effective responses to suspicious incidents. In the end, it’s the fragmentation of security structures that leaves many organizations exposed.

How can the human factor be strengthened to prevent targeted interference?

Björn Hawlitschka: Despite all the technology, people remain one of the biggest vulnerabilities – but also one of the strongest lines of defense when empowered correctly. What’s crucial is a lived security culture: Employees need to know how to act, what the risks are, and who to report to in case of suspicion. Real protection emerges only when basic awareness is integrated into everyday behavior – when it becomes second nature to challenge strangers in the hallway or to lock screens when leaving desks unattended. It’s also essential that awareness programs don’t just focus on IT. Physical aspects – like visitor protocols, USB port controls, or screen filters in sensitive areas – need to be trained and communicated just as regularly. Technical tools like video surveillance or access control systems are important – but without employee vigilance, they’re not enough.

How does today’s geopolitical climate influence the risk of targeted disruption?

Björn Hawlitschka: The current global political climate is significantly increasing the risk of targeted interference. The Russian invasion of Ukraine marked a new level of hybrid conflict, in which Western infrastructure has become a clear target – whether via state-sponsored hacking groups like APT28 or covert operatives on the ground. What’s striking is the rise of “low-level agents”: not trained spies, but individuals acting on orders to carry out simple but effective attacks.
Tensions with China could also drive an increase in industrial espionage and targeted disruptions, especially if economic isolation or tech sanctions take effect.
We also need to consider domestic threats – environmental activists or radicalized groups can become actors themselves, especially when political frustration grows.

How important is the integration of IT and physical security for comprehensive protection?

Björn Hawlitschka: Effective protection requires integrated strategies combining both digital and physical security. These two areas must be aligned not just technically but also organizationally. Modern security systems should enable centralized and modular management of intrusion detection, access control, video surveillance, and backup power. In hybrid attack scenarios, digital alerts must trigger physical responses – for example, when a perimeter breach is detected, a response team must be dispatched automatically. Without this integration, companies risk falling into dangerous response gaps.

What are best practices for handling suspected security incidents or disruptions within an organization?

Björn Hawlitschka: Companies must establish clear and well-communicated reporting procedures. Employees should know exactly who to contact in case of a suspicious incident – and feel confident that their report will be taken seriously. It’s also smart to build relationships with security authorities, such as national security agencies or cybercrime units, well before an emergency occurs. If targeted disruption is suspected, external specialists like IT forensic experts or corporate security consultants should be brought in early. And when in doubt – for instance, if someone is acting suspiciously or photographing sensitive areas – it’s better to overreact than underreact. A professional and level-headed approach builds trust. Organizations that conduct regular crisis drills, assign dedicated emergency teams, and work with external partners are far better prepared. And let’s be clear: Preparedness costs money – but nowhere near as much as a successful security breach.

Intrusion detection systems are often the first technical component of a security infrastructure, but without an effective alarm management process, they remain limited in their effectiveness. In a fully integrated, 360-degree security approach, it is essential to combine detection, evaluation and response to create a seamless process. This is the only way to avoid fragmented solutions and manage security efficiently.

Torsten Hiermann of CriseConsult explains how intrusion detection can be embedded into an effective alarm management strategy, and why regular alarm drills are a frequently overlooked success factor.

How should effective alarm management be incorporated into a 360-degree security framework, and how can it prevent the development of isolated solutions?

Torsten Hiermann: In military settings, we use the term ‘actionable intelligence’, which means: Information must be reliable and timely enough to be processed and acted upon. In this context: There is no such thing as a 360-degree security approach without functional alarm management. What use is precise detection if the downstream structures don’t work? The process begins with planning a system that aligns with the defined protection level. Only then can the technical components be considered. Most importantly, detection must be linked to predefined actions, whether technical, such as building automation, or organisational, such as deploying security personnel.

What are the most common weaknesses of intrusion detection systems, particularly in critical infrastructure environments?

Torsten Hiermann: The issue rarely lies with the technology itself. The challenge lies in ensuring that detection leads to action, ideally in the form of timely intervention. However, when personnel are required to respond on site, security teams quickly reach their limits. Response times and available manpower are key constraints. Intruders don’t wait. Therefore, their movement patterns must be tracked and relayed in real time to internal responders. Ideally, their movement should also be restricted, for example via lockdowns. This is technically feasible, but requires investment. This brings us back to the point that technical capabilities must be aligned with risk assessments. Let me add this: Alarm management deals with what happens after an incident is detected. However, the ultimate goal should always be to prevent – or at least delay – the incident from happening in the first place.

Can intrusion detection systems actually increase risk, for example by triggering false alarms?

Torsten Hiermann: Even the best systems can be rendered ineffective by poorly coordinated processes. Frequent false alarms can reduce situational awareness. Consider, for instance, a fire alarm that goes off every week – people will eventually stop reacting. Reliability is paramount: if your system triggers unnecessary alarms, the real ones may be overlooked. This undermines the entire subsequent response process.

So, how can modern technologies like AI-based detection improve alarm management?

Torsten Hiermann: We’re seeing rapid technological advances, especially in AI. This is already shaping security systems. Behaviour-based video analytics is one example. Predictive policing is another example. In short, the earlier a threat is detected, even in its early or potential phase, the sooner you can respond or take preventive action. That’s the good news. The bad news is that bad actors are evolving too. Modern technologies are powerful tools. However, they should never replace physical protection, but rather enhance it.

How important is regular testing of alarm procedures (e.g., alarm drills) for the real-world effectiveness of a security concept?

Torsten Hiermann: That’s easy to answer – with Benjamin Franklin: “If you are failing to prepare, you’re preparing to fail.” Special forces train. So do emergency physicians, pilots, security teams, and industrial site operators. Alarm drills are among the easiest exercises to conduct – and yet, if the alarm chain fails as a single point of failure, the entire response process collapses. In short: practice matters.

Few terms are used as frequently – or interpreted as differently – in the security market as ‘system openness’. But what does it really mean when real-world projects begin, public tenders demand integration and five systems suddenly need to communicate with each other?

We spoke to Antoine Evertze, Product Manager at ARAS Security Netherlands and long-standing NOX SYSTEMS partner, about this very issue. The result is a candid discussion about what true integration looks like, where the pitfalls lie, and why you don’t need to integrate everything — just the right things.

Antoine, why is system openness becoming more important in today’s security projects?

Antoine Evertze: Openness isn’t just becoming more important – it’s becoming the standard. Buildings are getting smarter, users are becoming more digital, and IT environments are becoming more complex. No system operates in isolation anymore, whether it’s access control, video surveillance, human resources or fire safety – everything needs to communicate. Not someday, but in real time and in a controllable and auditable way.

To stay relevant, a system needs to fulfil two criteria. First, it must provide a well-documented API with practical use cases, not just abstract documentation. Second, it must be able to adapt flexibly to changing environments using standardised protocols such as OSDP(v2) for access control, ESPA or Modbus, through custom connectors such as SQL or with an API.

We are seeing more and more that customers aren’t buying features anymore – they’re buying integration capability. This determines whether a system can be scaled up for real-world projects or whether it will fail at the interface.

In which projects does NOX really make a difference?

Antoine Evertze: Whenever intrusion and access control need to be unified within a single system, the need for simplicity and consistency becomes obvious – especially in the public sector. No one wants to operate five different systems with five separate interfaces anymore. In a recent government project, we supported the implementation of a solution that not only combined access control and intrusion detection, but also offered a modular, scalable architecture with seamless integrations for video management, elevator systems, and parking management – all controlled from a single platform.
In scenarios like this, fragmented solutions simply aren’t an option.

Which systems do you consider essential for integration today?

Antoine Evertze: In my experience, three areas tend to feature in almost every project: video surveillance, fire alarm systems and identity/user management. When it comes to video, customers expect access and intrusion events to be automatically linked with camera footage. For fire protection, standardised interfaces for evacuation and alert forwarding are essential. When it comes to user management, it is essential that roles, permissions and validity periods can be synchronised from existing systems, such as HR or credential platforms. In short, systems that identify people, track movement or handle critical events must be able to communicate with each other reliably.

So, what is the difference between ‘connecting a system’ and ‘truly integrating it’?

Antoine Evertze: When integration is done right, users don’t even notice it’s happening. Processes run logically, automatically and consistently. No one has to think about which interface to use – it just works. If I have to manually extract or copy data, that’s not integration; that’s extra work. True integration reduces complexity. It doesn’t create new layers.

Thank you, Antoine, for your clear view on what openness really means.

Geopolitics, hybrid threats and vulnerable supply chains have made corporate security more strategic than ever. In this interview, Björn Hawlitschka of MACONIA GmbH provides insight into current threat scenarios and practical recommendations.

Mr Hawlitschka, to what extent are companies more exposed to geopolitical risks today than they were ten years ago?

Björn Hawlitschka: I studied political science and then worked for a long time at the Federal Academy for Security Policy. Even then, we were working with an expanded concept of security in which networking and strategic thinking played a major role. Today we can clearly see that geopolitical risks have become more complex. In the past, companies could afford the luxury of keeping IT and security strictly separate. Conflicts such as the war in Ukraine, the pandemic and supply chain issues have shown us how vulnerable our systems are. It only takes one freighter stuck in the Suez Canal to bring entire production chains to a standstill.

Why are critical infrastructures and companies increasingly being targeted by states or non-state actors?

Björn Hawlitschka: On the one hand, we see classic, economically motivated cybercrime – such as the Darkside attack on the Colonial Pipeline in 2021. On the other hand, politically motivated sabotage is also on the rise. Both are dangerous. It becomes particularly perfidious when attacks take on hybrid forms, combining physical and digital sabotage. The motives range from economic blackmail to the deliberate destabilisation of entire societies.

Which sectors are particularly at risk, and which threat scenarios do you see as most critical at the moment?

Björn Hawlitschka:Traditional industries such as energy, chemicals and technology are of course in the spotlight. But small and medium-sized enterprises or municipal institutions are also vulnerable, for example to ransomware. It is particularly critical if social services can no longer be paid out in the event of such attacks. This undermines trust in government and can exacerbate social tensions.

Do you see a trend towards targeted hybrid threats, i.e. a combination of physical sabotage and cyberattacks?

Björn Hawlitschka: Absolutely. In Ukraine, we have already seen a combination of cyber attacks and physical sabotage in 2015. This type of threat will increase because it is particularly effective.

What basic security measures should companies take to protect themselves against digital threats?

Björn Hawlitschka:A solid risk analysis that maps all business processes is important. This includes a business impact analysis: Which processes are most critical? How long can they be down? And patch management! This sounds banal, but many vulnerabilities arise because available security updates have not been installed. Employee awareness also plays a major role – after all, people are both the biggest vulnerability and the most important resource.

How can physical security measures be effectively integrated with cyber defence strategies?

Björn Hawlitschka: The zero-trust approach is very helpful here – not only in IT, but also physically: don’t blindly trust anyone, even if they are in the building. Awareness has to be trained in all areas. Many companies protect the outer ring very well – but once someone is inside, they can move around freely. That is a risk.

Are there any best practices or specific examples from the corporate world that can serve as models for security strategies?

Björn Hawlitschka:Microsoft’s Zero Trust model is a good example. Or Toyota, which revised its supply chain strategies after Fukushima and is now planning with more redundancy. It is important not just to react, but to learn from crises.

What measures would you recommend to companies that are at the beginning of a professional security strategy?

Björn Hawlitschka: The first step is to know your own processes. If you don’t know what your “castle” looks like, you can’t protect it. Then comes a business impact analysis. And finally, you should carry out realistic emergency exercises. Red team tests – i.e. external attacks to identify vulnerabilities – are also highly recommended.

How should companies deal with the challenge that security measures are often seen as a cost factor rather than an investment?

Björn Hawlitschka: I recommend two calculation models: Firstly, how much would real damage cost? Second, what business will I miss out on if I don’t have certifications or ISMS/BCM systems in place? More and more customers, especially in the banking sector, are demanding proof of security. If you have nothing to show, you will lose business.

What physical security measures are particularly important for companies with distributed locations or hybrid working models?

Björn Hawlitschka: If there are several sites, it should be clearly defined who is responsible in which situation – especially at what level of severity the “head office” takes over: Already in an emergency or only in a crisis? This requires defined escalation levels. And, of course, regular emergency drills – both local and central. The important thing to remember is that even small incidents can have a big impact. That’s why preparation is everything.

Security begins with the right system. NOX systems stand for flexible and economical solutions – for security infrastructures that grow with your needs. > Learn More

The threat landscape for companies and institutions has grown significantly in recent years. Sabotage, industrial espionage and ransomware attacks are now among the most common risks. Companies that are part of critical infrastructure (CI) are required by law to take special precautions to protect themselves from a wide range of attacks and disruptions. In this interview, Torsten Hiermann of CriseConsult provides key insights into the challenges companies face in terms of both physical and cyber security.

Why is a 360-degree approach to security so important for critical infrastructure? Where in practice do you see security measures being treated in isolation rather than as part of a bigger picture?

Torsten Hiermann: A 360-degree approach is always essential – especially when it comes to protecting corporate assets or even human lives. That doesn’t mean that every area requires the same level of security. Protection goals and measures can vary, even within the same company or facility. The key is to view security as an integrated, holistic concept. As a practical example, companies may invest heavily in drone detection and defence, but allow contractor vehicles onto the premises with little or no control. It’s a clear mismatch and illustrates why looking at security in isolation is ineffective.

What are the most common physical security vulnerabilities you’ve seen? And how often are they the result of a lack of integration with other areas of security?

Torsten Hiermann: From a technical point of view, there are many effective physical security measures available. However, vulnerabilities often arise from two main factors: a lack of security awareness and a reluctance to invest. Awareness is particularly critical – it determines whether and how consistently an organisation protects its assets in a professional and up-to-date manner. It’s also important to remain realistic: not every theoretically possible measure is economically viable. A 360-degree approach means making targeted risk assessments.

A typical example from the field: companies train their employees extensively on social engineering threats. Meanwhile, the staff car park is open to the public, or employee parking permits clearly indicate that a vehicle belongs to someone from company XY. Associating a private car with a specific employee makes that car a potential target: access cards, transponders, laptops… Corporate security doesn’t start at the perimeter – it starts in the parking lot of a hardware store. In the worst-case scenario, a casual encounter becomes a “target” because the black Audi A6 with its company-branded parking sticker or licence plate frame signals: this car belongs to someone in the top management of company XY. From the attacker’s point of view, the person who gets in or out of that car is my person of interest.

How does the separation of IT and physical security create problems? Would you say this is a structural problem?

Torsten Hiermann: IT and physical security are two separate domains with different approaches and requirements. Each requires specific risk assessments, protective measures and response strategies. However, these two areas must ultimately work together. A holistic view doesn’t mean you need an all-powerful corporate security department or a super-CISO. But one thing is clear: complex threats are best addressed with integrated security approaches. The overall security of an organisation depends on a holistic strategy. Security is a shared responsibility – and it starts with something as basic as preventing tailgating.

What are your best practices for implementing a holistic approach to critical infrastructure security? Are there proven measures or checklists that have worked well?

Torsten Hiermann: I’d suggest taking a look at the security measures at the German Chancellery. But seriously, depending on the threat scenario and protection objectives, security concepts can be so complex that simple checklists are no longer sufficient. The more demanding the requirements, the more it makes sense to involve professional security consultants or planners. It’s a bit like medicine: there’s a big difference between hospitals that occasionally perform a certain procedure and those that specialise in it.

What’s the most common misconception you see when it comes to critical infrastructure security?

Torsten Hiermann: The most fundamental misconception is the failure to recognise the need for integrated security measures due to a lack of visible incidents – the idea that “nothing has happened so far, so we must be OK”. While this attitude may be tolerable in less critical areas, critical infrastructure operators must apply much stricter standards. Security cannot be reactive – it must be preventative and strategically planned.

What technologies or new security concepts do you see as being particularly forward-looking?

Torsten Hiermann: The key is system integration and connectivity. Detection and response are increasingly linked, often through the use of artificial intelligence. However, experience shows that professional attackers are always finding new ways to bypass defences. If technical security is strong, the organisation’s internal security culture may be the weak link – and vice versa. Again, a 360-degree approach is the only viable solution.

What are your top three recommendations for critical infrastructure operators to make their security strategy more sustainable and effective?

Torsten Hiermann: Sustainable means long-term effectiveness. Effective means it actually works. Opportunistic attackers can be deterred. Professional attackers adapt. The takeaway: security measures must be aligned with protection objectives, represent state-of-the-art solutions, and be continuously updated based on current risk analyses and threat scenarios. Security is a process – not a stand-alone technology or a static concept.

NOX SYSTEMS is dedicated to helping critical infrastructure owners, designers and integrators achieve smart, future-proof security by providing scalable, integrated security solutions. > Our Solutions

Whether in industry, government or critical infrastructure, security is one of the key challenges facing organisations today. But how can alarm systems and access control best be combined to minimise security risks in an increasingly connected world? We spoke to Kjell Svensson, Technical Sales Manager at Swedish security integrator Monitor Larm, to find out why integrated security solutions are the future. By working with a wide range of customers with high security requirements, Monitor Larm has gained deep insight into specific customer needs and can develop tailor-made security solutions.

How does the integration of alarm and access control systems help minimize security risks?

Kjell Svensson: Having a single system makes it much easier for security managers to monitor all users and ensure that the system is kept up to date. Since all logs are consolidated into one central log, tracking security-related events is much easier. This means less manual work, greater efficiency and more control over all aspects of security.

How does the integration of these systems affect the end-user experience?

Kjell Svensson: Once again, the key word is simplicity. Users only need to remember one code instead of managing multiple passwords and credentials for different systems. At the same time, the system prevents unauthorised access if someone forgets their code – eliminating false alarms caused by employees. This not only reduces complexity, but also increases security.

What role does scalability play in integrated security solutions, especially for companies with growing needs?

Kjell Svensson: NOX offers a flexible solution that suits both small and large companies. A key advantage is that companies do not have to commit to a specific system size from the outset. NOX can grow with the business without the need to replace the core unit. This makes our solution the ideal choice for expanding businesses.

Are there any specific technical aspects that need to be considered during implementation?

Kjell Svensson: The most important thing is to listen carefully. We work with our customers to understand their long-term goals and ensure that the system is designed to grow with their needs. This flexibility allows us to expand the system as the company grows.

What cost savings can be achieved by implementing an integrated alarm and access control system?

Kjell Svensson: The answer is simple: a lot! A single integrated system is always more cost effective than two separate systems. With NOX, companies benefit from an open system with flexible hardware options. For example, customers can choose from different card readers in different price categories, rather than being forced to choose the most expensive option.

What technological developments will shape the future of security?

Kjell Svensson: The future belongs to open systems powered by AI. Imagine being able to control the system using natural language commands, such as: Hello NOX, can you tell me if anyone accessed the back door after 10pm last week? or Hi NOX, can you create a user named Carl Johansen who can only access the front door on Wednesdays between 8am and 6pm? This kind of voice control will make working with security systems much easier in the future.

Integrating alarm and access control systems is not just about security – it is also about efficiency and cost savings. Organisations benefit from an easy-to-use, scalable and future-proof solution that adapts to their specific needs.

Companies that proactively adopt integrated security solutions gain a competitive advantage while ensuring that their people, data and operations are protected against growing threats.

Question: What is your vision for the future of this partnership?

Sandro Kengelbacher: We see tremendous potential in the evolution of our security solutions. The combination of innovative technologies and a strong customer focus will help us meet the ever-changing demands of the future. Our cooperation with NOX SYSTEMS will be crucial in order to continue to offer future-oriented security solutions.

Thank you very much for taking the time to talk with us.