Over the years, many companies and institutions have developed security landscapes resembling patchwork quilts. Access control systems, fire and intrusion detection technology, video surveillance systems, and building management systems often come from different manufacturers and have been expanded as needed. However, these systems usually operate in isolation without a common database or consistent logging. What was once practical has become a security and efficiency problem. Separate systems mean double maintenance, complex interface management, and an inability to see the big picture in the control center. Alarm messages are received in parallel applications, and reports must be consolidated manually. This results in organizational and technical efforts that tie up human resources, costing time and money, and increasing risks, especially in critical infrastructures where failures can have far-reaching consequences. The complexity of the security environment is also steadily growing: IoT sensors, IP-based communication, cloud connections, and cybersecurity aspects require a higher degree of technical integration. Modern security is now an IT task and no longer solely the responsibility of building management.

As technical developments advance, the legal and organizational requirements for operators of security-relevant facilities are increasing. The european NIS2 directive and the new german KRITIS umbrella law establish the obligation to provide evidence of resilience, monitoring, and documentation as central tasks. Systems must be able to log activities, document events, and provide audit trails—requirements that many legacy, isolated solutions cannot meet. Geopolitical tensions, hybrid threats, and cyberattacks are also increasing the pressure to act. Attacks on energy suppliers, municipal utilities, and waterworks demonstrate the close link between physical and digital security. Those who fail to think in an integrated manner risk leaving security gaps at the interfaces between IT, OT, and building technology. Therefore, today’s security management means holistically assessing risks, networking systems, and consistently recording data. This is the only way to quickly detect and effectively defend against security incidents (https://gebaeudedigital.de/haus-und-gebaeudeautomation/sicherheitsmanagement-im-gebaeude/).

Rather than replacing all systems, open, hybrid security architectures offer a future-proof solution. NOX SYS allows you to gradually integrate existing systems into a common platform. Access control, video surveillance, and fire and intrusion detection technology can be connected via standard interfaces, as can Internet of Things (IoT) components and building automation systems. At the heart of the system is a central dashboard that consolidates all information. Events, alarms, and statuses are displayed, analyzed, and documented in real time. This gives security managers the transparency they need to respond quickly and control processes effectively. At the same time, documentation is simplified, making it easier to comply with regulatory requirements. NOX SYS’s strength lies in its openness: existing hardware remains usable, and new components can be added modularly. The result is an intelligent security architecture that grows with your needs without system interruptions or high migration costs (https://noxsystems.com/systemoffenes-sicherheitskonzept/).

A key factor in the success of integrated systems is a uniform user interface. Rather than monitoring several software solutions simultaneously, users access all security functions through one interface. This reduces training costs, prevents operating errors, and enables coordinated control. Additionally, operational efficiency improves because maintenance and diagnostics can be performed remotely, significantly reducing service times and operating costs. Predictive maintenance also becomes possible, as malfunctions are detected before they lead to failure. Operators benefit from significantly clearer processes in practice: events are documented in a traceable manner, statuses are displayed centrally, and security processes can be controlled across the board. This form of integration offers enormous advantages for complex buildings or distributed locations because it combines scalability and clarity.

NOX SYS stands for both integration and proven quality. Our systems are certified according to EN 50131 Grade 3 and VdS Class C, which are the highest standards for intrusion detection technology and tamper protection. These certifications make the systems suitable for demanding applications in banks, industrial facilities, museums, and critical infrastructures. Additionally, NOX SYS impresses with its high reliability. Local controls ensure that security-related functions remain operational even during connection interruptions. At the same time, access via secure IP networks ensures convenient remote maintenance and diagnostics, a decisive advantage for large, distributed systems. Thanks to its modular architecture, NOX SYS can be configured individually: from access control and video to complex alarm management systems. Each system can be integrated and expanded individually as needed.

Practical examples demonstrate that operators with open systems, such as NOX SYS, can reduce costs in the long term while improving the professionalism of their security organization. Rather than maintaining several isolated solutions, a uniform platform is used that encompasses all operations. This saves resources and strengthens KRITIS security because alarms, logs, and statuses can be recorded and checked centrally. It also increases flexibility. New locations or parts of buildings can be seamlessly connected. User rights can be defined individually. Emergency plans can be mapped directly in the system. Security technology grows with operational requirements without losing existing infrastructure. The future of building security clearly lies in interoperability, transparency, and adaptability.

In light of the current situation, what is the level of threat that operators of critical infrastructure face, and are other companies affected as well?

Torsten Hiermann: “The threat situation has changed in recent months and has increased significantly. At the end of september, chancellor Friedrich Merz summed it up: “We are not at war, but we are no longer at peace either.” Malicious manipulation is no longer a marginal phenomenon but rather a strategic method of disrupting economic, political, and social processes. The office for the protection of the constitution and the federal office for civil protection define this approach as deliberately impairing or destroying structures to weaken or influence them. This is not just about “classic” attacks on buildings, but also subtle attacks, such as disruptions to supply chains, targeted espionage, manipulation of public perception, and spreading uncertainty to influence political decision-making or encourage anti-state attitudes.

Therefore, the perpetrator landscape is broad. According to police statistics, left-wing extremist groups in particular tend to carry out attacks on infrastructure and provide instructions on how to build incendiary devices online. We also see state actors working through “proxies,” or recruited helpers who appear inconspicuous at first but are actually pursuing foreign interests. We must also not underestimate the danger from within. Employees who are frustrated or feel unfairly treated can become saboteurs.

Additionally, we are now dealing with hybrid threats. These attacks are not only physical, such as cutting a cable or attacking a transformer station, but also combine cyberattacks, social engineering, and classic physical attacks. Perpetrators intercept data, manipulate processes, or use social media to obtain information. That’s why I say the protection of objects doesn’t end at the fence.

You mentioned the importance of information. Could you elaborate on that?

Torsten Hiermann: Many people underestimate how valuable publicly available information is to a potential attacker. Social media profiles often reveal interesting information: For example, LinkedIn profiles often reveal not only where someone works, but also the projects and technologies they are involved in. This information is an excellent recruitment and evaluation tool for external services. The fact that Google Earth can be used to evaluate the initial vulnerabilities of a location is nothing new.

Added to this is careless handling of internal information. For example: In a critical infrastructure facility, tradespeople and service providers are given a detailed site plan with corresponding facility designations as part of their safety training. This provides potential perpetrators with precise information for planning an attack. This illustrates that protection against saboteurs also requires preventive information protection. What data should I publish? How restrictive should I be when naming contact persons? Is there a social media policy? How do I educate employees so they understand they are part of the security chain?

Drones have recently come into focus as a security risk. How do you see the role of airspace in the overall concept?

Torsten Hiermann: The threat posed by drones has reached a new dimension. They can film, collect reconnaissance data—for example, on processes or response times—record digital signatures, and transport objects and “weapons,” which they can drop. The war in Ukraine has shown how rapidly technology and its applications are advancing.

Nevertheless, I advocate a differentiated approach. Not every company needs to invest in expensive anti-drone systems right away. The key factor is risk analysis. A “normal” production facility without drones poses a lower risk than an energy supplier, chemical plant, airport, or military property, for example. In particular, KRITIS operators must now “take airspace into account” in their security concepts.

Remember that drones often complete their task before being detected. Therefore, the key questions are: How do we detect drones, and how do we respond to them? Rather, the security concept must be thought out from the perspective of the perpetrator. What information will a drone be able to see and access? How can that be prevented “on the ground”?

What specific countermeasures do you recommend in terms of organization and technology?

Torsten Hiermann: It’s about a holistic approach. First, the organizational side: prohibitions on filming and photography on company premises, employee training, and checking vehicles and people for items they are carrying. Access controls must also be reliable and effective. Depending on the level of protection, this may involve biometric procedures. In short, if I don’t check at the gate to see if a service provider is bringing in something undesirable, I don’t need to worry about drones above.

Technically, we have a wide range of options, including perimeter sensors, video surveillance, motion detectors, and tamper-proof devices. Drone detection systems can also be useful. In critical areas, active defense measures, such as jammers or interceptor drones, may be considered. At the same time, however, it’s important to consider resilience, such as redundant power supplies, emergency generators, and secure supply chains. Business continuity is always part of overall protection!

What role does integrated alarm and security management play in this context?

Torsten Hiermann: A crucial one. We can introduce as many individual measures as we like, but if they are not integrated, we will end up with a patchwork again. To create an effective 360-degree security concept, all vectors must be taken into account.

Does that mean that, in the future, all companies—not just KRITIS operators—will have to address attacks more intensively?

Torsten Hiermann: It depends on the risk analysis and the level of protection. A medium-sized mechanical engineering company may not face the same threats as a network operator. However, they can still be crippled by physical or IT attacks. Just think of cyberattacks, disrupted supply chains, or power outages. Production at the Tesla Gigafactory was crippled not by a highly complex operation but by a simple arson attack on a supply line. So, the question is, “How vulnerable am I?” How resilient are my processes? Have I taken precautions to remain operational in the event of an attack or minimize damage?

This is precisely why business continuity is important. Comprehensive protection is about more than just defense; it’s also about preparation. It requires companies to consider not only the physical perimeter but also information protection, social engineering, IT security, and airspace.

Physical breaches are one of the most underestimated — yet potentially devastating — threats to modern organizations. It’s hard to predict, often strikes without warning, and can leave lasting damage. While cyberattacks like ransomware or phishing dominate the headlines, physical disruptions often go unnoticed. Yet the real danger lies in their combination: digital and physical attacks are increasingly intertwined.

In this expert interview, Björn Hawlitschka from MACONIA GmbH shares what businesses need to know now — and how to build real resilience against hybrid threats.

Mr. Hawlitschka, what types of digital or physical interference are most common today?

Björn Hawlitschka: According to the German digital industry association Bitkom, digital attacks have significantly increased in recent years. Ransomware, phishing, targeted malware infections, and other forms of cybercrime are often much easier for attackers to carry out than physical attacks. They don’t require physical presence, can be controlled remotely and anonymously, and usually involve lower risk. The rise of remote work and the growing connectivity of critical systems have accelerated this trend.
But that doesn’t mean physical disruption is losing relevance – quite the opposite. Although less frequent, physical attacks often have more far-reaching consequences, especially when critical infrastructure is involved. A recent example is the suspected left-wing extremist arson attack on the Tesla factory in Grünheide, which severely impacted the regional power supply.

Why is the combination of digital and physical threats particularly dangerous?

Björn Hawlitschka: Combined digital and physical attack strategies represent a particularly complex and challenging risk scenario. The digital component can be used for reconnaissance – reading building plans, disabling alarm systems, or manipulating access control. These vulnerabilities pave the way for targeted physical attacks that cause real damage. A cyberattack becomes the entry ticket for a physical assault. Attackers use this synergy to maximize impact and bypass defenses that are often only prepared for one type of threat.

Which internal weaknesses make companies vulnerable to targeted disruptions?

Björn Hawlitschka: One of the biggest weak points is one-sided focus – either on IT security or on physical protection. A company that installs firewalls and antivirus tools but has no access control system is just as vulnerable as one that does the opposite.
Often, basic organizational structures are missing – like a functioning crisis response team or clearly defined emergency processes. These gaps make it easy for attackers to create chaos through targeted actions. A lack of clearly communicated reporting channels and responsibilities also hinders effective responses to suspicious incidents. In the end, it’s the fragmentation of security structures that leaves many organizations exposed.

How can the human factor be strengthened to prevent targeted interference?

Björn Hawlitschka: Despite all the technology, people remain one of the biggest vulnerabilities – but also one of the strongest lines of defense when empowered correctly. What’s crucial is a lived security culture: Employees need to know how to act, what the risks are, and who to report to in case of suspicion. Real protection emerges only when basic awareness is integrated into everyday behavior – when it becomes second nature to challenge strangers in the hallway or to lock screens when leaving desks unattended. It’s also essential that awareness programs don’t just focus on IT. Physical aspects – like visitor protocols, USB port controls, or screen filters in sensitive areas – need to be trained and communicated just as regularly. Technical tools like video surveillance or access control systems are important – but without employee vigilance, they’re not enough.

How does today’s geopolitical climate influence the risk of targeted disruption?

Björn Hawlitschka: The current global political climate is significantly increasing the risk of targeted interference. The Russian invasion of Ukraine marked a new level of hybrid conflict, in which Western infrastructure has become a clear target – whether via state-sponsored hacking groups like APT28 or covert operatives on the ground. What’s striking is the rise of “low-level agents”: not trained spies, but individuals acting on orders to carry out simple but effective attacks.
Tensions with China could also drive an increase in industrial espionage and targeted disruptions, especially if economic isolation or tech sanctions take effect.
We also need to consider domestic threats – environmental activists or radicalized groups can become actors themselves, especially when political frustration grows.

How important is the integration of IT and physical security for comprehensive protection?

Björn Hawlitschka: Effective protection requires integrated strategies combining both digital and physical security. These two areas must be aligned not just technically but also organizationally. Modern security systems should enable centralized and modular management of intrusion detection, access control, video surveillance, and backup power. In hybrid attack scenarios, digital alerts must trigger physical responses – for example, when a perimeter breach is detected, a response team must be dispatched automatically. Without this integration, companies risk falling into dangerous response gaps.

What are best practices for handling suspected security incidents or disruptions within an organization?

Björn Hawlitschka: Companies must establish clear and well-communicated reporting procedures. Employees should know exactly who to contact in case of a suspicious incident – and feel confident that their report will be taken seriously. It’s also smart to build relationships with security authorities, such as national security agencies or cybercrime units, well before an emergency occurs. If targeted disruption is suspected, external specialists like IT forensic experts or corporate security consultants should be brought in early. And when in doubt – for instance, if someone is acting suspiciously or photographing sensitive areas – it’s better to overreact than underreact. A professional and level-headed approach builds trust. Organizations that conduct regular crisis drills, assign dedicated emergency teams, and work with external partners are far better prepared. And let’s be clear: Preparedness costs money – but nowhere near as much as a successful security breach.

In large, sprawling new buildings, such as a modern 24/7 film studio, a comprehensive security concept is essential. Different user groups require finely graded access authorisations, while valuable technology, sensitive data and people must also be effectively protected.

Implementing such a networked security concept in new buildings ensures a high level of security for many user groups without compromising usability. Centralising all systems and information shortens response times, minimises false alarms and simplifies processes. Overall, integrated alarm and intrusion management provides the foundation for efficient, future-proof building protection.

Access controll

Electronic access control forms the basis of the security concept. Unlike mechanical key systems, it enables access rights to be assigned with great precision according to person, area, and time. For instance, each team is granted access only to their own work areas, while other zones remain locked to prevent unauthorised access – and thus theft, sabotage or misuse of data. Authorisations are managed centrally and can be adjusted or revoked immediately if necessary.

Although access control and fire safety systems must work together, local regulations vary. In Sweden, for instance, systems must always permit evacuation when people are in the building. NOX meets this need by monitoring escape route doors and triggering an immediate alert in the event of an issue. Locks must also comply with local regulations, which often require separate day and night modes for access and security. Elsewhere, simpler standards may apply, such as requiring only one compliant lock. NOX adapts to all cases, ensuring secure escape routes without compromising access control.

Burglary protection

The burglar alarm system protects the property during and outside of operating hours. Alarms are triggered by unauthorized access after hours and by forced entry attempts, such as broken windows or forced doors, at any time. Valid access credentials prevent false alarms. When an alarm is triggered, the system activates IP cameras to provide visual verification and an appropriate response.

Central security management

The close networking of all components enables efficient security management. Central alarm management: all alarms converge in a central security management platform. Security personnel can operate all connected systems uniformly via the control centre, controlling doors, acknowledging alarms and initiating measures. Predefined alarm plans automatically trigger stored measures. This integrated alarm management system enables a fast, coordinated response as all relevant information is available centrally. Practical example: Warner Brothers Film Studio

Use Case: film studio Warner Brothers

A comprehensive security solution from NOX SYSTEMS was successfully implemented in a new Warner Brothers film studio in Sweden, planned in collaboration with Monitor Larm, who were responsible for its realisation. All access readers, cameras and detectors are networked on a single platform. User frequency ranged from regular to sporadic – many of the registered users only accessed the premises a few times a year. Against this background, it was essential to have a particularly user-friendly and fault-tolerant system design.

The security approach included installing an access control and intrusion detection solution with NOX SYSTEMS components. Great importance was attached to automated user guidance and an intuitive user interface to enable users with little technical expertise to safely and easily operate the system.

A flexible and expandable solution was sought and found

The installed systems included the NOX SYS, a hybrid intrusion alarm and access control panel, and various expansion modules for connecting additional systems, such as access control readers. These combine all systems (access, intrusion, fire and building technology) and offer open interfaces for third-party systems. This eliminates the need for isolated solutions, with a common control panel and cabling covering all functions. The system is flexibly scalable. Thanks to modern IP technology, the platform remains open for expansion — new sensors or automation functions can be integrated at any time. The system is characterised by its user-friendliness and automation. Processes such as time-controlled arming/disarming or lighting control can be programmed, and the intuitive user interface makes operation easy. The solution also meets the highest security standards (e.g. EN 50131 Grade 3 and VdS Class C). This makes it ideal for a film studio, which has sensitive data and valuables. In the film studio, the solution was supplemented with electronic door handles, a video surveillance system and a separate fire alarm system. Electric locks and automatic door openers were also integrated to ensure a high degree of automation and barrier-free access.

Conclusion: scalable and flexible

The systems could be tailored directly to the architectural and technical requirements of the new building without any complications. Close communication with the facility manager meant that individual requests could be taken into account and implemented at an early stage, and the integration went smoothly. The customer’s feedback was consistently positive – the systems not only met, but exceeded, expectations.

Overall, this project demonstrates that well-thought-out planning, modular technology and close communication with the operator Monitor Alarm  can create a security solution that meets complex requirements in terms of user-friendliness, functionality and scalability. NOX SYSTEMS proved to be a central technological component in the successful implementation.

Intrusion detection systems are often the first technical component of a security infrastructure, but without an effective alarm management process, they remain limited in their effectiveness. In a fully integrated, 360-degree security approach, it is essential to combine detection, evaluation and response to create a seamless process. This is the only way to avoid fragmented solutions and manage security efficiently.

Torsten Hiermann of CriseConsult explains how intrusion detection can be embedded into an effective alarm management strategy, and why regular alarm drills are a frequently overlooked success factor.

How should effective alarm management be incorporated into a 360-degree security framework, and how can it prevent the development of isolated solutions?

Torsten Hiermann: In military settings, we use the term ‘actionable intelligence’, which means: Information must be reliable and timely enough to be processed and acted upon. In this context: There is no such thing as a 360-degree security approach without functional alarm management. What use is precise detection if the downstream structures don’t work? The process begins with planning a system that aligns with the defined protection level. Only then can the technical components be considered. Most importantly, detection must be linked to predefined actions, whether technical, such as building automation, or organisational, such as deploying security personnel.

What are the most common weaknesses of intrusion detection systems, particularly in critical infrastructure environments?

Torsten Hiermann: The issue rarely lies with the technology itself. The challenge lies in ensuring that detection leads to action, ideally in the form of timely intervention. However, when personnel are required to respond on site, security teams quickly reach their limits. Response times and available manpower are key constraints. Intruders don’t wait. Therefore, their movement patterns must be tracked and relayed in real time to internal responders. Ideally, their movement should also be restricted, for example via lockdowns. This is technically feasible, but requires investment. This brings us back to the point that technical capabilities must be aligned with risk assessments. Let me add this: Alarm management deals with what happens after an incident is detected. However, the ultimate goal should always be to prevent – or at least delay – the incident from happening in the first place.

Can intrusion detection systems actually increase risk, for example by triggering false alarms?

Torsten Hiermann: Even the best systems can be rendered ineffective by poorly coordinated processes. Frequent false alarms can reduce situational awareness. Consider, for instance, a fire alarm that goes off every week – people will eventually stop reacting. Reliability is paramount: if your system triggers unnecessary alarms, the real ones may be overlooked. This undermines the entire subsequent response process.

So, how can modern technologies like AI-based detection improve alarm management?

Torsten Hiermann: We’re seeing rapid technological advances, especially in AI. This is already shaping security systems. Behaviour-based video analytics is one example. Predictive policing is another example. In short, the earlier a threat is detected, even in its early or potential phase, the sooner you can respond or take preventive action. That’s the good news. The bad news is that bad actors are evolving too. Modern technologies are powerful tools. However, they should never replace physical protection, but rather enhance it.

How important is regular testing of alarm procedures (e.g., alarm drills) for the real-world effectiveness of a security concept?

Torsten Hiermann: That’s easy to answer – with Benjamin Franklin: “If you are failing to prepare, you’re preparing to fail.” Special forces train. So do emergency physicians, pilots, security teams, and industrial site operators. Alarm drills are among the easiest exercises to conduct – and yet, if the alarm chain fails as a single point of failure, the entire response process collapses. In short: practice matters.

Few terms are used as frequently – or interpreted as differently – in the security market as ‘system openness’. But what does it really mean when real-world projects begin, public tenders demand integration and five systems suddenly need to communicate with each other?

We spoke to Antoine Evertze, Product Manager at ARAS Security Netherlands and long-standing NOX SYSTEMS partner, about this very issue. The result is a candid discussion about what true integration looks like, where the pitfalls lie, and why you don’t need to integrate everything — just the right things.

Antoine, why is system openness becoming more important in today’s security projects?

Antoine Evertze: Openness isn’t just becoming more important – it’s becoming the standard. Buildings are getting smarter, users are becoming more digital, and IT environments are becoming more complex. No system operates in isolation anymore, whether it’s access control, video surveillance, human resources or fire safety – everything needs to communicate. Not someday, but in real time and in a controllable and auditable way.

To stay relevant, a system needs to fulfil two criteria. First, it must provide a well-documented API with practical use cases, not just abstract documentation. Second, it must be able to adapt flexibly to changing environments using standardised protocols such as OSDP(v2) for access control, ESPA or Modbus, through custom connectors such as SQL or with an API.

We are seeing more and more that customers aren’t buying features anymore – they’re buying integration capability. This determines whether a system can be scaled up for real-world projects or whether it will fail at the interface.

In which projects does NOX really make a difference?

Antoine Evertze: Whenever intrusion and access control need to be unified within a single system, the need for simplicity and consistency becomes obvious – especially in the public sector. No one wants to operate five different systems with five separate interfaces anymore. In a recent government project, we supported the implementation of a solution that not only combined access control and intrusion detection, but also offered a modular, scalable architecture with seamless integrations for video management, elevator systems, and parking management – all controlled from a single platform.
In scenarios like this, fragmented solutions simply aren’t an option.

Which systems do you consider essential for integration today?

Antoine Evertze: In my experience, three areas tend to feature in almost every project: video surveillance, fire alarm systems and identity/user management. When it comes to video, customers expect access and intrusion events to be automatically linked with camera footage. For fire protection, standardised interfaces for evacuation and alert forwarding are essential. When it comes to user management, it is essential that roles, permissions and validity periods can be synchronised from existing systems, such as HR or credential platforms. In short, systems that identify people, track movement or handle critical events must be able to communicate with each other reliably.

So, what is the difference between ‘connecting a system’ and ‘truly integrating it’?

Antoine Evertze: When integration is done right, users don’t even notice it’s happening. Processes run logically, automatically and consistently. No one has to think about which interface to use – it just works. If I have to manually extract or copy data, that’s not integration; that’s extra work. True integration reduces complexity. It doesn’t create new layers.

Thank you, Antoine, for your clear view on what openness really means.

Geopolitics, hybrid threats and vulnerable supply chains have made corporate security more strategic than ever. In this interview, Björn Hawlitschka of MACONIA GmbH provides insight into current threat scenarios and practical recommendations.

Mr Hawlitschka, to what extent are companies more exposed to geopolitical risks today than they were ten years ago?

Björn Hawlitschka: I studied political science and then worked for a long time at the Federal Academy for Security Policy. Even then, we were working with an expanded concept of security in which networking and strategic thinking played a major role. Today we can clearly see that geopolitical risks have become more complex. In the past, companies could afford the luxury of keeping IT and security strictly separate. Conflicts such as the war in Ukraine, the pandemic and supply chain issues have shown us how vulnerable our systems are. It only takes one freighter stuck in the Suez Canal to bring entire production chains to a standstill.

Why are critical infrastructures and companies increasingly being targeted by states or non-state actors?

Björn Hawlitschka: On the one hand, we see classic, economically motivated cybercrime – such as the Darkside attack on the Colonial Pipeline in 2021. On the other hand, politically motivated sabotage is also on the rise. Both are dangerous. It becomes particularly perfidious when attacks take on hybrid forms, combining physical and digital sabotage. The motives range from economic blackmail to the deliberate destabilisation of entire societies.

Which sectors are particularly at risk, and which threat scenarios do you see as most critical at the moment?

Björn Hawlitschka:Traditional industries such as energy, chemicals and technology are of course in the spotlight. But small and medium-sized enterprises or municipal institutions are also vulnerable, for example to ransomware. It is particularly critical if social services can no longer be paid out in the event of such attacks. This undermines trust in government and can exacerbate social tensions.

Do you see a trend towards targeted hybrid threats, i.e. a combination of physical sabotage and cyberattacks?

Björn Hawlitschka: Absolutely. In Ukraine, we have already seen a combination of cyber attacks and physical sabotage in 2015. This type of threat will increase because it is particularly effective.

What basic security measures should companies take to protect themselves against digital threats?

Björn Hawlitschka:A solid risk analysis that maps all business processes is important. This includes a business impact analysis: Which processes are most critical? How long can they be down? And patch management! This sounds banal, but many vulnerabilities arise because available security updates have not been installed. Employee awareness also plays a major role – after all, people are both the biggest vulnerability and the most important resource.

How can physical security measures be effectively integrated with cyber defence strategies?

Björn Hawlitschka: The zero-trust approach is very helpful here – not only in IT, but also physically: don’t blindly trust anyone, even if they are in the building. Awareness has to be trained in all areas. Many companies protect the outer ring very well – but once someone is inside, they can move around freely. That is a risk.

Are there any best practices or specific examples from the corporate world that can serve as models for security strategies?

Björn Hawlitschka:Microsoft’s Zero Trust model is a good example. Or Toyota, which revised its supply chain strategies after Fukushima and is now planning with more redundancy. It is important not just to react, but to learn from crises.

What measures would you recommend to companies that are at the beginning of a professional security strategy?

Björn Hawlitschka: The first step is to know your own processes. If you don’t know what your “castle” looks like, you can’t protect it. Then comes a business impact analysis. And finally, you should carry out realistic emergency exercises. Red team tests – i.e. external attacks to identify vulnerabilities – are also highly recommended.

How should companies deal with the challenge that security measures are often seen as a cost factor rather than an investment?

Björn Hawlitschka: I recommend two calculation models: Firstly, how much would real damage cost? Second, what business will I miss out on if I don’t have certifications or ISMS/BCM systems in place? More and more customers, especially in the banking sector, are demanding proof of security. If you have nothing to show, you will lose business.

What physical security measures are particularly important for companies with distributed locations or hybrid working models?

Björn Hawlitschka: If there are several sites, it should be clearly defined who is responsible in which situation – especially at what level of severity the “head office” takes over: Already in an emergency or only in a crisis? This requires defined escalation levels. And, of course, regular emergency drills – both local and central. The important thing to remember is that even small incidents can have a big impact. That’s why preparation is everything.

Security begins with the right system. NOX systems stand for flexible and economical solutions – for security infrastructures that grow with your needs. > Learn More

• Company: Öckerökronan Fastighets AB
• Location: Öckerö, Sweden
• Industry: Industrial property management
• System scope: Multiple properties, centrally managed
• Solution: Access control, alarm integration, management system
• Partner: Monitor Larm & Bevakning

Öckerökronan Fastighets AB is a Swedish real estate company based in Öckerö. Since 1975, the company has been managing and leasing both owned and leased industrial properties, including facilities on the premises of Ö-Varvet, its largest tenant.

Managing a wide variety of properties, changing user groups and maintaining high standards of operation and safety places considerable demands on both organization and security.

COO Andreas Djerf, together with Facility Manager Anders Hagman, is responsible for overseeing operations. Their responsibilities include maintenance, expansion projects, financial oversight, and coordination of security technology – including modernization and upgrading of alarm systems, access control, and locking systems.

The company operates a wide range of buildings and facilities at various addresses, supplemented by extensive outdoor areas and numerous docking points. In addition to its permanent staff, the company regularly employs temporary workers. This complex infrastructure requires a highly organized approach, particularly with regard to the consistent implementation of standardized security processes.

Tenant Ö-Varvet uses a centralized system that links all security-related components across the property portfolio. This greatly simplifies administration and improves efficiency.

The NOX system used offers a flexible combination of alarm and access control functionality and also supports various site monitoring tasks – features that are actively used.

The decision to implement NOX was based amongst others on these practical benefits. With the integrated Security Information Management System (SIMS), all properties can be visualized – including interactive floor plans for easy navigation.

The current level of security is considered adequate. Traditional keys are increasingly being replaced by flexible access readers that allow precise control and traceability. It’s easy to verify who entered what area and when. The investment has paid off.

These improvements reflect Öckerökronan Fastighets AB’s ongoing commitment to securing its properties and ensuring the safety of its tenants and users – now and in the future.

1. In SIMS (Security Information Management System), we can see all our addresses visually – complete with interactive maps that make navigation easy.
2. The system has little, or none limitations regarding size and special functionality.
3. It’s an advanced system that’s still easy to understand and use.