Cloud security

As 2026 approaches, cybersecurity threats are evolving at an unprecedented speed. Small and medium-sized enterprises (SMEs) face rising exposure as perpetrators adopt advanced AI, expand commercialised cybercrime platforms, and intensify nation-state activity. Recent intelligence, including the CrowdStrike 2025 European Threat Landscape Report, highlights how attackers are becoming faster, more capable, and more varied in their methods, raising the stakes across the UK’s interconnected supply chains. Seven critical risks Below, they discuss seven critical risks that will shape the 2026 threat landscape. Vishing and deepfake-driven social engineering will surge AI will supercharge social engineering. Hyper-realistic deepfake voice cloning will make vishing attacks dramatically more convincing, enabling criminals to impersonate executives, suppliers, and public authorities with unprecedented accuracy. As these tools become widely accessible, SMEs, often with limited training and internal verification controls, will face a sharp rise in targeted social engineering campaigns. Identity protection will become a top priority amid rising SaaS and cloud adoption The rapid proliferation of cloud applications and SaaS platforms continues to outpace many organisations’ ability to secure them. Misconfigurations, fragmented access controls, and an expanding set of user identities create ideal conditions for attackers. Identity protection, including MFA enforcement, conditional access controls, and behavioural monitoring will become an essential foundation for modern cyber defence as attackers increasingly exploit identity-based vulnerabilities. Commercialised as-a-service cybercrime will open the door to more diverse attackers Cybercrime is now fully commercialised, with Ransomware-as-a-Service and Phishing-as-a-Service platforms enabling criminals of varying skill levels to launch sophisticated attacks quickly and cheaply. Many reports, including the previously mentioned CrowdStrike 2025, confirm the acceleration of these trends, noting that European organisations account for a growing share of ransomware victims and that both criminal and nation-state campaigns continue to escalate. As these platforms continue to evolve, SMEs, often serving as entry points to larger supply chains, will experience intensified targeting. Nation-state attacks will intensify as geopolitical tensions grow State-backed cyber operations are increasing in frequency and ambition. Critical infrastructure, logistics networks, healthcare, and essential supply chains remain high-value targets for nation-state actors seeking strategic advantage or disruption. With advanced reconnaissance, automation and AI-enabled attack methods now standard among these groups, the pressure on UK organisations has never been greater. This is a threat the UK must get ahead of; prevention is far more effective than the cure. Patch and vulnerability management will remain core to preventing breaches Even as threats become more complex, many successful attacks will continue to exploit unpatched systems and well-known vulnerabilities. Automated scanning tools allow cybercriminals to detect weaknesses within minutes of disclosure. Organisations with inconsistent patching, outdated systems, or weak vulnerability governance will be disproportionately exposed. Effective patch and vulnerability management remains one of the most reliable ways to reduce an attacker’s opportunity window. Threat intelligence will be essential to prioritising cyber workloads With expanding attack surfaces and increased alert volumes, many organisations, particularly SMEs, struggle to understand which threats genuinely matter. Actionable threat intelligence will become indispensable, enabling security teams and outsourced partners to prioritise patching, triage alerts, and focus resources on the most likely and most damaging risks. Reactive models are no longer viable; 2026 will demand intelligence-led, proactive security operations. Supply chain and third-party attacks will continue to rise Interconnected supply chains remain one of the greatest systemic risks. Attackers know that compromising a single SME can trigger cascading disruption across multiple sectors. In critical industries, such as pharmaceuticals, food distribution, energy and logistics, the consequences could be severe, even societal. As both criminal and nation-state groups increase their focus on supply chain infiltration, organisations must strengthen third-party risk management and invest in resilience across their entire ecosystem. 2026 will be a defining year for cybersecurity. To best withstand the challenges ahead, organisations must prioritise comprehensive identity protection that covers the whole business, including all cloud applications, configurations, workloads and infrastructure. This must be combined with an emphasis on patch and vulnerability management, intelligence-led security operations, and reinforced supply chain resilience. As far as AI is concerned, it’s vital to fight fire with fire: use the same tools cybercriminals use, and adapt them to fight the good fight. This way, businesses stand the best possible chance of steering clear of trouble.

The Center for Internet Security, Inc. (CIS®), Astrix Security, and Cequence Security now announced a strategic partnership to develop new cybersecurity guidance tailored to the unique risks of artificial intelligence (AI) and agentic systems.  This collaborative initiative builds on the globally recognised CIS Critical Security Controls® (CIS Controls®), extending its principles into AI environments where autonomous decision‑making, tool and API access, and automated threats introduce new challenges. The intent of the partnership includes initially developing two CIS Controls companion guides: one for AI Agent Environments, which will focus on securing the agent system lifecycle; the other for Model Context Protocol (MCP) environments. Adopt AI responsibly and securely MCP environments introduce unique risks, including credential exposure, ungoverned local execution, unapproved third‑party connections, and uncontrolled data flows between models and tools. Together, these guides will provide targeted safeguards for organisations operating in environments where MCP agents, tools, and registries interact dynamically with enterprise systems.  “AI presents both tremendous opportunities and significant risks,” said Curtis Dukes, Executive Vice President and General Manager of Security Best Practices at CIS. “By partnering with Astrix and Cequence, we are ensuring that organisations have the tools they need to adopt AI responsibly and securely.”  AI ecosystems Astrix’s contribution centres on securing AI agents, MCP servers, and the Non‑Human Identities (NHIs), such as API keys, service accounts, and OAuth tokens, that link them to critical systems.  “AI agents and the non‑human identities that power them bring great potential but also new risks,” said Jonathan Sander, Field CTO of Astrix Security. “Our focus is helping enterprises discover, secure, and deploy AI agents responsibly, with the confidence to scale. Through this partnership, we’re providing clear, practical guidance to keep AI ecosystems safe so organisations can innovate with confidence.”  API security experience Cequence brings years of enterprise application and API security experience to agentic AI enablement and security. “As organisations embrace agentic AI, trust hinges on visibility, governance, and control over what those agents can see and do to your applications and data,” said Ameya Talwalkar, CEO of Cequence Security. “Security is strongest through collaboration, and this partnership gives organisations clear guidance to adopt AI safely and securely.”  How the partnership supports organisations  Extends trusted cybersecurity frameworks into AI environments, addressing risks from autonomous systems and integrations.  Delivers clear, prioritised safeguards that guide enterprises toward secure and responsible AI adoption.  Resilience across the AI ecosystem Combines expertise across standards, API security, and application defence to provide comprehensive protection. The new guidance is scheduled for release in early 2026, accompanied by workshops, webinars, and supporting resources delivered jointly by CIS, Astrix, and Cequence. Together, the organisations aim to help enterprises translate recommendations into practice while building a stronger foundation of trust, transparency, and resilience across the AI ecosystem. By working from a shared framework, enterprises, vendors, and security leaders can align on a common language for securing AI environments.

WatchGuard has revealed its top six cybersecurity predictions for 2026, forecasting a year where AI-driven threats, regulatory pressures, and the decline of legacy tools will reshape the security landscape. Corey Nachreiner, chief security officer at WatchGuard Technologies, emphasises that organisations must prepare for rapid evolution in both attack methods and defensive strategies. Crypto-ransomware goes extinct  In 2026, crypto-ransomware will effectively go extinct, as threat actors abandon encryption and focus on data theft and extortion. Organisations have significantly improved their data backup and restoration capabilities, meaning they’re more likely to recover from a traditional crypto-ransomware attack without having to pay the extortion demands. Instead, cyber criminals simply steal data, threaten to leak it and even report victims to regulators or insurance companies to increase pressure. Encryption no longer pays off; the real leverage will now come from exposure.  OSS box will leverage AI to defend against supply chain attacks  If the surge of attacks against open-source package repositories like NPM and PyPI has taught security teams anything, it’s that open source is under siege. It’s a losing battle and traditional security controls, such as tighter authentication and shorter token lifetimes, can’t keep up. In 2026, open-source package repositories will adopt automated, AI-driven defences to fight back against a growing wave of supply chain attacks. To keep up with this significant and persistent threat, these repositories will become early adopters of automated SOC-style systems for their own applications, enabling them to detect and respond to attacks in real-time.  CRA reporting needs finally incentivise secure by design principals  In 2026, the EU Cyber Resilience Act (CRA) will finally become the market force that drives adoption of secure-by-design principles. With the first phase going into effect in September 2026, software manufacturers selling into the EU must report actively exploited vulnerabilities and security incidents within 24 hours. This is the most aggressive reporting requirement yet. While the initial rollout will likely be chaotic as companies scramble to comply and more of their weaknesses are exposed, it will ultimately create a lasting incentive to build security into products from the start. At the same time, overlapping global regulations will reveal competing frameworks and contradictions, forcing organisations to navigate an increasingly complex web of compliance.   First breach carried out by autonomous, agentic AI tools in 2026   In 2025, WatchGuard predicted that multi-modal AI tools would be able to carry out every aspect of the attackers’ cyber kill chain, which proved to be true. 2026 will mark the year AI stops just assisting cybercriminals and starts attacking on its own. From reconnaissance and vulnerability scanning to lateral movement and exfiltration, these autonomous systems can orchestrate an entire breach at machine speed.   The first end-to-end AI-executed breach will serve as a wake-up call for defenders who have underestimated the speed at which generative and reasoning AIs evolve from tools into operators. The same capabilities that help businesses automate security workflows are being weaponised to outpace them. Organisations must fight fire with fire: only AI-driven defence tools that detect, analyse and remediate at the same velocity as attacker AIs will stand a chance.  The fall of VPN and remote access tools will lead to the rise of ZTNA  Traditional Virtual Private Networks (VPNs) and remote access tools are among the top targets for attackers due to the loss, theft, and reuse of credentials, combined with the common lack of multi-factor authentication (MFA). It doesn’t matter how secure VPNs are from a technical perspective; if an attacker can log in as one of your trusted users, the VPN becomes a backdoor giving them access to all your resources by default. At least one-third of 2026 breaches will be due to weaknesses and misconfigurations in legacy remote access and VPN tools. Threat actors have specifically targeted VPN access ports over the past two years, either stealing users’ credentials or exploiting vulnerabilities in specific VPN products. As a result, 2026 will also be the year when SMBs begin to operationalise ZTNA tools because it removes the need to expose a potentially vulnerable VPN port to the internet. The ZTNA provider takes ownership of securing the service through their cloud platform, and ZTNA does not give every user access to every internal network. Rather, it allows you to grant individual user groups access to only the internal services they need to perform their jobs, thereby limiting the potential damage.  AI expertise becomes a required skill for cybersecurity  It's nearly the dawn of a new era where cyber offense and defence will take place on an AI battleground. Attackers are already experimenting with automated, adaptive and self-learning tools. Defenders who can’t match that level of speed and precision will be outgunned before they know they’re under fire. To survive, security professionals must go beyond simple understanding of AI toward mastery of its capabilities and harness it to automate detection and response while anticipating the new vulnerabilities it creates. By next year, AI literacy won’t just be a nice addition to a résumé, it’ll be table stakes, with interviewers diving in on practical applications of AI for cyber defence.

Teleport is excited to announce it has been named the winner of Rising Star Partner of the Year, recognising Teleport as a top Amazon Web Services (AWS) Partner that has seen significant YoY growth in its technology business. Announced during the Partner Awards Gala at AWS re:Invent 2025, the Geographic and Global AWS Partner Awards recognise a wide range of AWS Partners that have embraced specialisation, innovation, and cooperation over the past year. Geo and Global AWS Partner Awards recognise partners whose business models continue to evolve and thrive on AWS as they support their customers. Infrastructure identity approach “To be recognised as a Rising Star Partner of the Year is a testimony to Teleport’s continuous growth and our company vision for securing infrastructure at scale,” said Ev Kontsevoy, CEO at Teleport. “By unifying trusted identities for humans, machines, and AI, teams can secure access across multi-cloud and AI-native environments at massive scale. This infrastructure identity approach, which includes deep integration with AWS, strengthens infrastructure resiliency and reduces complexity, enabling customers to accelerate their pace of innovation.” Geography and Global AWS Partner Awards The Geography and Global AWS Partner Awards included a self-nomination process across several award categories, awarded at both the geographic and global levels. All AWS Partners were invited to participate and submit a nomination. Award submissions were reviewed by a third-party, Canalys, and selected with special emphasis placed on customer success use cases. Data-driven award categories In addition, there were several data-driven award categories, which were evaluated by a unique set of metrics that helped measure AWS Partners’ performance over the past year. Canalys audited the datasets used to ensure that all measurements and calculations were objective and accurate. Finalists represented the top three-ranked AWS Partners across each category. The AWS Partner Network (APN) is a global program focused on helping partners innovate, accelerate their journey to the cloud, and take full advantage of the breadth and depth of AWS.

The sheer volume of smart locks, lock management systems, connected readers and an increasing array of Internet of Things (IoT) devices complicates the issuance and management of certificates that are foundational to establishing trust between a device and the credential used to access it. That’s why more companies are turning to PKIaaS for IoT devices. But there’s another reason to consider PKIaaS: the rise of quantum computing. Secure digital communications Gartner predicts that the pace of quantum computing will render asymmetric cryptography systems PKI certificates form the backbone of secure digital communications, but Gartner predicts that the pace of quantum computing will render asymmetric cryptography systems unsafe by 2029 and could render all current cryptography unsafe by 2034. As with any software implementation, there are pitfalls to avoid, including vendors that use proprietary technology that’s incompatible with other systems and “gotcha” pricing tactics where a slight increase in certificate usage triggers a massive increase in pricing. However, the time to implement PKIaaS is now. Physical security faces growing cyber threats Although ransomware attacks directly on computing infrastructure dominate business headlines, physical security systems are also under threat. An HID survey of over 1,200 security professionals, end-users and executives shows that 75% reported threats to their physical security systems in the past year, as these systems are more tightly integrated with company IT networks. Until recently, most physical access control systems (PACS) were proprietary and worked only on the specific systems they were designed to interact with. However, the movement toward open supervised device protocol (OSDP) revolutionised the field, allowing companies to integrate and control devices from different vendors while improving compatibility and security. PACS and IoT devices  PKIaaS makes sense as the number of digital certificates needed to power PACS and IoT devices As a result, 40% of companies plan to either update or change access control systems in the next year, with 21% emphasising the need for open standards like OSDP to both improve interoperability and future-proof their systems. When asked about reasons for a proposed upgrade, more than half cited convenience, while another 40% sought to improve their overall security posture. PKIaaS makes sense as the number of digital certificates needed to power PACS and IoT devices continues to increase, promoting security and reducing manual processes related to tracking certificates. Regulatory compliance demands automation and agility Companies also face increased regulatory pressures regarding technology in general — and certificates in particular. The European Union’s Cyber Resilience Act sets mandatory cybersecurity standards for manufacturers and retailers, covering the planning, design, development and maintenance of products throughout the entire value chain. Certain high-risk products must undergo third-party evaluation by an authorised body before being approved for sale in the EU. EU Cybersecurity Act shows a unified certificate framework for ICT products, services and processes More specifically, the EU Cybersecurity Act establishes a unified certification framework for information and communications technology (ICT) products, services and processes. Businesses operating in the EU will benefit from a “certify once, recognised everywhere” approach, meaning that approved ICT offerings will be accepted across all EU member states. Given the global nature of PACS, these regulations likely will impact companies well beyond the EU, much like the general data protection regulation on websites has. These changes, when considered together with rapid advancements in quantum computing, underscore the need for a unified certification solution such as PKIaaS to handle increased — and increasingly complex — certificate compliance. A path to PKI modernisation Modernising PKI through a PKIaaS model doesn’t have to be difficult. With a clear and phased approach, most organisations can transition smoothly while reducing risk and improving efficiency. It starts with a quick assessment of current certificate usage to understand where certificates are issued, how they’re renewed and any gaps in coverage. From there, it's about defining what you need and selecting a trusted partner. Look for a solution that integrates well with your existing systems, supports automation and scales as your needs grow. In terms of partners, not all PKIaaS vendors are the same. Look for one with a strong security track record and predictable pricing, which will simplify both onboarding and long-term management. When it comes to vetting vendors, ask the following questions: Is the solution scalable? The trend toward future-proof installations has never been greater. As the number of certificates increases, any PKIaaS solution must be able to grow in concert. How will pricing change as certificate volume grows? Some solutions are priced in tiers by the number of certificates. If a company exceeds that maximum by even a single certificate, it owes not only the price difference between tiers, but it will also be expected to pay for that tier the following year, which can bring a significant financial surprise. How are CAs accessed and stored? Look for companies that can provide long-term offline secure storage of certificates that can also track when CA keys are accessed. What support is included in the PKIaaS? Specifically ask vendors about up-front costs for implementation and onboarding to get a real apples-to-apples comparison among partners. Step-by-step replacement of manual processes A pragmatic approach allows corps to move quickly and confidently from legacy PKI to a scalable Once a vendor in place, start with a focused rollout, e.g., automating certificate renewals for internal systems or a specific business unit. Once the pilot is complete, expand automation with a step-by-step replacement of manual processes to limit operational disruptions. Finally, as PKIaaS becomes embedded in day-to-day operations, it’s important to align it with broader security governance. Establishing regular reporting and clear policies, as well as future-proofing for quantum-safe cryptography to ensure long-term resilience and compliance without adding complexity. This phased, pragmatic approach allows organisations to move quickly and confidently from legacy PKI to a scalable, secure and future-ready solution. A necessary upgrade According to an analyst report, manual certificate management can cost organisations up to $2.5 million annually in labour and outage-related expenses. While automation reduces these costs by up to 65%, the real challenge in IoT environments lies in managing scale. With device lifecycles often spanning decades and certificate volumes reaching millions — especially across distributed, resource-constrained endpoints — manual PKI processes and legacy infrastructure simply can't keep up. The convergence of regulatory mandates, quantum computing threats and rising cyber risks to connected physical systems makes scalable, cloud-based PKIaaS not just a strategic advantage, but a foundational requirement for secure IoT deployments.

Where and how to store security camera footage usually depends on the scale of the video surveillance project, the way you are using to record the video and how long you want to keep the recordings. If there are only few IP cameras, say 2~3 IP cameras for example, and you don’t need to keep the recordings for the month, usually using SD card which is installed in the camera is enough. Video management software A VMS provides a unified platform to manage all cameras and record footage onto centralised local storage servers If there are more than four cameras, even up to 128 cameras, NVR or CVR become the practical choice for managing and storing recordings reliably. However, if there are hundreds or thousands cameras, which need to managed and recorded, in this way video management software with centralised recording storage becomes essential. A VMS provides a unified platform to manage all cameras and record footage onto centralised local storage servers. S3-compatible cloud platforms Critically, if the VMS supports the S3 object storage protocol, users gain the flexibility to store recordings on S3-compatible cloud platforms (public or private), offering significant hardware cost savings and enhanced scalability. For such demanding environments, selecting a VMS built on an open platform architecture is strongly advised, ensuring the system can expand infinitely to meet future project growth. Video surveillance management system Users can seamlessly add subordinate servers (or disk groups like IPSAN/NAS), disk arrays, and network bandwidth Take the video surveillance management system SVMS Pro as an example. Its foundation is an open 1+N stackable architecture, enabling unlimited expansion of recording storage servers. Users can seamlessly add subordinate servers (or disk groups like IPSAN/NAS), disk arrays, and network bandwidth.  This achieves extended recording durations and boosted storage performance while maintaining system stability during sustained operation (assuming environmental requirements are met). Key architectural advantages Each centralised storage module based on a Linux OS, supports up to 200 front-end video channels per server. Its N+1 stackable expansion capability utilises a distributed architecture, forming clusters of storage servers. Scaling the project involves simply adding subordinate storage modules – no modifications to existing deployments are required. Seamless S3 object storage integration Furthermore, SVMS Pro features deep integration of the S3 object storage protocol Furthermore, SVMS Pro features deep integration of the S3 object storage protocol. This allows seamless connection to major public cloud services like Alibaba Cloud OSS, Tencent Cloud COS, and Amazon S3 cloud, as well as private S3-compatible object storage solutions. This integration delivers truly limitless capacity expansion, leveraging the inherent elasticity of the cloud to effortlessly accommodate petabyte-scale video growth. Dual insurance: Multi-layered data protection The critical value of security data comes with inherent risks; losing video footage can lead to immeasurable losses. To mitigate these risks comprehensively, SVMS Pro innovates with its "Local + Cloud" Dual-Backup mechanism, leveraging S3 features to build multiple security layers: Real-Time Dual-Writing: Recordings are first written to the local disk (acting as a cache buffer). Upon local persistence, data is simultaneously replicated to cloud-based S3 storage, guaranteeing instant failover if either node fails. Smart Hot/Cold Tiering: Frequently accessed ("hot") data remains on high-performance local storage, while historical footage is automatically archived to low-cost cloud tiers, optimising storage expenses. Cross-Regional Disaster Recovery: Utilising the multi-replica and cross-region replication features of carrier-grade S3 storage inherently protects against physical disasters like earthquakes or fires. Additionally, the platform ensures comprehensive data protection through integrity verification and encrypted transmission, safeguarding data integrity and confidentiality across its entire lifecycle – from storage and transmission to access. Conclusion In essence, selecting the optimal storage solution for security footage hinges on a fundamental understanding of scalability requirements, retention needs, and data protection imperatives. As surveillance deployments grow from a few cameras to enterprise-scale systems, the underlying architecture must evolve: Localised storage (SD cards/NVRs) suffices for limited scope and short retention. Centralised VMS platforms become essential for unified management at scale, with open, modular architectures providing critical future-proofing for expansion. S3 object storage integration represents a paradigm shift, decoupling storage capacity from physical hardware and enabling truly elastic, cost-efficient scaling – both on-premises and in the cloud. Ultimately, successful large-scale video surveillance storage relies on architecting for flexibility, embedding data protection intrinsically, and strategically leveraging object storage protocols to balance performance, cost, and resilience – principles essential for safeguarding critical security data now and in the future.

The physical security industry has been in love with the cloud for quite some time. And understandably so. The promise of instant scalability, centralised access, and simplified maintenance is hard to ignore, especially in an era of remote work and distributed facilities. But reality is catching up to the hype. For many, especially those dealing with video surveillance at scale, the cloud is no longer the catch-all solution it once seemed. Rising costs, bandwidth limitations, and latency issues are exposing its shortcomings. And the more resolution increases, from HD to 4K and beyond, the heavier that burden becomes. Modern security cameras This is where edge computing, specifically AI-enabled edge processing available in modern security cameras, starts to look less like an option and more like a necessity. But it’s not just about adding intelligence to cameras. It’s about how that intelligence is deployed, scaled, and maintained. This leads us to containerisation and tools such as Docker, which are a revolutionary piece of the puzzle. When cloud isn't enough Cloud analytics for video sounds great in theory: stream everything to the cloud Let’s start with a basic issue. Cloud analytics for video sounds great in theory: stream everything to the cloud, let powerful servers do the thinking, then serve up results to end-users in real time. However, in practice, this model can break down quickly for many end-users. Raw video is heavy. A single 4K camera streaming 24/7 can generate terabytes of data per month. Multiply that by hundreds or thousands of cameras, and the bandwidth and storage costs become unsustainable. Then there’s latency. If AI needs to detect a person entering a restricted area or identify a licence plate in motion, seconds count. Routing video to a cloud server for analysis and waiting for a response can introduce delays. Adding in concerns about uptime, such as what happens if the internet connection goes down, it becomes clear why relying exclusively on the cloud creates friction for mission-critical deployments. The edge advantage Edge processing turns that model on its head. Instead of sending everything out for analysis, edge-enabled cameras do the heavy lifting on-site. AI algorithms run directly on the device, interpreting what they see in real time. They generate metadata—lightweight descriptions of events, objects, or behaviors—rather than raw video. This metadata can be used to trigger alerts, inform decisions, or guide further review. The benefits are obvious: latency drops, bandwidth use plummets, and storage becomes more efficient. Edge processing solves many cloud deployment issues by keeping the compute where the data is generated, on the device. This frees the cloud up to do what it’s best at: providing scalable and centralised access to important footage. But where does the edge go from here? How do we evolve these powerful IoT devices to deliver even more situational awareness? Enter Docker: An app store for Edge AI They package an app along with everything it needs to run: the code, settings, libraries, and tools This is where the concept of containerisation and open development platforms like Docker comes in. Let’s start with an analogy that is helpful for understanding containers. Imagine you're getting ready for a trip. Rather than hoping your hotel has everything you need, you pack a suitcase with all your essentials: clothes, toiletries, chargers, maybe even snacks.  When you arrive at your destination, you open the suitcase and you’re ready to go. You don’t need to borrow anything or adjust to whatever the hotel has, since you’ve brought your own reliable setup. Containers in software work the same way. They package an app along with everything it needs to run: the code, settings, libraries, and tools. This means the application behaves exactly the same, whether it’s running on a developer’s laptop, on the edge in an IoT device, or in the cloud. Security camera with a powerful edge processor There’s no last-minute scrambling to make it compatible with the environment it lands in, because it’s self-contained, portable, and consistent. Just like a well-packed suitcase simplifies travel, containers simplify software deployment. They make applications faster to start, easier to manage, and more predictable, no matter where they’re used.  For a security camera with a powerful edge processor, it’s like giving the camera its own specialised toolkit that can be swapped out or upgraded without touching the rest of the system. It also means you can run multiple AI applications on a single camera, each in its own isolated environment. Integrators and end-users These applications don’t interfere with each other and can be updated independently Want to add fall detection to a healthcare facility’s camera network? Just deploy the analytics in a container. Need to monitor loading docks for pallet counts at a warehouse? Spin up a different container. These applications don’t interfere with each other and can be updated independently.  As a developer, if you use an open container platform like Docker, any system that supports Docker can utilise your software. This removes the need to do expensive custom work for each partner and ecosystem. This is one reason Docker containers are tried and true in the larger IT space and are just starting to get traction in the security sector. Docker also makes this scalable. Developers can build AI tools once and push them out to hundreds or thousands of devices. Integrators and end-users can customise deployments without being locked into proprietary ecosystems. And because containers isolate applications from core system functions, security risks are minimised. Metadata, not megabytes Traditional video analytics systems often require full video streams to be processed One of the most underappreciated aspects of this method is the way it redefines data flow. Traditional video analytics systems often require full video streams to be processed in centralised servers, either on-premises or in the cloud. This model is brittle and costly, and it’s also unnecessary. Most of the time, users aren’t interested in every frame. They’re looking for specific events. Edge AI enables cameras to generate metadata about what they see: “Vehicle detected at 4:02 PM,” “Person loitering at entrance,” “Package removed from shelf.” This metadata can be transmitted instantly with minimal bandwidth. Video can still be recorded locally or in the cloud, but only accessed when needed. This dramatically reduces network load and allows the cloud to be used more strategically: for remote access, long-term archiving, or large-scale data aggregation, without being overwhelmed by volume. Building smarter systems, together A single camera can run analytics from multiple third parties, all within a secure, containerised framework An equally important aspect of containerisation is how it opens up the ecosystem. Traditional security systems are often built as closed solutions. Everything—from the cameras to the software to the analytics—comes from a single vendor. While this simplifies procurement, it limits innovation and flexibility. Docker flips that model. Because it’s an open, well-established standard, developers from any background can create applications for edge devices. Integrators can mix and match tools to meet unique customer needs. A single camera can run analytics from multiple third parties, all within a secure, containerised framework. This is a profound shift. Security cameras stop being fixed-function appliances and become software-defined platforms. And like any good platform, their value increases with the range of tools available. Hybrid: The realistic future So, where does this leave the cloud? It is still essential, but in a more specialised role. The most robust, future-proof architectures will be hybrid: edge-first and cloud-supported. Real-time detection and decision-making happen locally, where speed and uptime matter most. The cloud handles oversight, coordination, and data warehousing. Real-time detection and decision-making happen locally, where speed and uptime matter most This hybrid model is especially useful for organisations with complex deployments. A manufacturing plant might retain video locally for 30 days but push older footage to the cloud to meet retention requirements. A retail chain might analyse customer flow on-site but aggregate trend data in the cloud for HQ-level insight. Hybrid gives organisations the flexibility to optimise cost, compliance, and performance. Regulatory realities It’s also worth noting that not every organisation can, or should, store data in the cloud. Privacy regulations like GDPR in Europe or similar laws elsewhere require strict control over where data is stored. In many cases, sensitive footage must remain in-country. Edge and hybrid models can make compliance easier by minimising unnecessary data movement. Conclusion: Smart security starts at the edge The next wave of innovation in physical security won’t come from bigger cloud servers or faster internet connections. It will come from smarter edge devices, with cameras and sensors that don’t just record, but understand and classify events. And the foundation for that intelligence isn’t just AI, but how that AI is deployed. Containerisation via platforms like Docker is unlocking new levels of flexibility, security, and scalability for the physical security industry. By embracing open standards, supporting modular applications, and rethinking how data flows through the system, physical security professionals can build solutions that are not only more effective but also more sustainable, secure, and adaptable. The cloud still has its place. But the edge is essential to the future for real-time intelligence, mission-critical uptime, and cost-effective deployment.

There was high-level energy at GSX 2025, befitting an industry undergoing massive change. Artificial intelligence (AI) was everywhere, but not so much in the booth signage. Rather, AI has made its way beyond marketing claims and solidly into the core of the products themselves. There were hundreds of examples of how AI is changing how security systems operate, all for the better. Clearly on display at GSX 2025 was an industry in the midst of metamorphosis.  Deep integration of AI My conversations with companies across the security ecosystem revealed an industry heavily focused on leveraging advanced technologies like AI and the cloud to address increasingly complex global and localised threats. Several key themes emerged at the Global Security Exchange (GSX), sponsored by ASIS International, held Sept. 29–Oct. 1 at the Ernest N. Morial Convention Centre in New Orleans, La. Themes I heard repeated throughout the show floor included deep integration of AI, the ongoing shift toward cloud-based and hybrid architectures, and a sharp focus on modernising security systems to meet current challenges. AI and intelligent automation transform security The use of GenAI is moving beyond simple search functions into real-time decision support Companies are integrating AI and intelligent technologies to enhance analytics, streamline incident response, and improve internal efficiency. The use of Generative AI (GenAI) is moving beyond simple search functions into real-time decision support. For example, Bosch Video Systems introduced a "second tier" to its video analytics capabilities by combining highly sensitive edge detection with GenAI models in the cloud. For example, in visual gun detection, edge analytics might flag a potential gun (yellow), but the cloud-based GenAI then quickly reviews and confirms the threat (red), helping to filter out false alarms. Bosch is also using GenAI for more open-ended searches, such as a "Where's Waldo" application demonstrated at their booth. GenAI-powered system  Eagle Eye Networks says they are focused on helping integrators "organise the AI chaos” through their cloud-based video platform. Their precision person and vehicle detection capabilities work across multiple cameras. Motorola Solutions introduced Inform, an AI-assisted incident response solution designed to bring clarity to the "noise" and help security teams respond to complex threats. They also offer Avigilon Visual Alerts, an on-prem GenAI-powered system that expands the natural language interface. AI internally to improve processes The Body Workforce Mini protects frontline workers and businesses "amid rising violence and theft." The Axon Body Workforce Mini, a small “computer with a lens” for non-police applications, is AI-capable and can perform real-time translations, automated report writing, and summarisation, and can even act as a personal assistant by incorporating company policies. All those functions are built into a lightweight body-worn camera designed to safeguard frontline workers in retail and healthcare verticals. The Body Workforce Mini protects frontline workers and businesses "amid rising violence and theft." Beyond products, integration company Everon is using AI internally to improve processes, such as handling commoditised tasks, which they expect will result in better customer satisfaction. Everon wants to be known as a premier service provider and will be introducing new services in the video realm. AI-powered search and continuous system upgrades Genetec prefers the term Intelligent Automation (IA), instead of AI, to describe its empathetic interface, which can "know" what additional information a security professional needs when they click on an image, for example. Genetec says the advantages of the cloud include AI-powered search and continuous system upgrades. Their Security Centre SaaS has had a fast and successful launch. It enables cloud-based systems with local storage.  Genetec also highlighted the Cloudlink 210, a cloud-managed appliance designed to unify physical security operations that can be simply plugged in without involving IT staff. They call it a “headless appliance.” Cloud migration and the push for hybrid systems Hanwha debuted OnCAFE (Cloud Access for Everyone), a new cloud-based access control product The industry continues its strategic march toward the cloud, often through hybrid applications that blend on-prem strength with cloud flexibility. Acre's access control is described as "cloud-first technology," and they continue to focus on cloud solutions, incorporating AI. To help customers transition, they offer the "Bridge," a migration tool that allows systems to communicate throughout the move. At the same time, they are continuing to develop and enhance their core on-prem products – DNA Fusion and AccessIt!. Adding access control to supplement their video product line, Hanwha debuted OnCAFE (Cloud Access for Everyone), a new cloud-based access control product. The goal is to provide “access control that is easy;” It works alongside their OnCloud direct-to-cloud VMS as a Service platform. Future of video management The future of video management is increasingly hybrid. Milestone recently completed a three-year process of updating XProtect and building for the future of hybrid applications. At GSX, they showcased how their XProtect Evidence Manager seeks to "democratise evidence management" by collecting video, cell phone data, notes, and other metadata related to a case for easy sharing and prosecution. Also, Milestone’s “app centre” enables additional features to enhance XProtect without involving integration.  Milestone is also focusing on "Metadata Ingest," which collects and aggregates data from various manufacturers (including Genetec, Motorola, and Exacq) for use by AI. Strategic modernisation and open integration Convergint and Genetec collaborated on a "2026 Technology Modernisation Outlook" white paper A key theme for the future is the shift toward open systems and strategic modernisation, enabling security professionals to better utilise new technology. Convergint and Genetec collaborated on a "2026 Technology Modernisation Outlook" white paper, arguing that dealers and end-users need to think more strategically when buying technology. They predict that "2026 will be the year of modernisation," with tangible results including unified intelligence, flexible deployment, and lower total cost of ownership. The call for open standards and architecture was also strong. What AI needs from open systems Johnson Controls noted that cloud, AI, and open standards are its three big focus areas. Their C-CURE IQ 3.10 is gaining adoption as it unifies access and video. OpenEye is seeking to address the "AI disruption anxiety" in the industry, focusing on what AI needs from open systems. The emphasis is on the value of a Model Context Protocol (MCP), an open standard and framework to enable AI systems to integrate and share data with external tools and sources. Addressing shifting global and local threats Allied Universal's "World Security Report 2025" highlights a risen focus on executive protection Companies unveiled solutions targeted at new security concerns, particularly the rising threat of violence, theft, and misinformation. Allied Universal's "World Security Report 2025" highlights an increased focus on executive protection and cites the rise of misinformation and disinformation as the number two threat. They noted that macro trends around instability and the political and social environment are driving security threats globally. To combat physical threats, Shooter Detection Systems introduced a new outdoor sensor, which is now generally available after a favourable feedback period that included an apprehension in one municipality. The company notes the unique challenge of developing technology for a "non-cooperative" threat like a person with a gun, in contrast to most security technologies that are "cooperative" and depend on user compliance. Implementation of integrated security Flock Safety is expanding its focus beyond licence plate readers into solutions for retail, with a new initiative to automate and streamline investigative processes, which are often manual. The company also showcased "drones as automated security guards," which can be deployed within 90 seconds to provide "eyes" on a site and enhance safety. The system works on its own network and is firewalled away from the city system A tour of the City of New Orleans' Real Time Crime Centre (RTCC), hosted by Axis Communications, demonstrated a mature implementation of integrated security. The RTCC uses Axis cameras, Genetec VMS, and is tied to a Motorola Solutions Command Centre to enhance efficiency and effectiveness, operating independently of the police department. They measure success in terms of valuable hours saved in an investigation or even when an event is happening. The system works on its own network and is firewalled away from the city system. Rapidly changing industry on display The GSX 2025 highlights an industry that is moving toward more intelligent and integrated solutions. The investment in AI is shifting security from reactive monitoring to proactive, automated assistance. Throughout the show floor, the continued embrace of hybrid cloud architectures, coupled with an emphasis on open standards and modernisation roadmaps, suggests a security ecosystem built for agility and future growth.  These trends, and the GSX show itself, collectively underscore the industry's commitment to delivering scalable, next-generation solutions for a changing threat landscape.

Multiple technology trends are transforming the physical access control market. There is a fundamental shift away from physical cards and keys toward digital identities — mobile credentials, digital wallets, biometrics, and cloud-native access platforms. These next generation access solutions are radically reshaping how buildings operate, protect staff, and perform functionally. At the same time, AI and analytics solutions are being layered onto these physical access control systems to support predictive threat detection and behavioural insights. Access data itself is becoming an asset for sustainability, space optimisation, and smart building initiatives. Risk, impact operations and experience The annual HID Global Security and Identity Trends Report highlights these and other issues The annual HID Global Security and Identity Trends Report highlights these and other issues. The survey cites improving user convenience as a priority for nearly half of organisations, while 41% are focused on simplifying administration, and 28% struggle with system integration. These are not theoretical challenges, they are day‑to‑day friction points that add cost, increase risk, impact operations and experience, and, of course, must be addressed. HID Global’s commercial focus HID Global’s commercial focus is to help organisations digitise their access control — with mobile identities, biometrics, and cloud platforms — and then to use the data to deliver more value. “We are turning access control from an operational cost into a software-driven asset that improves efficiency, supports Environmental, Social, and Governance (ESG) goals and even creates new revenue opportunities,” says Steven Commander, HID Global’s Head of Consultant Relations. The impact of digital transformation Digital transformation is the method of moving access control from hardware and physical credentials Digital transformation is in the process of moving access control from hardware and physical credentials to a software-driven, integrated experience. The transformation strengthens security while also improving user convenience — transforming the “pavement to the desk” journey. HID enables this shift through mobile credentials, biometrics, cloud-native platforms, and solutions that allow third-party applications to run on door hardware. “This helps customers turn access data into operational and commercial outcomes, while also improving the overall user experience,” says Commander.  Digital transformation in access control is not focused on chasing the latest trends. Rather, transformation is about turning software, data and integration into outcomes that matter to customers, says HID. “Security becomes stronger and more adaptive,” says Commander. “Operations become simpler and more cost‑effective. Experiences become seamless and consistent. Sustainability moves from ambition to action. And the financial case becomes clearer as efficiencies are banked and new value streams emerge.” The challenge of futureproofing with long lifecycles Given that physical security technologies will be in place for 15 to 20 years, it is important to plan for how systems can evolve over time. Considering how rapidly security threats, compliance standards, and user expectations change, 15 to 20 years is a long time. The decisions made at the beginning of a system’s lifecycle can either limit flexibility later (which will be costly) or enable long-term adaptability. Support for open standards such as Open Supervised Device Protocol (OSDP) is therefore important Choosing products and platforms that are open, interoperable, and designed for updates can enable future-proof projects. Support for open standards such as Open Supervised Device Protocol (OSDP) is therefore important.  In addition, systems built on open controller platforms — such as Mercury — enable organisations to switch software providers or expand functionality without replacing core door hardware. Architectural openness is key to system lifecycles and maximising the return on investment (ROI) from a chosen solution. Digital credentials and mobile access Flexibility and upgradeability should also be top of mind when it comes to endpoints like access control readers. While RFID cards are still commonplace, there is a clear trend toward digital credentials and mobile access. Readers that support both allow organisations to transition at their own pace, without committing to a full system overhaul. A long system lifecycle does not mean technology should remain static. Security, particularly cybersecurity, demands more frequent updates. Technologies that support firmware upgrades in the field extend the value of a deployment while helping organisations keep pace with emerging threats. In that sense, lifecycle thinking is not just about longevity — it’s about maintaining resilience and readiness over time. Applying biometrics and mobile identities Biometrics is becoming mainstream as a credential alternative, strengthening security without adding friction Biometrics is becoming mainstream as a credential alternative, strengthening security without adding friction. Many organisations are now deploying biometrics to support fast, seamless access journeys, with adoption already around 39% in access control according to HID’s recent research.  In addition, 80% of organisations surveyed expect to deploy mobile identities within the next five years. Full technology integration enables tap‑to‑access without opening an app; the user journey becomes faster, safer, and more convenient. “It is where the industry is headed and we are at the vanguard of this,” says Commander.    Ongoing challenge of cybersecurity At HID Global, cybersecurity is embedded into everything, from corporate processes and development practices to the solutions they bring to market. “Our approach ensures that customers can strengthen their overall security posture, not only by deploying secure products but by benefitting from HID’s commitment to the highest industry standards,” says Commander. HID holds multiple globally recognised certifications, including ISO 27001, ISO 14298, SOC Type 2 and CSA STAR, which demonstrate their robust information security and cloud security practices. In addition, HID’s SEOS® secure chipset is independently SEAL-certified, providing one of the most advanced levels of protection available on the market today. “Ultimately, this means organisations are not just purchasing isolated secure products; they are implementing solutions developed and delivered within a comprehensive, cybersecure framework,” says Commander. “When deployed according to best practices, HID solutions enable customers to achieve the highest levels of resilience against evolving physical and cyber threats.” Developing green and sustainable solutions A huge amount of waste is generated from the manufacture of plastic RFID access cards Digital credentials align with the sustainable solutions that everyone wants. A huge amount of waste is generated from the manufacture of plastic RFID access cards. Over 550 million access cards are sold annually. This creates 2,700 tons of plastic waste and 11,400 tons of carbon, based on a PVC card weighing 5 grams.  Therefore, digital credentials self-evidently reduce the reliance on plastic cards (helping reduce carbon emissions by up to 75% according to HID’s research), while leveraging access control system data supports energy optimisation by shutting down or reducing systems in unused spaces. Energy use and CO₂ emissions can be cut dramatically, showing how access systems can contribute to sustainability goals and green building certification. What is the latest in smart buildings? Smart buildings increasingly rely on mobile access control as the backbone for digital services. Real-time access data enables new services such as automated room bookings, HVAC control, lift/elevator calling, e-bike hiring, and so on. Smart buildings increasingly rely on mobile access control as the backbone for digital services The financial upside is clear; smart, digitally transformed buildings can deliver around 8% higher yields per square foot versus traditional office space. Operational savings accrue from reduced administration, the removal of card production and shipping, and lighter IT support. This creates a value cycle — better experiences drive adoption, adoption fuels monetisation, and monetisation funds further improvements. Achieving technology impact in the real world One standout project is One Bangkok – a $3.9 billion mixed used development in Thailand – which demonstrates the scale of what can be achieved when access control data is used for optimisation, particularly when it comes to monitoring facilities usage and occupier behaviours. By switching lights off or lowering the temperature in unused rooms, for example, the One Bangkok building demonstrates this potential with a 22% reduction in energy consumption, saving 17,000 MWh and 9,000 tons of CO₂ annually.  Sustainability is a key factor in contributing to how properties are valued. And sustainability extends far beyond digital credentials having a lower environmental impact than plastic cards.  Buildings with recognised sustainability certifications often command rental premiums of around 6%, and three‑quarters of security decision‑makers now consider environmental impact in their procurement assessments.

For all the emphasis on cloud systems and centralised servers at ISC West, a lot of innovation in security video systems is happening at the edge. New advancements inside video cameras are boosting capabilities at the edge, from advancements in processing power to artificial intelligence (AI) and machine learning (ML) algorithms that can now be deployed directly on the cameras or edge devices. Advancements in AI algorithms The progress of video systems becoming smarter at the edge is driven by the need for real-time insights, lower latency, bandwidth efficiency, enhanced privacy, and improved reliability.  Advancements in edge computing hardware and AI algorithms are enabling a range of intelligent video applications across various industries, including physical security. Smarter functionality at the edge is a benefit of new computer systems-on-chips (SoCs) that are driving new heights of performance for today’s cameras.  Axis Communications’ ARTPEC-9   Axis Communications’ new ARTPEC-9 SoC offers advanced video compression to reduce bandwidth Axis Communication’s new ARTPEC-9 system-on-chip (SoC) offers advanced video compression to reduce bandwidth and storage needs. With a low bitrate, the SoC helps deliver high-quality imaging with outstanding forensic detail. ARTPEC-9 also offers enhanced deep learning capabilities to allow users to leverage the latest video analytics and accelerate the implementation of AI technology. Axis maintains control over all aspects of the chip’s development to ensure high quality and cybersecurity. Among the benefits of ARTPEC-9 are better AI and deep learning, better image quality, better cybersecurity, and AV1 license-free video compression (see below). Hanwha Vision’s Wisenet 9 Hanwha Vision has launched Wisenet 9, its most advanced AI-powered System on Chip (SoC). Wisenet 9’s enhanced edge AI capabilities increase performance as the volume and complexity of security threats demand real-time, accurate analysis. By elevating edge-device performance, AI empowers systems to quickly analyse vast amounts of video data and discern crucial patterns and anomalies. A key differentiator driving Wisenet 9 is deployment of two Neural Processing Units (NPUs), which improve performance three-fold compared to Wisenet 7, the previous SoC generation. While one NPU handles image processing, the other focuses on object detection and advanced analytics. This dual NPU concept was introduced to ensure video quality and analytics have independent resources, thus preventing one function from impacting the performance of the other. The latest from Ambarella Ambarella is a supplier of edge AI systems-on-chips to multiple video camera manufacturers Off the ISC West trade show floor in a nearby meeting room, semiconductor company Ambarella demonstrated how it will continue to push the envelope of what is possible with generative AI at the edge. Ambarella is a supplier of edge AI systems-on-chips to multiple video camera manufacturers and recently achieved the milestone of 30 million cumulative units shipped. The demonstrations highlight Ambarella’s ability to enable scalable, high-performance reasoning and vision AI applications across its ultra-efficient, edge-inference CVflow 3.0 AI SoC portfolio. The company’s DeepSeek GenAI models run on three different price/performance levels of its SoC portfolio. In addition to advancements in GenAI processing at the edge, Ambarella integrates image processing, encoding and system-level functions into all its AI SoCs. New standard for video encoding: AV1 AV1 compression is a next-generation video coding technology that offers significant improvements in compression efficiency and video quality, especially at lower bitrates. Its royalty-free nature positions it as a crucial codec for the future of internet video. AV1 compression is a next-generation video coding technology. Axis Communication’s ARTPEC-9 chip now supports the AV1 video encoding standard. By embracing this standard, which is new to the physical security market although it was introduced in 2018, Axis sets the stage for AV1 compression to eventually become the industry standard, replacing H.264 and H.265. Network video transmission AV1 is an open-source, license-free coding format designed mainly for efficient network video transmission AV1 is an open-source, license-free coding format designed specifically for efficient network video transmission. It delivers high-quality video at low bitrates, reducing bandwidth consumption and storage costs. The codec was developed by the Alliance for Open Media (AOM), a nonprofit organisation founded in 2015 by Google, Intel, Amazon, Microsoft, Netflix, and Mozilla (among others), to provide open-standard, next-gen video coding technology. AV1 is ideal for cloud solutions—making streaming applications more robust, scalable, and capable of delivering real-time insights. Now the ARTPEC-9 chipset brings these benefits to the surveillance industry, and AV1 is currently supported by AXIS Camera Station. Providers of major video management solutions (VMS) such as Genetec and Milestone will be adding support for AV1, with further developments already underway. More intelligence at the edge Intelligence inside video cameras comes from the processing power and algorithms that enable them to perform tasks beyond simply capturing and recording images. This "intelligence" allows cameras to analyse the video stream in real-time, identify objects, detect events, and make decisions or provide alerts based on what they "see." New and improved SoCs are driving performance improvements at the edge. The increasing power of embedded processors and advancements in AI are continuously expanding the capabilities of intelligent video cameras.

Stratas is a UK-based specialist in document automation, finance automation, and intelligent document processing (IDP). Its solutions help organisations automate processes underpinned by documents and improve control across finance and operations.   Stratas needed a new, secure, and scalable data storage solution after notification that its remote storage provider planned to discontinue services. Richard Webb, the company’s Professional Services Technical Consultant, explains: “We weren’t confident that the physical servers were being properly maintained. Our provider was using older machines and running Windows Server 2012, which presented us with reliability and security challenges. If we had continued with our arrangement, things would have had to change.”    Solution   After considering several options, Richard and his team selected Node4’s Virtual Data Centre (VDC) offering – the company’s managed, hosted Infrastructure as a Service platform. As the first step in deployment, Node4 set up a bespoke landing zone to assist Richard with data migration from his organisation’s legacy servers. Node4 also configured VDC access via a secure, high-speed VPN. Public cloud solution “We told Node4 from the outset that we wanted a managed, hosted environment. We’re a lean business with no physical premises and didn’t want the overheads and complications of managing physical servers,” Richard comments. “On paper, a public cloud solution might have seemed logical. But we run several niche applications with specialised workflow and process requirements. Node4’s VDC was a better fit – we got the scalability and flexibility of public cloud without the complexity and administration headaches. But we also benefit from Node4’s support and expertise. It’s the best of both worlds.” Node4’s data centre  “We also wanted our data to remain in the UK on servers owned by a UK company,” he acknowledges. “That’s important for GDPR compliance and data sovereignty." "It was also a bonus that Node4’s data centre is just down the road from us, so we’re hyperlocal, I guess. It all adds to the feeling that we’re not dealing with some faceless conglomerate – that there are real people on hand with a genuine interest in helping our business to thrive.”     Results   Stress-free migration   With the landing zone operational and VPN connectivity established, Richard and his team began migrating applications and clients to their new Virtual Data Centre. “Clients using our invoicing and accounting service can’t be offline for a long time – especially around month-end. So, although it was slower for us, we migrated one customer at a time at a rate of about five per week,” he explains. “Node4’s landing zone also allowed us to test migrations to ensure everything worked as expected before going live. This kept downtime to an absolute minimum and reduced many of the risks associated with migration to hosted environments.”    Enhanced backup, recovery and resiliency    Richard and his team immediately benefited from switching to Node4’s virtual data centre. “Our previous provider offered only basic backups, and their infrastructure lacked resiliency,” he recalls. “We could start work on a Monday and, without any prior warning, find half our servers were down. Switching to Node4’s virtual data centre with modern, resilient servers – alongside built-in comprehensive backup and disaster recovery – improved our day-to-day operations and customer experience right from the outset.”   Richard admits that the connectivity and reliability improvements far exceeded anything he’d hoped for. “It’s amazing! Even basics like logging in are easier. On our old system, it would take several attempts, and there was always a chance you’d get kicked out after a couple of hours. Getting online first time probably saves each of us around ten minutes a day. That may not sound much, but it quickly adds up as the weeks and months go by.”    Advanced, integrated security    Richard also notes that the VDC offers a range of security benefits, including firewall defences, DDoS protection and secured instances. “We’re planning to introduce multi-factor authentication to access our VPN. It’s a vital identity management tool for all businesses,” he comments. “But especially ones like ours with a 100% remote workforce.”   Consumption-based model: Pay for used compute, network and storage    Richard is also keen to highlight the advantages of a consumption-based model. “The VDC is fully self-service. We can adjust compute, network, storage, and services on demand with just a few clicks – giving us complete control over our environment and costs." "This is important right now and also helps us plan ahead; for example, we can now see a pathway to rolling out AI and advanced automation in the coming years.”    Transparent pricing    “I like the fact that VDC pricing is transparent,” Richard admits. “We did our due diligence and looked at a few other companies. Their project and operational costs seemed lower. But there were lots of gotchas – like fixed data charges and data limits – hidden in the small print. So, when we weighed it all up, Node4, with its consumption-based pricing, was far better value and a much better organisational fit.”    He concludes: “What does that mean on a day-to-day basis? Currently, we’ve scaled requirements as we’re carrying out some server consolidation work. But all that extra capacity is still there for us. And while we’re waiting, we’re not being charged for it. That’s a huge benefit. It helps us remain competitive and responsive to changing market and economic conditions.”

St John’s College, one of the historic colleges of the University of Oxford, has significantly strengthened its cybersecurity posture with the implementation of a Managed Vulnerability Management (MVM) programme delivered by long-term partner ANSecurity.   Founded in 1555, St John’s supports a diverse community of more than 600 students, a large number of staff and over 100 academic fellows across multiple sites in Oxford. With a small in-house IT team and growing cyber threats, the college needed a proactive solution to improve visibility, reduce risks, and free up internal resources. MVM service After more than 13 years of collaboration, the college turned to ANSecurity to design and deploy an MVM service built on Tenable Nessus. The service includes daily credentialed scans, automated vulnerability notifications, remediation validation, and monthly strategic reviews with ANSecurity consultants. Measurable results Since launching the programme in May, St John’s College has achieved: Over 50% reduction in critical and high-severity vulnerabilities Resolution of systemic issues such as broken Windows Updates, unsupported software, and weak cipher suite configurations Improved ability to challenge vendors using outdated or insecure systems Strategic resource allocation, allowing IT staff to focus on high-impact security tasks Matt Jennings, IT Manager at St John’s College Oxford said: “This service has freed up internal resources and helped us stop playing ‘whack-a-mole’ with vulnerabilities. We now know what to focus on, and how to do it. The support from ANSecurity has been invaluable in helping us become more strategic and effective.” Proactive cycle of risk management The programme has also introduced a proactive cycle of risk management, with daily monitoring of public-facing systems, monthly vulnerability summaries, and overnight verification of patch updates. St John’s College has worked with ANSecurity since 2013 on projects including firewall replacements, wireless network deployments, and strategic consultancy. The MVM programme marks the latest step in the college’s modernisation of its cybersecurity defences.  Matt Jennings added: “ANSecurity have always been responsive, professional, and understanding of our requirements. Their engineers are not only experts in their field, but also able to explain complicated issues clearly. We look forward to working with them for many years to come.”

DFNBG Gastro GmbH & Co. KG, operator of 48 Dunkin' branches and other catering establishments in Germany, has migrated to the MOBOTIX CLOUD for the central management of its video surveillance. DFNBG partnered with MOBOTIX Diamond Partner VALEO IT Neteye GmbH for more than ten years, who have implemented and continuously optimised secure and efficient MOBOTIX video solutions in the 48 Dunkin' branches. Data protection regulations The operation of local storage systems was proving particularly difficult in shopping centres Due to the strong growth of DFNBG, the demands on the existing video management system increased. The local storage of video data became increasingly complex - both in terms of data protection regulations and the management of access rights.  The operation of local storage systems was proving particularly difficult in shopping centres. The solution: a gradual migration from local NAS storage to the data protection-compliant MOBOTIX CLOUD. Access management and GDPR: the MOBOTIX CLOUD as a solution The MOBOTIX CLOUD video surveillance-as-a-service (VSaaS) offering allows users to conveniently control their cameras via a free app. The recorded videos are stored in highly available and cyber-secure data centres located close to the user. This ensures data protection-compliant storage in accordance with the GDPR. Intelligent camera technology A key advantage of the MOBOTIX CLOUD is the combination of intelligent camera technology A key advantage of the MOBOTIX CLOUD is the combination of intelligent camera technology and a powerful cloud platform. The cameras analyse events on site and only transfer relevant data to the cloud. This minimises bandwidth requirements while maintaining the highest security standards.  MOBOTIX Bridge Communication between the cameras and the cloud takes place via the MOBOTIX Bridge, a highly secure connection unit that ensures protected data transmission.  The cloud solution also eliminates the need to operate separate server rooms with high security standards on site - a clear advantage for branches in shopping centres or high-traffic locations. DFNBG can control access rights  Around half of the Dunkin' branches have already been converted to the MOBOTIX CLOUD Cloud data is managed directly by the users themselves. This means that companies such as DFNBG can control their access rights centrally without having to create individual solutions for each branch. “It was clear to us that the system is secure - including cyber-secure - and exceeds our requirements. But the central management of all access rights really saves us time and money,” says Harry Taubert, Construction & Development Manager at DFNBG. Around half of the Dunkin' branches have already been converted to the MOBOTIX CLOUD, and the remaining locations will follow successively. VALEO IT Neteye: MOBOTIX partner for innovative video solutions As a long-standing MOBOTIX Diamond Partner and one of the largest integrators of MOBOTIX systems in Germany, VALEO IT Neteye has been instrumental in delivering customised, future-ready surveillance solutions to DFNBG. VALEO IT Neteye also offers full-service training to DFNBG to ensure everyone stays up to date with industry changes. “We only offer our customers MOBOTIX solutions because we are absolutely convinced of the quality and durability of the products manufactured in Germany,” explains Norbert von Breidbach-Bürresheim, Managing Director of VALEO IT Neteye.

Sun Outdoors Ocean City, located in Maryland, is a popular campground that attracts a steady flow of visitors each season. With its expansive grounds and over 300 private campsites, the campground faced several challenges in managing security. Traditional surveillance methods proved inefficient, leading to false alarms and difficulties in tracking incidents such as lost children, vandalism, misplaced items, or occasional adventurous guests. Traditional surveillance systems Challenges - As the campground grew in size and guest volume, Sun Outdoors realised that traditional surveillance systems were no longer sufficient, leading to four key challenges over the years: Wide/Private Areas: With expansive grounds and numerous private campsites, it was difficult for staff to effectively monitor all areas of the campground. Vandalism & Lost Items: Vandalism and the occasional theft of personal items or equipment were persistent issues. Limited Staff: The campground struggled with insufficient staff to manage security and guest safety, especially during peak season when extra workers were needed. Additionally, there was a lack of IT experts to handle the complex security systems. False Alarms: Previous security systems triggered frequent false alarms, leading to inefficiencies and distractions from real threats. With a diverse mix of families and outdoor enthusiasts, ensuring guest safety while maintaining efficient operations was crucial. They needed a solution that would address both security and operational challenges, while being easy to set up, cost-effective, and providing real-time visibility without requiring additional manpower or expensive infrastructure upgrades. Providing real-time monitoring Solution - To address security challenges, Maloney Telecom, a trusted pioneer in surveillance solutions, has partnered with VIVOTEK, a global security solution provider, to deploy its VORTEX Cloud Surveillance Platform at Sun Outdoors Ocean City. The seamless cloud-based solution provides real-time monitoring and AI-driven insights, enhancing overall safety and operational efficiency. Reduced Vandalism by Over 80%: By leveraging advanced AI-driven insights and precise detection, VORTEX minimised false alarms, allowing staff to focus on real threats. Easy Setup and Bandwidth-Friendly: The system was fully operational in just 30 minutes using Sun Outdoors' existing Wi-Fi network, offering immediate security improvements without the need for complex infrastructure changes. $2,000 in Operational Cost Savings: In just two months, VORTEX helped Sun Outdoors eliminate the need for extra staff to monitor security. The AI-powered system also reduced costs related to false alarms. Real-Time Monitoring: VORTEX’s cloud-based platform provided Sun Outdoors with the ability to remotely monitor security, offering real-time alerts for suspicious activities or perimeter breaches, and giving management better control over the entire campground. Instant Search and Accountability: VORTEX’s Deep Search feature allowed staff to quickly locate specific events or individuals, enhancing response times to incidents such as lost children/golf car, stolen items, or suspicious behaviour. Real-Time Deterrents with Network Speakers: VORTEX’s network speakers provided immediate deterrents for disruptive guests, effectively managing crowds and preventing unsafe behaviour in shared spaces like bathhouses. Enhancing guest experience The implementation of VORTEX at Sun Outdoors Ocean City has proven to be a major success, providing improvements in security and operational efficiency while also enhancing the guest experience. Here’s what Carrie Coster, the General Manager at Sun Outdoors Ocean City, had to say: "The VORTEX system has been such a blessing. It made a difference instantly, for our guests, for the staff, for everyone at Sun Outdoors. VORTEX keeps people accountable. It keeps the team at Sun Outdoors accountable. And it keeps the guests accountable as well. VORTEX really helps us take action fast." Substantial cost savings Jeremy Maloney, President of Maloney Telecom: "Carrie's experiences are what VORTEX aims to deliver: cost savings, accountability, and peace of mind. At the end of the day, I don't even need to sell it. I just show people how VORTEX works, and it sells itself. That's the kind of partnership we're proud to be a part of." The success of VORTEX at Sun Outdoors Ocean City highlights its ability to improve security, streamline operations, and deliver substantial cost savings. Through Maloney Telecom’s partnership, Sun Outdoors Ocean City now operates more efficiently, with fewer security concerns, allowing it to focus on providing a safe and enjoyable guest experience.

The cloud fundamentally changes how organisations acquire and use technology, offering a powerful mix of financial, operational, and strategic advantages that traditional on-premises infrastructure cannot match. Specific to physical security systems, there are additional advantages transforming how technologies and systems are delivered to customers. We asked our Expert Panel Roundtable: Which factors are driving the deployment of cloud-based systems in physical security?

Future-proofing your skillset is about embracing continuous learning and developing a versatile set of competencies that remain valuable regardless of technological shifts or industry changes. In the security marketplace, it is not about predicting the exact jobs of the future, but rather equipping yourself to adapt and thrive in the uncertain security landscape. But where to begin? The emerging technology shifts in the security industry provide clues, such as the growing importance of cybersecurity and artificial intelligence (AI). We asked our Expert Panel Roundtable: How can physical security professionals “future-proof” their skillsets to prepare for emerging technologies?

In many cases, architectural design and layout dictate optimal placement of security devices like cameras, access control readers, and sensors. Poor design can lead to blind spots, reduced coverage, and ineffective surveillance. However, planning that involves all the various stakeholders can maximise both security and design elements. We asked this week’s Expert Panel Roundtable: When are building design and physical security systems complementary? When are they at odds?