Staying Secure in Today’s Digital Landscape

In today’s connected world, attacks are more likely to target digital rather than physical entry points. From ransomware and firmware tampering through to remote hijacking, Artificial Intelligence (AI)-driven phishing and automated vulnerability discovery, the nature of the threat is evolving rapidly. No industry can afford to ignore that truism.

As our industry has moved from mainly mechanical to what are now increasingly digital solutions, we have long recognised the importance of constantly monitoring and assessing the risks we face. This means not only meeting mandatory regulations, but also voluntarily adopting international standards such as ISO 27001 (which protects data and systems through a structured and independently audited framework).

Today’s fast-changing risk environment is also why the EU introduced the Network and Information Security Directive 2 (NIS2): to raise the bar for cybersecurity across Europe.

What, though, do measures like NIS2 and the Cyber Resilience Act mean in practice? How does the rise of AI fit in? Most importantly, what should our industry be doing to stay secure in such an unpredictable digital landscape?

New regulations 

NIS2 is reshaping cyber security expectations by setting higher standards to reduce risk, improve transparency and protect data and services. Alongside it, the Cyber Resilience Act introduces mandatory requirements for products with digital components. This makes ‘secure by design’, regular updates and compliance checks essential before products can enter the EU market.

For companies in our industry, responsibilities now extend well beyond internal systems. Organisations must also ensure that suppliers and service providers comply, with regular risk assessments forming a central part of the process. The consequences of falling short are severe, ranging from significant fines and audits to the potential withdrawal of products from the market.

For our customers, the message is clear: security must be built-in from the start. Compliance is not just about meeting regulations. It’s also a competitive advantage. At ASSA ABLOY Opening Solutions EMEIA, security is part of our DNA. We embed these standards into everything we do, in turn giving customers solutions they can trust to be compliant and resilient.

Rise of AI 

AI is transforming the digital security landscape and cannot be separated from the regulatory framework shaping our industry. With AI advancing rapidly and new regulations coming into force, we’ve established a digital compliance framework to stay ahead of the curve and use AI as an enabler for improving security and achieving compliance.   

On the one hand, AI brings powerful benefits, including more intelligent monitoring, faster anomaly detection and smarter tools for operational efficiency. These capabilities directly support NIS2 and the Cyber Resilience Act, particularly so in the areas of proactive risk management and incident response.

On the other hand, AI introduces new risks. The attack surface is expanding and threats such as deepfakes and smarter phishing create serious threats that regulators are determined to address. Both NIS2 and the Cyber Resilience Act emphasise continuous monitoring, transparency and accountability: principles that must now also guide the responsible use of AI.

At ASSA ABLOY Opening Solutions EMEIA, we see AI not just as a risk to mitigate, but as a capability to strengthen resilience and trust. That’s why we are embedding strong governance practices around AI and building cyber security standards into every stage of product development. By doing so, we help our customers to align with the new regulations, while ensuring AI serves as a tool for greater security and confidence.

Trust and compliance 

We are taking NIS2, the Cyber Resilience Act and the rise of cyber threats seriously, ensuring compliance and enhancing trust with all our customers.

We have reinforced supplier oversight, streamlined incident reporting and embedded cyber security into every stage of product development and lifecycle management.

Our teams also conduct ongoing risk assessments and post-incident reviews, thereby ensuring that lessons are learned and improvements are made.

By taking these steps, we not only meet regulatory requirements, but strengthen the resilience of our supply chain and the trust customers place in us.

Beyond our own operations, we are also committed to supporting customers on their compliance journey. Initiatives such as our recently released White Paper entitled Enhancing Cyber-Physical Resilience with Digital Access Solutions and a detailed NIS2 White Paper developed in Germany last year provide clear and practical guidance. By showing what these regulations mean in practice and how intelligent access solutions can directly support compliance, we aim to make the path forward less complex and more achievable for our customers. 

Looking ahead 

The days when security threats posed to businesses and products were only physical in nature are long gone. Today, we find ourselves in a world where the digital realm poses even more serious and constantly evolving challenges.

As an industry, we must take the necessary steps to meet the directives of NIS2 and the Cyber Resilience Act and also constantly monitor the rise of AI. Only by doing so can we protect our customers, preserve our reputations and build the trust that defines true leadership in security.

Kelly Gill is Senior Vice-President and Chief Technical Officer at ASSA ABLOY Opening Solutions EMEIA (www.assaabloy.com)