ISJ hears exclusively from David Webb, Managing Director of Valkyrie about balancing physical and cybersecurity as in a world of emerging threats.
In 2025, the security landscape is more complex and interconnected than ever.
Traditional boundaries between physical and cybersecurity are blurring, requiring leaders to adopt a holistic, integrated approach to risk management and response.
Security leaders must remain alert to emerging risks and evolving threats in a rapidly shifting environment shaped by sophisticated cyber-attacks, geopolitical tensions and advancing technologies.
The evolving threat landscape
The convergence of cyber and physical threats is creating unprecedented challenges for security leaders.
Sophisticated cyber-attacks increasingly target critical infrastructure, healthcare systems and financial institutions, while physical threats – such as civil unrest, political violence and assassination attempts – are also rising, often incited or coordinated through online platforms.
This blurring of boundaries is evident in hybrid attacks where digital intrusions precede physical intrusion or sabotage.
Geopolitical tensions further compound these risks, with state-aligned actors from countries including China, Russia, Iran and North Korea engaging in operations that cross both virtual and physical domains.
In this environment, security leaders must adopt integrated strategies addressing the full spectrum of converging threats.
Integrated leadership: A modern imperative
To address these complex challenges, security leadership must evolve from siloed approaches to a cross-disciplinary model.
Effective leadership in this era requires:
- Fostering cross-disciplinary collaboration: Encouraging collaboration between cybersecurity and physical security teams is essential for a unified response to traditional and emerging threats. This applies to mitigation strategies, response planning and internal training
- Embracing technology integration: Leveraging technologies such as AI, machine learning and IoT across both domains enhances threat detection, analysis and response, enabling a faster, coordinated reaction to security incidents
- Prioritising resilience: Leaders must focus on building resilient systems that can withstand and recover quickly from incidents, adapting as threats emerge, rather than solely preventing breaches
Case studies in leadership adaptation
The following case studies are simplified and illustrative examples inspired by real-world scenarios and are not intended to represent any actual organisations.
Case study 1: Tech company
A tech company faced a sophisticated cyber-attack that encrypted key supplier data, disrupting operations across multiple regions.
Leadership quickly assembled a crisis management team integrating IT, physical security and operations teams. By restoring encrypted data from cloud backups and securing physical access points, operations resumed within 48 hours.
- Actions: CEO facilitated cross-department collaboration, ensuring seamless communication and rapid decision-making
- Outcome: Operations were restored with minimal impact on stakeholders, demonstrating the value of an integrated response to complex security challenges
Case study 2: Healthcare company
A major healthcare provider, suffered a ransomware attack compromising patient records. Leadership rapidly convened a team from cybersecurity, healthcare operations and compliance. Critical patient data was moved to secure offline systems, ensuring continuity of care.
- Actions: Leadership made real-time decisions to preserve essential services while containing the cyber-threat. Transparent communication with staff and patients helped manage expectations.
- Outcome: Despite the breach, patient trust was maintained and services continued with minimal disruption, highlighting the effectiveness of a cross-functional crisis team.
Case study 3: Security company
A city-wide surveillance provider, experienced multiple physical security breaches requiring a technological overhaul. Leadership implemented a hybrid-cloud system combining AI-powered video surveillance, real-time access control and IoT sensors across urban areas.
- Actions: New technologies were integrated with physical security systems to enhance monitoring and threat response. AI enabled predictive threat analysis, improving decision-making.
- Outcome: Within six months, security breaches fell by 40%, illustrating the benefits of merging physical and digital security strategies.
Emerging trends in security leadership
Several trends are reshaping leadership across the security industry, complementing traditional practices:
- AI-driven threat intelligence: AI enhances threat detection, automates incident response and anticipates vulnerabilities. It remains a complementary tool alongside conventional intelligence, with transparency and accountability continuing to be key concerns
- Zero trust architecture (ZTA): The principle of “never trust, always verify” is gaining momentum. While ZTA strengthens security, implementation can be complex, resource-intensive and occasionally impact performance
- Cyber-resilience legislation: Evolving regulatory frameworks, including the UK’s Cyber Security and Resilience Bill, increase obligations for ransomware reporting, incident response and risk management, contributing to overall organisational resilience
- Board-level accountability: The convergence of physical and cyber-threats increases stakeholder expectation for boards to take strategic ownership of security
Preparing for the future
Looking ahead, security leaders must proactively anticipate emerging threats, including AI-powered attacks, the adoption of Zero Trust models and evolving regulatory requirements.
Organisations must remain informed about technological advancements and regulatory changes while fostering talent with cross-disciplinary skills to navigate both cyber and physical security domains.
Uniting security domains
By fostering cross-disciplinary collaboration, embracing emerging technologies and prioritising resilience, security leaders can equip their organisations to handle the challenges of tomorrow.
The future of security leadership lies in its ability to unite diverse security domains and respond cohesively to complex, multi-faceted threats.
