The global situation has changed significantly in recent years, and at the same time the need to protect critical infrastructure has further increased. Recent public discussion on security has largely focused on cybersecurity, but security technology plays an equally essential role in building overall security.
“The need to protect critical infrastructure has clearly intensified due to the geopolitical situation. In Finland, we still have much to do when it comes to securing critical infrastructure, but the means to do so certainly exist,” says Pasi Tikkanen, CTO at Loihde.
These themes have frequently appeared in the media. For example, the topic of national security of supply is being discussed more than before. Reported break‑ins at critical infrastructure facilities, such as water towers, have also raised awareness and accelerated development efforts in security.
“These same themes have long been present in discussions with companies and organizations, but now they have surfaced more prominently and become more concrete for everyone due to public debate.”
According to Tikkanen, who has worked nearly 35 years in security technology, organizations should not rush into buying individual security devices but instead take time to consider the bigger picture. A camera, lock, or any single device alone does not create comprehensive security.
“Usually the first step should be a current‑state assessment, after which the organization can plan how the overall security technology — such as access control, intrusion detection, locking systems, and video surveillance — should be implemented,” Tikkanen explains, listing the foundational pillars of security technology.
He emphasizes that organizations must understand their own attack surface — meaning what in their environment is particularly vulnerable and must be protected. From the current‑state assessment, organizations can then progress step by step, guided by experts, toward their security goals.
“Devices and technology alone are not the solution. A functioning whole consists of assessment, planning, implementation, and documentation. Maintenance is also essential, and it includes all these elements as well.”
Among other developments, the NIS2 cybersecurity directive has guided critical enterprises and organizations toward a more secure everyday environment. Threats and realities are now better understood, and security must be documented.
“When people think of critical infrastructure, they often picture water and energy first. However, the concept covers all core functions of society, such as logistics and transportation as well as overall security of supply,” Tikkanen clarifies.
Critical infrastructure is therefore a broad entity comprising essential functions ensuring the smooth flow of everyday life — often taken for granted. All of them require protection to ensure continuity.
“Locking systems are usually the first aspect organization's have addressed in terms of security solutions. For critical infrastructure in particular, camera surveillance and intrusion detection systems are also necessary components.”
Tikkanen notes that solutions can be scaled even into extensive systems. For example, locking and surveillance for a single transformer station could — and should — be part of a broader monitoring system.
“In our services, maintenance and upkeep of the technology remain the responsibility of our own specialists. That means if something does not work, it is our job to fix it. With service‑based delivery, the customer also avoids a large one‑time investment, as the service is provided with a monthly fee.”
A clearly emerging need has lately been targeted solutions where an intrusion detection system is paired with one or two cameras. Such a setup suits smaller sites, such as transformer substations. If needed, the solutions can be expanded into systems covering hundreds of detectors and sites, connected to access management and monitoring services. In all of this, cybersecurity is just as essential as the security technology itself.
“At Loihde, we have the expertise and capability to support the entire security journey — from assessment to implementation — based on the customer’s needs. For the best possible outcome, combining cybersecurity expertise with security‑technology know‑how is absolutely crucial,” Tikkanen concludes.
Explore the Finnish National Emergency Supply Agency’s recommended methods for protecting critical infrastructure!