Insights

For critical infrastructure, TNFL poses a unique challenge. While Harvest Now, Decrypt Later (HNDL) undermines confidentiality (the secrecy of data and communications), TNFL compromises integrity and authenticity, threatening the safety and reliability of industrial processes. The time to act is now.

The UK National Cyber Security Centre's (NCSC) 2025 Annual Review opens with a punchy front-cover warning: “Open your eyes to the imminent risk to your economic security.” Although the report’s primary focus is on threats facing the UK, its insights and recommendations resonate far more broadly.

On September 9, 2025, Mitsubishi Electric Corporation (Mitsubishi Electric) and Nozomi Networks (Nozomi) publicly announced that Mitsubishi Electric will acquire the remaining shares of Nozomi in a deal valued at approximately $883 million in cash and equity, resulting in the largest OT cybersecurity acquisition to date. The deal is expected to be completed in Q4 2025 following regulatory approval. Two questions we’re being asked are: what is in it for both parties? And how might the acquisition play out?

In a May 2025 insight, ‘Industrial Cybersecurity Consulting and Managed Services Navigator 2025: Building Operational Resilience’, Westlands Advisory highlighted how digitalisation, regulatory pressure, and expanding attack surfaces are reshaping security priorities for operational technology (OT) environments. The industrial cybersecurity market is moving toward integrated, enforceable, and service-ready platforms.

Given the growing cyber risk and number of significant incidents, have public companies made a proportionate investment in cyber governance and resilience? Whilst growing cybersecurity vendor revenues point to improving cybersecurity maturity, a further source of insight can be derived from how public companies report on cyber risks and threats. Westlands Advisory recently conducted a comparative analysis of cybersecurity terminology in the annual reporting of the Dow Jones Core 30 and Euronext Core 30 companies.

The United Kingdom’s 2025 Strategic Defence Review (SDR), titled “Making Britain Safer: Secure at Home, Strong Abroad,” underscores an unprecedented emphasis on cyber threats and capabilities. The review – the first “root-and-branch” overhaul of UK defence in 25 years – repeatedly highlights “cyber” as both a critical danger and a key enabler in modern defence strategy.

The advent of quantum computing presents one of the most profound shifts in cybersecurity since the invention of public-key cryptography. As quantum technology rapidly develops, it poses a direct threat to the classical encryption algorithms that underpin the global financial system, digital identities, secure communications, and data privacy. To prepare for a Quantum-Safe future, government agencies and critical infrastructure operators should start with cryptographic discovery and classification.

Governments are treating AI as a serious policy issue, shifting from advisory to enforceable guidelines to ensure AI deployment is safe and secure. These trends link to an earlier piece by Westlands Advisory, published in October 2024, predicting that strong regulation will be necessary to roll out AI safely, especially in areas such as national infrastructure and public services. As AI becomes entrenched in daily life and critical systems, this article will see how different countries are responding to AI threats, and where things may be headed in terms of cybersecurity solutions, and protection of the entire AI ecosystem.

Operational Technology (OT) environments are foundational to critical infrastructure and industrial operations. These systems control physical processes essential to energy, transport, manufacturing, and public services. As connectivity increases, so does exposure to cyber, physical, and operational risks. Yet, despite the criticality of these processes, cyber maturity remains relatively low. Asset owners need credible and trusted security consulting and managed services partners to accelerate improvements to cyber resilience.