Simon Martindill, Head of UK Academy, G4S tells SJUK how modern industrial security must evolve to meet hybrid security threats.
In previous decades, industrial security focused on strong perimeters and guard presence, with protests typically limited to visible pickets outside site gates.
Manufacturing sites were frequent targets, as disrupting production at source could trigger significant financial and supply chain impact.
By 2026, both the perimeter and the protest model have fundamentally changed.
Modern campaigns are highly coordinated operations that blend digital mobilisation, insider infiltration and targeted physical disruption.
Activists exploit online networks to research vulnerabilities, infiltrate organisations and coordinate action with precision.
In response, industrial security must move beyond static defences towards unified resilience – a pre-emptive model integrating physical protection, digital monitoring and human intelligence to counter this evolving hybrid threat.
Disruption campaigns often begin months in advance in encrypted online spaces, where activists research corporate vulnerabilities, supply chain chokepoints and executive movements.
A central tactic is insider infiltration. Operatives with clean records secure employment to map layouts, identify security gaps and leak schematics or shift patterns to external cells.
By the time a physical disruption occurs, organisers often have detailed knowledge of security blind spots.
These operations are increasingly shaped by strategic convergence, with separate groups forming coalitions to share resources, tactics and intelligence, strengthening coordination and impact.
The modern threat now extends far beyond the facility fence line.
Hybrid tactics involve targeting corporate leadership during travel or at private residences, utilising a coordinated combination of physical surveillance and digital agitation.
Recently a water company had to assign a specialist bodyguard to its chief executive following a surge in targeted threats.
While the chief executive of another utility company was confronted at a London railway station by an activist group.
Supply chain vulnerability represents another critical frontline.
Disruption occurs during transit and at distribution hubs. Various decentralised movements have demonstrated surgical precision, using insider knowledge to target infrastructure and disable logistics networks.
Whether it is blockading major hubs in Doncaster or disabling machinery with expanding foam, the impact of individuals with deep knowledge of logistical corridors is felt across the entire system.
We are witnessing a profound strategic convergence where disparate activist groups are no longer operating in silos.
They are actively exchanging tactical lessons and normalising rapid escalation from lawful protest to high-impact direct action.
For industrial security, this means your threat profile can change overnight as tactics perfected in one sector are ‘downloaded’ and deployed against another.
Unified Resilience is our only viable defence against this shared intelligence.
It is a shift from siloed, reactive security to a holistic ecosystem where physical measures, cyber-defence and human intelligence are fused.
It means treating a digital ‘ping’ on a server with the same urgency as a physical breach of the fence line, ensuring that every layer of the organisation operates under a single, proactive shield.
To remain relevant, security strategies must shift towards this model of unified resilience – a pre-emptive defence that integrates several key pillars:
The final layer of the solution is zero-trust physical access.
Similar to digital security models, physical access is micro-segmented.
Employees and contractors are granted access only to the specific zones required for their roles at specific times.
This reduces the harm that a disgruntled or radicalised insider can cause.
By segmenting the factory floor, organisations ensure that a breach in one area does not lead to a total site shutdown.
The regulatory landscape has tightened with the Terrorism (Protection of Premises) Act 2025 and the Public Order Act 2023.
Martyn’s Law requires larger public venues to assess vulnerabilities and formalise emergency plans, while the Public Order Act introduces tougher penalties, including up to ten years for serious disruption.
Although these measures strengthen prosecution powers, they have driven some activists towards more covert tactics.
In 2026, resilience depends on embedding these legal duties within a broader, integrated security strategy.
This article was originally published in the March edition of Security Journal UK. To read your FREE digital edition, click here.
