Malta, like the rest of the world, faces an escalating wave of cyber threats targeting businesses, government entities, and critical infrastructure. In an exclusive interview, G4S Security leader Edward Chetcuti shares key insights regarding the intersection between physical and digital security, Malta's cybersecurity readiness, and the urgent need for a more resilient national framework.
Mr Chetcuti's perspectives reveal a fragmented landscape where large corporations and financial institutions have robust defences, while small and medium-sized enterprises (SMEs) and certain public entities lag dangerously behind.
There are larger firms, including financial institutions and gaming companies, that have invested and likely have mature cyber defences. But we also know that many SMEs, micro companies, and even certain public entities remain very vulnerable due to limited budgets and limited awareness," he explains.
Statistics underscore this disparity, with data collected by G4S indicating 48–50 per cent of Maltese companies lack a dedicated cybersecurity function, 70–80 per cent have no allocated budget for cybersecurity, and most fail to provide employee training. The most critical vulnerability, according to Mr Chetcuti, is incident response readiness.
"The biggest gap we see here is incident response readiness... those that actually may have systems in place but don't test them, don't go through the readiness testing to make sure they have the internal capabilities to not only detect but mitigate breaches when they happen – and they will happen,” Mr Chetcuti says.
The G4S CEO highlights the convergence of physical and cybersecurity threats, and emphasises that modern security strategies must integrate both domains to address evolving risks effectively.
"Security is about multiple layers... the digital security, the IT security, the physical security, they all complement each other and coexist,” he says.
G4S, traditionally known for offering physical security services, has expanded into cybersecurity, recognising that threats often exploit weaknesses in both areas. For example, a cyber breach in a smart building may require immediate physical intervention, and weak access controls to IT infrastructure can undermine even the most advanced digital defences.
"It's pointless to invest heavily in cybersecurity defences if your access control to the IT infrastructure is weak or non-existent.”
G4S's approach features a unified control room where physical and cyber threats are monitored simultaneously, supported by AI-driven analytics for real-time threat detection.
Artificial Intelligence (AI) plays a pivotal role in G4S's security strategy. AI-powered systems detect anomalies, such as repeated unauthorised login attempts or unusual network behaviour, enabling faster responses. "AI platforms are monitoring for strange behaviours... someone is trying to access digital data, and someone is trying multiple times to access or log in or contact a certain node or a certain weak point."
However, Mr Chetcuti acknowledges that no single company can tackle cybersecurity alone. G4S collaborates with local cybersecurity experts to bridge knowledge gaps and enhance Malta's collective resilience. "We don't claim to be experts in cyber technology ourselves, but we partner with local companies that are. The overlap between physical and cyber security is also where our collaboration with these partners comes into play."
Malta, like the rest of the EU, faces a shortage of skilled cybersecurity professionals. He notes that only 4.7 per cent of Malta's workforce are ICT specialists, slightly below the EU average of 4.8 per cent. Additionally, the field remains male-dominated, with women comprising just 30 per cent of ICT specialists.
To close this gap, Mr Chetcuti advocates for public–private partnerships with educational institutions to develop curricula that combine academic study with hands-on industry experience, continuous internal training to keep pace with evolving threats, and community awareness campaigns to foster a culture of cybersecurity vigilance. "The only way to actually achieve certain targets is through education,” says Mr Chetcuti, making a comparison to waste collection: “You have to take the education to the homes... and to do it to children first and foremost, because they go home and they talk to their parents about this and that."
While Malta has made progress in cybersecurity regulation – including the adoption of the National Cybersecurity Strategy, first published in 2016 – Mr Chetcuti suggests that more can be done. He underscores the need for stronger enforcement, better funding for SMEs, and a national framework that integrates physical and cyber defences. "Malta has made progress much like the EU as a whole – ... but with cyber threats evolving daily, policyies must evolve just as rapidly to remain effective."
Mr Chetcuti's insights reveal a critical truth: cybersecurity is not just a digital issue,; it is a national security imperative that demands a unified approach. Malta's businesses, government, and educational institutions must collaborate to build a resilient ecosystem where physical and cyber defences work in tandem. As cyber threats grow in sophistication, the time to act is now. Whether through AI-driven monitoring, public awareness, or policy reforms, Malta must prioritise cybersecurity to safeguard its digital future. "The amalgamation of physical, digital, cyber, and AI is the way we're evolving our solutions to combat these next-generation threats,." he says.
In an interconnected world, security is no longer about guarding doors – it's about securing the entire chain, from physical access to servers to smartphones. Malta's readiness depends on how well it can adapt to this new reality.
Main Image: