The future of control rooms

Datapath explores the human factor in the future of control rooms.

In 2025, the average organisation faces nearly 2,000 cyber-attacks every single week. The financial stakes are staggering: The average breach now costs $4.44m, ransomware incidents run between $5.5 and $6m, and by 2026, global cyber-crime costs are projected to reach $10.5t.

Yet, despite the billions invested in all forms of protection, one reality remains: The outcome of every major incident still depends on a human sitting in front of a console.

What is the protection against this?

Control rooms are at the centre of modern security operations. They are where every feed, every alarm and every system converges – where the most critical decisions are made.

Technology provides the infrastructure and processes set the framework, but it is the operator who serves as the decision-maker.

The human element determines whether an incident is contained or is allowed to escalate.

Yet the most critical component of the control room is often the most overlooked: The operator. Behind every successful incident response or coordinated crisis effort is a focused, empowered individual.

This is why operators matter more than ever; they’ve become gatekeepers that keep organisations safe. Protect them, empower them and you protect everything else.

Lessons from history

1969: Apollo 11 Moon Landing

• NASA’s Mission Control in Houston became the most famous control room on Earth as operators guided the crew to the Moon
• Thousands of data points streamed in, every second critical for the mission. It was data overload in its earliest form and the pressure it created showed how much depends on an operator’s focus; a reminder that clarity and support are what allow humans to succeed when everything is on the line

2003: The Northeast Blackout

• When 55 million people across the US and Canada lost power, it wasn’t just the grid that failed, it was the control rooms
• Operators were flooded with thousands of alarms and missed the warning signs buried in the noise. The disaster revealed that more data does not equal more clarity and that unstructured information can overwhelm even skilled operators – a lesson that modern security operations still grapple with today

2012: The London Olympics

• Behind the Games, one of the most advanced security control operations ever built was put in place to safeguard athletes and spectators
• Operators managed live CCTV, counter-terror monitoring, cyber-defences and emergency response, all integrated across agencies
• Even with long shifts and constant vigilance, the integration of systems gave operators visibility and support, proving that unification, not just tech, makes resilience possible at scale
• Control rooms succeed or fail on how well they support operators under pressure
• In 2025, as threats multiply and data floods in, it’s never been more of a prominent issue

The operator in 2025

A control room operator in 2025 sits in front of a video wall surrounded by hundreds of feeds, surveillance cameras, IoT sensors, cyber-dashboards and real-time threat maps.

On their desk will be multiple monitors that display browser-based security apps, alerts and data streams. Every few seconds, a new notification flashes.

The core challenge is data overload. Operators must process hundreds of inputs, yet the human brain can normally handle only 3-5 items of information at a time.

Add long shifts and constant high-stakes vigilance, and the second challenge becomes fatigue: 76% of operators report moderate to high levels of fatigue during or after their shift, up from 58% in 2020; 63% admit to making avoidable mistakes or missing alerts due to fatigue, particularly on night shifts or during crises; 52% report sleeping fewer than six hours between shifts during peak times, compounding cumulative exhaustion.

Without unified platforms, operators are left to manage complexity as much as threats – a dangerous imbalance in today’s security landscape.

Technology can provide information, but it is the operator who interprets it and acts. Their ability to manage stress, fatigue and information flow directly impacts security outcomes.

Operators are often referred to as the last line of defence. If they are under-supported or overburdened, the consequences ripple quickly and, as a result, delayed operator response times were a major factor in escalation.

NOCs (network operator centres) and SOCs (security operator centres) highlight just how central operators are to modern security.

These environments sit at the front line of defending against escalating cyber and hybrid threats. With the explosion of data from connected devices, cloud platforms and global networks, the volume of potential vulnerabilities has multiplied and with it, the likelihood of attacks.

Protecting and enabling operators should be a priority for any organisation managing a control room. By protecting operators, organisations protect their own resilience.

Operator first approach

Every successful control room should begin with one principle: Putting the operator first. You can build the biggest video wall, invest in the latest analytics or deploy advanced cyber-defences, but if the operator doesn’t have the right tools, none of it will deliver.

In NOC and SOC environments operators sit at the crossroads of information, turning signals into action. With simple, secure, unified systems, they protect effectively. With fragmented tools and endless alerts, even the most sophisticated control room falters.

An operator-first approach means designing every aspect of the control room around clarity, simplicity and security.

When operators are supported this way, the organisation is protected in turn. It’s the difference between success and failure.

Technology may define the control room, but operators define its success. They are the single most important investment an organisation can make against rising cyber and hybrid threats.

The future of the control room

The control room of 2025 is becoming smarter, more connected and operator-focussed. Advanced visualisation environments, from interactive video walls to touch-enable dashboards, are helping operators see and understand complex scenarios at a glance.

Also, cloud-enabled platforms are reshaping what a control room looks like, allowing operators in different locations to share the same real-time operating picture.

These developments point to a clear direction; the future is giving operators clarity, not complexity.

The next decade will reshape the role of the control room operator, not by replacing them with automation, but by surrounding them with smarter, more supportive tools.

The operator will remain at the centre of the control room, but their environment will look and feel very different.

Security will continue to underpin every development. With cyber-threats moving faster and more creatively, the future control room will need to treat security not as an add-on, but as a default.

For operators, this translates into greater confidence that the systems they depend on are as resilient as the decisions they make.

Operators remain the most important factor in these environments.

Supporting them with the right tools, simplifying complexity and embedding security throughout systems is key to building resilience.

Why is it so important to future-proof control rooms?

Control rooms are not static. The demands placed on them grow year-by-year as new technologies emerge, new threats appear and new data sources come online.

A system that feels adequate today can quickly become outdated tomorrow. That’s why futureproofing is no longer optional, it’s essential.

The organisations that thrive against rising threats will be those that design with an operator-first mindset.

Looking back through history, the lesson is always the same: Control rooms succeed or fail based on the people at its core.

From the Apollo-era missions to today’s NOCs and SOCs, operators have been the ones making the critical calls in crucial moments.

In 2025, they are under greater pressure than ever; faced with an ever-increasing influx of data, constant alerts and the very real risk of fatigue.

The strength of a control room isn’t measured by how many feeds you can display, but by how effectively operators can interpret them and act.

Operators will remain central; automation may support and amplify their role, but it cannot replace the judgement and resilience they bring.

That’s why the focus must be on environments that reduce fatigue, sharpen decision-making and keep humans in control.

The future of resilience lies not in adding more technology, but in building integrated, unified systems that strip away the noise and give operators the confidence to protect what matters most.

This article was originally published in the October edition of International Security Journal. To read your FREE digital edition, click here.