On the evening of July 20th, a technical failure in Denmark’s Nets payment system caused widespread disruption across the country. Card payments were down for nearly three hours, affecting stores, transport systems, entertainment venues, and more. While the digital inconvenience was enough to frustrate customers nationwide, the most alarming consequences unfolded at the Storebælt Bridge, where frontline staff received death threats and faced acts of vandalism from angry drivers who could not pay their tolls.
That moment, when a digital outage became a physical security crisis, reveals something critical that many organizations still fail to fully grasp: security is not a series of disconnected silos. It’s an ecosystem.
A Failure in the Cloud, A Crisis on the Ground
Let’s be clear: the Nets outage was not a catastrophic cyberattack. It was likely a technical failure, the kind that can happen in even the most well-maintained digital infrastructure. But what made it a crisis wasn’t just the technical issue, it was how that issue rippled outward, touching people, places, and public trust in real time.
At Storebælt, drivers stuck in traffic jams, some for hours, reacted not with patience but with aggression. Horns blared, tollbooths were vandalized, and staff were verbally abused and threatened. South Zealand and Lolland-Falster Police had to issue public reminders that violence and intimidation would not solve the problem.
It’s easy to see this as an isolated incident, but it’s anything but. This is a case study in how digital failures can manifest as real-world risks to people on the ground. And it highlights a dangerous blind spot in the way many organizations think about security
The Silo Problem
Security is often divided into three domains:
- Cyber security: Firewalls, patching, threat detection, and recovery planning.
- Physical security: Surveillance, access control, guards, and alarm systems.
- People and workplace wellbeing: Usually handled by HR or internal communications.
These categories make sense on an org chart. They give structure, ownership, and accountability. But in reality, incidents don’t respect these lines.
A payment system outage is, on the surface, a cyber incident. But when it prevents customers from accessing essential services, whether at a tollbooth, supermarket, or concert, the consequences quickly leave the server room and land on frontline staff.
At Tivoli Gardens in Copenhagen, for example, the outage meant that guests attending a Tom Jones concert couldn’t use their cards for food, drinks, or spontaneous purchases, resulting in financial loss and customer dissatisfaction. Frustrated guests turned their complaints toward employees, not toward a backend infrastructure they couldn’t see or understand.
Frustation Has a Face
To most customers, the difference between a technical glitch and a cyberattack is irrelevant. All they know is: something isn’t working, and there’s a person in front of them who should be fixing it.
That frontline worker becomes the symbol of failure, regardless of whether they have any control over the situation. And when frustration peaks, it’s not IT systems that take the hit. It’s people.
Security professionals have long known this dynamic in theory. But incidents like the Nets outage are a sobering reminder of just how quickly a digital disruption can become a human crisis.
Toward a Holistic Security Model
This is why more organizations need to adopt a holistic approach to security, one that views digital, physical, and human factors as interconnected components of the same system.
It’s not enough to have a cyber incident response plan and a separate workplace violence policy. Those plans need to talk to each other. More importantly, the people behind them , IT, security, HR, and ops, need to be part of a shared conversation.
Imagine if Storebælt had real-time protocols for redirecting traffic, deploying onsite support, or even just messaging staff and customers transparently during outages. Imagine if frontline workers were trained not only in customer service but also in crisis communication and de-escalation during system failures.
These aren’t just nice-to-haves. In today’s interconnected threat landscape, they’re essential.
Security Is a Human Business
The truth is, every security incident has a human dimension. Even the most technical issues can provoke emotional, social, and physical reactions in the real world. If our security plans don’t account for that, they’re incomplete.
The Nets outage might fade from the headlines in a few days, but the lessons it revealed should stay with us much longer. It exposed the fragility of our systems, yes — but more importantly, it showed how quickly our digital dependencies can put real people at risk.
Organizations that prepare for this crossover, that think across departments, design with empathy, and train their staff for the unexpected — will be far better positioned to handle whatever comes next.
Because in the end, security isn’t about keeping systems safe — it’s about keeping people safe. And the boundaries between digital and physical safety? They’re much blurrier than we’d like to admit.
