Trend 963 cybersecurity risks: Why you must upgrade now

Trend 963 has been obsolete for years and as of 1st January 2025, all technical support officially ended, which leaves buildings and the businesses in them at risk. Regardless of this, many organisations still rely on it to run their buildings. 

Running legacy systems for a period is common practice. Upgrades are often delayed after weighing up risks against cost and resources to do so, but with Trend 963, that equation no longer adds up. 

There is a now an urgent warning to replace 963. It’s not a matter of if a failure or security breach might happen, but how severe the impact it will be when it does. 

The message is clear: it’s no longer safe to delay. 

What is the warning? 

A recent bulletin from the Smart Building Cybersecurity Forum reported that all Trend 963 systems still in use are highly vulnerable to cyberattacks – and are now an active target. Therefore, organisations are being urged to replace these systems as a priority. 

In addition, it has come to light that the once assumed “safe” segmented or “air-gapped” Trend 963 systems are in fact not secure and are just as exposed. 

From ransomware attacks to data breaches, these weaknesses can open the door to serious threats that compromise your security, compliance, reputation and bottom line. 

What are the critical cybersecurity risks Trend 963 users are exposed to? 

To understand why the risk is so severe, it helps to look at the critical weaknesses built into 963’s ageing architecture. 

✘ Severely exposed entry points: Developed on legacy architecture and protocols over 20 years old, Trend 963 receives no security updates or patches. It offers little to no protection against modern cyber threats, making it an easy target for attackers and leaving all vulnerabilities permanently exposed. 

✘ Unsupported operating systems: The last supported operating systems for 973 have been phased out and no longer receive security updates. These platforms are incompatible with modern antivirus tools and often require risky workarounds that can introduce new vulnerabilities. 

✘ Outdated Java plug-in: 963 requires an unsupported Java plug-in which is a notorious target for exploitation via phishing and malware. 

✘ Legacy database systems: Many 963 deployments still rely on old Microsoft Access files or unpatched versions of SQL Server. This leaves data vulnerable to malware infection, ransomware and data theft. 

✘ Insecure protocols: The default protocol used by Trend 963 for logs, backups and data transfers has been widely exploited in major ransomware attacks such as “WannaCry” making it a serious ongoing risk. 

✘ Weak authentication: The use of basic local Windows accounts which are often shared, poorly secured and lacking support for modern authentication support, leaves systems highly vulnerable to unauthorised access and privilege escalation. 

What this means for your business 

Even beyond the immediate security risks, continuing to use Trend 963 can have serious consequences for your business, from compliance violations to costly operational setbacks. 

• Unplanned downtime and emergency costs – systems could fail without warning disrupting core operations, while emergency upgrades can cost up to 200% more than planned projects. 

• Insurance claims voided – using unsupported systems can invalidate claims following a cyber incident, leaving you to absorb the full financial impact. 

• Compliance breaches – continuing with 963 risks non-compliance with ISO 27001, NIST CSF and GDPR, exposing you to fines and reputational damage. 

• Hidden energy waste – Without visibility from the front end, plant equipment may be left in manual override or run unnecessarily increasing energy costs and reducing operational efficiency. Trend 963’s outdated interface makes it harder to spot and correct these issues in real time. 

Secure your systems with a future-ready solution 

Trend IQVISION is the natural upgrade path from 963. Developed on the Niagara 4 framework, IQVISION offers a secure, modern platform for managing building systems aligned with the key principles of ISO 27001. 

Not only is it actively supported and regularly updated offering immediate protection against modern cyber threats, IQVISION was also purpose-built to meet todays cybersecurity demands that legacy systems simply can’t. 

✅ Stronger access control and password protection: Enforces secure password creation rules, automatic expiry, and encrypted storage to help prevent unauthorised access. 

✅ LDAP integration: Supports external LDAP connections for secure user authentication aligned with your organisation’s IT policies. 

✅ Cybersecurity dashboard: Monitors system health and recommends improvements across IQVISION and any connected Trend devices to strengthen overall security in line with ISO frameworks. 

✅ Audit trail logging: Tracks all system activity including database changes, backups and adjustments for full transparency and accountability. 

✅ Secure communications: IQVISION supports secure protocols and encrypted data transfer, reducing exposure to vulnerabilities that could breach ISO standards. 

Act now before it’s too late 

Every day you delay increases your exposure. But you don’t have to face this transition alone. 

We are highly experienced in Trend upgrades and our team understands the nuances of legacy systems and how to transition them with minimal disruption. 

Whether you’re ready to move to IQVISION or still exploring options, we’ll work with you to design a migration path that fits your building’s current setup and future goals. Our system-agnostic approach means we’ll always recommend what’s best for your needs, but when it comes to security, IQVISION is a clear step forward. 

Get in touch to start your upgrade path with confidence today.