How organizations can navigate geopolitical and cyber risks in an interconnected world

In an interconnected and interdependent world, the consistent supply and cost of resources, such as energy, food, minerals and raw materials, is no longer solely dependent on logistics, but also on behaviours, relationships and ideologies of individual nations and the synergies that lie in between.

The convergence of politics, technology and international relations brings about a slew of cyber risks and uncertainties that have serious implications for organizations. Let’s explore the major cyber risks:

With rising international trade, organizations are valuable targets for cybercriminals. Data breaches are becoming even more costly and difficult to repair. The rapid development of technology also poses new challenges. Organizations are not keeping up with advances in security controls and traditional monitoring tools fail to detect more sophisticated malware.

In a future where improved global trade possibilities allow the largest companies to grow quicker than others, those organizations will become huge targets. Larger customer bases, combined with developments in AI, will allow them to collect vast amounts of valuable data requiring far more governance in the face of increased regulation. The greater use of AI tools will expose organizations to increased avenues of attack. Threat intelligence will prove to be extremely valuable in identifying the potential source and nature of these attacks. Where political tensions brew between nations and cyber is weaponized, sectors such as critical infrastructure, finance, banking and other essential services are particularly at risk.

The rise of generative AI, large language models, machine learning and deep fake technology will enable state-sponsored and other less sophisticated threat actors to engage in campaigns to spread misinformation. This has the potential to undermine trust in institutions and governments, stir political and social unrest, amplify societal divisions and create rifts between allies. High-profile organizations targeted by fake content run the risk of lasting reputational damage.

Individuals, too, will fall victim to targeted or 'for fun' attacks that cause significant personal damage that, in most cases, will be long-lasting and difficult to wind back. In addition, a proportion of those made redundant by the adoption of technology or otherwise adversely impacted may be tempted into economic cybercrime, engaging in insider threat activity either before or after they are pushed through the exit door. Organizations will need to take further mitigation efforts to monitor and manage insider cyber risks, increasing their focus on human-centred security initiatives.

While connectedness opens trading opportunities for organizations, the increased use of data between geographies is too often policed by conflicting and frequently changing regulations and legislation. The increased sharing of data between geographies also adds complexity and legal hurdles, affecting operating costs and productivity. As capital expenditure and operating expenditure budgets are squeezed, there is a risk of hardware and software assets failing to be maintained at supportable levels. This build-up of technical debt puts organizations at risk of being caught out by unpatched security vulnerabilities or obsolete hardware.

Rising business taxes also hamper recruitment plans for organizations. Unable to meet the increasing salary demands of candidates, unfilled vacancies diminish the organization’s ability to manage security or respond to incidents, increasing the chances of burnout for existing staff.

While some countries are already implementing strict regulations to protect citizen rights, others may adopt a more relaxed attitude to bring more business to their shores and to support their own geopolitical agenda. Differing regulations will create a parallel market for research and development in countries that are less concerned about ethics and consequences, leaving organizations with a moral choice as to where to operate.

As nations double down on internet censorship and create their own balkanized internet, replete with state control and surveillance, they will seek to control their citizens’ perceptions of free societies, furthering the divide between nations. Cross-border law enforcement, which has always struggled to operate across multiple jurisdictions, will be even less effective. Criminal organizations and state-sponsored actors will prosper and expand their reach, launching more impactful and frequent attacks, engaging in corporate espionage and disrupting critical infrastructure without fear of prosecution. Any organization continuing to trade with nations that disconnect from the global internet will be required to adapt to an environment where all communication with citizens is heavily sanitized and scrutinized by their respective governments, or not permitted at all. This may also mean having to adapt to stringent regulations, an obligation to maintain a physical presence in such a country or the need to exit that market altogether. In such a future, an awareness of how global law enforcement will police a fractured internet will be key to understanding how online threats may evolve.

Organizations must evaluate cyber security not just from the context of their own security, but also from the context of geopolitics and technological evolution. For organizations considering expanding overseas or those with a significant foreign presence, below are security measures to consider implementing:

• Assess where data is held, how it might be impacted by incoming regulations and whether the data can be moved to another jurisdiction.

• Consider the security and surveillance implications of trading with nations practising internet censorship.

• Ensure countries of origin are considered when onboarding new suppliers. Perform a regular threat assessment of existing suppliers to understand if there is any change in their threat quotient. Evaluate such partnerships with increased vigilance and frequency.

• Leverage threat intelligence to enhance monitoring and response abilities. Monitor business indicators and brand reputation in overseas markets as these can help detect potential attacks or problems early on.

• Review threat detection capabilities from an espionage scenario. Improve breach detection and incident management capabilities.

• Build a culture of security, so that employees are not influenced by disinformation and keep security in mind whenever making any business decisions, especially if this involves an overseas location.

• Source security and legal advisors that can provide guidance on navigating international data regulations.

It’s no secret that there is significant political uncertainty surrounding Ukraine, Russia, Taiwan, the UK, the US and others. Even the smallest incident can weaken international relations and the global economy. Factors, such as climate change, natural disasters, economic approaches and technological choices will drive nations down different, perhaps conflicting, paths. Security teams must recognize these evolving threats from a political and technological perspective and proactively introduce mitigations to make organizations more resilient to current uncertainties.