Navigating the Cyber-Geopolitical Nexus
by Kailyn Johnson and Jack Nott-Bower in Sibylline Newsletter.
Today, global enterprises face an unprecedented convergence of cyber, physical, and geopolitical risks that fundamentally challenges traditional security architectures. But despite this integration of risks, most firms keep siloed security functions with minimal cross-functional collaboration. As a result, many businesses’ security gaps can widen, amplifying operational vulnerabilities that only become clear when it’s already too late.
Governments increasingly recognise cyber operations as essential instruments for advancing their strategic objectives. Amid escalating global tensions, a growing number of state-sponsored cyber threat actors are engaging in offensive cyber operations that help states achieve these objectives. Such grey-zone tactics allow threat actors to target businesses all over the globe; whether stealthily obtaining strategic information, gaining illicit financial profit, damaging a firm’s reputation, or pursuing any combination of those goals. Subsequently, this continues to drive risks across the business environment.
We’ve seen how physical and geopolitical events affect cyber security risks (and vice versa), compelling businesses to improve cross-functional collaboration within their security functions. Three recent case studies illuminate this:
The war in Ukraine. Russian state-sponsored cyber actors conducted disruptive cyber operations against Ukrainian electrical facilities and telecommunication networks prior to ground military operations. This stalled Ukraine’s ability to counter the threat, as well as the nation’s internal communications – a significant example of cyber operations having a physical impact on both civil society and military operations.
Divestment from the Chinese market by the West, particularly in semiconductors. This has triggered an increase in cyber espionage by Chinese threat actors against competing firms in Asia and beyond, with the goal of obtaining intelligence on intellectual property regarding semiconductor development and cooperation with the West.
Deep-sea cable cutting. The cutting of deep-sea cables that facilitate internet connectivity and power has exacerbated worries of physical sabotage from various adversarial threat actors. Cutting cables has resulted in power outages and internet downtime, highlighting the operational impact on both physical and online business operations and the broader consequences of geopolitical strife for the private sector. Advances in Chinese deep-sea cable cutting technology will also further amplify these tensions and aggravate business risks.
These examples highlight how geopolitical tensions and physical threats can augment cyber and other business risks for firms, whether they are directly or indirectly affected. Yet despite this reality, many security leaders still grapple with challenges that prevent the successful adoption and implementation of an integrated security model that enables comprehensive resiliency. Some common issues include:
Communication barriers. Whether it’s defining thresholds for risk severity, accountability frameworks or threat management processes, CSOs and CISOs must lead the pursuit of a shared language between technical and non-technical teams. Some firms have successfully established “fusion centres” where intelligence focused on cyber, physical, geopolitical and regulation/compliance serves across business domains. But it must go beyond that to CISOs adopting a form of communication at board level that demonstrates the value of this model in proactively mitigating business impacts.
Keeping up with a dynamic threat landscape. Organisations must be able to address the fluidity of the cyber and geopolitical threat landscape adeptly to ensure resiliency. Implementing processes to address threats quickly and early will help entities be more proactive and agile, while maintaining other overall organisational procedures. This could take many forms, such as adjusting cyber indicator detections and certain mitigations automatically when new reports are publicised rather than reading and importing manually only during working hours. Additionally, having established cross-functional teams (including intelligence functions, governance and compliance personnel) who are pre-authorised to make certain decisions under a specific threshold without having to adhere to typical bureaucratic processes could help to streamline responses.
Isolated security functions. As with communication barriers, it is necessary to address the isolation of security teams and migrate them into more integrated functions. This will increase security teams’ ability to understand the threat landscape and better understand the integration of different categories of risks (we discuss this topic more in our “Up & Out” series here).
Future Horizons
The cyber-geopolitical landscape ahead could be even more volatile than most firms anticipate. As climate destabilisation creates cascading effects on resource competition, what appears as espionage today can evolve into sabotage when these pressures peak – whether it’s targeting of water management systems, agricultural technology networks, or alternative energy infrastructure. Add non-state hacktivists motivated by environmental causes, and the threat landscape is further complicated. Moreover, territorial disputes could drive new forms of hybrid warfare where cyber operations precede physical confrontations. We’ve witnessed this playbook already in Ukraine, but we see future applications becoming more sophisticated and far-reaching.
More than ever, the fusion of cyber, physical, and geopolitical security is an essential component of organisational risk management. Firms must dismantle silos and create integrated security models with both geopolitical and technical expertise, along with transformative leadership that speaks both technical and business languages. Those who adapt now won’t just become more secure in the long term – they’ll gain a decisive competitive advantage in an increasingly turbulent landscape.
The stock image of Hong Kong seems inappropriate for some reason