top of page

How Geopolitics Changes the Global Cyber Threat Landscape


Executive Summary


  • Cybercrime and cyber insecurity are now among the Top 10 of most severe global risks over the next decade, listed alongside threats including climate change and involuntary migration.

  • As geopolitics and cyber increasingly intertwine, cyber-attacks become more frequent and sophisticated, as both state and non-state actors, in particular from China and Russia, try to disrupt democratic societies, economies, and militaries.

  • In part driven by the military conflict in Ukraine, the EU, the US, and NATO have begun to enhance their own cyber capabilities and to issue new cyber­security regulations that directly impact globally active firms.

Implications for International Business


  • Industries need to prioritize cybersecurity as an integral part of their strategies: They should adopt a risk-based approach, implementing security and privacy measures that align with an ever more volatile threat landscape.

  • Cybercrime alone will cost companies worldwide an estimated $10.5 trillion by 2025, up from $3 trillion in 2015 per annum. At a growth rate of 15 percent year after year, it represents one of the greatest transfers of economic wealth in history.

  • In addition to cyber-attacks driven by the war in Ukraine, business trends like tele-working and digital interconnectedness heighten the probability of successful strikes, putting sensitive data, intellectual property, and financial assets at risk



State of Play

Global competition moves into cyberspace

Cyberspace is becoming a new battlefield and an area of geostrategic competition. The increasing sophistication and frequency of cyber-attacks pose significant risks and threats to governments, companies, and individuals. They include ransomware, malware and zero-day vulnerabilities, social engineering like new forms of phishing, threats against data and large Distributed Denial of Service (DDoS) attacks, destruction of infrastructure and corporate networks, dis- and misinformation, and supply-chain targeting. During peacetime, both states, their proxies, and non-state actors deploy cyber operations to disrupt the smooth functioning of democracies, collect intelligence, undermine legitimate governments, and steal trade secrets or cripple businesses. Cyber-attacks in the EU conducted by state proxies and criminal groups operating from Russia, China, North Korea, and Iran seriously damage Europe’s economic competitiveness and socio-political fabric. In June 2023 alone, Russia-linked attacks targeted European banks, including the European Investment Bank, U.S. federal government agencies, including Department of Energy entities, and Swiss government websites, including the Parliament, the federal administration, and Geneva airport. During wartime, malicious actors use cyber tools to erode their adversaries’ military advantage. In the first half of 2022, Ukraine experienced 1,350 cyber-attacks on its critical infrastructure alongside kinetic attacks conducted by Russia, to which it has proved remarkably resilient. Crucially, it is backed by offensive and defensive cyber interventions from the U.S. Cyber Command, assistance from the tech giants like Microsoft and Google, and networks of international and homegrown information security researchers. Against this backdrop and given the increasing competition of international players, the EU unveiled its Cyber Defence Policy in November 2022. It represents the EU’s first comprehensive effort to outline strategic, policy, operational, and capability development goals in cyber defense. In the case of cyber defense, widespread accessibility to AI-powered tools combined with the refined tactics of state and non-state actors mean that the international threat landscape is becoming ever more dangerous.

Key Issues Emerging cyber alliances foster a geopolitical divide

Faced with a “geo-politicisation” of the cyber landscape, the EU and NATO adopt a multi-faceted approach. This includes developing robust cybersecurity strategies, increasing interoperability, investing in cutting-edge cyber defense capabilities, conducting cyber deterrence operations, and collaborating with international partners. International alliance-building is paramount in the fight against cyber threats. For instance, in February 2016 the computer emergency/incident response teams of the EU and NATO signed a bilateral Technical Agreement on the exchange of information about threat actors and techniques. Cyber-related intelligence sharing and capacity building with partner countries have also markedly improved. Yet, the sustainability of these efforts depends on shared interests, trust among participants, and effective coordination mechanisms. Elections, like the upcoming U.S. elections in 2024, changes in political leadership in international organizations, or shifts in political priorities and ideological differences can affect the willingness to share sensitive cyber intelligence and collaborate on capacity-building initiatives.


The rise of China further complicates the cyber threat landscape, as its growing influence challenges the dominance of cyber powers like the United States. Beijing has begun to move from cyber espionage for economic interests to explicitly aiming at global technological superiority and a (re)shaping of the Internet. To remain competitive, the EU and NATO, member states and like-minded countries need to invest in enhancing their own cyber capabilities and foster international collaboration around responsible state behavior in cyberspace. An open, safe, and secure global cyberspace is one in which businesses can expand their operations globally without cybersecurity risks, as it increases consumer confidence, data protection, and privacy, while public-private partnerships enable businesses to benefit from threat intelligence and cybersecurity best practices. Yet, the absence of accountability mechanisms to curb the impunity of states violating international law and the limited options to enforce the agreed norms of responsible state behavior in cyberspace make it necessary for the EU and NATO to search for alternative policy solutions. The new EU framework establishes cybersecurity standards, requirements, and reporting obligations that apply to certain sectors such as critical infrastructure and digital service providers, to safeguard their systems and services. Businesses can obtain cybersecurity certificates for their products and services, enhancing their credibility, consumer trust, and market competitiveness. In short, the benefits of the peaceful use of cyberspace can no longer be taken for granted.


Firms face acute threats and diverse rules

Alliance-building in cyberspace across democratic and autocratic fault lines has significant influence on industries around the globe. It enhances cybersecurity efforts by promoting information-sharing between democracies, collaborative defense measures, and coordinated responses between the private-private and civil-military sectors. Yet, there are also risks, such as potential information-sharing dilemmas where sensitive data being exposed to unintended recipients and cyber defence dependencies leaving industries vulnerable to an attack on another alliance member. In turn, any cooperation with autocratic countries like China in the realm of cybersecurity involves various high-risk factors, given its rapprochement with Russia, its cyber espionage and state-sponsored cyber-attacks, surveillance practices as well as ethical and human rights abuses.

Conversely, the use of economic sanctions and trade restrictions can potentially impact cyber relations between states and non-state actors. Such measures can limit the availability of certain technologies, restrict information sharing, and hinder cooperation. This can hamper efforts to build resilient cyber ecosystems. In this regard, businesses should actively engage in the development of international and national cybersecurity standards, policies, and norms. By providing input and expertise, they can ensure that initiatives are practical, realistic, and considerate of private sector realities. At the company level, investing in advanced technologies, implementing robust incident response plans, conducting regular risk assessments, and enhancing employee awareness and training are elements of any sound stratgey. In order to adapt to evolving regulatory and legal frameworks across different jurisdictions, firms need to implement robust data protection practices, conduct privacy impact assessments, employ privacy-enhancing technologies, adopt privacy-by-design principles, and establish effective mechanisms for data governance and consent management.

Despite the challenges engendered by cyber threats, companies can leverage the opportunities of the digital transformation by adopting a proactive security posture that integrates cybersecurity into every aspect of their operations. This will ensure that businesses can benefit from advanced digital tools and automation processes, access to global markets, data-driven insights and products, as well as innovation, agility, and scalability by adopting AI-powered tools and cloud computing.

bottom of page