Skip to content

Cybersecurity in a world of geopolitical turbulence

In the spring of 2025, global conflicts and power struggles are redrawing the map of cyberspace. Cybersecurity has escalated into a high-level strategic concern as geopolitical tensions that flare from Washington and Moscow to Sanaa, Beijing and Brussels. Political upheaval in the United States, a drawn-out war in Europe, regional instability in the Middle East, and showdowns in East Asia all contribute to a volatile environment. For CIOs, CISOs, CEOs and the wider security community, this means navigating a new reality in which global crises and digital threats are inextricably linked.

This analysis outlines five geopolitical dynamics that are shaping the security landscape. From domestic instability in the United States to China’s escalating stance toward Taiwan, and Europe’s push for digital sovereignty, the contours of cyber conflict are increasingly defined by international politics.

US domestic upheaval shakes cybersecurity norms

Just years ago, the United States was viewed as a reliable cornerstone of global cybersecurity cooperation. That reputation is now in question. Following Donald Trump’s return to the presidency in the 2024 election, his administration has rapidly dismissed key personnel and disrupted the institutions underpinning America’s cyberdefense. In April 2025, both the head of U.S. Cyber Command and their deputy were removed from office, while the civilian cybersecurity agency CISA faces sweeping cuts. That is reportedly up to 1,300 jobs and 40% of contractor support1.

CISA is officially accused of partisan bias, a claim echoing Trump’s prior assertions of election interference. The justification has been used to restructure the agency dramatically2. Meanwhile, private-sector retaliation has entered the fray. In a controversial move, the Trump administration revoked security clearances for employees of cybersecurity firm SentinelOne after it hired former CISA director Chris Krebs, a known Trump critic3. The result: a chilling effect that has made firms hesitant to publicly defend victims of political retaliation.

Experts warn this politicisation could compromise international threat sharing and reduce overall resilience. With the White House no longer prioritising cybersecurity, allies express growing concern over America’s reliability.

Ukraine: a laboratory for modern cyberwar

Russia’s war on Ukraine continues to play out in both kinetic and cyber domains. It is arguably the most significant conflict of the cyber age. Russian attacks have targeted Ukrainian infrastructure, including energy, telecoms, and government systems, often in coordination with missile strikes4. On Christmas Eve 2024, Ukraine's Ministry of Justice was hacked, though services were restored swiftly5.

Ukraine has demonstrated resilience by moving systems to cloud environments and deploying deceptive technologies to trap attackers6. Yet the cyber conflict is not confined to Ukrainian borders. Russian attacks on European targets tripled between 2023 and 2024, according to CSIS4. Nearly half of these strikes focused on critical infrastructure and industrial companies, often tied to Western support for Kyiv.

In response, NATO now explicitly classifies Russia’s hybrid warfare which is combining kinetic attacks, hacking, and disinformation as a collective security threat7. The scale and cross-border nature of attacks, from the NotPetya incident in 2017 to present-day campaigns, has reset expectations for cyber risk. Global companies are increasingly aware that regional conflict may trigger global digital consequences.

Middle East: non-state actors shape the information battlefield

The Houthi rebels in Yemen, backed by Iran, have emerged as a major influence operation actor. Beyond missile attacks in the Red Sea, they are spreading digital disinformation with global reach. In December 2024, they falsely claimed to have struck a U.S. aircraft carrier. Fabricated footage spread rapidly online, amplified by pro-Russian and pro-Chinese social media networks89.

Although U.S. forces denied the claims, the narrative seeded mistrust and confusion. For companies in shipping, logistics, or operating in the region, this underscores a new threat layer: one that affects not only physical operations but brand integrity, stock performance and public trust.

China and Taiwan: silicon shield under pressure

While currently a low-intensity standoff, China’s escalating campaign against Taiwan carries massive global implications. In 2024, Taiwan recorded an average of 2.4 million attempted cyber intrusions per day, twice the prior year’s rate11. Chinese state-backed hackers are probing Taiwan’s government systems, telecom infrastructure, and logistics networks.

Taiwan’s intelligence services describe these efforts as part of a wider cyber-ambush strategy aimed at disabling systems ahead of any potential conflict. Meanwhile, Chinese groups have been caught compromising telecoms in the U.S. and conducting espionage across Asia and Africa12.

But the concern isn’t only digital. Taiwan produces more than 60% of global semiconductors and nearly 90% of the world’s most advanced chips13. A Chinese blockade, even without an invasion, could sever the world’s tech supply chains, halting car factories, datacentres, and global commerce.

Western countries are responding by investing in chip production and phasing out high-risk vendors such as Huawei13. Still, near-term dependency on Taiwan remains high, and recent discoveries of Chinese infiltration in U.S. critical infrastructure, including Operation Volt Typhoon in 2023 suggest prepositioning for cyber sabotage12.

Europe's digital sovereignty project

Amid growing distrust of foreign tech providers, Europe is trying to reclaim control over its digital future. The concept of "digital sovereignty" has gained traction, particularly after Trump's reelection raised fears about U.S. surveillance over European data.

The EU has introduced new legislation like the NIS2 directive, which came into force in October 2024, requiring thousands of companies to comply with strict cybersecurity protocols, report incidents within 24 hours, and control their supply chains14. The financial sector faces similar requirements under DORA, and the upcoming Cyber Resilience Act will extend this to connected devices.

Regulation is only one part of the puzzle. Europe is also building a rapid-response system under the Cyber Solidarity Act15. From February 2025, CERT experts and private-sector specialists will be on standby for EU-wide deployment. Countries like Estonia and Latvia have created "cyber home guards," blending public and private expertise15. These initiatives, paired with NATO partnerships, aim to strengthen Europe’s cyber resilience and reduce dependency on non-European actors.

Conclusion: the cyber age enters uncharted waters

In 2025, cybersecurity is no longer a purely technical domain. It is entangled with power politics, military strategy, and economic security. Domestic unrest in superpowers, disinformation by rebels, and grey-zone conflicts in East Asia all show how cyber risk transcends borders.

For leaders in both public and private sectors, the implication is clear: cybersecurity strategy must incorporate geopolitical intelligence. A war or political crisis thousands of kilometres away can disrupt supply chains, upend regulatory regimes, or target your staff and brand. The international security community must find ways to collaborate despite political frictions. If the global internet is to remain open and secure, trust, agility and shared knowledge will be our best tools.

Every organisation should reassess its posture. Build resilient systems, map geopolitical exposure, and form trusted partnerships across borders. The threats ahead will not wait for consensus.

  1. Cyberscoop, April 2025. 

  2. Washington Post, March 2025. 

  3. Bloomberg, April 2025. 

  4. CSIS Cyber Attack Database, 2023–2024. 

  5. Microsoft Security Blog, December 2024. 

  6. Microsoft Security Blog, 2023–2024. 

  7. NATO Joint Intelligence Report on Hybrid Threats, December 2024. 

  8. BBC Monitoring, January 2025. 

  9. ClearSky Intelligence Brief, December 2024. 

  10. FireEye Threat Research, 2024. 

  11. Taiwan National Security Bureau, 2024. 

  12. CISA/FBI Joint Bulletin, 2023. 

  13. Semiconductor Industry Association, 2024. 

  14. European Commission, 2024. 

  15. EU Cyber Solidarity Act, February 2025.