Cyber security: How do governments and organizations protect themselves against geopolitical threats?

Cyber security is closely linked to geopolitical issues. In a tense context marked by economic and political rivalries, and large-scale conflicts such as the war in Ukraine, cyber security plays a crucial role in protecting States and their organizations.

Why do organizations incur geopolitically motivated cyber attacks? How can you protect against these new threats?

Cyber security, a question of sovereignty and influence 

By contributing to the national economy and acting as production agents, organizations reinforce the sovereignty of their State with regard to other nations. They face a number of cyber security challenges: 

1. Espionage and cyber attacks by foreign States: 
   
   Just like Operators of Vital Importance (OIVs), organizations that play a strategic role in the proper functioning of the nation are a priority target for hostile States. Energy producers, banks, industrial conglomerates... A successful attack on one of these targets can destabilize an entire country. 
   
   Furthermore, organizations with intellectual property and international ambitions are also susceptible to economic espionage by rival States. In 2019, hackers stole several strategic documents from Airbus, including data on the engine of the A400M, a military transport aircraft. These attacks can damage both economy and security of a country.
   
   
2. The war of information and disinformation: 
   In addition to cyber attacks, certain operations aim to spread false information. Bonduelle was a recent example: photos of servicemen were posted on Russian social media, holding the brand's cans in their hands, along with a greetings card reading "Dear soldier, happy new year! We wish you all the best and a speedy victory!"
   
   The brand's reputation was tarnished. In addition to impacting public perception, these attacks can also cause stock market indices to plummet.

3. Legislation and regulations: 

   Faced with growing cyber threats, governments are introducing regulatory measures to protect the interests of their organizations. This is the case, for example, with the NIS2 Directive, which aims to strengthen the security of organizations in the European Union through a series of measures such as the obligation to carry out regular security tests and audits, and report security incidents.

4. The geopolitical role of organizations: 
   

Organizations can be directly involved in geopolitical conflicts. This is, of course, true of defense and armament organizations, which play a major role in military conflicts. But more generally, many organizations present in Russia have had to decide whether or not to suspend their business in Russia following the invasion of Ukraine. This geopolitical decision has increased the risk of cyber attacks. 

Given these facts, the role of cyber security is more important than ever for the long-term survival of organizations.

What strategies are needed to cope with these challenges?

1. Strengthening collaboration between public and private sectors
   
   Protecting against State-sponsored cyber threats requires close collaboration between organizations and the public sector. The Common Base for Cyber Intelligence and Detection (SCRED) is an excellent example. The aim of this collaborative project led by Thales, which brings together 11 cyber security players from the academic and private sectors (startups, SMEs, large corporations), is to create within three years a unique platform for organizations and public administrations that will give them access to cyber intelligence services. The SCRED will pool and enhance the value of data held by stakeholders in a trusted cloud, giving them a visibility over threats at any given moment, as well as automatic trend analysis and projections based on models using advanced artificial intelligence technologies.
   
   
   
2. Investing in cyber security 

In the face of growing cyber crime and geopolitical threats, it is important to invest in cyber security to protect your organization. Advanced solutions are needed to detect and prevent attacks. Solutions such as XDR identify threat signals and can detect even the stealthiest attack. Your IS needs to be regularly evaluated by security audits and tests to identify and correct weak points.

3. Training employees
   
   In the field of cyber security, training security teams always plays a crucial role in preventing attacks and being able to respond appropriately to threats. Such training must now educate employees about geopolitical issues. 
   
   On the other hand, recruiting or training in-house cyber security experts, who are well versed in geopolitical issues, not only reinforces the level of cyber protection but also fosters a culture of cyber security on a daily basis.
   
   

In 2023, cyber crime is no longer motivated solely by profit. Cyber attacks often have deeper geopolitical causes. CIOs and CISOs need to be aware of these new challenges and invest accordingly to strengthen their organization's cyber security. The aim is to protect sensitive data from foreign States and increase corporate resilience in the face of increasingly complex and insidious threats.