Geopolitically, the last 12 month have been a rollercoaster. In 2024, a record number of people across the globe went to the polls – more than four billion people across 40 countries. In the UK, we elected a new government. Other close allies including France and USA did the same.
More recently, the German public also voted in a new administration. American foreign policy has started to cut a harder stance – particularly in Europe – whilst Elon Musk’s Department of Government Efficiency (DOGE) is making changes to internal policy and already faces legal action for its somewhat unusual approach.
In terms of conflict, the fight in Ukraine rages on, with both sides having a different idea of what peace talks should look like, and who should be involved in them. Israel and Hamas continue to wage war, causing dangerous rifts across the entire Middle East.
Regardless of what your opinions are on the outcome of these elections or which side you fall on in the conflicts, one thing we can all agree on is that these are uncertain times. Compounding this turbulence is the growth of AI. On one hand, the technology is enabling us to innovate faster than ever. But on the other, it’s arming cybercriminals with the ability to launch more authentic, and therefore effective attacks and being weaponised by political parties and individuals to spread misinformation and gain an upper hand.
Amid this geopolitical and technological upheaval, the very nature of trust has changed. The people and countries we trusted yesterday may be very different today. Cybersecurity is a profession that is built around notions of trust and distrust. It is also intrinsically tied to geopolitics. As countries wage wars and change policies, the nature of cybersecurity shifts concurrently. At the moment, we don’t understand the full extent of every problem or the consequences of each decision. And every day there are new changes that undermine trust.
As a profession, in the immediate term, the best thing we can do in response to geopolitical shifts is to continue with the same ethos we always have. We need to be consistent, reliable and resilient, ensuring we get the basics right and use our budgets efficiently, analysing where we can make the most difference with the resources at our disposal. Taking these steps can help us to maintain security in the short term.
A different mindset will then be needed from the traditional “build a fortress” outlook. There is so much taking place beyond our control that cybersecurity professionals will have to accept certain levels of risk as part of their role, and work to truly protect what matters. This means understanding exactly where we are vulnerable and why, and adapting to an incredibly turbulent backdrop as quickly as possible.
But in the long term, and perhaps even more importantly, we need to come together to build new trust models, as geopolitical instability always bleeds out into the cyber world. This is a complex issue to solve, but cybersecurity is constantly finding new solutions to difficult problems. So, this is an open question to the cybersecurity profession – how do we start to rebuild trust amid the chaos?
