Rapid geopolitical change

3 March 2025

---

The world has, and is rapidly changing – is your risk register keeping up?

Like most people, I try to keep personal opining to a minimum on this site, using it for the professional networking site it is. Now however, we’re forced into a position where politics and cyber security are inextricably linked. Most businesses need to be considering their long-term risk events, to plan for different eventualities.

Perhaps I’ll do a long form writeup of this in the future, but for now, I’ll try to be brief. To an Australian business, the majority of risk for cyber security comes from these geographic locations:

China (PRC)

Russia

North Korea (DPRK)

Iran

Geopolitical change is happening all over the world.

There are at least 114 armed conflicts throughout the world today.

China is currently circumnavigating Australia with warships, engaging in live-fire training events, in a move that can only be seen as posturing.

North Korea have sent troops to assist Russia in the Ukraine war.

Israel is again threatening military action against Iran.

The US has ordered all agencies in the last week (excluding the NSA) to “stop tracking Russian threat actors”

Until recently we reasonably assumed that there was a status-quo – the four countries mentioned above constituted the majority of sophisticated risk events, and there would be no significant escalation without a change in circumstance. Now we have change.

US President Trump appears to be making policy changes that would create advantages for Russia, while removing at least some critical assistance to Ukraine. Recent actions by the US Vice President, and Elon Musk have been received by many EU nations as an attempt to break existing security guarantees. Germany has responded by calling for an urgent de-coupling of the EU from the US. Irrespective of political ideology, and motivation, it’s a plain fact that the cohesion of the “west” is currently faltering.

What does it mean for your business, especially for critical infrastructure, to have a quickly evolving geopolitical situation? Do you expect China to continue the Volt Typhoon (and similar) programs at the current cadence, or would you expect an escalation/de-escalation? Will the additional costs the DPRK are incurring fighting in Russia’s war result in renewed ransomware activity to recoup funds? Would the decoupling of the EU/US alliance create conflicts for your security programs, or stakeholders? Is Russia likely to prosecute or promote cyber crime gangs?

There’s also the (currently very remote) possibility given the US Administration’s inward focus, that the 5 Eyes alliance may be dissolved. How would you rate Microsoft (for example) as a vendor, if you no longer implicitly trusted the host country?

Perhaps it’s time to chat to your risk department again?