Understanding Hybrid Threats: What They Mean for Business

As part of the webinar “Navigating Geopolitical Risks and Opportunities – Integrating Geopolitics into Corporate Decision-Making: Not a Threat, but a Strategic Compass”, hosted by Sandra Gobert, Executive Director of GUBERNA, Tom Burin, Barney Jordaan and Koen De Leus shared their views on how organisations can respond to a rapidly shifting global landscape.

Their insights showed how geopolitics is no longer an external factor but one of the key drivers for boardroom decision-making.

Read below the contribution of Barney Jordaan, who warns against fragmented thinking and urges organisations to adopt a systemic approach in the face of hybrid threats.

Barney Jordaan, professor at Vlerick Business School, and expert in negotiation and conflict handling, shares his analysis and recommendations with GUBERNA Members. 

In an era marked by rapid digitalisation and global interconnectivity, businesses are increasingly vulnerable to a new breed of danger: hybrid threats. These include cyberattacks, mis- and disinformation campaigns or political interference in isolation but part of a broader, coordinated strategy aimed at undermining the foundations of Western democracies and the institutions that support them. 

 

Rethinking Risk: The Hybrid Warfare Landscape 

Many organisations still fail to connect the dots between geopolitical developments and their own operational vulnerabilities. Often, they invest heavily in cybersecurity, without recognising that cyberattacks may be just one facet the far more complex threat landscape of “Hybrid Warfare”. 

Hybrid (aka Asymmetrical) Warfare blends conventional military tactics with irregular strategies designed to destabilise economies, institutions, and societies. These tactics may be deployed by hostile nation-states or non-state actors acting on their behalf. 

 

Common Hybrid Tactics Include: 

  • Disinformation campaigns 

  • Economic coercion 

  • Political influence operations 

  • Use of proxy forces (e.g. ‘little Green Men’ appearing on the Krim border in 2014 eventually leading to its annexation by Russia) 

  • Theft of sensitive intellectual property  

  • Covert business acquisitions (e.g. via convertible loans) 

  • Cyberattacks (as seen in incidents involving the City of Antwerp and shipping giant Maersk) 

Barney

These events should not be viewed in isolation. Rather, they are symptoms of a systemic and deliberate attempt to weaken democratic institutions—often led by or linked to states like China, Russia, and Iran. Responding effectively requires a coordinated, society-wide approach. 

Broaden the Risk Lens 

Organisations - be they businesses, universities, non-profits, or government bodies - must reassess how they evaluate risk. Hybrid threats can affect any part of the value chain and are often overlooked until it’s too late. 

Take Belgium's food security as an example. The country is heavily dependent on food imports, making it vulnerable to supply chain disruptions or even water supply sabotage. Universities, too, must question how well they protect research and IP in international collaborations. And what about the resilience of society and institutions in the face of disinformation campaigns or election interference? 

Equally concerning is the psychological toll these threats can take on employees, especially those on the frontlines of responding to cyber incidents. Are they adequately supported? 

 

The Case for Collective Resilience 

Hybrid threats pose an existential risk to organisations. Between government and private sector reports, the warning signs are evident. For instance, Belgium’s Centre for Cybersecurity recorded 556 cyber incidents over just 18 months under the EU’s NIS2 Directive - a figure likely to increase significantly. 

 

Way Forward 

  • Awareness is key:  Leaders must educate themselves about hybrid threats - their tactics, scope, and potential impact on business continuity. 

  • Train and support teams: Employees need to know how to detect and respond to threats, both online and offline. 

  • Invest in resilience: Psychological support and resource allocation are critical for teams regularly facing digital and reputational attacks. 

  • Adopt a Systemic Risk Framework:  View cyberattacks and similar incidents not as isolated events but as part of a larger strategic assault. 

  • Enhance Organisational Preparedness: Build internal awareness, provide training, and ensure emotional and logistical support for teams. 

  • Protect Intellectual Assets: Ensure safeguards are in place for research, IP, and strategic collaborations. 

  • Foster Cross-Sector Collaboration: Work alongside governmental agencies (including defence and national intelligence) and industry peers to share intelligence and coordinate response efforts. 

  • Embed Resilience in Corporate Culture: Resilience isn’t just technical - it’s cultural. Foster a mindset of vigilance, adaptability, and cooperation across your organisation.    

Conclusion 

Hybrid threats represent a multi-layered challenge to businesses and institutions across Europe and beyond. They involve an intricate mix of cyber, economic, and political strategies aimed at destabilisation, often orchestrated by state and non-state actors acting as proxies. Organisations must look beyond conventional risk models and consider the systemic nature of these threats. 

By taking a proactive, holistic approach, businesses and institutions can better withstand the rising tide of hybrid threats - and, more importantly, help safeguard democratic stability in the process. 

You do not have access to the content below.

To read the content below, you must be a member or logged in.