Current geopolitical tensions are putting pressure on the internal security of European organisations

Core Insights - 84% of European high-risk profile organizations feel inadequately prepared to detect and manage insider incidents, highlighting a significant vulnerability in organizational security [1] Group 1: Insider Risk Context - Insider risk has evolved from being incidental to a fundamental risk, particularly in a geopolitical landscape where conflicts are increasingly economic, technological, and social in nature [2] - State actors, criminal networks, and activist movements are focusing on exploiting the human factor for destabilization, making insiders with access to sensitive information more attractive targets [2][3] Group 2: Geopolitical Developments - The rise of hybrid warfare has led to increased targeting of commercial organizations, including critical infrastructure and technology companies, by state actors and organized criminal networks [3] - State actors are utilizing criminal networks as proxies to conduct operations with minimal traceability, putting employees at risk through financial temptations, threats, and blackmail [4] Group 3: Supply Chain Vulnerabilities - Globalization of supply chains has heightened organizational vulnerabilities, as access to critical systems increasingly lies with third parties operating under varying legal and political regimes [5] Group 4: Organizational Resilience - Technical and physical security measures alone are insufficient; organizations must establish explicit risk ownership at the administrative level and foster collaboration among HR, security, risk management, and legal departments [6] - Geopolitical risks now extend within organizational walls, necessitating a proactive approach to prevent employees from becoming unintentional targets [6]