Core Insights - Current geopolitical tensions are exerting pressure on the internal security of European organizations, with 84% of high-risk organizations feeling unprepared to detect and manage internal incidents according to the Insider Trend Report 2026 by Signpost Six [1][2] Group 1: Internal Risk Landscape - Internal risk has transitioned from being incidental to a fundamental risk in a world where geopolitical conflicts increasingly manifest through economic, technological, and social channels [2] - State actors, criminal networks, and activist movements are increasingly focusing on the human factor for destabilization, making it more effective and less visible than traditional cyberattacks or physical sabotage [2] Group 2: Geopolitical Developments - The rise of hybrid warfare has significantly increased internal risk, as states are showing rivalry beyond traditional military domains, making critical infrastructure and technology companies prime targets for espionage and sabotage [3] - State actors are increasingly using criminal networks as intermediaries for operations, applying extreme pressure on employees through financial temptations, threats, and blackmail [4] Group 3: Supply Chain Vulnerabilities - The globalization of supply chains has heightened organizational vulnerabilities, as access to critical systems and processes increasingly relies on third parties operating under different legal and political regimes, directly impacting daily operations amid geopolitical tensions [5] Group 4: Organizational Resilience - Technical and physical security alone is no longer sufficient; organizational resilience requires explicit risk responsibility at the administrative level and close collaboration among HR, security, risk management, and legal departments [6] - Geopolitical developments are now occurring within organizations as well as outside, and ignoring these events puts employees at risk of becoming unintentional targets [6]

Core Insights - 84% of European high-risk profile organizations feel inadequately prepared to detect and manage insider incidents, highlighting a significant vulnerability in organizational security [1] Group 1: Insider Risk Context - Insider risk has evolved from being incidental to a fundamental risk, particularly in a geopolitical landscape where conflicts are increasingly economic, technological, and social in nature [2] - State actors, criminal networks, and activist movements are focusing on exploiting the human factor for destabilization, making insiders with access to sensitive information more attractive targets [2][3] Group 2: Geopolitical Developments - The rise of hybrid warfare has led to increased targeting of commercial organizations, including critical infrastructure and technology companies, by state actors and organized criminal networks [3] - State actors are utilizing criminal networks as proxies to conduct operations with minimal traceability, putting employees at risk through financial temptations, threats, and blackmail [4] Group 3: Supply Chain Vulnerabilities - Globalization of supply chains has heightened organizational vulnerabilities, as access to critical systems increasingly lies with third parties operating under varying legal and political regimes [5] Group 4: Organizational Resilience - Technical and physical security measures alone are insufficient; organizations must establish explicit risk ownership at the administrative level and foster collaboration among HR, security, risk management, and legal departments [6] - Geopolitical risks now extend within organizational walls, necessitating a proactive approach to prevent employees from becoming unintentional targets [6]