Resilience is Critical for Meeting Escalating Cyber-Threats 

By Anthony Young 

As cyber threats continue to escalate due to geopolitical tensions and the rise of AI-driven attacks, businesses and governments are facing increasingly sophisticated challenges. In this article, Anthony Young, CEO of cyber security service provider, Bridewell, examines the critical importance of building resilience through proactive cyber security measures, strategic budget planning, and trusted partnerships to mitigate these evolving risks.  

As geopolitical tensions rise globally, cyber threats are becoming more frequent and sophisticated. Both businesses and governments must stay vigilant as nation-state actors, hacktivists, and criminal groups exploit vulnerabilities. For organisations, resilience, both in terms of cyber security and operational preparedness, is essential.  

In 2025 and beyond, the cyber threat landscape will continue to be shaped by rising geopolitical tensions. Nation-state actors such as Russia, China, North Korea, and Iran remain at the forefront. These groups increasingly focus on long-term strategies to infiltrate critical systems, observe operations, and either disrupt or steal sensitive information. For example, China has been observed silently gaining access to critical systems worldwide, positioning itself for future advantage.  

In contrast, Russia and North Korea focus on more immediate disruption. North Korean-affiliated groups are heavily involved in ransomware campaigns, often using stolen funds to finance government initiatives. Russia’s invasion of Ukraine has sparked increased hacktivism, with cyberattacks used to make political statements from both sides. 

The rising tide of these cyber threats highlights the importance of organisations taking a proactive approach to cyber security. Governments and critical infrastructure are frequent targets, but businesses in sectors such as finance, healthcare, and energy are also at risk. Organisations need to understand the motivations and tactics of these actors and invest in threat-led security operations to stay ahead. 

The rise of AI-driven threats and disinformation 

Artificial intelligence (AI) is transforming industries, but it is also escalating cyber security risks. Malicious actors are using AI to automate attacks, create more convincing phishing campaigns, and generate deepfakes for disinformation. Disinformation is a growing concern as AI makes it easier to produce false information at scale. In political contexts, such as elections or conflicts, AI-generated fake news can destabilise entire regions by amplifying public fears or divisions.  

To counter these threats, organisations must adopt a “secure by design” approach when implementing AI. Just as with cloud computing and other technologies, security must be considered from the outset. This involves assessing data flows within AI systems and implementing robust security measures to protect sensitive information. 

Challenges at the micro level: budgets and compliance  

Businesses face a series of challenges that could undermine their cyber security efforts, especially shrinking security budgets. Economic pressures from geopolitical uncertainties are forcing organisations to prioritise spending, even as regulatory compliance demands grow. In the UK and Europe, the Network and Information Systems (NIS) regulations will enforce stricter standards in 2025 and 2026, with significant fines for non-compliance. 

With constrained budgets and limited internal expertise in areas like security architecture and operational technology (OT) security, many organisations may struggle to meet these demands. The risk of opportunistic vendors entering the market, promising quick fixes or exaggerated claims of expertise, also increases. Businesses must be cautious in selecting cyber security partners and ensure that investments in cyber security are both effective and compliant. 

Addressing the cyber security skills shortage 

The global cyber security skills shortage remains a significant issue, particularly in specialised areas. While many professionals excel in risk assessment and auditing, there is a noticeable gap in technical roles like security architecture, engineering, and OT security. This imbalance leaves organisations vulnerable, as they may lack the in-house expertise needed to defend against sophisticated threats.  

Bridging this gap requires a combination of internal training and external partnerships. Organisations must upskill employees in technical areas critical to security operations. At the same time, they can turn to external providers for specialised expertise, helping them stay ahead of emerging threats without expanding internal teams too quickly. 

The cyber security industry must also continue to drive more focused training and certification programs that address these specific needs. Aligning educational efforts with critical areas, such as OT security or multi-cloud environments, will help prepare the next generation of cyber security professionals.  

Future-proofing with resilience strategies 

Looking ahead, resilience must be the foundation of any organisation’s cyber security strategy. This goes beyond preventing breaches and includes being prepared to respond and recover when incidents occur. For businesses and critical infrastructure operators, this means investing in a mix of internal training, external partnerships, and robust security measures. 

A proactive, threat-led approach to security is essential for building resilience. Organisations must utilise cyber threat intelligence to understand the specific threats they face and develop tailored strategies to counter them. The MITRE ATT&CK framework is an invaluable tool that allows organisations to map potential attack tactics and align these with their own defensive capabilities. This proactive mapping of threats helps to identify and prioritise areas needing reinforcement, whether through technology investments or process improvements.  

Beyond intelligence, incident response and recovery capabilities are crucial. Organisations must ensure they have well-rehearsed response plans in place, allowing them to react swiftly when a breach occurs. Resilience in this context means reducing the time to detect, contain, and recover from cyberattacks, which can significantly minimise damage and downtime. 

Another key element of resilience is collaboration. Effective partnerships with external experts can strengthen internal capabilities, ensuring that an organisation is well-prepared to face both technical and geopolitical challenges. Working alongside specialised partners provides access to advanced knowledge and resources, making it easier to adapt to new threats and regulatory changes. 

Investing in ongoing cyber security training and ensuring that the workforce is equipped with the skills needed to handle incidents is also vital. Regular simulations, threat-hunting exercises, and continuous learning should be an integral part of an organisation’s approach to resilience. By fostering a culture of security and readiness, organisations can ensure they are not just reacting to threats, but actively anticipating and mitigating them before they escalate. 

As cyber threats continue to escalate, resilience will be the key to navigating the uncertainties ahead. Geopolitical tensions, AI-driven disinformation, shrinking budgets, and skills shortages all present challenges, but they can be overcome. By investing in proactive security measures, fostering strong partnerships, and prioritising resilience, organisations can protect themselves from emerging threats and secure their future in an increasingly complex world.

About the Author

Anthony Young is the Chief Executive Officer at Bridewell, a cyber security and managed service provider he founded in 2013. With over 20 years of industry experience, Anthony is committed to delivering high-quality, complex cyber security programs and building long-term relationships with clients. His leadership focuses on driving business growth and ensuring top-tier cyber security standards.