Private sector as front line of resilience
European officials are calling for a tighter alliance between state agencies and private firms to fend off escalating hybrid attacks, a stance voiced this week by Atlantic Council senior fellow Elisabeth Braw. The proposal targets a range of hostile activities that have begun to menace European enterprises, from ransomware strikes to arson and drone surveillance.
Braw argues that the current security model isolates public and private resources, leaving critical infrastructure exposed to coordinated assaults. She notes that hybrid threats blend cyber, physical and informational tactics, making them harder to detect and counter. By sharing intelligence, funding joint research, and creating rapid‑response teams, governments can amplify the defensive capabilities of companies that already guard their own networks. The approach also promises to reduce duplication of effort and accelerate the rollout of protective technologies across sectors.
European businesses have become the primary targets of state‑backed and criminal actors seeking strategic advantage. In 2023, ransomware incidents rose 38 % across the continent, while incidents of industrial sabotage involving fire‑bombs and unmanned aerial vehicles doubled. Companies report that they lack the resources to monitor every vector, forcing them to prioritize core operations over comprehensive threat hunting. Braw cites a recent survey in which 62 % of CEOs said they expect hybrid attacks to increase, yet only 27 % feel adequately prepared.
Can cooperation curb the surge in cyber‑arson and drone spying?
She urges policymakers to embed private‑sector expertise into national security frameworks, creating joint task forces that can act within hours of an incident. Such collaboration would enable rapid sharing of forensic data, streamline legal processes for cross‑border investigations, and align procurement cycles with emerging threat landscapes. Early pilots in the Nordics have already shown reduced response times and higher detection rates when public agencies and firms coordinate their efforts.
The rise of cyber‑arson—where hackers trigger physical fires through compromised control systems—poses a stark illustration of hybrid danger. Drone surveillance, too, allows hostile actors to map facilities before launching cyber intrusions. Braw warns that without a unified front, attackers will continue to exploit the gaps between sovereign security services and corporate defenses. She suggests that joint training exercises, shared situational‑awareness platforms, and co‑funded resilience labs could blunt these tactics.
If governments and businesses adopt a collaborative stance, the cost of mounting attacks may outweigh the benefits for adversaries. Braw predicts that a coordinated approach could slash successful hybrid incidents by as much as 40 % within three years, provided that legal frameworks keep pace with technological change. The shift would also signal to hostile actors that Europe is no longer a fragmented battleground but a cohesive shield.
Frequently Asked Questions
What defines a hybrid attack? A hybrid attack blends cyber, physical, and informational methods to achieve strategic objectives, often leveraging both digital intrusion and real‑world sabotage.
Why involve the private sector now? Businesses own much of the critical infrastructure and data that attackers target, so their expertise and resources are essential for early detection and rapid response.
How will cooperation be funded? Governments can allocate dedicated budgets for joint research, share costs of security tools, and offer incentives for firms that participate in coordinated defense programs.