The Allianz Risk Barometer, an annual report detailing the risks businesses are most concerned about for the year ahead, has seen companies rank political risks and violence as a top 10 global risk for the past three years. Businesses’ concerns have been exacerbated by 2024’s record-breaking number of elections, the developing conflict in the Middle East, and ongoing war in Ukraine.
The negative impact of political violence on companies can manifest in many ways, from endangering employee and customer safety to operational disruptions caused by material damage to premises or assets. As technology advances, uncertainty grows, and political tensions remain high around the world, businesses must consider their vulnerabilities, particularly in the cyber realm.
According to Allianz Commercial’s new Political Violence and Civil Unrest Trends 2025 report, cyber breaches represent one important way that political violence activity can impact businesses. This year’s report identified a key trend: that “new tech versus old tech” has increased the threat of rogue state-triggered damage and disruption, alongside increased reliance on technology around the world and ongoing instability in the geopolitical landscape. Addressing areas of vulnerability will be essential as companies grow operations in an increasingly volatile cyber environment.
Global Head of Cyber Risk Consulting at Allianz Commercial.
New tech, new threats
Advances in technology and global connectivity have increased production and dissemination of misinformation and disinformation. To sow discord, Advanced Persistent Threat (APT) actors, which are usually sponsored by rogue nations or organizations, leverage cyber-attacks to disseminate false information, using techniques such as manipulated online news platforms and compromised social media accounts to instigate real-world events such as aggravating political polarization, promoting social unrest and riots and undermining democratic elections.
APT groups often engage in sophisticated cyber espionage, such as in the case of the Southport attacks and subsequent far-right riots during 2024 in the UK, which spread disinformation and caused social disruption.
Increased digital reliance and geopolitical instability are also heightening the risk of cyber-attacks that inflict physical harm at the same time.
Exposures in critical infrastructure
Critical infrastructure, including energy, transportation, and manufacturing, faces growing vulnerability to disruptions, equipment damage, and threats to human safety via cyber means.
To manage physical processes at these large installations, complex Industrial Control Systems (ICS) or operational technology (OT) systems are used for control and monitor purpose. Typically, these systems are legacy in nature and have obsolescence issues. That means they are vulnerable to attacks that can disrupt physical processes which can lead to potentially hazardous scenarios. For example, in refinery operations manipulation of ICS and safety systems can lead to catastrophic fire, explosions and can cause major environmental damage due to hydrocarbon releases.
Utility companies, too, depend extensively on OT systems. The prevalence of outdated, internet-unsecured devices within such networks poses a major security challenge due to infrequent updates. The utility sector’s cyber security weaknesses render it highly vulnerable. Exploiting internet-accessible OT and ICS devices, including those in the wastewater and water sectors could affect millions of people, with potentially severe consequences for public health and safety.
The vulnerability of transportation systems to cyber threats also raises critical concerns regarding the potential for cyber-physical attacks to cause tangible damage. While modern aircraft possess strong security protocols, vulnerabilities within airport infrastructure, including baggage handling and air traffic control, present a tangible risk of physical damage stemming from cyberattacks. Cyber-attacks targeting other transportation infrastructure also pose a significant risk of physical damage, with disruptions to signaling systems capable of triggering collisions or derailments. In August 2023, a cyber-attack on Poland’s railway system, where hackers manipulated unsecured radio signals to activate emergency train stops, demonstrates the susceptibility of outdated infrastructure to digital threats.
Addressing cyber vulnerabilities
Assessing the robustness of cybersecurity for key infrastructure demands a multi-faceted approach. Companies should engage with their insurance providers through cyber risk dialogue to discuss potential threats to the industry, as well as the insured’s weaknesses in people, technology and processes. Beyond traditional IT defenses, evaluations also include scrutinizing vulnerabilities, including legacy systems which are often ill-equipped for modern cyber threats, as well as an end-to-end assessment of the insured’s value chain.
Key weaknesses often reside in unpatched, poorly secured legacy systems, and the convergence of IT and OT networks. Supply chain vulnerabilities, inadequate incident response plans, and a lack of robust security awareness training further exacerbate these risks. Human error, particularly in access management and patching protocols, remains a significant entry point for malicious actors.
The convergence of Artificial Intelligence, social media, phishing, and Business Email Compromise attacks creates a potent and evolving threat landscape. These technologies are being weaponized to create more convincing and effective cyber-attacks.
How an organization will recover and maintain critical functions during and after a disruption is key. A robust business continuity plan encompasses a business impact analysis to pinpoint critical functions, defined recovery strategies and procedures, clear communication protocols, reliable data backup and recovery systems, flexible alternative work arrangements, and regularly conducted testing and exercises. Comprehensive audits encompass physical security, incident response protocols, and supply chain resilience. Regular penetration testing and threat intelligence integration are also crucial for identifying and mitigating emerging risks, ensuring the continuous protection of essential services.
We've featured the best antivirus software.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
English (US) ·