The global geopolitical environment has entered a period of sustained instability, characterised by intensifying state power competition and the erosion of international norms, with growing convergence of political, economic, cyber, and security risks.
Security threats are no longer confined to traditional state-on-state conflict but increasingly manifest through hybrid activity, grey-zone warfare, economic coercion, influence operations, cyber intrusion, and civil disruption. These dynamics directly affect national resilience, critical infrastructure, public trust, and the operating environment for both public and private security actors.
Hostile state activity and strategic ambiguity
A defining feature of the current environment is the growing assertiveness of hostile and/or competitor states operating below the threshold of open conflict.
China’s activities exemplify this trend. UK government assessments have attributed malicious cyber activity to China-linked actors, including attempts to target democratic institutions and parliamentarians. These actions form part of a broader pattern of influence operations, espionage, and strategic positioning. As an example, the proposed construction of a large Chinese embassy at Royal Mint Court in London illustrates how geopolitical competition can translate into tangible domestic security concerns.
In my view, the site’s proximity to critical infrastructure, communications networks and fibre-optic routes raises legitimate questions regarding surveillance, intelligence gathering, and long-term strategic intent. Compounding the issue is the perceived inconsistency in the UK government’s approach to China.
While acknowledging China as a strategic competitor, the government has at times stopped short of formally designating it as a national security threat, creating legal and operational ambiguity. The collapse of high-profile espionage cases (Cash and Berry) on technical grounds has reinforced public and political concern that economic and diplomatic considerations may be diluting security essentials.
Such ambiguity undermines confidence in the robustness of the UK’s national security framework.
Public trust, social stability, and civil unrest
Geopolitical decisions increasingly carry social and reputational consequences.
Public awareness of hostile state activity is high, while trust in institutional decision-making remains fragile. Where security concerns are perceived to be subordinated to trade or diplomatic convenience, public backlash is likely. This contributes to elevated levels of protest activity, activist campaigning, media scrutiny, and scepticism toward established institutions. Diaspora communities, journalists, activists, and political dissidents may feel particularly exposed, especially where fears of surveillance or foreign intimidation arise.
These concerns exacerbate existing social fragmentation. In high-profile developments linked to fossil fuels, foreign investment, or areas of global conflict, protests and public disorder become more likely, placing additional strain on policing and private security resources.
For organisations operating in this environment, reputational exposure is a critical risk. Perceived proximity to hostile-state interests whether through commercial partnerships, property ownership, or service provision can trigger activist attention and public criticism, regardless of actual intent or operational involvement.
Economic and infrastructure security risks
The geopolitical climate is also reshaping economic and infrastructure risk. Intellectual property theft, data compromise, and cyber-enabled economic espionage are persistent threats to universities, technology firms, financial institutions, and property assets. As hostile-state activity becomes more sophisticated, the distinction between cybercrime, espionage, and state-sponsored action continues to blur.
London’s commercial property sector illustrates this convergence of risk. Increased investment from foreign, state-linked entities introduces not only financial considerations but also security implications. High-profile buildings housing international tenants, sensitive data, or financial operations may become symbolic or physical targets during periods of heightened geopolitical tension, with damage from protest and direct action now a near-daily occurrence across the city.
It comes as no surprise that the financial sector is a leading voice in the risks faced as we move deeper into digital dependency. Critical functions are increasingly dependent on a small number of global IT providers, especially non-European cloud, and AI vendors. As we have seen, a failure at a single provider can impact multiple organisations simultaneously.
Our drive for ever more efficiency and innovation has created a concentrated risk; a single cloud or software outage can trigger broad simultaneous failure, not isolated disruption. Amazon, Jaguar Land Rover, M&S, NHS Ireland, and Gatwick, just some examples where interruption through either hostile or accidental impacts has caused huge, international and localised disruption owing to their business reliance on digital functionality.
These incidents demonstrate the possible impact for private security, where CCTV management, access control, lone-worker supervision platforms, alarm monitoring, SOC dashboards, visitor identity systems, and mobile patrol systems all increasingly run on externally hosted, often foreign-owned, multi-tenant platforms. Worst case, digital dependencies could be weaponised through sanctions, cyberattacks, or political leverage. What this means in simpler terms and for us in private security, is this elevates risk from tactical (e.g. CCTV camera offline) to strategic (entire BMS system failure).
At the same time, organisations face rising costs associated with mitigation measures, insurance premiums, and specialist security expertise. These costs are no longer exceptional; but they are becoming a structural feature of operating in a contested geopolitical environment.
Implications for private security providers
For private security companies, the changing global landscape fundamentally alters risk profiles, service expectations, and professional responsibilities. Security providers are no longer focused solely on crime prevention or site protection but are increasingly required to address hostile-state threats, hybrid risks, and politically driven disruption.
Where the primary targets, governments or senior individuals are unreachable, corporate headquarters, commercial buildings, personnel, and business operations become the accessible pressure points. Disruption through protest, vandalism, cyberattack, or reputational harm is often the intended outcome by demonstrators or hostiles.
Threat assessment must therefore extend beyond local crime data to incorporate geopolitical intelligence, hostile-state activity, cyber risk indicators, and relevant legal or planning developments. This requires enhanced intelligence capability, closer engagement with advisory bodies, and the integration of geopolitical awareness into commercial decision-making. While not all providers will engage at a strategic level, front-line delivery must be underpinned by an understanding of why risks are changing.
A step change for security providers is that counter-surveillance measures, access control, secure zoning, and regular audits are increasingly baseline expectations rather than specialist services. Front-line teams must be adaptable and capable of operating with awareness of wider risk contexts. Cyber and communications security now sit firmly within holistic security planning; data interception, network compromise, supply-chain vulnerabilities, and social-engineering threats must be treated as credible risks, even for non-governmental organisations.
Legal, regulatory, and reputational exposure
Legal and regulatory frameworks are under strain as governments attempt to balance openness with security. For security providers and their clients, understanding the evolving application of the National Security Act, Official Secrets legislation, foreign-influence regulations, and planning law is essential (especially if clients fall under governments identified as a threat). Ambiguity in enforcement or interpretation creates compliance risk and potential liability.
This means that reputation management is inseparable from security management; organisations associated with sensitive sectors, foreign state-linked entities, or politically contentious developments must anticipate scrutiny from media, activists, and stakeholders. Transparent governance, demonstrable due diligence, and credible security standards are essential to maintaining trust and acting as a deterrent to hostile activity.
Workforce, insider threat, and supply-chain risks
Human factors remain a critical vulnerability. Security personnel, facilities managers, and contractors may be targeted for coercion, influence, or exploitation, either deliberately or through inadvertent exposure such as phishing and social engineering. Insider-threat mitigation through vetting, access control, conflict-of-interest management, and training is therefore essential. Financial pressure and sophisticated social-profiling techniques increase susceptibility to staff exploitation. Hostile actors have demonstrated growing capability in identifying and targeting individuals with access to systems or information. As mentioned with the reliance on limited digital providers, supply-chain security presents similar challenges. Hardware, software, and service providers may introduce hidden dependencies or vulnerabilities.
Recent scrutiny of some companies illustrates how geopolitical considerations now directly affect procurement and operational decisions. While security providers may not control client technology choices, they must demonstrate clear influence through evidence-based recommendations and risk articulation.
Global conflict spillover and domestic impact
Recent international developments demonstrate how rapidly global events translate into domestic consequences. Conflicts in Ukraine and the Gulf, alongside US-China competition, have already driven protest movements, cyber activity, and economic disruption within the UK.
The erosion of international norms and increased unilateral behaviour by major powers further heightens the risk of retaliation, proxy activity, and activist mobilisation. International crime networks are highly adaptive, responding quickly to changes in enforcement and sanctioned regimes. As a result, geopolitical shifts can influence crime patterns and public disorder at street level. For security providers, this reinforces the need to understand how tightly coupled global systems are, from foreign policy decisions to local operational risk.
Anticipatory and resilient security
The prevailing environment demands a shift from reactive security models to anticipatory, resilience-based approaches. Long-term planning, scenario analysis, and adaptive capability are essential in managing sustained uncertainty. The concept of resilience, focusing on flexibility and response capability rather than recovery alone, offers a useful framework (Schneider & McGuirk, 2024). Security must be treated as a strategic function rather than a procedural one; the ability to interpret emerging geopolitical trends, challenge assumptions, and align operational responses accordingly will define organisational resilience.
The global geopolitical landscape is reshaping the nature of security risk at every level. Hostile state activity, institutional fragility, economic competition, and social polarisation are no longer distant concerns but direct influences on domestic stability and organisational exposure. Effective security in this environment depends not on isolated measures, but on integrated, informed, and forward-looking approaches that recognise the interconnected nature of modern risk.
Jon Felix BSc(Hons) MDIP MBCI MSyl M.ISRM Principal Member RSES
Risk and Threat Advisor,
CIS Security
