Modern Cyber Risk Is Breaking Longstanding Security Assumptions
Modern geopolitical tensions now extend well beyond traditional statecraft. They increasingly manifest through wiper malware attacks, distributed denial-of-service (DDoS) attacks against critical organizations, and coordinated disinformation and influence operations designed to shape public perception in real time.
Even as active flashpoints evolve and direct confrontation fluctuates, organizations are left operating in a sustained environment of elevated cyber and systemic risk.
In a recent PaymentsJournal podcast, Teresa Walsh, CEO and Founder at Integrated Intelligence Solutions, and Tracy Goldberg, Director of Cybersecurity at Javelin Strategy & Research, discussed how financial institutions can strengthen operational resilience and build more integrated cybersecurity strategies in response to this shifting threat landscape.
Perhaps most importantly, the direction of travel is clear: public and private sector coordination is no longer optional. It’s becoming foundational to how organizations anticipate, withstand, and recover from disruption.
The Changing Cyber-Risk Landscape
These capabilities are increasingly critical because the cybersecurity landscape has reached an inflection point. Ongoing geopolitical volatility has pushed cyber resilience to a top priority for most organizations.
Coordinated cyber-attack campaigns now often blend network intrusion, disruption, and disinformation, creating cascading impacts .
“When two nations are fighting against each other, one of the things they’ll always go after is your communications system and probably your energy systems as well, because they’re trying to disrupt the other guy and make their lives harder,” Walsh said.
“If you’re a private sector company, like a banker or some other type of company, you have to understand what you are going to do if you don’t have access to the internet or if you don’t have access to power to even turn your computers on,” she said.
There are many documented examples of how these tactics are used in modern conflicts, including cyber attacks against critical infrastructure, large-scale malware campaigns, and disruptive events.
These incidents can assume many forms. Disinformation and misinformation campaigns are especially prevalent during periods of instability, often used to create public confusion or shift narratives.
There have also been cases where nation-states, directly or indirectly, leverage fraudulent activity, including account takeovers or money-mule recruitment to launder funds. Increasingly, these operations are augmented or outsourced to third parties like hacktivist groups or cybercrime syndicates, which can operate independently or align with broader geopolitical objectives.
Withstanding Disruption
High impact cyber incidents have demonstrated how disruptive these types events can be . In some cases, enterprises have experienced widespread device outages, operational shutdowns, and recovery timelines extending over multiple weeks.
This begs the question for all organizations, especially financial institutions: Are they prepared to withstand a 30-day disruption—whether impacting their own operations or those of a critical third-party provider?
“Most of the time when we talk about disruption, even when your regulator talks about disruption, they’re not talking in terms of 30 days,” Walsh said. “They’re usually talking in terms of three hours or maybe a day or two. The concept of a 30-day disruption, that might completely wipe out a company, wipe out their entire profit, and wipe out their customer base and their reputation.”
While such scenarios may appear unlikely, ongoing geopolitical instability and the increasing sophistication of cyber threats makes it essential for organizations to plan for extended disruption.
Institutions must also look beyond their own operations. As reliance on third-party vendors grows—often across multiple jurisdictions—these relationships introduce additional systemic risk. For example, a fintech partner with significant operations in a region affected by a conflict could create downstream operational impacts for a bank.
This makes it critical for financial services firms to map dependencies, identify concentration risk, and understand the complexity of their external ecosystem.
“We talk so much about third-party risk, and we don’t even have a handle on third parties, but no organization out there—I don’t just limit it to financial institutions—has a good handle on who their fourth and fifth parties are,” Goldberg said.
“As you are mapping out your enterprise and your systems and your network and all of those different entities upon which you rely, if any of those were to go down, what would the domino effect be?” she said.
The Expanding Cyber Discussion Toward ‘Cyber Fusion’
Alongside external risks, internal approaches to resilience are often fragmented. One common challenge is the divide between fraud prevention and cybersecurity teams, which increasingly need to operate in close coordination.
“When I started out at my first bank, my boss said that we in the cyber team have visibility that the fraud teams don’t and we need to be able to share that with them,” Walsh said. “Anything that we have on the cyber side that can affect the fraud space—tell them, communicate, help them try to see how we can make it better and how we can make the bank more resistant to cybercriminals .”
This collaboration becomes even more important during periods of geopolitical volatility, when cyber risk, financial crime, and fraud often converge. In these situations, policies related to know-your-customer and anti-money laundering may need to be adapted in response to changing cyber risk .
Addressing these challenges requires enterprise-wide alignment and cross-functional coordination, which is becoming an important trend in modern resilience strategies.
“We could even bring HR into the discussion; because we know, in addition to rogue employees, we also have individuals who are applying for positions who are just trying to infiltrate the organization,” Goldberg said.
“But then you also have the socially engineered pieces ,” she said. “We know that most compromises getting into a company’s network, or even data breaches, they usually come back to a phishing attack—someone was manipulated who has admin rights or access gets conned. There’s a lot of ways that this cyber fusion discussion could expand.”
The Role of the Private Sector
Beyond internal collaboration, rising cyber threats have made cooperation between public entities and private organizations essential, particularly during periods of geopolitical instability.
“We saw a wonderful example leading into the Ukraine war with Russia, where several U.S. technology companies and cybersecurity companies went in and helped them out,” Walsh said. “They helped them transfer vast amounts of information to the cloud to be able to make sure that if something did happen, the data wouldn’t be lost forever, and they would still be able to operate.”
“It was a wonderful example of how the private sector can help a country when these things happen,” she said.
Often, private companies are well positioned to respond quickly due to access to specialized talent, infrastructure, and threat intelligence capabilities. However, this collaboration is not purely altruistic. Given the interconnected nature of the global digital economy, localized cyber incidents can rapidly escalate into broader systemic disruption, affecting industries and regions far beyond the initial target.
“From a resiliency standpoint in the financial services industry, larger financial institutions have an obligation to share information with smaller institutions ,” Goldberg said. “And from a global perspective, especially as we think about cyber resilience, we’re only as secure as those smallest nations.”