If the global security risk and threat landscape was characterized as “unprecedented” in the past year, then 2025 is “unconventional.”
Such unconventional security challenges are already emerging amid escalating geopolitical tensions, gray-zone warfare (GZW) actions, the AI arms race, rising insider threats, fragmented extremism, and a growing number of organizations becoming unintended casualties of military conflicts they are not directly involved in.
This theme is common throughout the 2025 Intelligence Estimate, an annual report published by Securitas’ Risk Intelligence Center (RIC). The report, designed to help clients stay informed and in control for the year ahead, examines the most pressing global security challenges, offering a snapshot of the critical issues security leaders should consider in their strategy and planning.
In this blog, we’ll cover five of the top emerging security threats and risks identified in the latest Intelligence Estimate and explore what they mean for corporate security in 2025.
Escalating tensions drive wartime preparedness
Organizations globally, and in particular those in Europe and parts of Asia, are increasingly preparing for “wartime scenarios” as tensions between foreign powers continue to rise. Geopolitical competition, increased instances of sabotage, and other GZW tactics are driving these preparations.
As a result, European nations, including Germany, France, Poland, Italy, and the UK, are increasing defense spending in 2025 and committing to collaborative projects focused on military readiness.
Governments are taking civil measures to mitigate the impacts of potential conflict. In Germany, officials are identifying buildings for use as public bunkers. In Sweden, the government has updated its citizen crisis handbook for the first time in six years, providing advice for war and crisis scenarios, and sent it in physical form to all households. Denmark, Finland, and Norway have issued similar guidance to their citizens.
For corporate security professionals, these shifts highlight the need for ongoing assessments of geopolitical risks, supply chain vulnerabilities, and operational resilience measures. Security planning in 2025 will require an informed understanding of how these broader geopolitical developments might impact organizational stability and decision-making.
Gray-zone warfare threatens critical infrastructure security
GZW – hostile strategies and tactics deployed in the “gray space” between peaceful competition and open conflict – poses an increasing threat to organizations globally, both directly and indirectly. High value targets (HVTs) for GZW actions include aerospace (including military assets), transportation hubs, logistics facilities, government services, and utility infrastructure such as energy grids, water supplies, undersea cables, and pipelines.
Tactics, techniques, and procedures used in GZW range from sabotage and cyber attacks to election interference and covert operations – with strategically ambiguous actions designed to avoid triggering an armed response.
For organizations, particularly those in sensitive industries such as defense, energy, logistics, and technology, these threats are becoming more immediate and more complex. Companies face heightened risks, both from direct targeting by threat actors and from indirect disruptions caused by damage to key infrastructure or services.
To address these risks, organizations must evaluate their exposure to scenario-based threats, including understanding the motivations, intent, and capabilities of potential threat actors. They should also monitor geopolitical developments closely, using intelligence capabilities to identify early warning signs of escalating threats.
Equally important is ensuring access to reliable sources of information while identifying and mitigating the effects of misinformation and disinformation campaigns. Sharing trusted updates with employees can help prevent unnecessary panic and ensure coordinated responses during crises.
Exploitation of drones for espionage and sabotage
Advancements in drone technology continue to fuel risks for corporate security. Widely available, relatively inexpensive, and easy to operate, drones present opportunities for unauthorized surveillance, disruption, and other malicious activities.
Corporate security teams face a growing challenge: distinguishing between harmless recreational drone activity and intentional or even potentially malicious activity. This uncertainty can complicate response protocols and heighten the need for clear procedures and rapid reporting channels when drones are detected near sensitive sites.
The increasing prevalence of drone activity near corporate sites will likely drive investments in drone detection and response technologies in 2025, alongside growing commercial pressure on governments to introduce tighter regulations.
In the meantime, organizations should ensure their security functions understand local drone legislation, establish efficient communication channels for reporting drone activity, and develop response plans to minimize potential disruptions.
Ideological insider threats disrupt business security
Insider threats have long been a concern for corporate security, but ideologically motivated insiders are becoming an increasingly complex challenge.
Personal grievances, political differences, and activist causes are driving employees to act against their organizations, often targeting operations and supply chains. Critical industries – such as technology, financial services, pharmaceuticals, and aerospace and defense – face heightened risk, particularly from actors whose ideological motivations are linked to geopolitics or state-sponsored threat actors.
For corporate security teams, early detection and mitigation are key. Organizations should develop effective insider threat identification and detection programs that monitor behavioral indicators, repeated security violations, and unauthorized attempts to access restricted areas. Pairing human oversight with technology-driven monitoring systems can help create a more comprehensive approach.
Additionally, fostering a culture of transparency and establishing clear reporting channels empowers employees to speak up about suspicious behavior, reducing the risk of threats escalating undetected.
Targeted attacks on executives and politicians intensify
Senior executives and political leaders are facing growing threats, too, ranging from physical attacks to online harassment and information disorder, including misinformation, disinformation, and malinformation. Social media has become a powerful weapon in these efforts – spreading false information, doxing (publicly sharing private or identifying information online with malicious intent), and amplifying threats. However, not every post is cause for concern, and it is important that organizations assess each threat individually. There is a fine balance between alarm and assurance.
For organizations, protecting executives and leaders requires a blend of physical security measures, digital monitoring, and clear reporting protocols. Security teams must proactively track online threats, manage public exposure, and ensure swift responses to suspicious activity.
Throughout 2025, such threats to high-profile individuals are expected to persist, placing continued pressure on businesses and governments to prioritize executive security and adapt their protection strategies accordingly.
Intelligence-led security helps safeguard what matters most
As the year unfolds, addressing these “unconventional” security threats and risks – and the host of other challenges ever-present in daily operations – requires experienced security teams, actionable intelligence, and a balanced approach that blends human expertise with advanced technologies.
Reach out to us to get your free copy of the 2025 Intelligence Estimate and discover how Securitas’ intelligence services can help your organization stay vigilant, prepared, and protected in the year ahead.
