Modern conflict is no longer confined to war zones, with technology advances enabling adversaries to reach far beyond border regions. This is true not just in kinetic warfare, with drones and missiles capable of coordinating strikes thousands of kilometres apart. It’s equally true in digital warfare, where nation states are among the most malicious actors when it comes to disrupting and disabling infrastructure.
Our entire economy and our society — from finance and business to healthcare and transportation — rely on interconnected infrastructure systems. This makes the security of that critical infrastructure a concern of national security proportions.
Put that way, you may understand the urgency, but the reality is more nascent. While the defence industry has become comfortable talking in terms of drones and distance strikes, it is yet to truly embrace the concept of digital defence.
However, as the threat landscape continues to evolve, it is clear that cybersecurity is no longer just the purview or concern of the tech sector; it needs to be a priority for the defence sector, too.
La guerre sans frontières
Although conflict zones are still very real, warfare overall has become decentralised. This can be seen in Ukraine and Gaza, where a drone launched from a garage or a cyber attack orchestrated from the other side of the world can cause catastrophic damage. It is warfare without borders.
Military assets are often targets, but civilian infrastructure — energy networks, telecommunications systems, transport corridors, water supplies — has also become vulnerable in modern conflict. Cyber operations and digital sabotage now routinely accompany political disputes and proxy wars.
Attacks targeting these assets are becoming commonplace. The NCSC estimates that the UK suffers four ‘nationally significant’ cyber attacks every week. This trend also reveals a structural vulnerability: our most important systems were not designed to withstand this constant digital siege.
Ukraine offers a stark warning. Since Russia’s 2022 invasion, cyber-attacks against Ukrainian systems have risen dramatically, targeting not only military networks but also the electricity grid and government databases (overall it’s estimated that there has been $175 billion in damage to Ukraine’s critical infrastructure since the start of the war).
As political tensions increase, we can expect the attacks on our infrastructure to ramp up as well.
Making defence digital
Artificial intelligence and automation are transforming our civilian infrastructure, from predictive maintenance in power plants to autonomous inspections of energy assets.
But any use of AI creates new potential vulnerabilities. When every sensor and connected device becomes a possible entry point, resilience must be engineered into the system from the start. Cybersecurity can no longer be treated as an afterthought. It must be a design principle.
As we have seen time and again, hostile actors are using these same technologies to create far more sophisticated cyber attacks. It’s not just deep-fake phishing or simple network disruptions. We’re now seeing “polymorphic” malware like Virlock, which can change its own code to avoid detection, AI tools that can scan for weaknesses and break in automatically (ironically not unlike cybersecurity tools designed to do the same thing to help organisations improve their profiles), and even malicious capabilities quietly planted inside software or hardware long before a product is ever used.
These techniques allow attackers to hide inside critical systems for long periods, waiting for the right moment to disrupt operations or gather intelligence.
Governments across the West are finally beginning to recognise these changes. At the NATO Summit earlier this year, the alliance reaffirmed its commitment to technological resilience, but greater investment in defence innovation is still needed.
Cybersecurity is national security
The UK and its allies are beginning to adapt. New public-private task forces are being formed to harden infrastructure, improve incident response, and accelerate recovery after disruptions.
The UK’s Strategic Defence Review, for instance, placed a welcome emphasis on energy resilience, telecommunications security, and cyber readiness.
But there is still far more to be done. Threat actors are now using AI to close the gap between highly-resourced state groups and low-skill operators, making an ‘early’ sophisticated attack far more accessible.
At the same time, secure-by-design approaches that once felt adequate are struggling to keep pace with rapidly evolving software, new hardware deployments, and an expanding set of regulations and standards. These challenges are being addressed by a new generation of startups, but they need support. The agility and experimentation required to stay ahead of modern threats is not easy, and must be backed by investors and policymakers alike.
The defence of the future will not be measured in the number of tanks or jets, but in the resilience of systems that keep modern life running.
The front line of modern conflicts runs through our fibre-optic cables, power grids and data centres, protected not by soldiers and weapons, but by engineers and analysts. Investing in this new, startup-driven vision for defence is not just an economic priority; it is a matter of national survival.
Toby Wilmington is co-founder and CEO of Periphery, a British startup building embedded AI threat management for critical infrastructure and defence. Previously, he built NATO’s incident response capabilities, and was also a cybersecurity consultant for BAE Systems, where he worked with UK and European governments, and clients in energy and mining.
