One year on: The security risks keeping leaders awake

The Healix Risk and Security Advisory Board has since become a critical extension of our team, offering clear thinking and real-world experience when it matters most. 

Now, one year on, we’ve gone back to them with one question: What do you see as the most urgent security risks facing organisations today?

---

General Sir Richard Shirreff, KCB, CBE

Former UK Military and NATO Deputy Supreme Allied Commander Europe

“I stand by what I said last year: the greatest geopolitical risk remains the existential threat posed by a resurgent Russia. But I’d now add that the risk of conflict between Russia and NATO has grown - fuelled by signals from the US administration about disengaging from European security, the strain this puts on NATO’s unity, and Europe’s continued hesitation to step up. Add in the uncertainty and disunity triggered by President Trump’s tariffs, and we’re entering a period of real unpredictability and serious risk.”

---

Sue Williams QPM

Former Officer in Charge of Scotland Yard’s Kidnap and Hostage Negotiation units

“Ransomware remains one of the most urgent risks facing organisations in 2025. These attacks are no longer just disruptive - they’re business-critical. Some organisations never fully recover, with operations halted, data lost, reputations damaged, and regulatory consequences that follow. We’ve already seen high-profile incidents this year that have shut down operations, exposed sensitive data, and triggered regulatory scrutiny. Attackers are more targeted and aggressive, and the fallout from a single breach can take months to recover from. For most organisations, it’s not a question of if but when - making response planning, secure backups, and staff readiness essential.”

---

Dr Catherine Fieschi

Academic and analyst in politics, specialising in the emergence of populism and authoritarianism within advanced democracies

“Last year I flagged the risks of disinformation in a bumper election cycle. This year, we’re dealing with the fallout - deepening fragmentation and polarisation. In the US, democratic norms are under strain. In Europe, the challenge is more complex: responding to shifting US positions on trade and NATO while facing a direct threat from Russia. The rise of populist, pro-Trump and pro-Russian parties - especially in Poland and Romania - could further weaken Europe’s unity on defence and support for Ukraine. For organisations, this uncertainty creates real operational risks. Tariffs disrupt investment and supply chains. Cuts to US aid undermine disaster resilience worldwide. Leaders now face a new internal challenge too: navigating political tension inside the workplace. How do you manage staff divisions on polarising issues? It's becoming a question every CEO has to answer.”

---

Ambassador Ivo Daalder

Leading figure in international affairs, with an extensive career in US politics and diplomacy

“Long a pillar of stability, the United States has become the greatest geopolitical risk for nations and companies around the world. Long-held assumptions about the importance of alliances, the commitment to globalisation and free trade, and the centrality of the US dollar have been abandoned.

Sudden policy changes have created an international climate of deep uncertainty and concern. In contrast, China, Russia, Islamic extremism, and other risks appear more manageable than the chaotic and unpredictable nature of US policy directed largely by the instincts of the president of the United States.”

---

Dr John Lewis

Experienced UK diplomat with decades of working in the policy stream of the FCDO

“I'd reiterate the comments made by other Advisory Board members about US-associated geopolitical risk. Trump’s transactional and isolationist foreign policy is likely to encourage mid-ranking autocratic leaders to act more boldly in their own regions. With the US stepping back, Türkiye and Israel are likely to seek to increase their influence in Syria, Israel will be emboldened to take a harder line on Iran’s nuclear programme, and India’s Modi – not least because of Vance’s visit – risks a miscalculation by pushing for severe retaliation against Pakistan over the April terrorist attack in Kashmir. North Korea is likely to resume provocation, while unresolved conflicts in Sudan and eastern DRC are escalating further as global attention shifts elsewhere. The activities of external players in the Sahel will exacerbate instability across northern Africa.

Decarbonisation is being returned to the back-burner as Western governments seek to re-prioritise defence and security spending in the face of significant economic headwinds and a general rejection of mainstream political parties. Although there was significant hostile, external interference in a number of elections during 2024 (likely to continue through 2025), generative AI appears not to have been as significant a factor as anticipated. But increasingly sophisticated new generations of AI carry increasing risk as well as benefit.”

How should a risk-conscious organisation respond?

These risks aren't isolated. They overlap and amplify each other. In a fragmented, fast-moving environment, organisations must be proactive - not reactive. That means horizon scanning, scenario planning, and ensuring that risk management is joined up across functions.