Five Takeaways for Business Leaders
What Business Leaders Need to Know
Global leaders, policymakers and industry experts gathered in February at the Munich Cybersecurity Conference, this year themed 'Uncertainty on the Rise', to discuss emerging cyber threats, evolving intelligence practices and the challenges of international cooperation in strengthening digital resilience.
Brunswick's global cybersecurity team participated in several panels at the event, exploring topics ranging from cybersecurity hot topics for 2025 to the challenges of navigating rapidly changing global information ecosystems.
Here are our five takeaways for business leaders from this year's conference:
Geopolitical conflict is fueling an increase in cyberattacks
Cybersecurity is now a key component of geopolitical strategy, with state actors and their supporters using cyber tools to advance their national interests. Cyber leaders from Estonia, Japan, Canada and Ukraine highlighted how escalating geopolitical tensions are fueling an increase in cyber attacks. Russia's ongoing cyber operations beyond Ukraine, as well as China's strategic cyber activities, are targeting not only government institutions but also private companies, particularly those in critical infrastructure sectors. Organisations need to proactively address their growing risks and reputational vulnerabilities in this evolving geopolitical landscape.
AI is fueling more cyber risk for businesses
As businesses incorporate AI into more of their operations, they are also taking on additional cyber risk—often unknowingly. While AI-driven automation improves cyber threat analysis and response, it also generates huge amounts of sensitive data in the course of day-to-day work—such as AI transcriptions of meetings. All this additional data increases risk exposure. In addition, companies may reduce access controls to maximise AI's potential for collaboration within teams, which will also weaken security. Panelists highlighted specific concerns about AI weakening encryption standards, which could undermine data confidentiality, enable faster decryption of sensitive information, and increase the risk of unauthorised access. Organisations should look to mitigate these risks by adopting as security by design approach to their AI applications.
Disinformation and deepfakes are putting business continuity at risk
Digital attacks are no longer limited to traditional cyber infiltration. They now include misinformation and disinformation campaigns and the manipulation of public opinion against a wide range of targets, including businesses. The rise of AI-driven disinformation and deepfake technology poses a significant challenge to democratic institutions and business continuity. Deepfake technologies combined with cyber-phishing techniques can increase the effectiveness of criminal fraud. To counter these threats, governments and the private sector need to develop AI-specific security protocols, enhance cross-border information sharing, and build cyber resilience into critical infrastructure through public-private partnerships.
Human element remains key to countering threats and responsible AI
Despite the growing role of AI in cybersecurity and intelligence, human decision-making remains crucial, especially in high-stakes situations. Governments now have to respond to cyber incidents within hours, increasing the pressure on intelligence agencies and policymakers. While AI can assist in intelligence gathering, threat detection and analysis, expert human oversight is required to ensure accuracy, prevent errors and guide policy decisions. Organisations need to integrate AI-driven tools, while maintaining appropriate accountability and 'human-in-the-loop' intervention to effectively mitigate AI-derived inaccuracies and hallucinations.
Global regulatory fragmentation is weakening cyber resilience
Regulatory alignment across regions, in particular between the EU, the US and other global partners,
is essential for effective cyber defence. Large-scale cybersecurity initiatives, such as expanding digital security policies and investing in infrastructure resilience, should be prioritised to counter growing threats. Strengthening transatlantic cooperation remains important, but cybersecurity efforts must also adapt to evolving shifts in geopolitical priorities. Moreover, balancing oversight with encouraging and empowering innovation requires a pragmatic approach to regulation and policies that promote security without stifling technological progress.
Conclusion
Discussions on stage and on the sidelines at the MCSC 2025 reinforced that cybersecurity is not just a technical challenge, but a fundamental pillar of global security. Governments, businesses, militaries, and civil society must work together to build a more resilient and secure global digital ecosystem. The conference called for greater investment in cybersecurity, improved information-sharing mechanisms, and a commitment to protecting democratic institutions from digital threats. The way forward requires a collective effort to adapt, collaborate and innovate in the face of an increasingly complex cyber and geopolitical landscape.
