Global instability driving increased security risk

Continued geopolitical instability, cyber threats enhanced by AI, and the rise of authoritarianism are pushing governments worldwide, including Australia, to strengthen their security posture. Based on President Trump’s stated intent during his first year in office, we predict his administration will continue to drive for significant change in the global status quo during 2025—all of which will have a profound impact on Australia’s security risk landscape.

A key driver of change will be growing tension in the Indo-Pacific region, particularly any US reaction to China’s increasingly aggressive posture in the South China Sea and President Trump’s follow through on his election promise to impose tariffs on all goods from China. As Australia attempts to harden itself to these external factors, organisations across sectors—especially those involved in critical infrastructure—will face heightened regulatory and compliance requirements. This will include increasing scrutiny over supply chains, the provenance of third-party suppliers, data protection, and system resilience to prevent both physical and cyberattacks. Organisations should prepare for increasingly stringent security requirements and greater scrutiny from government regulators.

The Australian Government will continue to tighten policies to safeguard critical infrastructure, with the Security of Critical Infrastructure Act expected to evolve in response to emerging cross-border threats. Expectations on businesses to demonstrate robust enterprise-wide security practices will grow and will require leaders to address the rising risk of foreign interference and intellectual property theft, particularly as geopolitical tensions fuel strategic competition.

The importance of securing sensitive data, establishing resilient communication systems, and adopting advanced cybersecurity solutions will be critical to mitigating these risks. Organisations that proactively invest in an enterprise-wide approach to security risk management and infrastructure resilience will be better positioned to navigate this complex and volatile environment, while those that fail to do so may face significant operational, financial, and reputational risks.