2025 World Emerging Security Forum

Concept Note

2025 World Emerging Security Forum

The Evolution of Hybrid Threats and International Security​

September 8, 2025
Grand Hyatt Hotel, Seoul, Republic of Korea

Concept note

BACKGROUND

The international security environment is undergoing a profound transformation due to the evolution of hybrid threats, which are disruptive, multidimensional, and asymmetric. These threats operate across multiple domains—cyber, economic, political, and informational—blurring the lines between war and peace, state and non-state actors, and conventional and unconventional warfare. While scientific and technological advances have contributed to making the means and methods of hybrid warfare increasingly sophisticated, effective and difficult to counter, they have simultaneously provided tools and capabilities that enhance early detection and effective response to such threats.

Hybrid threats are persistent and permeate our daily lives, as both state and non-state actors seek to exploit their targets’ vulnerabilities to their own advantage by coordinated use of a mixture of measures (i.e. diplomatic, military, economic, technological), while remaining below the threshold of open armed conflict. While hybrid threats and hybrid warfare are not new phenomena, the scale, complexity, and impact of these operations have intensified in recent years as technologies and techniques have been used for malicious purpose. Examples include the hindering of democratic decision-making processes by massive disinformation campaigns, using social media to control the political narrative or to radicalise, recruit and direct proxy actors. By blending digital influence, psychological manipulation, and social engineering, hybrid threats infiltrate everyday experiences, often without being detected.

Furthermore, critical infrastructure has become a prime target for hybrid operations, often with kinetic consequences. Attacks on undersea communication cables, satellite networks, and energy grids can disrupt the functioning of governments, paralyze essential services, and destabilize societies. Cyberattacks against key critical infrastructure sectors—such as finance, energy, and transportation—continue to rise.

Experience over the past decade in many countries has registered an increasing use of hybrid warfare techniques and that trend is likely to continue. This poses new challenges for relations with both allies and adversaries and complicates an already difficult and unstable geopolitical and geostrategic context.

The 2025 World Emerging Security Forum will explore a range of hybrid threats, their evolution, their impact on international security, and ways to counter them. Among these, cognitive warfare has emerged as a key security issue of the present period. It goes beyond the challenge of disinformation, utilising emerging technologies to exert sustained, deep and hard to trace influence on large population groups. The evolution of the cognitive battlefield, however, does not mean kinetic warfare has become unimportant; far from it, emerging technologies are transforming strategy and battlefield tactics with new means and methods of warfare such as drones, robotics, and space-based weapons. This is significantly reshaping the military operational environment.

Meanwhile, traditional kinetic and contemporary cyber forms of warfare and insecurity come together in the domain of securing critical infrastructure. Digitalization has brought profound social benefits but has also introduced serious vulnerabilities. Cyber incidents can lead to major disruptions. Warfare in Ukraine has highlighted how cyber attacks on critical infrastructure can serve as a potent tactic and has revealed the potential for collateral damage. At the same time, physical sabotage of digital services remains a risk, as is all too clear from undersea cable disruptions.

Exploring cognitive, kinetic and infastructure concerns, the 2025 World Emerging Security Forum will explore issues along a continuum of hybridity, combining innovation and traditional concerns and instruments in the security sphere.

The World Emerging Security Forum

The World Emerging Security Forum has become an important meeting place for expert discussion of key issues, challenges and possible solutions and policy directions in an ever-changing security landscape. Since its inception in 2021, the Forum has focussed primarily on the challenges and possible benefits in the security offered by technological advance.

These are driven by innovation in the private sector as well as by the requirements of government policy and strategy. The WESF is a contribution to improving the understanding among multi-stakeholders – including governments, international organizations, academia, businesses and civil societies – and strengthening the capacity to respond creatively and collaborately to the positive and negative impacts of new technologies within the security sphere.

The WESF has grown over the years and in 2024 was joined by approximately 1,500 participants listening to presentations and discussions by 31 international experts.

Date and Venue

The 2025 World Emerging Security Forum will be held on September 8, 2025, at the Grand Hyatt Hotel in Seoul, Korea. We anticipate participation from governments, international organizations, the private sector, academia and the media.

AGENDA

The agenda of the 2025 World Emerging Security Forum will explore three distinct but related aspects of hybrid threats: war on and in the mind, kinetic warfare, and infrastructural vulnerability and resilience.
SESSION 1: COGNITIVE WARFARE

The mind has always been an arena of war. Today, cognitive warfare has evolved into a sophisticated battlefield, where emerging technologies enable deeper and longer-lasting influence and one that is less traceable. Its objective is not just to shape what people think but to change how they think and act.

Disinformation is one instrument of cognitive warfare. It can be deployed through a variety of vectors and media to shape political narratives, spread misinformation, destabilize societies, and undermine the democratic process. The misuse of advanced technology exacerbates these challenge. Deepfake and AI-generated disinformation/misinformation aggravates hybrid threats. In 2022, a deepfake video of Ukraine’s President Volodymyr Zelenskyy calling for surrender circulated widely, demonstrating the potential for AI-generated disinformation to manipulate public perception during conflicts. Looking ahead, quantum technologies could make the challenge even sharper, perhaps by increasing the scale, speed and complexity of cognitive attacks, and perhaps by securely masking their source.

Cognitive warfare has increasingly received attention in multilateral forums such as the North Atlantic Treaty Organization (NATO) and the United Nations (UN). The 2024 NATO Communicators Conference referred to the need, and efforts that have been undertaken, to develop the ability to analyse and counter hostile disinformation The UN SecretaryGeneral has called for a ‘global code of conduct that promotes integrity in public information’ and the 2024 Summit of Future committed to addressing ‘the challenge of misinformation and disinformation and hate speech online and mitigate the risks of information manipulation in a manner consistent with international law’. These forums indicate the increased recognition of cognitive warfare as a strategic threat requiring coordinated international responses. One aspect of the challenge it poses is that, as hostile as it is, it nonetheless remains below the level of active armed conflict and is equally useful to a malign actor before and during open war. It thus has the potential to blur the distiction between wartime and peacetime.

Countering cognitive manipulation and building resilience against hybrid threats requires a proactive, multi-faceted approach—combining technological innovation, regulatory frameworks, and increased public awareness. This panel discussion will explore how to enhance information security and protect societies by understanding the capacities and anticipating the complexities of cognitive warfare.

Guiding questions:

  • How do emerging technologies – such as AI, deepfakes, and quantum technologies – influence the tactics of cognitive warfare?
  • What lessons can be learned from past cognitive warfare campaigns (e.g., election interference, influence operations during conflicts)?
  • What strategies have governments and international organizations adopted to counter cognitive warfare and how effective are they?
  • What trends and challenges can be anticipated in the next decade of cognitive warfare?

SESSION 2: EMERGING TECHNOLOGIES AND THE THREAT LANDSCAPE

Security threats are persistent even if their modalities transform dramatically. As emerging technologies transform the battlefield and the broader theatre of war, new means and methods of warfare such as drones, robotics, and space-based weapons, have come increasingly into view. It is often commented that the war in Ukraine combines the appearance of World War I trench warfare with 21st century and beyond hi-tech combat.

Indeed, militaries worldwide are increasingly leveraging emerging technologies to gain strategic and tactical advantages. These advances include much-enhanced support to decision-making, improvement of monitoring and observation including early warning system, improved targeting, and semi- or wholly autonomous strike capability of some weapon systems. Already there are cases where AI-enabled technologies are being deployed on the battlefield. For instance, the US military has used AI to improve targeting for its operations in the Middle East, the Ukrainian military has deployed AI-powered drones, and the Israel Defense Forces have employed AI-enabled targeting systems in their operations in Gaza. Out of the headlines, more states’ armed forces are exploring procurement of these and comparable technologies.

The long-term balance of military advantage in these emerging technologies is not yet clear. It could favour the offence by supporting covert activities, or the defence by improving detection and rapid response. The increasing accessibility of these technologies could also provide a strategic benefit to actors who otherwise lack
conventional military power, thus amplifying the challenge posed by asymmetric security threats coming from non-state actors. This will likely have a negative impact on strategic stability both globally and in hotspot regions.

Technological progress in these fields is driven by civilian commercial developments. Governments are actively seeking closer collaboration with the civilian sector to enhance their own military capability against hybrid threats. Strengthening private and public partnership in this way emphasizes the importance of including civilian as well as military and political decision-makers in a process of better understanding emerging technologies in hybrid warfare and explicitly addressing their role.

Guiding questions:

  • What are the tactical and strategic implications of key emerging technologies on kinetic warfare and the threat landscape?
  • What are the main trends and what challenges do they pose to national and international security?
  • What role does the civilian sector play in this space, and how do its concerns differ from those of states?
  • What are the best practices for dealing with the security opportunities and challenges that arise from emerging technologies and how can international cooperation contribute?

SESSION 3: THE RESILIENCE OF CRITICAL INFRASTRUCTURE

Much critical infrastructure either depends on digital technology or supports it. This opens multiple dimensions of vulnerability at the heart of our societies. Cyber incidents – whether malign or due to human error or system malfunction – can have profound economic, political, and societal consequences. The 2022 Viasat satellite cyberattack targeting Ukraine highlighted how tactically effective an attack on cyber infrastructure could be. The risk of being affected, even if not a primary target was also highlighted as the attack also hit civilian services in EU countries. The risk endemic when several states share the same service providers. Physical sabotage is also, including energy infrastructure in the case of the 2022 Nord Stream sabotage, and communications infrastructure in the case of the 2024 Baltic Sea submarine cable disruptions

Efforts to protect critical infrastructure have intensified over the past decade. One of the first steps is to identify what constitutes critical infrastructure. The EU has identified a list of critical infrastrucures in its 2016 Network and Information Security Directive, updated in 2022, to provide a baseline for mandated cybersecurity risk management measures for entities to protect their network and information systems. According to a 2023 survey, 100 of 193 UN member states have published lists of what they consider critical infrastructure, with sectors like energy, information and communications technology transport, finance, public services and health being the most commonly mentioned. At the UN, discussions continue regarding the protection of critical infrastructure, including the establishment of voluntary, non-binding norms aimed at refraining from malicious activities against critical infrastructure during peacetime. The UN’s Open-ended Working Group on the Security of and in the Use of Information and Communications Technologies is expected to adopt a final report by July 2025.

Attempting to protect critical infrastructure on a threat-by-threat basis, identifying, anticipating and responding as they arise, is insufficient. The protection of critical infrastructure depends on its resilience regardless of what specific threats and challenges can be identified. This takes the discussion beyond the domain of security as traditionally understood, into the social and economic spheres.

Guiding questions:

  • While technical measures are essential to protect critical infrastructure, what are the social roots of resilience if critical infrastructure is impaired?
  • Can measures in the economic sphere enhance resilience mitigate the impact of attacks on critical infrastructure and facilitate rapid recovery?
  • How can states and the private sector collaborate more effectively to identify and respond to attacks on critical infrastructure?
  • What can individual states do to strengthen the protection of critical infrastructure and how can they collaborate internationally to build resilience?