European companies are currently grappling with an array of nefarious activities, ranging from cyberattacks and drone surveillance to direct sabotage. These businesses serve as the bedrock of national functionality, which arguably makes them primary targets for adversaries. Despite these mounting risks, most nations lack formal mechanisms for the regular exchange of threat intelligence between the public and private sectors, representing a significant missed opportunity. However, a newly formed Swedish committee provides a practical example of how such coordination can be achieved efficiently and affordably.
In April, Offshore Energies UK reported drone sightings near offshore energy assets. Graham Skinner, the trade body’s health and safety manager, explained to the BBC that these platforms—situated 100 to 150 miles offshore—are typically isolated. When crews observe lights in the sky or suspicious movement, it is clearly out of place. Such activity suggests an intent to identify vulnerabilities, test response times, or conduct surveillance. These incidents are not isolated to the oil and gas sector; recent months have seen drones hovering near various land-based facilities, including arms factories.
The range of attacks is extensive. In January, sabotage of power cables in Berlin left approximately 100,000 residents without power, heating, or internet access for days. Additionally, there have been arson attacks targeting shopping centers, warehouses, and defense contractors, alongside parcel bomb attempts on airliners, persistent cyberattacks, and suspicious maritime incidents. On June 15, Finnish prosecutors formally charged the captain and an officer of the vessel Fitburg with aggravated sabotage and interference with communications networks, following an incident on New Year’s Eve where the ship struck cables in the Gulf of Finland.
It is unsurprising that companies are facing such an onslaught, as they are vulnerable and essential to societal operations, yet cannot be guarded by police or military around the clock. According to an annual risk survey by the insurance broker Willis Towers Watson, 26 percent of European firms identified grey-zone attacks linked to Russia as a major concern. When detailing specific threats, 65 percent cited attacks on infrastructure, 61 percent pointed to economic coercion or retaliation, 56 percent feared state-sponsored cyberattacks, 39 percent expressed concern over hostile export controls, 37 percent highlighted marine disruption, and 32 percent identified risks to executives, including wrongful detention or assassination attempts.
While businesses are actively tracking these geopolitical threats, they lack the comprehensive intelligence resources available to government agencies. Conversely, intelligence services often lack the granular operational knowledge held by private companies. A regular exchange of information, managed within appropriate classification levels, would better position both sectors to navigate grey-zone scenarios or potential war. While the U.K. previously explored such collaboration without success, the need has only grown.
Sweden has now launched a business council to address this, acting as a national-security coordination hub. Comprising CEOs of vital Swedish companies and co-chaired by the defense chief and the director-general of the Swedish Civil Defence and Resilience Agency, the council aims to integrate the business community into national defense capabilities. Chief of Defence Gen. Michael Claesson noted that this strengthens the country’s collective resilience. Although the council currently meets twice a year—with the flexibility to meet more often if needed—it serves as a cost-effective way to pool leadership expertise. Similarly, Germany has established a center for defense against hybrid threats. These innovations represent a vital, practical approach to modern security, and it is likely that the private sector would welcome such partnerships given their firsthand exposure to these evolving threats.
