The shocks to the global stage have become almost daily. Uncertainty, a declared enemy of investors, has become a constant increasingly measured in Boardrooms worldwide. Boards threatened on more and more fronts because to geopolitics, tariffs are now joined by the danger of cyberattacks or digital scams.
No one wakes up one morning and wonders if their remote coworker is actually a North Korean spy, but these are realities that are happening, explain Jim Needham and Mike Driscoll, senior managing directors of the global National Security team at FTI Consulting, the strategic consulting giant.
"What we are doing right now is working with our clients to help them navigate these uncertainties and face these geopolitical threats. What we used to do for national security, we now do for the private sector," summarizes their work, Driscoll, a member of one of the trendiest professions in the international world.
Like Paul Abbate, also a senior managing director in this field, they both share a past in the FBI, while Needham comes from the defense industry. During a visit to Madrid, they discussed with EL MUNDO how the world of geopolitics is increasingly closer to the business world.
"The companies that will be most successful are those that are more agile and capable of preparing for uncertainty," emphasizes the former FBI agent, who also explains how to do it. "In the world of cybersecurity, it has become very common to conduct drills with executives on cyberattacks. The same applies to geopolitics," points out the executive in a conversation that takes place amidst tension surrounding Trump's intention to annex Greenland.
Needham, specialized in international trade, gives the example of the growing number of sanctions globally following the start of the war in Ukraine and the need to have a chain with trusted partners to avoid these situations or allow quick changes in case of situations like tariffs.
However, the area that continues to cause the most headaches is the digital world and exposure to cyberattacks, a widespread issue for all companies where states are increasingly influential. "The collaboration between organized criminals and some nations is always there," emphasizes Abbate. "Many nations use cyberattacks to generate income or gather intelligence," Driscoll points out.
Spain plays a prominent role in the global cybercrime map, as it is one of the countries that receives the most attacks. The National Cybersecurity Institute (Incibe) recorded 122,223 cybersecurity incidents last year, 24% more than in 2024.
Ollie Gower and Andrés Parro, responsible for Cybersecurity at FTI Consulting in Spain, point out that there are three elements that can explain this high volume of attacks: the Spanish language, which causes Spain to receive attacks in Spanish and English, the exposure of companies' supply chains to Latin America, a region less prepared for cyberattacks, and the high number of SMEs with fewer resources to invest in cybersecurity.
A key element in assessing technological investments is the role of artificial intelligence (AI) and its integration into companies' structures.
"We already see situations where AI has been used to generate fake work emails that lead to deploying a virus or identifying network vulnerabilities to attack," explains Driscoll. The landscape is complex and encompasses different layers.
"You need a strong governance model when implementing it to ensure there are no blind spots where it is being applied without the board's visibility," emphasizes Gower, warning that it is a practice that can create vulnerabilities unknown to the company's security team until they are exploited. The same applies to purchased solutions. In a world where you kick and three AI startups come out, the consultant urges to verify the security of all solutions integrated into the company and check their certifications.
"Another key element is employees and subcontractors. Many of them work remotely today, and we see a lot of issues, some who enter the company and do not work directly, or others who have three or four remote jobs and subcontract them to someone in another country who charges less money," Needham intervenes.
One of the most striking cases of this type has been the discovery of numerous North Korean IT workers who had entered companies in the country impersonating identities.
"We are talking about many, many cases throughout the United States that were not who they claimed to be, nor lived where they said they lived, nor did the work they were hired for. They just wanted to steal the organization's resources to take them to their country and potentially gather information or, in the worst-case scenario, create vulnerabilities that could be exploited later," explains Driscoll.