Drawing on more than a decade of experience working with cybersecurity, digital transformation, and critical infrastructure resilience in Ukraine and across Europe, Mary Prokhorova presented a framework for understanding how hybrid threats are reshaping both business risk and organizational leadership.

“The boundary between information warfare and market risk has collapsed,” she explained during the presentation. “Cyber operations, disinformation, and reputational attacks increasingly happen simultaneously - and organizations need integrated responses.”

Rikard Westerberg, Director of the Center for Statecraft and Strategic Communication, opening the lecture on information warfare and business risk at SSE. Photo: Johanna Ståhlberg

Anna Anisimova, researcher at the Stockholm Institute of Transition Economics (SITE), introducing the event at the Stockholm School of Economics. Photo: Johanna Ståhlberg

Ksenia Mischa Rundin, postdoc fellow at the Center for Statecraft and Strategic Communication (CSSC), welcoming participants and providing background to the lecture. Photo: Johanna Ståhlberg

From technical incidents to business crises

Throughout the lecture, Prokhorova emphasized that cyber incidents can no longer be treated as isolated technical failures. Instead, they often trigger wider operational, financial, reputational, and regulatory consequences across organizations and supply chains.

Using examples from manufacturing, retail, media, telecommunications, and financial services, she illustrated how attacks today spread across multiple layers of society and business simultaneously.

Mary Prokhorova speaking at the CSSC and SITE lecture on information warfare and business risk. Photo: Johanna Ståhlberg

One recurring theme was the growing gap between the speed of attacks and the speed of organizational response.

“AI-speed threats require AI-speed adaptation,” Prokhorova noted, pointing to the rapid rise of AI-generated fraud, synthetic identities, and deepfake attacks.

She highlighted how ransomware operations increasingly function as platform economies, where malware developers, access brokers, and affiliates operate in interconnected criminal ecosystems with low barriers to entry.

Ukraine as a preview of future threats

A significant part of the lecture focused on Ukraine’s experience of hybrid warfare over the past decade. Prokhorova described how cyberattacks, disinformation campaigns, and attacks on critical infrastructure have evolved alongside geopolitical conflict.

Referencing incidents such as NotPetya, attacks on energy systems, and breaches of government infrastructure, she argued that Ukraine has become an early warning system for challenges now emerging across Europe.

Mary Prokhorova presenting her framework for hybrid threats and integrated responses. Photo: Johanna Ståhlberg

“Ukraine’s experience is not exotic,” she said. “It’s a preview.”

She also discussed the work of the Nordic-Ukrainian Working Group, which brings together Ukrainian and Nordic organizations to share threat intelligence, cybersecurity practices, and approaches to protecting critical infrastructure.

Why communication and cybersecurity must work together

A central argument throughout the lecture was that organizations can no longer separate technical incident response from communication and leadership.

Prokhorova described what she called the “integration gap” - the disconnect that often exists between cybersecurity teams and communication departments during crises.

“Neither firewalls nor press releases are enough on their own,” she explained.

Instead, she argued for hybrid resilience models where technical response, crisis communication, and governance structures are integrated from the beginning.

Several examples highlighted how reputational and regulatory impacts can quickly become as damaging as the technical incident itself. In sectors affected by EU regulations such as NIS2, DORA, and the AI Act, business leaders increasingly face personal accountability for cyber preparedness and response.

Audience members listening during the open lecture on cybersecurity at the Stockholm School of Economics. Photo: Johanna Ståhlberg

Security as an organizational challenge

The lecture concluded with a discussion on what this changing threat landscape means for business leadership and governance.

Prokhorova stressed that organizations need to rethink preparedness not only as an IT issue, but as a strategic management issue involving boards, executives, communications teams, and operational leadership.

From left to right: Ksenia Mischa Rundin, Rikard Westerberg, Mary Prokhorova and Anna Anisimova. Photo: Johanna Ståhlberg

The event brought together participants from academia, business, and the public sector, reflecting the growing recognition that resilience and security increasingly depend on collaboration across sectors and disciplines.

The lecture was hosted by the Center for Statecraft and Strategic Communication (CSSC) and the Stockholm Institute of Transition Economics (SITE) at the Stockholm School of Economics.