Security Strategy, Plan, Budget, Network Security, Leadership

Today’s security leaders must adopt an asymmetric mindset

(Adobe Stock)

COMMENTARY: For years, we’ve spoken of convergence, hybrid threats, and asymmetric risk. They’ve been staples of conference agendas, board updates, and strategic reviews. We all agreed that someday these forces would collide in ways that demand new thinking from security leaders.

That “someday” has arrived. It’s not a forecast. It’s the reality unfolding in cascading incidents that leap from one risk domain to another before we even know the first domino has fallen.

[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]

This isn’t a new conversation. It’s one we’ve had for decades. The difference today: the cost of not acting is no longer theoretical. We saw this coming, we named it, but the leadership structures to manage it have lagged behind.

Yesterday’s discussion

We’ve had the vocabulary for years. We just didn’t embed it. After 9/11, government agencies learned that intelligence must cross domains to stay effective, investing in fusion centers and joint task forces. In corporate security, we acknowledged the lesson, but largely kept cyber in IT, physical in the global security operations center, and reputational risk in marketing’s lane.

Early signs of cyber-physical convergence were easy to dismiss. Social platforms used for targeting? “That’s PR’s problem.” Coordinated disinformation campaigns against brands? “That’s marketing.” We knew better, but our incentives and structures kept us siloed.

The result: our language evolved, but our leadership models remained unchanged.

Today’s dilemma

We’ve built an unbalanced view of threats. We pour resources into the risks we know how to manage — firewalls, access control, guard contracts — while neglecting the ones that move fastest and cut deepest: hybrid, cross-domain, and narrative-driven threats.

Consider the Salt Typhoon campaign in 2024. State-linked actors compromised multiple U.S. telecom networks for nearly a year, breaching routers, core systems, and even National Guard networks. What began as a cyber incident rippled across national security.

Or, the hybrid criminal case in which a fake recruiter on LinkedIn lured a corporate employee into downloading malware while coordinating physical intimidation. Digital, physical, and psychological tactics in one operation.

These aren’t edge cases. They’re becoming the baseline. And adversaries, whether criminal, activist, or state-sponsored, often understand the seams in our organizations better than we do.

The convergence gap

Talking about convergence is not the same as leading for it. Many of us can articulate the need for integration. Far fewer have built the relationships, operational rhythms, and governance to make it happen. And that’s where modern threats thrive.

Why?

Because our org charts work against us. Cyber reports to the CIO. Physical to the COO. Legal sits alone. Comms has been embedded in marketing. We end up with no unified operating picture, no common rhythm of information flow, and no rehearsed playbook for a hybrid incident.

I’ve seen organizations with the intelligence to stop a threat early… but the dots weren’t connected in time. Not because the data didn’t exist, but because the structure wasn’t designed to act on it.

Break the silos

The modern CSO must builder a coalition. That means:

  • Unified intelligence across cyber, physical, comms, and legal — as a standing practice, not a crisis measure.
  • Cross-functional rehearsals that run hybrid threat scenarios before they happen.
  • Shared ownership of risk, so the enterprise understands the brand, operational, and safety implications of every vector.

It’s more than coordination: it’s deliberately closing the seams that attackers exploit.

The asymmetric mindset

Asymmetric actors win by exploiting tempo, surprise, and blind spots. As the former U.S. Army Asymmetric Warfare Group explained, its mission was to “identify critical asymmetric threats… through global first-hand observations,” enabling rapid adaptation in a shifting threat environment. That’s the same level of insight security leaders should demand whether from small teams or entire corporations.

They don’t respect our categories. They will hit us digitally, physically, and reputationally in whatever sequence maximizes confusion and slows our response. They’ll use low-cost tools to cause high-cost damage: small moves, outsized effects.

The Russian hybrid operations expected around the 2025 NATO Summit — from undersea cable sabotage to coordinated disinformation — are a geopolitical reminder: threat playbooks are fluid, objectives cross domains, and speed is a weapon.

To lead security now, shift from incident response to threat interception. That requires us to do the following:

  • Think like an adversary.
  • Anticipate cross-domain consequences.
  • Make agility in decision-making a core leadership skill.

Remember that reform tweaks. Revolution rewires. Reform adds a liaison between cyber and physical. Revolution creates a single intelligence and operations hub that treats threats as fluid, not fixed.

A revolutionary CSO will do the following:

  • Fuse protective intelligence directly into operational decisions.
  • Design governance that forces convergence thinking into daily operations.
  • Measure success by what doesn’t happen, because it was intercepted early.

This isn’t just about defense. In an era where resilience and trust are competitive advantages, converged threat leadership becomes a differentiator.

Moving forward our choice as security leaders is clear: We must lead the integration, or let the seams in our organizations become the entry points for the next crisis. And, we have to treat convergence as the operating model or find ourselves left managing yesterday’s threats while tomorrow’s attack unfolds.

The threats are asymmetric. We have to make our leadership that way, too.

Chuck Randolph, senior vice president, strategic intelligence and security, 360 Privacy

SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds