Monday, July 13, 2026Français/English
The foundations behind the news.
The Foundations
THE FUNDAMENTAL
Science & Futures · July 3, 2026

Cybersecurity and digital sovereignty

Defences have never been more effective, and yet cybercrime costs more than ever: around 10.5 trillion dollars in 2025. Behind every data breach lies an invisible battle for control of infrastructure, software and encryption. Understanding cybersecurity and digital sovereignty means grasping who really holds the keys to the connected world.

Cybersecurity and digital sovereignty

The data you encrypt today is already stolen: it is simply waiting for 2035

In 2025, only one ransomware victim in four agrees to pay, a record level of caution. At the very same moment, the global cost of cybercrime reaches an all-time high. Defences improve while losses explode: this paradox sums up the state of digital security.

That cost is estimated at roughly 10.5 trillion dollars for 2025 alone. Treated as a country, cybercrime would rank as the world's third largest economy, behind the United States and China. No border contains it. No conventional army stops it.

Behind these figures lies a question wider than mere data protection. Who controls the infrastructure, the data and the software on which an entire society depends? That is the challenge of digital sovereignty, the political twin of technical cybersecurity.

You may never have suffered a visible hack. Yet your health records, your passwords and your messages travel every day through systems you do not control. Understanding who protects them, and who might read them, has become a basic skill.

Key marker: if cybercrime were a country, its annual output would exceed the GDP of every economy on the planet, except two.

The basics you need to know

Two ideas never to confuse

Cybersecurity refers to the set of means that protect computer systems, networks and data against unauthorised access. It is first a technical matter: firewalls, encryption, intrusion detection and password management all belong to it.

Digital sovereignty, by contrast, refers to the ability of a state or an organisation to control its own infrastructure, data and technology. It is political and economic. You can be very well protected while remaining wholly dependent on a foreign supplier.

The distinction is decisive. A hospital can encrypt its records perfectly, yet host them on a cloud governed by foreign law. Its technical security is real, its sovereignty is not. The two ideas complement each other without overlapping.

This is why the two must be judged together. A perfectly defended system placed under someone else's control is only half safe. Security asks whether the door holds; sovereignty asks who else owns a copy of the key.

A short history of cyber conflict

The first digital clash between states dates back to 2007, in Estonia. For twenty-two days, a wave of denial-of-service attacks paralysed the country. This type of attack floods a server with requests until it becomes unreachable for legitimate users.

Banks, ministries, newspapers and the Estonian parliament were blocked. The country's main bank lost around one million dollars. The lesson struck home: a small, highly connected nation could be brought down without a single soldier. In response, NATO set up its cyber defence centre in Tallinn.

In December 2015, a new frontier fell in Ukraine. A cyberattack cut electricity to nearly 230,000 people, in the middle of winter. It was the first major blackout in history caused by malicious software. The target was no longer information, but the physical world itself.

Two years later, in 2017, the malware NotPetya hit Ukraine before spreading worldwide. Malware is a program designed to damage or hijack a system. NotPetya paralysed ports, laboratories and multinationals, at a global cost estimated near ten billion dollars.

Between these dates, the nature of the threat shifted. The digital vandalism of the early years became a strategic weapon, an instrument of power between nations. Cybersecurity moved from the IT department to the defence council.

This militarisation carries a lasting consequence. Tools built by states rarely stay contained; they leak, get copied and reappear in criminal hands. The most damaging attacks on ordinary companies often reuse techniques first designed for espionage or sabotage between powers.

Anatomy of a cyberattack

Most attacks follow a similar script. It often begins with phishing, a trapped message that imitates a trusted source to steal a password. This human entry point remains, by far, the most exploited weakness in the world.

Once inside, the attacker looks for a vulnerability, meaning a flaw in unpatched software. It then moves from machine to machine, a quiet progression called lateral movement. It ends by exfiltrating data or triggering its ransomware, sometimes weeks after the intrusion. Grasping this chain reveals where a defence holds, or breaks.

Why the attack surface keeps growing

The number of entry points has never been higher. Remote work, connected objects and the migration to the cloud multiply the access routes to defend. Every phone, every industrial sensor, every online service becomes a potential target for a patient attacker.

This shift mainly favours the attacker. It only needs to find a single flaw, while the defender must cover them all. This structural imbalance explains why perfect security does not exist, and why the real question has become one of acceptable risk.

Article written by The Foundations. The foundations behind the news.

thefoundations.co