The methods of modern economic espionage are a complex mix of traditional human intelligence operations and cutting-edge cyber techniques. Foreign intelligence services, often with government support, actively seek to illicitly acquire sensitive information from key industries, including advanced computing, pharmaceutical, aerospace, and energy.

Traditional methods include recruiting corporate insiders who, through financial incentives, ideological persuasion, or blackmail, gain access to a company’s most sensitive data. These operations may also involve physical infiltration of a company’s facilities, such as placing an agent in a surreptitious role within the supply chain to obtain proprietary information. On the cyber front, the threat is even more pervasive. Adversaries employ sophisticated spear-phishing attacks to access corporate networks, deploy advanced malware to exfiltrate data covertly, and conduct supply-chain attacks that compromise software or hardware during manufacturing. This combination of physical and digital tradecraft allows foreign intelligence services to bypass traditional security measures and access vital research and development data, manufacturing processes, and business strategies at a fraction of the time and cost it would usually take to develop them organically.

In this context, the role of counterintelligence in managing and executing insider threat mitigation programs is a critical element of national security in the burgeoning era of global great-power competition. These programs move beyond simple security protocols to adopt a holistic, risk-based approach to deterring, detecting, and mitigating threats posed by a company’s employees. Rather than focusing solely on a small number of spies, modern programs are designed to identify individuals on a “critical pathway” to becoming a threat by using both technical indicators (e.g., unusual data downloads, anomalous network activity) and non-technical, behavioral cues (e.g., unexplained affluence, foreign connections, or indicators of personal stress). The goal is to intervene early, assisting at-risk employees before a foreign intelligence service can exploit their vulnerabilities. This proactive stance is essential because, in an environment where state-sponsored actors relentlessly target a nation’s innovation base, the greatest risk often comes from within.

A robust insider threat program serves as the first line of defense against the human element of foreign espionage, thereby preserving a company’s competitive edge and, by extension, a nation’s technological superiority.

To counter this multifaceted threat effectively, a robust public–private partnership is no longer a luxury but a necessity. Government counterintelligence agencies possess unique authorities and global visibility that enable them to identify the motives, capabilities, and tactics of foreign intelligence services. Yet most sensitive intellectual property resides in the private sector, which lacks the legal mandate, resources, and authority to conduct proactive counterintelligence operations. This asymmetry creates a critical national vulnerability. An effective public–private partnership seeks to close this gap by enabling the secure, timely sharing of threat intelligence from government agencies to at-risk corporate firms. Collaborative successes have included joint task forces and intelligence-sharing portals that provide companies with actionable warnings about specific foreign threats.

Despite these actions, significant challenges remain. Legal and ethical constraints, particularly those related to privacy protections and the handling of classified information, often impede intelligence flows. Firms may also hesitate to report breaches due to concerns over reputational harm, investor confidence, and legal liability. Compounding these issues, the speed and scale of cyber-enabled espionage frequently outpace the bureaucratic processes governing efficient and practical cooperation. Addressing these gaps requires a unified national strategy that streamlines information-sharing mechanisms, clarifies legal authorities, and directly confronts insider threats and commercial espionage to mitigate their economic and national security consequences.

The protection of economic and corporate interests has become a core mission of modern counterintelligence. The convergence of traditional espionage and cyber operations has produced a complex threat environment that state security services cannot confront alone. As a result, the future of national security and economic prosperity hinges on resilient public–private collaboration, particularly through the implementation of robust insider-threat mitigation programs. By fostering trust, establishing clear and reliable communication channels, and adopting a unified national strategy, governments and industry together can build the defenses necessary to protect innovation, preserve strategic advantage, and sustain long-term economic competitiveness in an increasingly contested global environment.

Joshua Thibert is a Contributing Senior Analyst at the National Institute for Deterrence Studies (NIDS) with over 30 years of comprehensive expertise, his background encompasses roles as a former counterintelligence special agent within the Department of Defense and as a practitioner in compliance, security, and insider risk management in the private sector. His extensive academic and practitioner experience spans strategic intelligence, multiple domains within defense and strategic studies, and critical infrastructure protection. Views expressed in this article are the author’s own.

The Role of Counterintelligence in Protecting Economic and Corporate Interests was originally published on Global Security Review.

Force protection, in its broadest sense, encompasses all measures taken to safeguard personnel, equipment, and facilities from hostile actions. For the military, this includes battlefield tactics, intelligence gathering, logistics security, and the establishment of robust defensive perimeters. For critical infrastructure, it involves physical security, cybersecurity, and contingency planning to mitigate the impact of attacks. Russia’s struggles in both areas are glaringly apparent.

On the battlefield, Russian forces repeatedly demonstrated a lack of effective force protection. From the initial botched attempts to seize Kyiv to the protracted and costly battles in eastern Ukraine, Russian units suffered heavy casualties. This was often due to a combination of poor tactical decisions, inadequate reconnaissance, and a failure to adapt to the evolving battlefield. Ambushes, artillery strikes, and drone attacks took a heavy toll, revealing vulnerabilities in their supply lines and a lack of situational awareness. This inability to protect its forces has not only hampered Russia’s military objectives but also had a cascading effect on the security of its critical infrastructure.

The vulnerability of Russia’s infrastructure, particularly its energy sector, is a direct consequence of these force protection failures. Oil and natural gas fields, pipelines, and processing facilities, often located in remote areas, require robust security to prevent sabotage or attack. However, the demands of the war in Ukraine stretched Russia’s military resources thin, leaving critical infrastructure exposed.

Ukraine’s ability to strike targets deep within Russian territory, including energy facilities, demonstrates this vulnerability. These attacks not only disrupt energy production and supply but also have a significant psychological impact, undermining public confidence in the government’s ability to protect its citizens and vital assets.

Several factors contribute to Russia’s struggles with force protection and the resulting infrastructure vulnerabilities. Firstly, the sheer size of Russia and the length of its borders make it incredibly challenging to secure all potential targets. This geographical challenge is compounded by the fact that many critical infrastructure sites are dispersed and remote, making them difficult to defend effectively. Secondly, there are indications of potential intelligence failures. Russia may have underestimated Ukraine’s resilience and its ability to conduct effective counter-offensives, leading to a misallocation of resources and a lack of preparedness for attacks on its own territory. Thirdly, logistical issues plague the Russian military. Supply-chain disruptions, shortages of essential equipment, and a lack of well-trained personnel have all contributed to the erosion of force protection capabilities.

Furthermore, the potential for internal dissent and sabotage cannot be discounted. The war in Ukraine fuels anti-government sentiment in Russia, and there is a risk that individuals or groups opposed to the regime may seek to exploit the vulnerabilities of critical infrastructure to express their discontent. Such internal threats further complicate the task of ensuring the security of these facilities.

The implications of Russia’s failure to implement effective force protection are far-reaching. The disruption of energy supplies can have a devastating impact on the Russian economy, leading to shortages, price increases, and social unrest. Moreover, the vulnerability of critical infrastructure can undermine Russia’s international standing and its ability to project power. The perception of weakness can embolden adversaries and erode alliances, further isolating Russia on the world stage.

Russia’s ongoing struggles with force protection in the context of the Ukraine conflict have exposed critical vulnerabilities in its infrastructure, particularly its oil and natural gas fields. These vulnerabilities stem from a combination of tactical miscalculations, logistical shortcomings, intelligence failures, and the inherent challenges of securing a vast and geographically dispersed territory. The consequences of these failures are significant, with the potential to destabilize the Russian economy, undermine public confidence, and weaken Russia’s international standing. As the conflict continues, Russia will need to address these shortcomings if it hopes to protect its critical infrastructure and safeguard its national interests. The ability to learn from these failures and adapt its security strategies will be crucial for Russia’s long-term stability and its ability to project power in the region and beyond.

Joshua Thibert is a Contributing Senior Analyst at the National Institute for Deterrence Studies (NIDS) and doctoral student at Missouri State University. His extensive academic and practitioner experience spans strategic intelligence, multiple domains within defense and strategic studies, and critical infrastructure protection. Joshua currently resides in Columbus, Ohio.

Russia’s Vulnerable Underbelly: The Failure of Force Protection on Critical Infrastructure was originally published on Global Security Review.