HYBRID THREATS AND THEIR IMPACT ON THE PERFORMANCE OF THE BUSINESS ENVIRONMENT *

. The paper aims to assess the impact of hybrid threats on the performance of the business environment of the European Union countries. Hybrid threats were represented by six threats and their consequences, namely unavailability of ICT services due to hardware or software failure, unavailability of ICT services, unavailability of ICT services due to external attack, destruction or corruption of data due to malware infection or unauthorised intrusion, disclosure of confidential data due to intrusion, pharming, phishing attack or deliberate action of own employees, disclosure of confidential data due to negligent action of own employees. The performance of the business environment was assessed through the Country Competitiveness Index. The results showed that our selected threats and their consequences had a statistically significant impact on the performance of the business environment. We observed an adverse effect for unavailability of ICT services due to hardware or software failure, destruction, or corruption of data due to mal-ware infection or unauthorised intrusion, and disclosure of confidential data due to intrusion, pharming, phishing attack, or deliberate actions of own employees. Positive impacts on business environment performance were observed for unavailability of ICT services (insider attack), unavailability of ICT services due to external attacks and disclosure of confidential data due to negligent actions of own employees.


Introduction
In an era characterised by rapid technological advances and geopolitical complexity, the traditional boundaries that once defined security threats are blurred.The current global space creates possibilities for the emergence of the application of hybrid threats, a multifaceted and dynamic challenge that goes beyond the conventional categorisation of security risks.These hybrid threats represent a fusion of conventional, unconventional, and cyber threats, often organised by state and non-state actors, with the potential to disrupt national security and the stability and vitality of the global business environment.This scientific article discusses the field of hybrid threats and their profound consequences for the performance of the business environment.The term "hybrid threats" encompasses various activities, from disinformation campaigns and cyber-attacks to economic coercion and proxy warfare.As these threats continue to evolve, their impact on businesses worldwide is becoming more significant.This article aims to comprehensively examine the nature of hybrid threats, their modus operandi, and the complex web of connections between these threats and the business world.Through empirical research, implemented case studies and critical analysis, we clarify the multifaceted dimensions of this complex challenge and its consequences for businesses operating in a globalised economy.
The vulnerabilities to hybrid threats are exacerbated as the business environment becomes more interconnected and reliant on digital infrastructure.Companies are at risk of financial losses and face reputational damage, operational disruption, and regulatory scrutiny.Understanding the dynamics of hybrid threats is imperative for businesses to develop effective risk management strategies, enhance resilience, and ensure the continuity of operations in an increasingly uncertain world.
In our article, we will outline the various manifestations of hybrid threats, their effects on the economic and business environment, and the strategies organisations can use to mitigate these risks.We will contribute to the knowledge base that informs the decision-making processes of politicians, business leaders and security professionals in ensuring the integrity and performance of the modern business environment.
The use of information technology gives organisations a competitive advantage.Widespread access to the Internet has changed the way businesses manage their processes.With the rise of new devices, doing business has become easier.(Biclesanu et al. 2021) Information and technology services also pose a security risk to the enterprise in the form of leakage of sensitive information, unavailability of information and communication technologies, or data corruption due to attacks.Organisations, therefore, need to implement comprehensive security strategies to protect them from this risk.(Mosteanu, 2020;Ghelani, 2022;Gombár et al. 2022) Many enterprises use antivirus software, firewalls, antispyware software, virtual private networks (VPNs), and the like to protect themselves from threats and secure their data.However, using these protections is often ineffective, hence the need for a comprehensive security strategy.(Mostenau, 2020) In addition to protection systems, the focus should be on detection systems that help gather information about threats and attacks.Detecting malicious actions is one of the most critical cybersecurity issues.Intrusion detection refers to the detection of specific patterns or observations of anomalies.Nowadays, it is necessary to pre-emptively anticipate incoming malicious activities so that we can react to them and prevent an attack in time before it causes any damage.(Pivarníková, Sokol, Bajtoš, 2020) Early detection of security incidents and correct prediction of the evolution of an attack is the basis for an effective and timely response to cyber threats.The evolution of an attack depends on the next steps available to the attackers, their goals, and motivations.(Dovnikova et al., 2020;Vagaska et al. 2022) While technology plays a critical role in addressing cybersecurity issues, the human aspects have recently gained serious attention.(David et al., 2020) Data loss or corruption can also occur in the event of intentional or unintentional actions by employees, hence the need to emphasise employee training in cybersecurity.
Human capital is considered the most essential resource in any organisation.However, most companies pay more attention to the external environment and pay little attention to their employees.Technological developments have changed our lives and habits.(Fernandes et al., 2023) Weritz (2022) emphasised in her work that organisations should monitor the skills of their employees and offer opportunities for individuals to develop their skills.She pointed out that entrepreneurial mindset, digital responsibility, digital literacy, transformational skills, personal development, communication, community management, data analytics, and web application development skills are critical in the digital workplace.These threats are not only a danger to businesses themselves but equally dangerous to countries as well.A country needs consistent protection against these threats to avoid becoming unattractive to businesses, which will impact its business environment.

Business environment
The term business environment refers to all factors that impact business.This includes internal and external factors.Each of these factors somehow affects the business environment and the companies within it.Technological development has recently moved the business environment, its quality and development.The business environment, characterised by high instability and uncertainty, is much more precarious for enterprises because they need access to significant resources.Still, effective innovation depends, above all, on the quality and quantity of the resources that the enterprise controls.Managers are therefore called upon to consider innovation as a central factor in building the competitiveness and performance of their enterprises.They must, therefore, invest heavily in innovation, employee training and research and development.Otherwise, they are exposed to the destructive effects of a highly volatile environment, and their performance will decline as the business environment remains unstable.(Ruba et al., 2023;Mihalčová et al., 2021) On the other hand, a healthy business environment can create a fairer market, facilitate flexibility in business operations and encourage technological innovation in enterprises.A good business environment has a more significant impact on large enterprises than on small enterprises.(Han et al., 2023;Straková et al., 2021) The evolution of the business environment varies from country to country; therefore, the business environment gives some countries a competitive advantage.In their paper, Rusu and Dornean (2019) noted that a country must outperform its competitors in research and innovation, entrepreneurship, competition, and education.They investigated the impact of factors measuring the quality of entrepreneurial activities on national competitiveness in 28 European Union member states.Their research showed that innovation rate and job creation significantly influence the level of economic development of countries and their national competitiveness.
Technology has become an integral part of everyday and working life.However, with the development of information technology comes new risks, namely security risks.The business environment generates vast complex data that provides decision support through information processing and insight generation.(Lu, 2022) As most business processes and data-driven operations in today's business environment have moved into cyberspace, securing, protecting, and defending organisational information has become more critical.(Rawat et al., 2019) According to Gamidullaeva & Gamagomedova (2023) and Šimberová et al. (2022), different business environments may have other impacts.Improvements in the institutional environment and greater certainty about the future significantly impact entrepreneurial activity and business performance.
In 2021, 22.2% of enterprises (with 10 or more employees and self-employed) in the EU corporate economy (excluding the mining and quarrying sector and the financial sector) experienced ICT security incidents resulting in different types of consequences, such as unavailability of ICT services, destruction or corruption of data, or disclosure of confidential data (Euostat, 2023).
Countries and supranational organisations such as the European Union are reshaping their traditional economic environments by promoting the use of broadband connectivity and the Internet, providing online services to citizens, facilitating investment in the spectrum of the digital economy, and introducing new business models suitable for the development of the digital economy.(Laitsou et al., 2020) Eurostat (2023) also reported that, among EU countries, the highest proportion of enterprises that experienced ICT security incidents leading to unavailability of ICT services, destruction or corruption of data or disclosure of confidential data was in Finland, at more than two-fifths (43.8%), followed by the Netherlands and Poland (30.1% and 29.7%), the Czech Republic (29.3%) and Denmark (26.4%).At the other end of the scale, Bulgaria (11.0%),Portugal (11.5%),Slovakia (12.3%),Hungary (13.4%) and Cyprus (14.3%) had the lowest shares.
We see the impact of hybrid threats on the business environment in areas other than information.Examples include: Economic impact -they create uncertainty and instability in a country, which can scare away foreign investors and cause a drop in economic confidence.This can harm business growth and investment.
Political destabilisation -creates political uncertainty and instability, which can result in changes in government policies, regulations, and legislation.This can affect businesses' strategic decisions and ability to plan long-term investments.
Information warfare -often involving disinformation campaigns and propaganda that can influence public opinion and perceptions of specific businesses and industries.Fake news can cause loss of customer and investor confidence.In a rapidly changing world, economies and companies must reshape their traditional models to adapt to a rapidly evolving digital environment.Information and communication technologies (ICT) have become more than a normal use.ICT has gradually become a critical operational component for individuals, businesses, and national economies.(Laitsou et al., 2020) Social unrest -caused by hybrid threats can lead to riots and demonstrations that can disrupt normal business activities and even lead to loss of property and lives.
Corruption risk -in countries affected by hybrid threats, corruption and bribery may increase, resulting in an unsafe business environment for companies that seek to comply with ethical standards and legislation.
Therefore, businesses must be aware of hybrid threats and develop strategies to manage and protect against them.This may include improving cyber security, monitoring political and economic events, proactively managing risks, and working with local and international authorities to address these threats.

Hybrid threats
Hybrid threats represent one of the growing security challenges for the safe and effective management of critical infrastructure, digital systems and social domains worldwide.The deliberate misuse or disruption of these domains and digital technologies has widespread implications in various aspects of life, including daily activities, civil and military operations, transportation and aviation, communications, finance, and the interconnection of water, food and energy, medical treatments, and social media.(Vaseashta, 2022) Security is a serious issue that we all face.Every day, skilled hackers breach security and exploit vulnerabilities to gain access to top-secret and confidential data.(Fatima et al., 2023) Vulnerabilities identified in Latin American countries include low cybersecurity awareness, lack of sufficiently implemented standards and regulations, use of updated software, security gaps in critical infrastructure, lack of training and specialisation, and the prevalence of advanced persistent threats (ATP).Investing and paying attention to cyber security in crucial public organisations and banking sectors is essential.(Flor-Unda et al., 2023) One of the main aspects of hybrid threats to enterprises is cyber vulnerability.Cyber-attacks can cause service outages, steal sensitive data or damage confidential information assets.These attacks can be more complex and sophisticated, meaning businesses must invest in robust cyber security measures and keep up with the latest technology trends to protect their digital assets.
In addition, hybrid threats are often associated with manipulating public opinion and misinformation, which can affect business decisions and customer confidence.Businesses must also address the risk of economic destabilisation due to political conflicts and sanctions.It is crucial for businesses to be prepared for these hybrid threats and have rapid response and recovery strategies in place to minimise potential damage and maintain their resilience to these complex threats.
In their article, Mityakov et al. (2023) suggest 12 main "quick" indicators that can be used for operational monitoring of a country's economic security, grouped into four spheres.The choice of indicators was dictated by sufficient coverage of certain areas of economic security.In addition, the proposed indicators were used based on the availability of information from official sources and the required frequency of receiving information.
Another vital aspect of hybrid threats to businesses is their ability to interfere with global supply chains.In today's world, companies are often involved in large and complex chains involving suppliers and customers from different parts of the world.Hybrid threats such as trade blockades, cyber-attacks, or political manipulation can seriously affect these chains, with the potential to cause supply disruptions and increase logistics costs and business risks.Therefore, businesses need to have comprehensive risk management and business continuity plans that consider hybrid threats.They need to actively monitor the geopolitical situation and cyber security trends to respond quickly to potential threats and minimise their impact.Collaboration with other businesses, government agencies, and security experts can also be critical to effectively defending against hybrid threats and maintaining stability in corporate operations.Despite these risks, several strategies have emerged in the market that effectively combat hybrid threats.One of them is artificial intelligence, which helps improve the state of cybersecurity.(Rawal, 2022) In addition to protecting sensitive data and combating hybrid threats, these strategies help organisations prevent breaches and facilitate recovery and adaptation after such breaches.(Vaseashta, 2022) There are several hybrid threat tools.Common ones encountered in practice are propaganda, disinformation, sabotage, economic warfare, or cyber-attacks.The sophistication of cyber-attack techniques poses a danger to businesses and can disrupt operations, destroy critical data, and damage reputations.The current wave of attacks surpasses and outpaces humans and even includes artificial intelligence (AI).(Guembe et al., 2022) Artificial intelligence, according to Rawal (2022), helps improve the state of cybersecurity.Still, on the other hand, cybercriminals are also using it to launch more targeted and sophisticated attacks.
Given the cyclical increase in security incidents, cybersecurity is a significant concern for all industries involved in digital activities.As more and more Internet of Things (IoT) devices are used in homes, offices, transport, healthcare and other locations, malicious attacks are becoming more frequent.Due to the vast amount of data IoT devices produce, Machine Learning (ML) is commonly used to detect attacks.(Prabakar et al., 2023) Today's cyber-attacks on businesses have become an integral part of the digital age and pose a persistent threat to organisations of all sizes and sectors.One of the most common types of attack is ransomware, which encrypts an organisation's sensitive data and a subsequent ransom demand from the attackers.These attacks not only cause financial losses but also severely disrupt the operations and reputation of companies.
To prevent these attacks, businesses must strive to raise their employees' cyber security awareness and implement robust security measures, including firewalls, antivirus programs and network monitoring.In addition, it is essential to have a cyber-attack recovery plan in place to minimise losses and restore normal operations quickly.Cybersecurity has become a priority for businesses in today's digital era and requires constant investment and attention to protect against everchanging threats.
With the increasing severity and frequency of cyber-attacks, the rapid proliferation of smart objects is intensifying cybersecurity threats.Extensive data on communication traffic between Internet of Things (IoT) devices poses a significant challenge in protecting these devices from potential security breaches exacerbated by unbalanced network traffic data.Artificial intelligence technologies, particularly machine and deep learning, have shown promise in detecting and addressing these security threats targeting IoT networks.(Alkhudaydi et al., 2023) Cyber-attack detection detects and responds to malicious or unauthorised activity on networks, computer systems and digital environments.The goal is to identify these attacks early, protect sensitive data and minimise potential damage.(Albakri et al., 2023) Effective detection and prevention of cyber-attacks contribute to minimising economic losses, maintaining trust, promoting responsible digital transformation, ensuring supply chain resilience, and preventing potential damage.Detecting cyber-attacks involves proactive risk management, ethical responsibility, resilience and the well-being of individuals, organisations, and the planet.In addition, businesses prioritise long-term viability, and cyber-attack detection is essential in maintaining business continuity.By integrating robust cybersecurity practices into the fabric, society can move towards a safer, more secure, and responsible future.Organisations can avoid costly disruptions, financial losses and reputational damage by preventing and responding quickly to cyber threats.(Doynikova et al., 2020;Albakri et al., 2023) As information technology has become an integral part of everyday as well as working life.They play a significant role in global communication.Tan et al. (2021) state that innovations and low cost in information technology have significantly increased the availability, use and performance of information technology.
According to Aghajani and Ghadimi (2018), most economic, business, cultural, and social interactions of countries at all levels, from individuals to NGOs and government institutions, occur in cyberspace.Moving these activities to cyberspace has brought with it several risks.A certain degree of instability, uncertainty or problems in this space can affect various aspects of life.(Li et al., 2020) Duo et al. (2022) state that cyber-attacks can be divided into three classes: attacks on availability, integrity, and confidentiality.Availability attack is one of the most common cyber-attacks.It aims to block a communication network by making data and information inaccessible to the user.Typical availability attacks include DoS attacks, distributed DoS attacks and jamming attacks.An integrity attack is a compromise of integrity through falsifying data or control commands.There are many types of integrity attacks, e.g., false data injection, middlemen, sparse and replay attacks.Integrity attacks can occur in any part of the system because the attacker's target can be any system information.Attack methods include eavesdropping and a combination of DoS and integrity attacks.
Due to cyber-attacks, cybersecurity has become an essential part of any organisation's infrastructure.Cybersecurity involves practical measures to protect information, networks, and data from internal or external attacks.Cybersecurity experts safeguard networks, servers, intranets, and computer systems so that only authorised individuals can access this information (Jamal et al., 2021).Safitra et al. (2023) describe in their work an evolutionary approach and its application to cyber-attack prevention through a methodological approach involving an evolutionary model.This model illustrates how modern cyber-physical systems can face attacks and evolve based on the experience of past security incidents.An evolutionary approach to cybersecurity thus allows organisations to evolve and adapt to new threats continuously, increasing their resilience to cyber-attacks.These efforts include developing the ability to anticipate threats, prepare responses to attacks, and quickly restore operations after incidents.In addition, an evolutionary approach enables organisations to improve their proactive cybersecurity capabilities continuously.This includes developing employee security training programs, raising security awareness throughout the organisation, and fostering a strong security culture.Therefore, an evolutionary approach helps organisations respond to cyberattacks but also helps prevent them from occurring in the first place.Sensuse et al. (2022) recommend using big data, blockchain, biometrics, machine learning, cryptography, network security, artificial intelligence, and intrusion detection to achieve cybersecurity goals.Cybersecurity also needs risk assessment, management, and awareness so that the selected security technology can achieve the expected goals.
Cybersecurity solutions for information technology (IT) have been developed and refined for some time.The availability of sensitive data is highly valued, but in IT, the security of that data is of paramount importance.(Alzahrani & Aldhyan, 2023)

Methodology
In this paper, we focus on the impact of hybrid threats on the performance of the business environment in the European Union countries in 2022.The total sample consists of 26 countries belonging to the European Union.We excluded Malta from the assessment because no published data on the country's competitiveness existed.We determined the performance of the business environment based on the World Competitiveness Ranking (WCR) determined by IMD.
The World Competitiveness Ranking is based on 335 criteria selected based on comprehensive research.These criteria are regularly reviewed and updated in light of new research, data, and developments in the global economy.(IMD World Competitiveness Ranking, 2023) We consider WCR as a dependent variable in our study.
Six threats and consequences obtained from Eurostat databases represented hybrid threats as independent variables.We divided these threats into two groups, namely: 1.No harmful consequences.
2. With harmful consequences caused from inside or outside the company.We included in the first group the unavailability of ICT services due to hardware or software failure, unavailability of ICT services (e.g., denial of service attacks, ransomware, hardware, or software failure).
The second group consists of the unavailability of ICT services due to an external attack (e.g., ransomware attacks, Denial of Service attacks), destruction or corruption of data due to malware infection or unauthorised intrusion, disclosure of confidential data due to intrusion, pharming, phishing attack or deliberate action by own employees, disclosure of confidential data due to inadvertent action by own employees.
We chose these factors based on data from Eurostat, which states that the most common consequence of security threats was the unavailability of ICT services due to hardware or software failure (18.7%).The unavailability of ICT services due to external attacks (e.g., ransomware attacks, denial of service attacks) was much less frequent (3.5%).EU businesses also reported data destruction or corruption caused by two types of incidents: hardware or software failure (3.9%) or malware infection or unauthorised intrusion (2.1%).The least frequent consequence of ICT security incidents was the disclosure of confidential data, which was related to two different reasons: intrusion, pharming, phishing attack, deliberate action by own employees (1.1%) and inadvertent action by own employees (1.0%) (Eurostat, 2023).

Results
At the beginning of the investigation, we assumed that hybrid threats represented by our selected variables negatively impact the performance of the business environment in the European Union countries.
The first step in analysing the data was to test what distribution it came from.Based on the Shapiro-Wilk test, we found that the data met the assumptions of a normal distribution.Source: own processing The regression model presented in Table 1 shows statistical significance as the p-value (Sig.) is less than the set significance level of 0.05.This indicates that there is a statistically significant relationship between the dependent variable and the independent variables.Based on the analysis, we assessed the impact of our chosen independent variables (threats and consequences) on the dependent variable (competitiveness index) and then determined the ranking of the countries.
The analysis results showed that 3 out of the 6 selected threats and their consequences negatively impact the performance of the business environment in all countries.We consider the unavailability of ICT services due to hardware or software failure as a threat without harmful causes.However, we have seen the most significant negative impact on the business environment for this threat.The values ranged from -2.66 to -0.50.We also observed a negative effect when confidential data was disclosed because of employee intrusion, pharming, phishing attacks, or deliberate actions, where the values ranged from -0.30 to -0.04.The last threat with a negative impact was the destruction or corruption of data due to malware infection or unauthorised intrusion; for this threat, the values ranged from -0.14 to -0.02.
A surprising finding was that some of the threats and their consequences positively impacted the performance of the business environment.Specifically, these were unavailability of ICT services (e.g., Denial of Service attacks, ransomware, hardware, or software failure) (0.64 -2.99), unavailability of ICT services due to external attack (e.g., ransomware, Denial of Service attacks) (0.00 -0.04), and disclosure of confidential data due to inadvertent actions of own employees (0.05 -0.37).
We hypothesise that the positive impact of these factors is due to increased attention from enterprises and security engineers.Enterprises and technicians try to prevent these threats by improving the security protocols used in enterprises.Source: own processing In addition to analysing the impact of the independent variables on the dependent variable, we have also reported the results of the cybersecurity scores of the European Union countries.SEON.IO compiled this global ranking by combining data from three central cybersecurity authorities, namely the National Cybersecurity Index (NCSI), the Global Cybersecurity Index (GCI) (2020) and the Cybersecurity Exposure Index (CEI) (2020) (SEON.IO, 2023).
From the above rankings, we have selected the countries of the European Union.The ranking of the countries corresponds to the ranking from the overall ranking.The index values and the overall scores of Austria, Estonia and Malta were not included in the given ranking; therefore, these countries are considered missing.In the end, we examined the relationship between a country's business environment's performance and cybersecurity.The correlation results indicate a moderate to moderately strong relationship between the variables.The value of the correlation coefficient between business environment performance represented by the variable global competitiveness ranking and cybersecurity represented by the variable cybersecurity score was equal to 0.540.

Conclusions
Examining hybrid threats and their impact on the business environment reveals a complex and evolving range of challenges and opportunities.As the global community grapples with the multifaceted nature of these threats, businesses are on the front lines of this fight and face significant risks and responsibilities.
Hybrid threats, combined with traditional and non-traditional elements, have demonstrated the ability to disrupt the digital realm and the physical and economic foundations of business.Many published case studies and analyses highlight the importance of recognising the interconnectedness of these threats and their potential to undermine corporate stability.
Faced with these challenges, businesses must adopt a proactive and multifaceted approach to risk management.This approach should include cyber defence and strategies to combat disinformation, manage economic pressures, and increase supply chain resilience.Cooperation between the public and private sectors is essential as it supports exchanging information on threats, the development of regulatory frameworks, and the implementing of best practices.Furthermore, resilience is a crucial theme in mitigating the impact of hybrid threats on the business environment.Resilient organisations could adapt, recover, and continue operating despite negative influences from the external environment.By embedding resilience into corporate culture and strategies, businesses can increase their ability to withstand and recover from hybrid threats.
In conclusion, hybrid threats are a dynamic and ongoing challenge that requires vigilance, adaptability, and cooperation.As a vital part of modern society, the business environment must remain vigilant in identifying and mitigating these threats to ensure the stability and prosperity of global trade.As technological advances and geopolitical complexity continue, the study and understanding of hybrid threats will continue to evolve, and businesses must evolve with them to thrive in this everchanging environment.By comprehensively solving these threats and cooperating, we can work on a safer and more resilient business environment for the future.
The results of the analyses showed that our chosen independent variables have a statistically significant effect on the dependent variable.Thus, we can conclude that when the number of recorded threats and their consequences increases, changes in the business environment of a given country occur.We find that hybrid threats do not only affect the performance of a country's business environment in a negative sense, but some of them can also have a positive impact.
Ultimately, we compared the relationship between the performance of a country's business environment and cybersecurity.From this, we found that if a country has a better cybersecurity rating, the business environment performance scores higher and vice versa.

Table 1 .
ANOVA regression Disclosure of confidential data due to unintentional actions by own employees, Destruction or corruption of data due to infection of malicious software or unauthorised intrusion, Unavailability of ICT services due to hardware or software failures, Unavailability of ICT services due to attack from outside (e.g.Ransomware attacks, Denial of Service attacks), disclosure of confidential data due to intrusion, pharming, phishing attack, intentional actions by own employees, Unavailability of ICT services (e.g.Denial of Service attacks, ransomware attacks, hardware or software failures)