๐Ÿ’กFresh Perspective

Geopolitics as a Cyber Risk Signal: Game Theory and Ripple Paths

Elliott Mattice · 64:51 · 2025 · Track 1

threat-intelcomplianceleadership

Elliott Mattice on geopolitics as a cyber risk signal. A Track 1 session from Simply CyberCon 2025.

Open this segment on YouTube โ†— ยท jumps to 6:14:39 in the Track 1 livestream

Geopolitics as Just Another Threat Feed

Elliott Mattice spent 25 years in federal contracting before founding Espirina Digital Consulting. His pitch is unusual for a security conference: treat global news the same way you treat a vendor advisory. Scan it, distill the players and motivations, identify the cyber implications, then drop the result into the threat model you already maintain. The goal isn't to make security people pundits. It's to push your detection and response further left of boom.

The Three Ripple Paths

Geopolitical stories almost always fall into one of three categories. Policy and regulatory shifts โ€” laws, export controls, GDPR updates โ€” change your compliance surface and sometimes the regions you can operate in. Civil unrest โ€” protests, port lockdowns, strikes โ€” spikes phishing, business email compromise, and authentication abuse as attackers exploit the noise. Military activity โ€” kinetic conflict and the cyber operations that wrap around it โ€” produces themed lures, DDoS, and state-sanctioned spillover. Each path maps to a small set of repeatable defensive moves: harden rate limits, raise auth thresholds, watch for theme-driven lures, prep change-control documents in advance.

Game Theory in Five Minutes

Elliott's framework is deliberately small. Pick three to five players. List what each one wants and what each one has to protect โ€” actors defend before they pursue. Sketch the likely offensive moves (sanctions, attack, obscure) and defensive moves (shift, substitute, stall). Then translate to cyber: what does this mean for identity churn, supply chain, software bill of materials, financial workflows? He runs the framework live across three case studies โ€” the Dutch government seizing Nexperia from its Chinese owners, the contested Georgian election and Russian influence, and Ukraine's strikes against Russian oil infrastructure with downstream effects on China and India.

A Geocyber Radar That Doesn't Burn You Out

The guard rails matter. Use small, trusted intake โ€” a handful of OSINT feeds, headlines, social media as an early indicator, and industry analysis. Make moves small and reversible. Triage with a traffic light: green for note-and-watch, yellow for pre-write the comms, red for act now. Run the cycle weekly, not constantly. Be calm and ready, not paranoid. Elliott's frame on bias is the cleanest part of the talk โ€” strip the political slant and just get to the facts: who acted, what they did, what's protected, what's pursued. You don't need to agree with anyone's motivations to model their moves.

Who Should Watch

Security leads at companies with international footprint, supply chain exposure, or regulated data. Threat intel analysts who want a lightweight framework that scales down to a five-minute exercise. Anyone who reads geopolitical headlines and feels paralyzed rather than informed.