Now a quarter of the way into the 21st century, the world stands at a defining juncture in its digital evolution. The rapid acceleration of emerging technologies—such as artificial intelligence and quantum computing, combined with the progress toward global connectivity—is reshaping economies, governance, and security at pace. As we prepare for what is shaping up to be a transformative decade ahead—one that will determine how societies adapt to and govern these technologies—digital resilience has never been more critical for national and economic security.
At the same time, the 2030 Agenda for Sustainable Development adds urgency to make sure digital transformation is secure, sustainable, and inclusive. Digital infrastructure, cybersecurity capabilities, and trusted technology ecosystems are not just enablers of economic growth—they are essential to safeguarding national, regional, and global security.
Against this backdrop, 2025 marks a crucial inflection point. Heightened geopolitical tensions and a marked shift in donor funding priorities are prompting governments and institutions to reassess their role in global digital resilience efforts. Governments that invest in digital resilience as part of their foreign policy and national security strategies, multilateral organisations, development banks, private sector investors, philanthropic donors, and public-private partnerships all now face the challenge of navigating this evolving landscape to keep such investments sustainable, effective, and strategically aligned.
This raises important questions, two of which we briefly explore in this article.
At home and abroad, governments can support the balancing act of digital adoption with the risks and challenges it brings to national security, provided it contributes to, rather than hinders, economic resilience. This balance is not just about mitigating cyber threats; it is about making digital transformation a driver of secure, sustainable growth and global stability. Some key areas for governments to consider include:
Consensus-building
International collaboration on establishing global safety and security standards for emerging technologies—such as recent efforts from the AI Action Summit in Paris—can help promote responsible, secure, and resilient adoption. Donor funding can play a role in strengthening international alignment on trusted technology frameworks, preventing fragmentation that creates security risks.
Supply chain resilience
Digital resilience relies on trusted and secure supply chains, and access to semiconductors and other key technologies have become much more important to security, the economy, and values. Governments should be encouraged to increase supply chain resilience while minimising innovation barriers. This could be achieved through measures such as reducing reliance on high-risk vendors, promoting secure and interoperable infrastructure, and ensuring that technology ecosystems are built on strong security principles.
PGI has supported clients to achieve and maintain international information security standards and frameworks to strengthen organisational resilience across critical supply chains, at both corporate and national levels.
Public-Private Partnerships (PPPs)
Collaboration between government and industry will continue to play a key role in keeping digital infrastructure and technology adoption secure and future-proof. Governments can leverage PPPs not just for investment, but for technical expertise, risk-sharing, and rapid innovation. Governments should engage industry in joint cybersecurity initiatives, technology development, and infrastructure security efforts.
Human capital
A strong digital economy depends on a skilled workforce. Investments in cybersecurity training, digital literacy, and technical skills development can help to guarantee that businesses, public institutions, and critical industries are well-equipped to safely integrate and leverage new technologies. Building such capacity is a whole-of-society effort; everyone from individual citizens to government agencies need to be made aware of the role they play, and equipped with the capabilities to thrive in the digital ecosystem. Donor-funded initiatives should be sure to integrate such human capital development alongside infrastructure investments.
One example of this in practice is where PGI has supported governments to develop national cybersecurity workforce frameworks. These frameworks act as an essential building block for governments, providing a common taxonomy and reference point for both supply-side and demand-side stakeholders. They help countries better align cybersecurity education, training, and workforce planning to meet national security and economic needs. By creating a shared understanding of roles, skills, and career pathways, workforce frameworks become critical enablers and support governments to invest more strategically in human capital as part of their broader digital resilience efforts—ensuring that emerging technologies are integrated securely and sustainably.
Governments need to make strategic, security-minded choices that support both economic growth while safeguarding national security. This means looking beyond short-term gains or risks of adoption and restriction and making certain that technologies are secure, ethical, interoperable, and sustainable. Hasty decision making can result in overly restrictive policies that stifle innovation; just as uncritical adoption of high-risk technologies can create long-term vulnerabilities. Some key areas for governments to consider when engaging with new technologies and digital products include:
‘Security-by-Design’
Governments should work with industry to prioritise security from the outset in technology procurement, infrastructure development, and digital transformation strategies. For example, the Australian Government has published guidance for government agencies and industry on the importance of adopting secure-by-design protocols, detailing that:
“Secure-by-Design requires cyber threats to be considered from the outset to enable mitigations through thoughtful design, architecture and security measures. Its core value is to protect consumer privacy and data through designing, developing and delivering products and services with fewer vulnerabilities, and then ensuring security is maintained throughout their life cycle.”
This approach reduces vulnerabilities, protects privacy, and helps maintain the security of technology throughout its lifecycle. Achieving technical security certifications—such as the UK Government’s Cyber Essentials and Cyber Essentials Plus scheme—provides a practical foundation for embedding secure-by-design principles across organisations. For over 10 years, PGI has been supporting organisations of all sizes in achieving these certifications, enabling the development of a strong baseline resilience.
Balancing national sovereignty with global interoperability
Governments must balance the need to maintain sovereign control over critical digital infrastructure, emerging technologies, and data governance while ensuring that such choices do not fragment or weaken international cooperation. Risk-based procurement frameworks can offer a useful model; one example is the EU’s 5G Toolbox—which identified a common set of measures to mitigate the main cybersecurity risks and provided guidance for the selection of measures which should be prioritised in mitigation plans at both national and regional levels. A similar structured vetting process for AI models and semiconductor suppliers could help governments maintain security and minimise unnecessary restrictions.
Technology governance
Governments that prioritise transparent, predictable technology policies can foster trust in digital governance and provide clarity for businesses and international partners. Opaque decision-making, sudden regulatory shifts, or inconsistent enforcement can undermine national security by deterring investment in secure digital infrastructure and critical technologies. To mitigate these risks, policymakers can focus on implementing structured and enforceable measures that focus on preventing the misuse of technology and strengthen long-term governance credibility.
For example, the EU Artificial Intelligence Act requires deployers of high-risk AI systems to conduct and publish impact assessments on fundamental rights, putting in place clear parameters and safeguards for businesses and governments to follow in developing these technologies. By establishing such frameworks, governments create greater regulatory certainty and promote responsible innovation to enhance trust in national, regional, and global technology ecosystems.
As governments navigate the evolving digital landscape, continued investment in global digital resilience is not just an act of international goodwill, but a strategic necessity. Funding aid projects that strengthen digital infrastructure, cybersecurity capabilities, and resilience against hybrid threats helps recipient countries prepare for and respond to emerging risks, with the benefits of such projects extending far beyond national borders.
A digitally resilient world contributes to regional and global stability, reducing the risks of cyber disruptions and technology-driven conflicts that can spill over into donor nations. By supporting digital resilience abroad, governments are also protecting their own economic and security interests, protecting global supply chains and securing digital ecosystems.
As we move deeper into an era increasingly defined by rapid technological change, geopolitical competition, and increasingly sophisticated cyber threats, the case for sustained and strategically aligned digital resilience funding has never been stronger. Ensuring that these investments remain effective, forward-looking, and mutually beneficial will be key to building a safer, more stable, and more prosperous digital future for all.
If you would like to learn more about how PGI supports organisations and nations to achieve digital resilience, get in touch.
The April 2025 M&S cyberattack continues to make headlines and has reinforced the need for organisations to invest in developing cyber incident response and crisis management plans that align with a comprehensive resilience strategy.
As organisations strengthen their technical defences, cyber criminals are adapting their tactics by targeting other digital vulnerabilities, like the availability of Personally Identifiable Information online.
As a business leader, security leader, or IT decision-maker, you’re already spinning multiple plates: managing risk, meeting regulatory requirements, and making sure your systems are secure without slowing the pace of business.
