The rise of cybersecurity in defense: from battlefield to cyberspace
The global defense cybersecurity market was valued at USD 16.45 billion in 2023 and is projected to reach USD 63.38 billion by 2032. Before looking into why that is, let me clarify the basics: defense cybersecurity is the protection of systems and networks from Internet-based attacks that try to steal data, disrupt services, or break into critical infrastructure.
This rapid growth can be explained by two main trends.
On one side, technology is transforming how militaries operate and fight. Combat operations now include robotics, drones, and other highly digital and connected platforms. While these innovations enhance efficiency and effectiveness, they also open the door to new cyber vulnerabilities, increasing the need for cybersecurity solutions to ensure seamless operations.
On the other side, defense is no longer confined to the battlefield. It now extends into cyberspace, requiring investments in advanced cybersecurity systems to protect networks and national critical infrastructure. Adversarial nation states are already using cyberattacks as weapons to inflict significant damage – not just by targeting military systems, but also by striking finance, healthcare, and power grids to disrupt the functioning of society.
We have witnessed this in Ukraine. Since the Russian invasion in February 2022, nearly 2,000 cyberattacks were reported in May 2023 alone. These attacks spanned 23 critical sectors and affected 49 other countries, from Germany to the United States.
All in all, investments in cyber defense are rising in light of the danger to national security.
SCION offers a new approach on both fronts: securing connectivity for highly technological military tactics while upgrading cyber defense strategies to protect high-value national targets from disruption.
Cyber risks in the military and defense sector
Third-party vulnerabilities
The defense sector relies on vast supply chains with thousands of contractors and suppliers. Smaller suppliers often lack the robust cybersecurity frameworks of prime contractors, making them easier targets for attackers. By exploiting these weaker links, adversaries can infiltrate larger defense systems.
Zero-day vulnerabilities
Modern defense networks and systems are software-dependent, relying on VPNs, firewalls, to protect them from external tampering. The surge of zero-day vulnerabilities in 2025 – accelerated by AI-driven exploit discovery – has left networks and systems more exposed than ever. In fact, cyber criminals now leverage AI to identify and exploit weaknesses faster than patch cycles can be implemented, leaving critical assets unprotected as never before.
Unmanned and IoT systems vulnerabilities
Unmanned systems such as drones, satellites, and autonomous vehicles are integral to today’s military operations. Yet their reliance on interconnected IoT ecosystems creates risks. Data collected and transmitted by these devices are highly valuable targets. If hostile actors gain control of this sensitive information, especially from systems with lethal capabilities, the consequences could be catastrophic.
Real-world examples of cyberattacks in defense
The threats facing the defense sector are no longer hypothetical. With critical networks and systems operating on the Internet, the risk of ransomware or DDoS attacks is real:
- UK Ministry of Defence breach: The UK Ministry of Defence suffered a significant data breach where the personal information of UK military personnel was hacked.
- DDoS attack on Spanish defense contractor’s website: A Spanish subsidiary that refurbishes Leopard tanks for delivery to Ukraine, suffered a DDoS cyberattack on its website launched by a pro-Russia hacker group.
These incidents underline the need for a resilient, sovereign, and secure network infrastructure based off an Internet that doesn’t have security and reliability gaps.
How SCION works and why it matters for defense cybersecurity
The Internet connects more than 5 billion users and 18 billion IoT devices across more than 75,000 networks. For defense, where communication is now highly digitized and increasingly Internet-based, this vast and unregulated ecosystem has become as much a battlefield as land, sea, or air.
The massive attack surface, lack of trust and control makes the traditional Internet unreliable and unsafe for critical systems in the defense sector.
That is why, today, most of the defense sector relies on private lines for securing their communication or, in some cases, even fiber connections that are custom-made for their purposes. This is not sustainable in the long term; this space needs to adapt to the times (think about home office, unmanned IoT devices) and upgrade its approach to connectivity.
So, if on one side Internet connectivity opens the door to a variety of cyber vulnerabilities, on the other, private lines are not the answer either. What’s the solution? The SCION (Scalability, Control, and Isolation On Next-Generation Networks ) protocol offers the best of both worlds: the flexibility of the Internet and the security of private lines.
SCION, developed at ETH Zurich, enables organizations to decide exactly how their data travels, ensuring that communication flows only through pre-approved paths within a trusted environment with a robust governance in place.
Defense decision-makers can design networks tailored to their operational needs and use cases and benefit from:
- Compliance and data sovereignty: Defense institutions define trusted routes with geofencing, deciding through which countries their data travels and eliminating unwanted exposure of their data to hostile states.
- Cyber resilience: Thanks to redundant connectivity, traffic automatically switches to alternative providers if one is disrupted, ensuring uninterrupted operations. In addition, having multiple providers increases resilience and removes the risk of vendor lock-in.
- Cybersecurity: By restricting visibility to trusted participants only, the attack surface is massively reduced because adversaries cannot attack what they cannot see. This prevents DDoS and ransomware attacks.
For defense, this means resilient, sovereign, and secure connectivity able to keep up with the times.
SCION use cases for defense cybersecurity
Trusted communication between defense HQs and suppliers
You can build closed networks or trust networks where you decide who can join and exchange data or access critical systems, backed by solid governance. Using Anapaya EDGE, data is routed securely between the approved sites, with redundant connectivity offered by multi-providers, ensuring resilience even in the event of disruptions. This EDGE-to-EDGE set-up also greatly reduces the attack surface, preventing DDoS, ransomware, and intrusion attempts, thus safeguarding sensitive data transmission across the entire value chain.
Military data platforms secured for remote access – even via mobile
Most of the critical systems in the defense sector rely on traditional private lines that are costly and not future-ready as they limit remote access. For example, military personnel are often unable to access these systems via mobile phones due to security concerns. The alternative is placing those same systems on the Internet, but this exposes them to security and reliability risks (as we’ve seen before).
To upgrade the security of remote access without compromising the interconnectivity of the defense ecosystem, you can place the critical service on the SCION Internet behind the EDGE. Then, with Anapaya GATE, only selected ISPs and their users are allowed to connect to the service. This semi-open set-up dramatically reduces the attack surface of the critical service by up to 99%. Sensitive systems remain accessible to authorized ISPs and their users only while being invisible to malicious actors. Mobile access to critical systems in now not only possible, but also safer.
Protecting IoT data collectors
The information and data collected by IoT devices is critical and highly sensitive. By placing the central data collector (where the data flows) on the SCION Internet behind Anapaya EDGE, and limiting its reach to only approved ISPs and their users via the GATE, you can prevent hostile actors from hijacking the data or manipulating the IoT data for their own purposes.
Test field exercises in limited-connectivity zones
For special test field exercises in areas without fixed Internet connectivity (e.g., remote mountain areas), SCION provides a military-grade Internet connection. Military personnel can use 5G and, via the GATE, be redirected to the SCION Internet. This ensures safe, resilient, and cost-effective connectivity for test fields compared to alternative market solutions.
SCION adoption in the defense sector
Switzerland has already started deploying SCION in defense and military contexts through its partnership with the Cyber Defence Campus (CYD) at armasuisse.
armasuisse is the Competence Center for Procurement, Technology, and Real Estate within the Swiss Federal Department of Defence, Civil Protection and Sport (DDPS). The CYD Campus was created to strengthen Switzerland’s cyber defense capabilities and to anticipate emerging threats more quickly.
Here’re the projects in focus:
- Site-to-site connection betwenn Cyber Defence Campuses: SCION is being used to connect Cyber Defence Campuses, delivering highly available and resilient data communication for enhanced collaboration between military and research hubs.
- SCION deployed at NATO cyber defense exercise: SCION has been tested in NATO’s Locked Shields 2024 cyber defense exercise, demonstrating its ability to provide secure, resilient connectivity in military-scale scenarios from Switzerland to Estonia.
- SCIONabled smartphones: CYD is investigating projects to develop SCION-based smartphones to enable the use of a messaging app for sending sensitive data.
SCION: The next-generation solution for defense cybersecurity
Cybersecurity in defense has never been optional, but today, it is more critical than ever. Risks are growing in both scale and sophistication, targeting not only military assets but also the infrastructures that keep our society running.
SCION provides a trusted foundation for defense institutions to build secure, sovereign, and resilient connectivity. It goes beyond patching vulnerabilities; we are redefining the very foundation of secure communication for the defense sector. In a world of escalating geopolitical tensions, we need to ensure the protection of cyberspace by harnessing new innovations.
.png?width=380&name=Image%20(11).png)
