Timo Gerrit Blenk, CEO of the Agora Strategy Group, one of Germany’s leading consultancies for corporate-focused geopolitics, put it succinctly in a LinkedIn post this week: “Cooperation becomes a principle of resilience. No one can defend themselves alone—neither states nor companies.” I would add: in times of hybrid warfare, in which we already live, the ability to cooperate may even become the most important principle of resilience for companies.

The ability to survive crises and emerge stronger is more important for organizations today than ever before. Whether companies, government agencies, or entire societies, resilience has become the new currency of strategic security. Organizational resilience—the robustness of individual organizations—and societal resilience—the crisis resistance of a state and its population—rest on three central pillars: proactive robustness, reactive adaptability, and cooperative capability. It is the interplay of these three principles that makes a system truly crisis-proof. Of these, the third pillar—cooperation—becomes increasingly critical in times of geopolitical tension and hybrid threats.

Resilience researchers Professor André Röhl and Rico Kerstan developed this three-pillar model. It describes resilience not as a fixed attribute but as a dynamic interplay of preparation, adaptability, and networking. Proactive robustness means anticipating crises, identifying risks, and establishing preventive structures. Reactive adaptability refers to the ability to respond quickly, effectively, and in a coordinated manner when a crisis occurs. Finally, cooperative capability describes the art of operating beyond one’s own system boundaries: thinking in networks, acting with other organizations, and developing solutions together. It is precisely this third pillar that determines whether companies and societies master crises or are overwhelmed by them.

Traditional crises such as natural disasters, pandemics, or supply chain disruptions remain real risks. However, the most dangerous disruptions of our time increasingly arise in the gray zone between war and peace—so-called hybrid warfare. This term refers to the deliberate combination of military, economic, political, digital, and psychological means to destabilize states, societies, or companies, often without a single shot being fired.

Cyberattacks, disinformation campaigns, coercion via energy or supply chains, economic pressure, and covert influence are typical instruments of this “war below the threshold of war.” German companies are particularly in focus. Highly networked, export-oriented, and technologically advanced, they are attractive targets for both state and non-state actors. Many firms still underestimate the geopolitical dimension of this threat and lack sufficient strategic resilience.

Timo Gerrit Blenk also correctly captures the essence of hybrid warfare in his LinkedIn post: “Not one large attack, but a thousand small shifts of the boundary until the unthinkable becomes normal.” Hybrid warfare does not appear as a lightning strike but as a continuous needle-prick maneuver. Russian hacker groups, for example, target German corporate networks, steal data, sabotage systems, or extort ransom.

Disinformation campaigns undermine trust in companies, often via anonymous portals and social media. Sabotage of rail lines, cables, or energy facilities tests the response capability of German firms. Economic pressure, dependencies, and manipulative supply chains act as silent weapons. The result is not a visible war but gradual attrition—a continuous test of German companies’ defenses. Once unthinkable for many, this has now become part of daily reality. As Blenk writes, “the unthinkable becomes routine.”

In this context, the third pillar of resilience—cooperative capability—gains central importance for companies. Resilience does not arise from defense alone but through preparation and networking. Those who recognize the signs can act, and this is precisely where cooperation becomes the central lever. Hybrid attacks rarely announce themselves loudly. Minor disruptions—unusual data access, false reports, or supply problems—are often the precursors. Early warning systems, IT monitoring, social media analyses, and strategic risk assessments help identify patterns and provide measures against them.

Resilient organizations regularly rehearse their responses to attacks—digitally, communicatively, organizationally, and physically. And they do so together with others. They train for emergencies to gain operational confidence. In hybrid scenarios, credibility is decisive. Clear, rapid, and consistent communication maintains control. Crucially, companies must network with security authorities, associations, service providers, and research institutions. Information sharing on cyberattacks, disinformation, or supply chain disruptions creates collective vigilance and shortens reaction times.

Cooperation exerts its effect on multiple levels. It enables an efficient flow of information, because early warning only works when knowledge is shared. It allows for resource sharing, as smaller companies can benefit from partners with technical or personnel strengths. And it builds trust, because stability in crises does not arise from isolation but from credible collaboration with authorities, media, and civil society. Hybrid warfare aims to destroy trust; cooperation rebuilds it. It does not make companies invulnerable, but it makes them collectively more resilient. This is precisely the goal of modern resilience policy: to be prepared and cooperate with others in order not to be caught off guard.