Reflecting on 5 Years of EU-HYBNET: The Role of the Polish Platform for Homeland Security

As the EU-HYBNET project reaches its conclusion with a review meeting with the European Commission this week, the Polish Platform for Homeland Security (PPHS) reflects on five years of committed engagement in building resilience against hybrid threats — a period that also marks a quarter of the organisation's 20-year history.

Throughout the project, PPHS played a dual role: contributing to core EU-HYBNET actions while also coordinating national-level initiatives in Poland. From supporting pan-European knowledge exchange to promoting awareness of hybrid threats domestically, PPHS has helped shape the project’s success both operationally and strategically.

Two key articles published by PPHS underscore this impact:

Hybrid Threats: Contemporary Forms of Exerting Political Pressure: This piece explores how hybrid tactics — from information manipulation to pressure on institutions — are reshaping the geopolitical landscape, echoing themes tackled in EU-HYBNET workshops and discussions.
Critical Infrastructure Threats: The Basics: This article reflects one of EU-HYBNET’s key focus areas — the protection of vital systems and sectors in the face of evolving, cross-domain threats.

Through its involvement, PPHS:

Organised and hosted local and regional engagements to contextualise hybrid threats within Poland’s security environment.
Contributed expertise to policy briefs, risk assessments, and capability gap analyses.
Actively participated in knowledge-sharing events, helping bridge practice and policy between EU institutions and national stakeholders.

As EU-HYBNET transitions its legacy to the European Centre of Excellence for Countering Hybrid Threats, the PPHS team encourages a continued focus on:

Integrating hybrid threat awareness into national resilience strategies.
Ensuring continuity of cross-sectoral cooperation across EU Member States.
Maintaining momentum in training, innovation, and public awareness — particularly around critical infrastructure and information ecosystems.

To close this phase of our work, we felt it would be fitting to hear from members of the PPHS team who contributed directly to the project throughout its five years:

Małgorzata Wolbach
Senior Project Officer PPHS

Participation in the EU-HYBNET project significantly deepened my understanding of hybrid threats — not only as complex and dynamic phenomena, but also as real challenges with a direct impact on Poland’s security. The project clearly demonstrated how crucial it is to build resilience at both the national and European levels through cooperation, knowledge exchange and active engagement.
It was an experience that made me more aware of the urgency and multidimensional nature of these threats, and also inspired me to further explore the subject — especially in the context of the changing security landscape in Europe following Russia’s full-scale invasion of Ukraine in 2022. EU-HYBNET provided a valuable framework for better understanding this new reality and reinforced my conviction of how important it is to remain aware, engaged and prepared for current and future challenges.

Steven Ormston, PPHS Communication and Community Manager, adds and emphasises how the project turned an initially abstract concept into a practical framework for understanding and responding to the evolving landscape of hybrid threats.:

Steven Ormston
Communication & Community Manager PPHS

Over the past five years of the project, I have gained considerable knowledge and a deeper understanding of the field of hybrid threats. When we began working on the EU-HYBNET project, my knowledge of specific threats — such as disinformation, cyberattacks or economic pressure — was fairly general. I did not yet fully realise how these elements could be combined into coordinated campaigns.

At first, the topic seemed abstract to me. We often discussed hybrid threats without clear, consistent definitions or concrete examples. Existing publications were often quite general and did not provide a coherent picture of hybrid threats. The turning point proved to be the Framework Model developed by Hybrid CoE and the JRC, which was made available at an early stage of the project. It provided a structured approach to analysing hybrid threats, taking into account their main elements, such as tools, domains of activity and phases of attack. This made discussions much easier.

However, just as we began to better understand the complexity of this phenomenon, the escalation of events culminating in Russia’s invasion of Ukraine called many of our previous assumptions into question. Suddenly, we were no longer dealing solely with activities below the threshold of war — this was a real war. And not only a conventional one. It was — and still is — a hybrid campaign conducted in parallel with an armed conflict. It includes cyberattacks, disinformation, sabotage, the instrumentalisation of energy supplies for political purposes, and attempts to destabilise democracies beyond the battlefield. What initially blurred the boundaries for me ultimately confirmed the value of the model, which captured precisely such convergences and escalations across different domains.

We also saw that hybrid threats do not have to be direct or overt. Often, they are about adding fuel to the fire — exploiting social vulnerabilities, deepening divisions and undermining trust. This is what makes hybrid campaigns so difficult to detect, let alone prove. The overlap between themes, tools and domains is precisely why continuous analysis and engagement are so important.

As stated in the Conceptual Model:

“It is clear how complex the concept of hybrid threats is. This also means that no single institution can address them on its own. A comprehensive, holistic approach is needed — a whole-of-society approach that brings together civilians, the military and policymakers, contributing to the emergence of a new security ecosystem.”

Over the past five years, the EU-HYBNET project has served as a tool for achieving exactly this goal: bringing together experts from different fields and sharing knowledge so that we can respond collectively. The project did not remain at the level of theory — it evolved alongside emerging threats. We discussed disinformation during the pandemic, analysed the weaponisation of critical infrastructure, and even anticipated challenges related to AI-generated deepfakes and new technologies. The flexibility of the model — and the project’s readiness to follow reality as it developed — is one of its greatest strengths.

It has been a great pleasure for me to take part in this initiative. In particular, I would like to thank the project leader, Päivi Mattila, for setting the direction and sharing her energy. Now that the initiative is moving under the auspices of Hybrid CoE, I am pleased to remain involved in the further development of this area.