Throughout 2025, Russia (or potentially another actor) continues conducting systematic campaigns across European civilian infrastructure that reveal fundamental flaws in how we approach crisis management.

In September alone, the scope was staggering: 19-23 drones violated Polish airspace, triggering NATO's first direct engagement over member territory. GPS jamming affected 123,000 flights across the Baltic region. Copenhagen and Oslo airports shut down for hours due to coordinated drone activity. Russian fighter jets repeatedly crossed Estonian airspace. Shadow fleet tankers damaged undersea cables while Russian naval vessels provided escort for the first time.

What makes these incidents significant isn't their individual impact but the way they're orchestrated. Each event requires a response from civilian authorities, from aviation control, maritime surveillance, border security, to cybersecurity teams. All while preventing the recovery periods, or lulls in activity (or "seasons") our emergency management systems depend on. This isn't crisis management as we know it, it's something even more concerning and directly targeting the way we govern during a crisis…and with that the role of emergency management overall.

The Breakdown of Traditional Perspective in Emergency Management

Emergency management, generally speaking, operates on a fundamental assumption: there are seasons and lifecycles. We prepare, respond, recover, and improve through mitigation. This cycle assumes discrete events with clear beginnings and endings that allow systems to reset and integrate lessons learned. It's how we've handled everything from hurricanes to industrial accidents for decades.

Now, it's 2025, and we need to introduce emergency management to the gray zone. The gray zone campaigns we see today have effectively shattered this model.

Instead of discrete events, Europeans face persistent pressure across multiple domains. GPS jamming doesn't stop when drone incidents begin. Maritime provocations continue during airspace violations. Cyber attacks persist throughout. There is no recovery phase because the pressure never stops. In some cases the probing and constant application of pressure leaves civilian structures (plus military support) in constant states of alert for prolonged periods of time.

Testing. Applying Pressure.

Testing Response. Monitoring Results.

Consider Estonia's predicament. While managing their fourth airspace violation of the year, they must simultaneously coordinate response to GPS interference affecting civilian aviation across the region. Copenhagen Airport's drone response coincides with investigations into whether Russian shadow fleet vessels serve as launch platforms. Each domain requires full crisis response and management while the others continue to deteriorate.

This systematic approach targets civilian coordination capacity rather than military assets. The goal isn't tactical victory but exhaustion—pushing civilian crisis management systems beyond their design limits until they either fail or force military escalation.

Poland's Border Closure: When National Decisions Have Continental Impact

Poland's decision to close its border with Belarus for twelve days shows us just how much the game has changed. Faced with military exercises and systematic drone provocations, Polish authorities made what seemed like a reasonable national security decision. Close the border. Temporary measure. National sovereignty exercised.

But what actually happens when a nation exercises that sovereign right in today's interconnected Europe?

Freight trains carrying critical supplies get stuck. This single closure disrupts the €25 billion China-EU rail route—the one that carries 90% of land-based trade between the regions. The timing? Europe is already managing shortages of hundreds of critical medicines, with somewhere around 70% of pharmaceutical ingredients coming from Asia through this route.

What starts as a national security decision quickly spirals into continental crisis. For example, Polish authorities may find themselves coordinating with Lithuanian railways, emergency air freight networks, pharmaceutical distributors, and health ministries across the EU. They aren't just managing Poland's security anymore—they're managing public health implications for 27 nations, economic disruptions rippling through global supply chains, and diplomatic pressure from every direction.

In traditional emergency management, we'd handle these as separate issues. Different agencies, different expertise, different response plans. Or even just file this under business continuity. But in the gray zone? They're all the same crisis. The border closure isn't just a security decision—it becomes a public health crisis, an economic emergency, and a diplomatic incident all at once.

And that's exactly what it's designed to do.

Multi-Domain Pressure: The New Playbook

What we're seeing throughout 2025 isn't random. It's deliberate tactics designed to overwhelm our ability to coordinate and respond to increasingly complex crisis. Rather than attacking specific targets, adversaries create simultaneous pressure across aviation, maritime, border, and cyber domains. Why? Because they've figured out our weakness: crisis management systems built for single-domain responses can't handle integrated multi-domain chaos.

Denmark learns this the hard way. When drones shut down Copenhagen Airport, aviation authorities do what they're trained to do which is activate standard protocols. But this isn't a standard incident. It's part of something bigger: shadow fleet movements in Danish waters, cyber probes hitting government networks, intelligence suggesting these activities are coordinated. Danish officials assess the drone incidents as hybrid warfare involving systematic approaches by professional operators—not isolated events but patterns spanning aviation disruption and maritime operations.

The challenge goes way beyond any single agency's capability. Aviation authorities need maritime intelligence. Port security requires cyber threat awareness. Border control depends on supply chain data. Those nice, clean organizational charts we use every day? They become obstacles, not assets.

Sweden may be trying something different with the shadow fleet problem. Instead of military confrontation (which is what adversaries often want), they weaponize bureaucracy. Extensive documentation requirements. Safety inspections. Administrative delays. They make shadow fleet operations so tedious and expensive that they become economically unviable. Sometimes the best response to gray zone tactics is good old-fashioned red tape.

How Coordination Must Evolve

Throughout 2025, we're watching European crisis management systems struggle to shift gears—from managing discrete, single events to handling continuous operational pressure. When Poland and Estonia initiate NATO Article 4 consultations (with Denmark considering the same), it shows how civilian crisis management decisions now carry alliance-level weight.

But the real evolution happens in the gaps between formal structures.

When GPS jamming hits multiple countries at once, waiting for official channels means possibly failing your citizens. When supply chains span continents, local decisions echo globally. When adversaries specifically target the connections between systems (not the systems themselves), traditional approaches to emergency and crisis management systems don’t just struggle, they get completely hamstrung in silos and processes.

So professionals adapt. Baltic states create informal coordination mechanisms that move faster than bureaucracy allows. Danish and Swedish maritime authorities share shadow fleet intelligence in near-real-time. Polish and Lithuanian transport officials coordinate alternative routes before formal agreements exist. These aren't policy decisions. They're survival responses. These solutions are crossing back and forth across the civ-mil divide, or between emergency and crisis management and national security.

The professionals making these adaptations? They aren't following any manual. They're writing new ones in real-time.

Building for Gray Zone Reality

2025 has already been a tough year for the emergency management community, but it does show that we need to evolve from discrete event response to sustained operational capability. This isn't a minor adjustment. It's a fundamental redesign of how we think about crisis management.

First, let's talk about people. Staffing models built on surge capacity assume crises end. When pressure persists for weeks or months across multiple domains, traditional schedules collapse. You can't rotate people home when there's no "after." Organizations need depth, real depth, and cross-training that allows sustained response without burning out your best people.

Second, intelligence integration. This is no longer just a national security issue. It’s also a civilian crisis management issue. When aviation incidents might connect to maritime movements and cyber intrusions, you need people who can see patterns across domains. This isn't about creating new bureaucracies. It's about enabling information to flow across the boundaries that adversaries exploit.

Third, decision frameworks that account for cascading effects. Poland's border closure is one of many examples of unintended consequences. When you're making decisions under gray zone pressure, you need tools that help you see second and third-order effects especially when adversaries are deliberately creating conditions that demand immediate response.

Fourth, let's fix our exercises. Single-scenario events with clear timelines? That's not preparing anyone for gray zone reality. Training needs to include persistent multi-domain pressure, information fog, and the intentional exhaustion of coordination capacity. Make it messy. Make it frustrating. Make it real. I think we’ve already been saying this for years…exercise to reality, not to outcomes.

What This Really Means

Russia's 2025 campaign exposes something deeper than tactical vulnerabilities. It shows that crisis management systems designed for good-faith emergencies break under adversarial pressure. Every assumption we make about mutual aid, resource sharing, coordination windows, and communication becomes a potential weakness when someone's actively working to exploit them.

But I still see hope. We’re not breaking, not yet. Not completely.

Europeans find ways to adapt under pressure. New coordination mechanisms emerge because they have to. Civilian authorities maintain control even when military escalation might seem easier. When formal structures fail, informal networks hold. When traditional responses prove inadequate, innovation fills the gaps.

The campaign succeeds in revealing our vulnerabilities. It fails to break our capacity to respond. Maybe our first response is clunky, ugly, and uncoordinated…but the second one will be better, as will the third, and on and on.

The Path Forward

The transformation from emergency management to something more, lets call it security governance, isn't optional anymore. Gray zone operations are the new normal, whether from nation-states, criminal networks, or hybrid threats we haven't imagined yet. The tactics stressing European aviation and maritime systems work just as well against financial networks, healthcare systems, or any critical infrastructure that depends on coordination.

Success in this environment requires professionals who understand both traditional emergency response and adversarial dynamics. It needs systems capable of sustained operations under intentional stress. It demands frameworks that integrate intelligence, operations, and planning across domains that have always operated separately.

Most importantly, it requires us to admit that the old model is broken. Not failing. Broken.

The question facing senior professionals isn't whether to make these changes. It's whether we'll make them fast enough. And to what level of government. National only? State? Local? Regional? Things look very different outside capital cities and well funded programs.

The next campaign won't wait for budget cycles or strategic plans or committee approvals. The gray zone exists right now, persistent and patient, probing for the coordination failures that turn manageable incidents into cascading crisis.

How we answer this challenge determines more than professional practice. It determines whether the systems our communities depend on can function when someone's working to break them. Whether civilian governance can maintain legitimacy under pressure. Whether democratic societies can respond to authoritarian tactics without becoming authoritarian themselves.

The stakes? They're not just professional. They're existential. And we can’t do it alone. It requires the whole of government approach we’ve discussed for years.

The professionals adapting to gray zone reality aren't working in isolation—they're part of The Forum at Crisis Lab, professional infrastructure for senior leaders navigating exactly these challenges. Our members across government, private sector, humanitarian, and international organizations engage in monthly strategic dialogue about emerging threats, coordination frameworks, and policy responses that span traditional boundaries, accessing executive briefings with NATO, UN, and EU leadership, industry interviews with domain experts, and ongoing peer consultation that keeps them ahead of evolving gray zone tactics. When the next campaign emerges—and it will—Forum members won't be writing new playbooks alone but drawing on trusted professional infrastructure designed for the interconnected world they actually operate in, where senior professionals discover they weren't imagining the complexity and find the peer network and expert insights to shape how institutions respond. Learn more about Forum membership →