The expansion of cognitive warfare, and how to cope with it

At the 2026 NATO Conference of Commandants held in June, military education leaders from allied and partner nations gathered around a theme that explicitly framed the human mind as a battlespace and cognitive resilience as a core component of future preparedness. The discussion reflects an ongoing shift in strategic thinking, from reactive approaches to cognitive threats toward a more proactive logic of societal resilience across multiple levels.

 

Cognitive warfare: targeting the human mind and trust

Cognitive warfare refers to activities designed to influence cognitive processes in order to shape perception, decision-making, and behavior. It is not a new phenomenon, but its strategic relevance has increased with the rapid development of information and communication technologies, which have expanded the scale, speed and granularity of influence operations.

Within NATO’s conceptual work and broader academic debates, cognitive warfare sits within the hybrid threat spectrum. It operates below the threshold of conventional military activity and intersects with cyber and information warfare.

In this context, cyber warfare targets infrastructure, systems and data. Information warfare shapes narratives and communication flows. Cognitive warfare extends this logic further, shifting the object of influence from external information environments to the internal processes of cognition and decision-making through which individuals and societies perceive, interpret, and respond to stimuli. It draws on behavioral science and psychology, and in some interpretations extends to neuroscientific approaches. It can be integrated with diplomatic, economic and military instruments within broader hybrid strategies and is increasingly understood as a mode of action that operates across societal human capital.

Its strategic relevance is ultimately tied to trust. Cognitive warfare can erode confidence in institutions, governance systems and shared social contracts. The very features that underpin liberal democratic resilience, open information ecosystems, free public debate and widespread digital participation, also expand the surface for exploitation. By leveraging behavioral biases and large volumes of publicly available data, adversaries can generate strategic effects at relatively low cost, bypassing traditional military domains while undermining societal cohesion.

 

Adversarial approaches: disruption versus cognitive conditioning

Although cognitive warfare is increasingly recognized as a common feature of contemporary strategic competition, different actors pursue distinct cognitive objectives, reflecting divergent strategic constraints and ambitions.

For instance Russia uses cognitive warfare primarily as an instrument of strategic compensation. As Moscow’s geopolitical objectives continue to exceed its available political, economic and military means, cognitive operations provide a relatively low-cost tool to narrow this gap. Rather than seeking to construct coherent narratives, Russian approaches aim to weaken the conditions under which coherent narratives can emerge at all in other societies. By normalizing uncertainty, amplifying ambiguity and eroding institutional trust, the objective shifts away from persuasion and towards the gradual reduction of collective will and capacity to process, evaluate and act upon information. This produces environments characterized by hesitation and inaction, thereby expanding Russia’s room for maneuver while constraining adversarial cohesion.

 

Read also: Understanding Russian disinformation strategies inside and outside the country

 

The 2024 electoral cycle in Moldova, including the October referendum on EU integration, illustrates this logic. Russian-linked operations combined financial influence, coordinated disinformation campaigns and pyramid-like mobilization structures aimed at vote manipulation. Narratives were anchored in pre-existing societal vulnerabilities, including fears of territorial loss, identity dilution and erosion of traditional values, while simultaneously reinforcing a sense of systemic helplessness and institutional incapacity. The scale and layering of interference contributed to an environment in which fraud and manipulation appeared structurally difficult to contest, regardless of formal safeguards or individual action. Moldova nevertheless resisted, albeit thanks to a narrow majority at the polls, showing that cognitive resilience is a continuous process of contestation.

China follows a different cognitive logic priority. Rather than primarily exploiting instability, Beijing seeks to shape the cognitive environment over time. Cognitive operations are embedded within a broader system of political influence, economic incentives, technological ecosystems and information management, aimed at progressively aligning perceptions with China’s long-term strategic positioning. The emphasis is less on disruption than on the gradual structuring of the environment in which perceptions and decisions are formed.

Taiwan illustrates this approach particularly clearly. Chinese cognitive activity vis-à-vis the contested island combines coercive pressure (e.g., PLA’s military intimidation), selective incentives and information distortion. The aim is to simultaneously increase the perceived costs of resistance, enhance the attractiveness of engagement, and fragment the informational environment in which political judgments are formed.

 

Read also: China’s networking foreign policy versus Trump’s disruptive challenge

 

These contrasting approaches highlight an important analytical distinction. While both Russia and China employ elements of cognitive disruption and cognitive shaping, their strategic emphasis differs. Russia primarily weaponizes cognitive disruption as a substitute for material power asymmetries, while China prioritizes cognitive structuring as an extension of long-term strategic influence. Both operate on cognition, but through different temporal horizons, instruments and strategic logics.

The distinction can have direct policy implications for the selected targets. When the target is an entire country, or a large political community such as the European Union, strategies aimed at countering disruption, through resilience against ambiguity and trust erosion, may prove insufficient when confronted with long-term cognitive structuring through which a specific interpretive lens is progressively embedded in the way a society perceives and processes reality.

This widening gap calls for cognitive security as an integrated framework, capable of bringing together information, instruments, techniques and objectives into a single analytical space. Its core challenge lies in connecting these dispersed elements into a coherent understanding of how influence operates and what it produces, with the objective of protecting Western societies’ capacity for reasoning and collective decision-making, while preserving the openness and freedoms that define liberal democracies. The challenge is therefore not only to build resilience, but to do so without eroding the very characteristics that distinguish liberal democracies from the adversarial models they seek to resist.

 

European responses: strengthening information integrity

European policy has significantly expanded its response to foreign information manipulation and interference, with a growing focus on safeguarding the integrity of the information environment. Over the past years, this has translated into a more structured policy architecture for information resilience.

At the EU level, initiatives such as the Digital Services Act, the framework on Foreign Information Manipulation and Interference, the emerging European Democracy Shield, and the work of the European External Action Service StratCom Task Forces point in the same direction: greater transparency obligations for platforms, improved detection capabilities and stronger institutional coordination.

Alongside this EU framework, several Member States have developed national instruments reflecting similar but context-specific approaches to information resilience. In France, VIGINUM (attached to the General Secretariat for Defence and National Security (SGDSN), which operates under the direct authority of the French Prime Minister) has institutionalized a dedicated capability for monitoring and analyzing foreign digital interference, operating on publicly available online data, particularly during electoral periods. In Sweden, the Psychological Defense Agency represents one of the most explicit institutionalizations of cognitive resilience in Europe, focused on identifying and countering foreign information influence. In Spain, the Plan de Acción por la Democracia introduces measures aimed at increasing media transparency, reinforcing pluralism, and countering disinformation, with an emphasis on democratic safeguards and institutional trust. In Italy, the proposed “Democratic Shield against Foreign Interference” legislative initiative reflects an emerging effort to systematize national responses to information manipulation, with a focus on coordination among authorities and improved detection and response capacity.

 

Read also: The State of the European Union: a continent at a crossroads

 

Taken together, these instruments reflect a maturing policy architecture centered on information governance. Their common denominator lies in reducing exposure to manipulation, improving attribution of hostile activity, and reinforcing the resilience of the information space. Yet they remain largely anchored in the governance of information flows rather than the dynamics of cognition itself.

As cognitive operations become more adaptive, personalized and behaviorally driven, the gap between information integrity and cognitive resilience becomes increasingly structural, pointing to the need for an evolution of current approaches that treat exposure as the primary vulnerability.

 

From information integrity to cognitive security

The evolution of cognitive operations reveals a growing misalignment between existing policy frameworks and the level at which strategic competition is increasingly unfolding. European responses have progressively strengthened the governance of information environments, reflecting an expanding effort to reinforce information integrity and institutional resilience.

Over time, however, the center of gravity of influence has shifted from the information environment to the the cognitive domain. The strategic objective is no longer simply to influence the information individuals are exposed to, but to shape how they perceive, interpret, judge and ultimately make decisions. This shift exposes the limits of approaches that remain primarily anchored in information-layer interventions, as they do not fully capture the mechanisms through which cognition itself is influenced.

 

Read also: Ten lessons for Europe from future wars past

 

Within this trajectory, cognitive security is emerging as the next stage in the evolution of current frameworks. It builds on existing instruments while expanding their analytical and operational scope towards the perceptual and behavioral conditions that enable manipulation in the first place. Rather than focusing exclusively on identifying and countering hostile operations, it addresses the vulnerabilities through which such operations become effective.

In this sense, cognitive security extends beyond the logic of cognitive warfare, offering a broader defensive framework informed by insights from psychology and neuroscience. Its objective is to strengthen how individuals and societies perceive, process, and safeguard knowledge in an environment characterized by covert and continuous strategic influence.

The shift towards cognitive security and resilience also has important implications for the ecosystem of actors involved. By reframing the challenge as the protection of a cognitive system rather than a domain of geopolitical competition, it becomes more naturally compatible with a whole-of-society approach and broadens the range of stakeholders that can meaningfully contribute.

Large companies, technology providers and consulting firms are often hesitant to engage in domains framed in terms of grey-zone confrontation, where attribution is uncertain and involvement may raise concerns regarding neutrality, independence, or reputational exposure. A security-oriented framing helps reduce these frictions by shifting the focus towards systemic resilience rather than strategic positioning.

In this sense, the logic is similar to cybersecurity: While threat actors and motivations remain part of the analytical background, major private actors do not frame their services within the logic of “cyber warfare” but instead contribute to strengthening cyber posture and resilience. In the same way, a cognitive security framing would allow these actors to engage constructively on system protection, without being drawn into contested narratives of conflict or strategic confrontation that their organizational models are not designed to accommodate.

Oblique Map of Southwest Pacific – US Geological Survey, 1982

 

A cognitive security agenda

Building on this conceptual shift, both the European Union and national governments will need to evolve their policy approaches accordingly. Moving beyond the current focus on information governance, cognitive security calls for a more operational agenda structured around three complementary directions.

First, strengthening cognitive resilience at societal level, not only through awareness of disinformation dynamics, but by strengthening the public’s understanding of how cognitive processes shape the individual interpretation of information. This implies a shift from “what to think” to a deeper understanding of “how thinking is shaped”, including how cognitive biases are activated in complex information environments down to the level of the single human brain. This also requires recognizing that societies do not respond uniformly: Cultural and cognitive differences shape how influence is perceived and absorbed, as illustrated by Hofstede’s cultural dimensions framework, alongside emerging research in cultural neuroscience. Practically, the objective is to strengthen “sense-making” capacity: helping individuals connect fragmented signals into coherent patterns and recognize how cognitive biases can be activated, thereby reducing susceptibility to cognitive steering.

Second, clarifying key conceptual and operational elements to guide policy definition at both European and national level. As cognitive security enters the policy agenda, it is essential to ensure that its boundaries, scope and safeguards are clearly defined from the outset, in order to prevent future risks of overreach or perceived abuse of mandate. This is particularly relevant in light of recent national debates, such as those stemming from the proposed “Democratic Shield against Foreign Interference” policy, which have highlighted the sensitivity of framing and its political and institutional implications. This also raises an important governance challenge. Given the strategic nature of cognitive security, institutional mandates should be sufficiently robust to ensure continuity across political cycles and safeguard their independence from political interference. Otherwise, the very instruments designed to protect democratic reasoning risk becoming subject to political influence, ultimately undermining the trust they are meant to preserve.

Third, developing operational tools and analytical frameworks that translate cognitive security into practice. This requires moving beyond conceptual definitions towards structured methodologies capable of mapping how cognitive influence is designed, deployed and amplified. Building on existing risk-based approaches, such frameworks could adapt elements of cyber risk assessment, combining threat and vulnerability analysis, identification of defensive mechanisms, and continuous monitoring of exposure and impact.

A key component of this effort is the development of cognitive attack models, including the notion of a “cognitive kill chain”, which would allow analysts to describe influence operations as an end-to-end process: from initial targeting and narrative construction to amplification, internalization and behavioral outcomes. This would also enable a more systematic form of reverse analysis of societal vulnerabilities, identifying which cognitive biases, belief structures, or informational dependencies are most likely to be activated in different contexts, and therefore where resilience needs to be strengthened.

 

 

ChinasecurityRussiadefensemediaWestinformationsocietyEuropeEU