The Annual Threat Assessment of the U.S. Intelligence Community, released annually by the Office of the Director of National Intelligence (ODNI), highlights the most pressing threats facing the United States.

At OODA, we closely analyze this assessment, quickly identifying critical developments and shifts that business leaders need to understand. This year, we’ve noted several key nuances worth your attention. (Download and read the full report here).

The 2025 assessment underscores significant threats from state adversaries—China, Russia, Iran, and North Korea—as well as from nonstate actors, including transnational criminal organizations (TCOs) and terrorist groups.

As you review the below keep in mind a big trend captured by the intelligence community. Russia, China and Iran are working closer together. They also underscore the dramatically rapid pace of technology development and call out several concerning examples of adversary use of automation including drones.

Strategic Challenges from State Actors:

China

• China is regarded as the most comprehensive threat, combining military power, advanced technology, and economic coercion. Business leaders should be particularly alert to China’s actions affecting global supply chains, especially in semiconductors and critical minerals such as rare earth elements, gallium, germanium, and antimony.
• China’s strategic goal is to dominate key global supply chains, making international economies dependent on Chinese-controlled inputs and processes. Businesses must develop diversified supply chains to mitigate disruptions caused by China’s economic policies and coercive measures.
• China’s advanced cyber capabilities, demonstrated by campaigns such as “Volt Typhoon,” pose significant risks to critical infrastructure and corporate networks, suggesting a crucial need for robust cybersecurity measures.
• The geopolitical tensions around Taiwan are especially significant due to Taiwan’s central role in semiconductor manufacturing. Businesses dependent on these technologies must prepare contingency plans for potential disruptions arising from regional instability.

Russia

• The Russia-Ukraine conflict has direct implications for NATO-aligned countries and the global economic environment, including disruptions in energy supplies and increased commodity prices. The war’s continuation exacerbates risks of escalation, including potential cyber and nuclear threats.
• Russia remains a potent cyber adversary, with experience integrating cyberattacks into broader strategic operations. This calls for continued focus on cyber resilience, especially firms involved in critical infrastructure, healthcare, and finance.
• Sanctions and economic isolation have driven Russia to deepen alliances with China, North Korea, and Iran, complicating geopolitical landscapes and posing additional indirect risks to Western businesses operating globally.

Iran

• Iran’s advanced ballistic missile program and expanding cyber capabilities pose direct threats to regional stability and global commercial shipping, particularly through the Strait of Hormuz—a critical chokepoint for global oil supplies. Businesses reliant on Middle Eastern supply chains must maintain vigilant contingency strategies.
• Tehran’s alignment with Russia enhances risks to regional security and amplifies cyber threats targeting Western infrastructure and private-sector networks.

North Korea

• North Korea’s collaboration with Russia—particularly supplying munitions in return for technological support—reinforces the regime’s strategic capabilities and increases regional instability, notably impacting operations in East Asia.
• The country’s cyber capabilities remain significant, particularly in cryptocurrency theft and espionage aimed at defense and aerospace industries. Companies in these sectors should remain especially alert.

Nonstate Actors:

• Drug trafficking, particularly synthetic opioids like fentanyl, primarily sourced from China and trafficked via Mexico, remains a major health and safety risk, with implications for workforce productivity and healthcare costs.
• Human trafficking and forced labor operations by Transnational Criminal Organizations (TCOs) pose ethical and compliance risks, particularly for businesses involved in agriculture, manufacturing, and logistics.
• Cybercriminals continue to target inadequately secured sectors, including healthcare, water infrastructure, and financial services, reinforcing the need for enhanced cybersecurity measures.

Market and Supply Chain Risks:

• The dominance of Chinese manufacturing in critical sectors like pharmaceuticals, biotechnology, and electronics creates vulnerabilities in U.S. supply chains. Businesses should consider reshoring or friendshoring or diversifying their production and supply sources.
• Russia’s ongoing conflict and alignment with other adversaries amplify geopolitical risks, potentially affecting markets for energy, minerals, and agricultural commodities.
• Economic coercion by state actors, particularly China, through selective enforcement of regulations and trade barriers, can disrupt market access for foreign businesses, requiring adaptive market entry strategies.

Implications for Business Leaders:

To navigate these threats effectively, business executives have a great deal to consider:

• Strengthening cybersecurity frameworks and controls to defend against escalating cyber threats from both state and nonstate actors is not just a compliance drill, it can make the difference in survival in the modern age.
• This environment calls for diversifying supply chains, particularly reducing reliance on single-country sources for critical materials and products.
• Monitor geopolitical developments closely, particularly in East Asia and Eastern Europe, incorporating robust risk management and scenario planning practices. We recommend every company institute and formalize scenario planning processes.
• Increase resilience through robust incident response and business continuity plans addressing potential disruptions from geopolitical conflicts or cyber incidents.
• Ensure compliance and due diligence practices robustly address the risks associated with human rights abuses and forced labor within global supply chains.

By understanding and proactively addressing these threats outlined in the 2025 Annual Threat Assessment, business leaders can better secure their operations, reduce vulnerabilities, and maintain competitive advantages in an increasingly complex global environment.