Cyberattacks, Hybrid Warfare, and the Fight for European Sovereignty: A Conversation with Sekoia.io CEO Freddy Milesi
Cyberattacks are no longer the stuff of Hollywood thrillers or fringe IT anxieties. They are now weapons used by hostile governments and organized crime, posing a threat to the infrastructure underpinning modern economies.
That was the warning delivered by Freddy Milesi, founder and CEO of Sekoia.io, at the first edition of Les Matins de l’Initiative Tibi, a breakfast series hosted by Revaia in Paris. Revaia led Sekoia’s €26M Series B funding round in April 2025.
The conversation, moderated by Revaia Director Hadrien Comte, drew together investors and business leaders to confront a question that has moved from the margins to the mainstream: How can France and Europe defend their sovereignty in cyberspace?
The answer, as Freddy laid it out, is both urgent and surprisingly optimistic. But he argues that’s only the case if Europe makes the right moves in the next few years.
The Lines Have Blurred
Freddy, a serial entrepreneur who has been working in cybersecurity since 2008, described a threat landscape that has fundamentally changed in recent years. Of course, to some degree, anyone working in cybersecurity will say that’s always the case. It’s never been a static industry, but one that must constantly adapt to the latest evolution in threats.
And yet, Freddy said there has been an acceleration of some key fundamental dynamics that is raising the stakes.
In the past, there was a clear line between categories: criminal hackers on one side, government-backed actors on the other. That no longer applies. Now there is a deep pragmatism in cyberspace. Everyone uses everyone else’s tools. States have effectively merged with criminal hacking groups, using the overlap to obscure attribution and extend their reach.
“What we see is that there is no border at all between attacking groups that have an appetite for financial crime, actors who are sponsored by states who want to have an impact and destabilize a country,” he said. “What we see is that there is a pragmatism in cyberspace. Everyone uses everyone's tools. Because there is a strong return on investment. From a crime and industry point of view, an attack tool costs nothing.”
Attack tools cost virtually nothing to develop, require only a handful of skilled operators, and deliver enormous returns.
And it’s not just the usual suspects. While countries like Russia, China, Iran, and North Korea have long been associated with offensive cyber operations, Freddy noted that roughly 25 nations now have the capacity to launch cyberattacks. The OECD had anticipated this proliferation, he said, particularly the emergence of offensive cyber units within national militaries across an expanding number of countries. In some cases, cyber operatives train in military-style programs for several years, then move into the private sector as mercenaries offering their services to the highest bidder. It has become a genuine industry.
“The opportunity to be able to have spheres of influence and take offensive action is considerably expanded,” he said.
The other boundary that has collapsed, Freddy said, is the one between the digital and physical worlds.
An attack on a hospital can threaten national security. A strike on an industrial supply chain can halt production lines for weeks. He pointed to the 2025 attack on Jaguar Land Rover as a graphic case study. The incident began with what is presumed to be social engineering and developed into a full-blown crisis, forcing the automaker to shut down production lines and its SAP systems. The direct financial impact was estimated at nearly €200 million, including the impact on the company’s supply chain, and the ripple effects across the UK’s GDP.
Cyber Is Europe’s Next Chance
Freddy was candid about Europe’s current strategic position in cybersecurity.
The continent’s dependence on non-European technology became painfully clear during the Covid-19 pandemic, and then again with the conflict in Ukraine. As Freddy told the audience, Europe missed a major turning point with the rise of cloud computing more than two decades ago, leaving it deeply reliant on American hyperscalers.
But in cybersecurity, the window of opportunity is still open, he argued. The trend to watch, he said, is “platformization.” Four major global platforms are consolidating the cybersecurity market. That includes two tied to hyperscalers (Microsoft and Google) and two independent players (Palo Alto Networks and CrowdStrike).
For Freddy, the strategic risk is straightforward: these platforms pull in vast amounts of data, and cybersecurity data provides a real-time view of a company’s health, revealing its vulnerabilities, its defenses, and the effectiveness of its security teams.
The opportunity for Europe, Freddy argued, is to build the first open, interoperable, trusted cybersecurity platform. This vision would play to European strengths of openness and ecosystem collaboration rather than trying to replicate the monolithic American model.
That is precisely what Sekoia.io is building.
Not a Black Box
Freddy was emphatic about what sets Sekoia.io apart: transparency and interoperability. Coming from backgrounds in cybersecurity consulting, defense, and intelligence, the Sekoia team has a deep aversion to black-box security products. Major vendors today sell opaque solutions, he said, and that opacity will only worsen as AI becomes more embedded in security tools.
Sekoia.io’s philosophy flips this model. The company positions strategic autonomy as a central feature of cybersecurity. Enterprise clients want control and insight into how their data is handled, and the freedom to choose their own security tools. Sekoia.io provides a single platform for reasoning about threats and acting on them, while integrating with more than 300 third-party tools, enabling organizations to enhance rather than replace their existing security stack.
Critically, Sekoia.io also built its own threat intelligence capability, with a team of 20 dedicated researchers. It’s the largest such team in Europe. Freddy stressed that there was no trusted European source of threat intelligence before Sekoia created one. If your perception of the threat landscape is defined by non-European actors who may not share your strategic interests, he argued, you already have a bias baked into your defenses.
AI: Accelerating Attacks, Accelerating Defense
The conversation unavoidably turned to artificial intelligence, and Freddy left no doubt about the scale of transformation underway. Small groups now have fully industrialized attack capabilities, he said. They can automate their attack playbooks, making phishing campaigns far more sophisticated by using contextual language that tailors interactions and creates highly convincing pretexts. This allows them to compress what used to take 12 to 24 hours into about 15 minutes.
The defense, Freddy said, must match this acceleration. Detection times for advanced persistent threats used to average 213 days. Today, the game is about real-time response, measured in seconds. Every cyberattack is a process with multiple stages, and each stage represents an opportunity for detection and response.
“Each step of the process is an opportunity for detection,” Freddy said. “So we need a system that will, each time, offer this opportunity to stop the attack process as soon as possible. So the challenge is to deploy machines to defend themselves against machines.”
Going Global from a European Base
Sekoia.io’s ambitions extend well beyond France. The company already operates through major partners, including Orange Cyberdefense and Thales, protecting hundreds of organizations across Europe, Canada, and Australia, and has partnerships on both coasts of the United States. After attending the India AI Impact Summit, Freddy was positive about the opportunities for European tech companies in emerging markets, including India, Indonesia, Thailand, and Brazil. These are markets where European companies are seen as trusted partners, he said.
To succeed there, however, requires talent. Freddy acknowledged that there is a fierce global war for skilled engineers and cybersecurity professionals, noting that Sekoia.io recruits across Europe to find the right expertise. He pointed to companies like Datadog as sources of talent with the rare combination of youth, fluency in modern tech, and experience operating at a massive scale.
Freddy also highlighted the importance of creating the right conditions for European cybersecurity players to scale.
He argued that if Europe wants sovereign cybersecurity, it needs to support the emergence of trusted local champions by levelling the playing field through stronger public procurement and a realistic view of where the continent can compete.
“The opportunity is for Europe to create a hard cyber asset, with a platform in which European values of openness and interoperability are hardcoded into the code,” Freddy said. “The most important question is: do we want to entrust the digital health of our societies to foreign hands?”
With Revaia’s backing, Sekoia.io is making the case that Europe has the technology to pursue this vision. Policymakers need the ambition to match.
Photographies © Hermance Triay