Who Is Really Responsible for Protecting Subsea Cables?

At a Glance

• Commercial cable operators are increasingly expected to defend against sabotage and hostile state activity, but the authority to challenge, board, or remove vessels operating near critical assets sits with state authorities, not with the operators carrying the cost.
• The designation of subsea cables as critical national infrastructure has expanded faster than the government engagement that designation implies, leaving private companies absorbing security obligations typically reserved for the state.
• Cable resilience is increasingly being delivered through redundancy — additional routes and capacity that allow traffic to be rerouted around damaged cables — but new-route approvals can take more than six years in some jurisdictions, slowing the resilience strategy that infrastructure expansion is meant to enable.
• New Zealand is the working example of a model where the government accepts a defined role in protecting critical subsea infrastructure, with a trusted intelligence intermediary bridging operators and public authorities.
• The next phase of subsea cable protection will be defined by detection technology and the legal, regulatory, and operational frameworks that turn what is detected into coordinated action between operators and government.

A Responsibility Operators Did Not Choose

Subsea cables now carry more than 95% of intercontinental data. They underpin the global financial system, the commercial cloud, defense and intelligence communications, and the AI infrastructure being built out at an unprecedented pace. Their importance is recognized, but their protection is not equally structured.

Commercial cable operators were built to manage operational risk such as accidental damage, anchor strikes, geological events, and equipment failure. They were not built to defend against state-actor sabotage, nor against the surge in vessel activity that follows when geopolitical events redraw trade routes overnight. Yet that is increasingly the threat profile the industry is being asked to absorb, often without a corresponding shift in who has the authority to respond.

Operators are investing heavily in monitoring, threat detection, and behavioral analytics, and the capability to identify a vessel of concern operating near a cable in near real time is increasingly within reach. The constraint sits one step downstream. Preventing an incident may require challenging or removing a vessel, boarding it, or compelling it to identify itself, authorities that sit with naval, coastguard, and law enforcement bodies, rather than with the private company watching the screen.

When Detection Is Not Enough

This gap is not theoretical. Operators have described repeated cases where vessels near cable routes do not respond to communications, switch off AIS after being contacted, or return to the same area across seasons. The pattern is industry-wide. Windward recorded more than 2,700 events globally where vessels remained near cable routes for over 24 hours during a single quarter, alongside 2,202 flag of convenience activities representing 23.3% of all cable-proximate events, marking a scale of behavior that traditional incident reporting was never designed to capture.

The distinction between accidental damage and deliberate sabotage matters legally, but from an operational standpoint, the pattern of behavior before an incident is often more diagnostic than the label applied afterward. A fishing vessel that repeatedly enters a cable protection zone, returns the next season, and ultimately damages a cable is exhibiting a pattern that traditional incident classification cannot price or prevent. So is a vessel that operates AIS-dark in proximity to cable infrastructure across multiple voyages, regardless of which flag it sails under.

What both cases have in common is that the pattern is visible before the incident. What both cases also have in common is that recognizing the pattern early is what separates operators who absorb the next incident from those who can act on the warning signs in time.

Resilience Through Redundancy, Paced by Approval

The industry’s working answer to this gap has been to invest in resilience through redundancy — expanding the number of cable routes, increasing network capacity, and ensuring traffic can be rerouted when individual cables are damaged. This is a sensible strategy. It treats some level of incident as unavoidable and focuses on minimizing the consequences rather than preventing every cause.

The friction is regulatory. Subsea cables by design cross multiple jurisdictions, and Congressional Research Service analysis notes that U.S. permitting alone involves local, state, federal, and international layers, each applying distinct review standards. Industry analysis has flagged that coordinating across these layers can extend project timelines well beyond initial planning assumptions, slowing the redundancy build-out that the security environment now requires.

A faster approval cycle is itself a security investment. Every year of delay on a new route is a year of concentrated dependency on existing routes, the same routes carrying the same traffic patterns that hostile actors have had time to map.

What New Zealand Shows Is Possible

The clearest working example of a different model comes from New Zealand, where the government has accepted a defined role in protecting critical subsea infrastructure. National Security and Intelligence Minister Christopher Luxon ordered a review of critical underwater infrastructure in 2025, and Assistant Transport Minister James Meager has since commissioned 10 government initiatives to counter cable vulnerabilities, eight of which are already done or underway as of mid-2026. A trusted intelligence intermediary operates between cable operators and public authorities, providing a shared maritime intelligence layer that both sides can act on.

The architecture matters. Cable operators retain the operational picture of their own assets. Government retains the authority to act on threats that exceed the operator’s mandate. The intermediary closes the gap by providing both sides with a common, verifiable intelligence base, sensor-confirmed vessel positioning, behavioral history, and identity verification, so that decisions about whether to intervene and how are made on the same evidence.

This integrated model is not yet the dominant approach across European jurisdictions, though significant progress is being made. The EU Action Plan on Cable Security, adopted in February 2025, established the first coordinated approach to subsea infrastructure protection at the Union level, and the February 2026 Cable Security Toolbox provides strategic and technical measures for member states. Yet holding vessels accountable for damage remains legally complex even when evidence is clear, with the October 2025 Finnish court dismissal of charges in the EAGLE S cable damage case illustrating how jurisdictional limits under existing maritime law can constrain prosecution. 

The growing designation of subsea cables as critical infrastructure across European policy frameworks is driving greater public-private cooperation, and the New Zealand model offers a tested blueprint for what that cooperation can look like in practice.

What the Next Phase Will Be Defined By

The next phase of subsea cable protection will be defined by two foundations advancing in parallel: the detection technology that gives operators a complete picture of vessel activity, and the legal, regulatory, and operational frameworks that turn what is detected into coordinated action. Both matter. Neither works fully without the other.

Detection capability continues to mature. Multi-source intelligence, fusing SAR, EO, RF, AIS, and behavioral analytics, gives operators a level of situational awareness that did not exist five years ago. The investment continues, the capability deepens, and the operational picture available to a cable owner today is fundamentally different from what was available even a few years ago.

What is being built alongside it is the framework that lets detection translate into action. Operators have the visibility. Governments have recognized submarine cables as critical national infrastructure and are now translating that recognition into binding legal obligations. The work now is connecting the two, building the legal, regulatory, and operational scaffolding that lets each side do its part. Both halves are advancing. The next phase of cable protection will be defined by how quickly they converge.