Cybersecurity, AI, and Geopolitics: A New Paradigm for Business Security
In a striking address at Infosecurity Europe 2026, Bharat Thakrar, board director at ISACA’s London Chapter, asserted that the domains of cybersecurity, artificial intelligence (AI), and geopolitics have become inextricably intertwined. His comments resonate with the current landscape where traditional boundaries of IT security are increasingly blurred, necessitating a broader understanding of geopolitical risks.
During his speech to a gathering of cybersecurity leaders, Thakrar offered a vivid analogy, cautioning that considering security solely as an IT issue is akin to "a turkey concluding its human caretaker is benevolent the day before Thanksgiving." This stark reminder emphasizes the perils of neglecting the broader context; incomplete awareness can lead to catastrophic outcomes.
He pointed to the landmark 2014 data breach at Sony Pictures Entertainment, an event that served as a wake-up call to the public regarding the implications of state-sponsored cyberattacks. The breach underscored a critical shift in perception: that private companies are not just economic entities but also geopolitical players, exposing them to attacks that go far beyond mere financial gain. This had profound implications for how organizations view their security posture, highlighting the fact that they can become legitimate targets for states with strategic agendas.
Thakrar emphasized the urgency of this issue by referencing more recent cyber incidents, such as the attacks on Viasat during the conflict in Ukraine in 2022 and the systems at medical technology company Stryker in 2026. These incidents further illustrated a worrying trend—attacks on private corporations are becoming a fixture in global geopolitical disputes, stretching the understanding of risk that businesses must contend with.
Furthermore, Thakrar raised alarms about the growth of covert foreign IT worker schemes, particularly those emanating from North Korea. These illicit operations can potentially provide insider access to organizations, significantly amplifying security vulnerabilities. He questioned, “How many companies would even spot this?” emphasizing the critical need for enhanced Human Resources (HR) vetting processes, more stringent access controls, and pre-delegated authority that allows executive teams to respond rapidly in times of crisis.
To translate this understanding into actionable strategies, Thakrar introduced a robust framework known as Cyber Geopolitical Preparedness and Response (CGPR). This pragmatic plan consists of four essential pillars:
-
Assess Exposure: Organizations must undertake a thorough evaluation of their operational landscapes, identifying critical assets, vendor dependencies, and any associations that may render them targets.
-
Evaluate Readiness: Companies need to test their agility in responding to crises, including their ability to relocate data, scale up Security Operations Centers (SOCs), and expedite patching or recovery efforts.
-
Plan Response: It is imperative to create detailed playbooks and establish clear lines of authority and responsibilities, incorporating various departments such as legal, finance, HR, and operations into the response strategy.
- Continuous Monitoring: Regularly scanning for intelligence in dark web discussions, social media trends, and general threat indicators is essential for detecting early warning signs and refining security controls.
In his call to action, Thakrar also advised organizations to prepare for what he termed a "heightened state" of readiness, akin to DEFCON levels of military alertness. He recommended developing explicit crisis triggers that would signal when an organization needs to shift from routine operations to a heightened state reminiscent of war footing. In such an environment, priorities would shift dramatically, necessitating critical patching, freezing non-security changes, expanding SOC operations, strengthening identity controls, and preparing for temporary service trade-offs.
Thakrar’s emphasis on conducting regular geopolitical stress tests was particularly striking. He urged organizations to engage in prolonged, nation-state style tabletop exercises rather than merely rehearsing short ransomware response drills. He queried the audience, “When was the last time you ran a tabletop for a prolonged nation-state campaign?” The silence that followed underscored the discrepancy between current practices and the evolving threat landscape.
As cyber threats become increasingly interlinked with physical military operations, Thakrar warned of the necessity for updated incident response playbooks that consider both cyber signals and physical indicators. The hybrid nature of these threats, where cyber reconnaissance can precede kinetic or operational technology disruptions, is a growing concern, demanding that organizations adapt their strategies accordingly.
The overarching message from Thakrar’s presentation was both urgent and pragmatic. Cybersecurity leaders, executives, and Chief Information Security Officers (CISOs) are urged to rethink their approach, recognizing that cyber issues extend beyond mere technicalities and into the realm of statecraft. Thakrar concluded with a resolute recommendation: “Start with a geopolitical stress-test this quarter. Prepare a one-page board briefing that maps exposure and response thresholds and fix HR and vendor controls now.” In doing so, organizations can better navigate the complex and perilous landscape that lies ahead.