Cyber security threats are increasingly intertwined with global politics, playing a growing role in both shaping and reflecting international relations and geopolitical tensions.
While nation-states have long used cyber operations covertly for espionage and intelligence gathering, they are also critical tools for achieving broader strategic objectives—whether economic, political, or military. Governments have increasingly begun disclosing these activities more openly, to raise awareness about the real-world impacts these operations can have on everyday life.
At the same time, the overlap between geopolitical tensions and cyber crime has deepened, creating a grey area where financially motivated cyber criminals align, knowingly or tacitly, with state interests. In some cases, these actors have targeted organisations not just for profit, but based on ideological beliefs, further blurring the lines between cyber crime, espionage and cyber attacks.
Regulatory divergence further complicates the landscape – businesses operating in multiple regions must navigate an evolving web of compliance obligations, sanctions regimes, and regional cyber security mandates. CISOs must balance these challenges while ensuring their organisations can continue to operate seamlessly on a global scale.
Understanding the extended supply chain
In recent years, resilience has become a central theme in cyber security and risk discussions. There is a growing recognition that supply chain security is fundamental to operational resilience. Given the complexity and interconnectedness of current digital supply chains, simply assessing third-party suppliers is no longer sufficient. Organisations must now extend their oversight to include fourth, fifth and nth parties. These ‘suppliers of your suppliers’ create a complex web of dependencies that can introduce hidden risks into your organisation.
While gaining visibility into these extended relationships is challenging, it is essential. As demonstrated by incidents such as MOVEit and Solarwinds, it is often the lesser-known, but deeply embedded suppliers (rather than the obvious ones like the leading Cloud services providers) that can have an outsized impact due to their interconnectivity with thousands of organisations across the supply chain.
Geopolitical volatility adds an additional layer of complexity to supply chain security. Beyond individual supplier assessments, organisations must consider additional geopolitical risk factors such as region of operation, regulatory environment, and ownership structure – that can influence the supplier’s risk profile. Incorporating these considerations into existing supply chain mapping efforts helps organisations build a more complete view of their key dependencies, particularly those supporting critical business functions and technologies. It will enable them to better anticipate disruptions and strengthen their resilience against new and previously unknown scenarios.
Building resilience through collaboration
Geopolitical incidents can escalate quickly and CISOs must ensure that their incident response plans account for potential breaches at suppliers at risk to geopolitical tensions. Additionally, they should also consider the concentration risks posed by their suppliers and how certain geopolitical factors could amplify that risk. The cascading effects of such incidents can be particularly severe when multiple organisations within the same industry rely on identical suppliers. This concentration potentially creates a single point of failure that adversaries can exploit to maximise impact.
Collaborating across the industry can help identify suppliers where an incident could have a systemic impact. While many organisations and groups already share threat intelligence, this collaboration should be taken one step further to include information about critical suppliers and associated risks. By sharing individual supplier security assessments, businesses can collectively improve the security of these shared providers, and in turn, the resilience of the sector itself. This kind of collaboration helps identify otherwise hidden dependencies and highlights where multiple organisations may be at risk of a disruption due to a single incident. With this visibility, organisations can collectively take a proactive approach to mitigate risks before an issue escalates to a sector-wide incident.
Adapting to the new reality
As cyber threats evolve alongside rising geopolitical tensions, organisations must prepare for an era of persistent volatility. Those that do will not only enhance their resilience, but position themselves to gain a competitive edge.
We are entering a phase where geopolitical issues should be seen as an additional domain of supply chain security. Just as security leaders have adopted an “assume breach” mindset, that should be extended to “assume volatility,” that should be applied across the extended supply chain. By embracing this broader perspective, organisations can better anticipate threats, understand systemic risks, and respond more effectively when incidents occur.
About the Author
Justin Kuruvilla is Chief Cyber Security Strategist at Risk Ledger. Risk Ledger is a pioneering third-party risk management platform that revolutionises supply chain security through a powerful, unified solution. By onboarding and connecting your entire supply chain into an active network, Risk Ledger provides real-time insights to identify concentration risks and emerging threats. Our dynamic network-based model offers a clear view of your entire supply chain, enhancing your ability to visualise and manage risks effectively. With immediate access to a vast, trusted supplier network and continuously updated risk assessments, Risk Ledger streamlines risk management processes, reduces manual workload, and empowers you with unparalleled clarity and control across all supply chain tiers.
