Why Execs and CISOs Must Treat Cyber Threats as Statecraft

Staff Editor 2026-06-03
Why Execs and CISOs Must Treat Cyber Threats as Statecraft

Why Execs and CISOs Must Treat Cyber Threats as Statecraft

https://www.infosecurity-magazine.com/news/execs-cisos-must-treat-cyber/

Publish Date: 2026-06-03 04:15:00

Source Domain: www.infosecurity-magazine.com

Cyber, AI and geopolitics are now inseparable, according to Bharat Thakrar, board director at ISACA’s London Chapter.

Speaking to an audience of cybersecurity leaders at Infosecurity Europe 2026, Thakrar warned that treating security as purely an IT problem is like “a turkey concluding its human caretaker is benevolent the day before Thanksgiving,” – a vivid reminder that incomplete context can be catastrophic.

Thakrar used the 2014 Sony Pictures Entertainment data breach as a milestone, where the wider public realized that state‑aligned actors could target a commercial company, leak sensitive material, proving that “private firms are geopolitical actors” and can become legitimate targets for reasons far beyond finance.

He emphasized that the more recent attacks against Viasat in Ukraine in 2022 and Stryker in 2026 underscored this trend.

He also warned about growing covert foreign IT workers schemes, notably coming from North Korea, that can create insider access.

“How many companies would even spot this?” He argued for revamped HR vetting, tighter access controls and pre‑delegated authority so executive teams can act without delay.

ISACA’s Geopolitical Preparedness and Response Framework

To translate that insight into action, Thakrar proposed a pragmatic four‑step framework he called Cyber Geopolitical Preparedness and Response (CGPR).

Designed to make geopolitical risk operational for boards and security teams, CGPR is built around four pillars:

  • Assess exposure: map where you operate, critical assets, vendor dependencies and associations that could make you a target
  • Evaluate readiness: test how quickly you can shift operations, relocate data, scale security operations centers (SOCs) and accelerate patching or recovery
  • Plan response: define playbooks, authority lines and a war‑room composition that includes legal, finance, HR and operations
  • Continuous monitoring: run horizon scans across threat intelligence, dark web chatter and…

Source

More Stories

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

Staff Editor 2026-06-06
Three highlights in latest DHS spending bill

Three highlights in latest DHS spending bill

Staff Editor 2026-06-05
Mountain Rides resolves cybersecurity threat | Transportation

Mountain Rides resolves cybersecurity threat | Transportation

Staff Editor 2026-06-05

Terms and Conditions - Privacy Policy