AT Infosecurity Europe 2026, Bharat Thakrar of ISACA emphasized the need for executives to view cyber threats as matters of statecraft, not just IT issues. Using examples from the Sony Pictures breach and recent attacks on Viasat and Stryker, he highlighted that businesses are now geopolitical actors.
Thakrar proposed a four-step Cyber Geopolitical Preparedness and Response (CGPR) framework, urging companies to assess their exposure, evaluate readiness, plan accurate responses, and maintain continuous threat monitoring. He recommended adopting crisis triggers for heightened operational states and conducting geopolitical stress tests to prepare for nation-state attack scenarios. The call to action was clear: cybersecurity must be treated with urgency and strategic importance at the executive level.