Avani Desai, CEO of Schellman, explores how risk is being redefined in an evolving era of geopolitical cyber threats. This article originally appeared in Insight Jam, an enterprise IT community that enables human conversation on AI.

Typically, when a cyber-attack hits a business, there’s a reason. The bad actor in question wants to extract a set of data for their own nefarious use, sell it, or ransom it back to the company for a hefty payday. All of which are profoundly disruptive and damaging to business operations, financial stability, and broader reputation. A recent survey report from the World Economic Forum (WEF) shows just how prevalent attacks can be, finding that 73 percent of respondents reported that they or someone in their network had been personally affected by cyber-enabled fraud.

But the caveat to these attacks is that there’s a clear motive behind them. Cybersecurity experts can study attacks and build strategies to mitigate risk. But what do you do when there is no goal? How do you account for an actor that exists purely to cause chaos?

In a rapidly evolving geopolitical landscape, this is a reality businesses increasingly face. As it stands, most enterprise risk models were built around ransomware and data theft and fail to account for that kind of impact. As this trend spreads, more businesses are reframing their response to threats.

Reorienting Risk Modeling for Geopolitical Threats

The same WEF survey also highlighted a critical point regarding the genesis of cyber threats. The report found that 64 percent of organizations are accounting for geopolitically motivated cyber-attacks—this includes disruption of critical infrastructure or espionage.

So, attacks for the sake of chaos. This reality is driving a shift in risk modeling among businesses. Previously, there was an emphasis on where business operations are—where your sensitive data and valuable assets are, and how they are secured.

But now, with the prospect of a relatively simple payout or disaster recovery effort out the window, risk models are becoming much more focused on dependencies. Those dependencies offer a multitude of attack vectors for cyber-criminals, spanning supply chains, third-party vendors and partners, other critical relationships, and identity and access management (IAM) controls. This is especially true for organizations with government contracts, ties to critical infrastructure, or a deep connection to the global supply chain. Security posture is becoming less about ticking off boxes and more about understanding the interconnections that define a business’s position in geopolitics.

Identity & the Management Plane: A Critical Domain

One of the most critical dependencies in this geopolitical context is IAM and the management plane. If an attacker can penetrate the management plane, they effectively gain control of the entire environment and can issue devastating actions such as mass wipes. But even with the stakes so high, the management plane is often not as strictly governed as it should be.

Ownership, in many cases, remains incredibly fragmented, with various teams and roles involved but no clear responsibility defined. Even in large, more mature organizations, there’s still a misperception that identity and access management is a function handled by IT rather than a critical piece of risk management. The new threat landscape businesses face today requires IAM and the management plane as a whole to step forward as a focal point of any risk management strategy.

The organizations that succeed in this domain put much more emphasis on controlling access. Considerations around who has access to systems, how that access is granted, how access is tracked and monitored, and the urgency with which it can be revoked are all essential. These organizations also take more intensive steps, like continuously validating access and limiting standing permissions and privileges wherever possible, especially when dealing with third parties or external partners.

These simple steps aren’t necessarily a huge innovation, but they are foundational to the world we’re seeing develop today. Risk thrives when an organization can’t adequately maintain control over who should or should not be operating in its systems.

Planning for a Future of Geopolitical Threats

The motivation for cyber-attacks is changing. It’s not just about financial gain. Now, there are actors that exist for no other reason than to wreak havoc. CIOs, CSOs, and the entirety of leadership need clarity on their position in the geopolitical landscape. That means looking at the government connections, infrastructure links, and third-party relationships they have, and accounting for those factors in risk modeling.

Ultimately, this shift requires organizations to rethink not just how they defend against cyber threats, but how they define risk itself. Traditional models built around likelihood and financial impact are no longer sufficient in a landscape where disruption is the objective and unpredictability is the norm.

As geopolitical tensions continue to shape the cyber threat landscape, organizations that adapt their risk models to reflect this reality will be better positioned to withstand disruption.

The post Redefining Risk in an Era of Geopolitical Cyber Threats appeared first on Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, & Services.