KPMG: How Geopolitical Disruption is Increasing Cyber Risk

The world is in an era of unprecedented global change, with businesses navigating a complex geopolitical environment typified by uncertainty and the potential for profound operational impact. 

According to KPMG, this shifting environment has topped leadership concerns for several years. 

The difference now is a realisation that many of the worst fears are shifting from potential or hypothetical to reality. 

The consulting firm’s Top Geopolitical Risks 2025 report examines this volatile enterprise environment in more detail and provides a comprehensive analysis of the five most pressing challenges leaders expect to face. 

Cyber attacks and the threat of malicious actors, particularly in areas such as supply chains, critical infrastructure and core assets rank highly. 

In response, KPMG reports, leaders must focus their attention on improving resilience and reputation through greater cybersecurity and data governance. 

Risk vs opportunity: technology

KPMG sheds light on the multifaceted challenges businesses face, particularly with regards to safeguarding their digital assets in an increasingly uncertain world. 

Technology is being increasingly influenced by national security concerns, leading to fragmented regulation and the formation of “technological blocs” around the US and China. 

In particular, global competition around rapidly emerging AI innovation including Gen AI, coupled with the rolling back of regulations, could result in AI models being used without proper controls. 

In this context, intellectual property and data security are under heightened threat from malicious state and non-state actors. 

Unregulated digital solutions can harm ethical reputations and lead to significant security breaches, says KPMG. 

It recommends that businesses proactively address these challenges by creating modular, adaptable IT infrastructures and considering geopolitical risks in their technology-related decisions.

They should also look to improve cybersecurity posture through investment in energy-efficient and green energy-driven AI, while strengthening critical infrastructure and core enterprise technologies. 

“Companies can implement clear guardrails that drive responsible, ethical use of AI, making sure that models are based on reliable information and weeding out biases or incorrect conclusions and insights,” says David Rowlands, Global Head of AI at KPMG.

Supply chain risks

Cyber attacks on supply chains have increased, targeting critical business areas and resulting in shortages of key resources and the compromise of critical systems. 

KPMG finds that cybersecurity is a huge challenge for all industry sectors, particularly areas such as financial services. 

This comes as a result of rapid innovation and the deployment of new, critical supply chain technologies. While these innovations improve business operations, they also create new attack surfaces for malicious actors to exploit. 

To mitigate these threats, the report recommends that businesses invest in specific security technologies, including Gen AI, and improve employee awareness of security posture. 

It says: “a company that can identify potential cyber attacks, and restore operations quickly when breached, reduces the financial and reputational impact and builds trust among customers, employees and suppliers”. 

Workforce Dynamics and the cybersecurity skills gap

Demographic shifts, technological advances and cultural changes are placing new pressures on workforces. 

The integration of AI into business operations necessitates a workforce skilled in managing and securing these technologies. However, KPMG notes a lack of technology skills, particularly in cybersecurity. 

According to Marc Burrows, Head of Global Mobility Services at KPMG: “Managing a global, mobile workforce is harder than ever. Companies should be able to nimbly adapt to a fast-changing regulatory and geopolitical environment, to maintain innovation and productivity while keeping employees safe.”

Businesses can address these challenges by shaping dynamic and adaptable workforces through upskilling, virtual learning and organisational redesign. 

Creating a balanced, hybrid work environment with a refreshed employee value proposition can attract and retain talent. 

In addition, integrating AI with human expertise can help bridge the talent gap, ensuring that cybersecurity measures keep pace with technological advancements.

Navigating a complex world

In the face of these challenges, leaders can instigate several changes in order to improve organisational resilience. 

Enhancing cybersecurity and data governance is a priority.

In particular, improving resilience and reputation through robust cybersecurity frameworks and data governance policies can mitigate some of the risks associated with fragmented regulations and technological politicisation.

Elsewhere, KPMG recommends organisations diversify their investment portfolio to provide the financial flexibility needed to invest in robust security measures, simplify supply chain to reduce exposure to threats, and strengthen compliance capabilities to respond to rapidly shifting regulatory changes. 

Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today.

Cyber Magazine is a BizClik brand