It’s Time to Include Geopolitical Risk in Defense Planning

CyXcel’s Megha Kumar on Aligning Enterprise Strategy With Geopolitical Realities

Anna Delaney (annamadeline) •
July 17, 2025    

See Also: Beyond Replication & Versioning: Securing S3 Data in the Face of Advanced Ransomware Attacks

Kumar recommends adopting a geopolitical lens across all risk domains – cybersecurity, compliance, supply chain and reputation – and mapping cross-border exposure to understand where third-party tools, vendors and infrastructure might become liabilities because of state-linked influence, sanctions or conflict.

CISOs should coordinate with legal, HR and operations to assess tolerance for risk in politically volatile jurisdictions and adjust defenses accordingly. Boards need to look beyond the cost of a potential breach and consider which adversaries are incentivized to attack – and how global events might increase that likelihood, she said.

“Strong cyber defense becomes both a geopolitical cost and obligation that companies have to bear,” Kumar said.

In this video interview with Information Security Media Group, Kumar discussed:

How geopolitical tensions affect cybersecurity, regulation and supply chains;
How to embed geopolitical risk awareness across enterprise decision-making;
Why coordinated board, CISO and legal action is critical for resilience.

Kumar, chief product officer and head of geopolitical risk at CyXcel, has more than 14 years of experience advising Fortune 500 and FTSE 100 C-suites, governments and international bodies like the United Nations and NATO on geostrategic intelligence, country risk and digital policy. An expert in emerging tech, AI regulation and Asian economies, she previously led Oxford Analytica’s Cybersecurity and Technology Practice. A published author on gender and technology rights, she holds a doctorate from Oxford University as a Rhodes Scholar and has also lectured at Oxford and worked as a journalist in India.