When geopolitics goes digital

Armed conflicts and international tensions are almost always accompanied by waves of cyber activity. Hacktivist groups can mobilise within hours, forming alliances that stretch across borders. Their targets are not limited to governments or militaries. Hospitals, financial services, and logistics firms, often far removed from the flashpoints, have all found themselves in the firing line.

As Westpfahl noted: “It is not only between the direct conflict parties anymore. Activity widens to include their allies and partners. Critical infrastructure, healthcare, and finance can all be affected, even if they are not physically part of the conflict.”

The message for boardrooms is clear: no organisation is an island.

Collateral damage in the supply chain

Supply chains are among the most exposed battlegrounds. Hacktivists don’t need to hit government systems to cause disruption; compromising private companies that keep goods moving is enough.

In 2025, delegates heard how hospitals were hit with denial-of-service attacks, logistics providers were breached to reveal shipment data, and energy networks were probed to create panic and leverage. For enterprises, sovereignty and compliance are only part of the risk. Any company connected to sensitive flows, whether food, medical supplies, or energy, may be targeted as a proxy.

Old vulnerabilities, new intent

Most of these campaigns did not rely on sophisticated exploits. Attackers often used known vulnerabilities and social engineering. A joint advisory revealed that CVEs dating back years were exploited to infiltrate transport and logistics firms.

Westpfahl summed it up: “This was not magic. It was old CVEs, brute-forced passwords, and phishing emails. The difference is the intent: information gathering to disrupt at scale.”

For boards, the lesson is clear: resilience depends on executing basic hygiene consistently.

From IT problem to boardroom agenda

The Frankfurt sessions underlined that cybersecurity can no longer be siloed as an IT function:

• Business continuity is at stake. A ransomware attack on a logistics partner can halt shipments and trigger penalties.
• Regulatory exposure is rising. Under NIS2, boards are directly accountable for resilience.
• Reputation risk is immediate. Customers and investors expect geopolitical risks to be considered.

As one CISO put it: “Resilience is not just about your own defences, but about the weakest link in your supply chain. If your partner goes down, do you know how you will operate tomorrow?”

What leaders should do now

The message from Frankfurt is not despair but preparedness. Practical steps include:

• Map geopolitical exposure - Identify suppliers or subsidiaries most at risk.
• Strengthen supply chain security - Build cyber due diligence into procurement and share threat indicators with partners.
• Test, don’t assume - Run cross-supplier simulations and verify recoverability of backups.
• Elevate cyber to strategy - Brief boards regularly and align posture with geopolitical risk.

The big question for boards

In Westpfahl’s words: “It’s not about if something happens, but when something happens.”

As geopolitical crises multiply, the battlefield will always extend into cyberspace. The question for every organisation, from hospitals to manufacturers, is the same:

If conflict spread digitally to your sector tomorrow, would your organisation withstand the disruption?