As geopolitical tensions rise and conflicts increasingly play out both on the ground and online, the line between national security and business risk is quickly fading.

What we are watching now is hybrid warfare at scale: coordinated kinetic operations against Iran, pre‑emptive cyber activity, and an expected wave of Iranian and proxy influence campaigns that blur the line between battlefield and home front.

Organizations worldwide must assume that their operational technology, data centers, AI integration layers, and information ecosystems are part of this contested terrain, whether they see themselves as “targets” or not.

The use of AI in warfare is no longer speculative; when geopolitical tension rises, digital control planes, especially those tied to automation and decision support, become strategic terrain, and the integration layers that connect AI agents to internal systems, APIs, and external data now function as critical infrastructure.

As automation layers gain persistent context and direct access to operational systems, they effectively become a new targetable control plane, where subtle manipulation of inputs or workflows can have outsized impact on procurement, logistics, and response.

The real risk is not which AI framework or vendor your organization favors, but whether these integrated decision‑support systems are being instrumented, monitored, and stress‑tested with the same rigor as the networks and environments they now influence.

If your organization depends on federal systems, global suppliers, or automation‑driven decision workflows, those dependencies must be mapped, continuously reassessed, and explicitly included in crisis simulations, because influence operations will increasingly target the systems that inform people, not just the people themselves.

This shift will be felt most acutely in supply chains. Export controls are tightening, rare earth restrictions are expanding, and supplier landscapes are fragmenting, which means the attack surface now includes not just code and hardware, but also the data and AI‑driven processes that decide which components you buy, from whom, and under what constraints.

In that context, supply‑chain compromise can mean trojanized firmware and software updates, manipulated supplier intelligence, or AI‑distorted risk scores that quietly steer critical dependencies toward adversary‑influenced ecosystems.