As if IT leaders didn’t have enough to contend with as demand for enterprise-wide AI increases, a volatile geopolitical climate now mandates that they adopt a more global-centric mindset on everything from their tech supply chains and regulation to distributed infrastructure and workforces.
Lately, the news has spoken volumes about the Iran war’s impact on technology — drone strikes damaging AWS data centers in Bahrain and the United Arab Emirates, as well as heightened cyberattacks, and the threat of semiconductor shortages.
“This is not merely a war of missiles and militias, but a war across networks, supply chains, and systems that power the modern world,” wrote S. Yah Kalash, a senior fellow at the Centre for International Governance Innovation. “Its most enduring consequence will not be territorial change, but the acceleration of a fractured, contested, and deeply politicized global technological order.”
Even as IT departments have received modest increases to fund AI initiatives in the past year, C-level economic worry over increased energy costs, persistent inflation, and a decline in the global economy will directly impact the tech organization, according to a recent Forrester report.
“CIOs will once again need to double down on IT spend management through prioritization, targeted cost cutting, tight vendor management, and other techniques,” the report said. “Skepticism about AI ROI will increase, forcing both CIOs and … CISOs to defend investments.”
Like in any situation, a time of global unrest makes it critically important for IT leaders to continue fostering open communication with the rest of the executive team to set achievable goals and manage expectations effectively.
“Stay deeply connected to the rest of the C-suite and understand what impacts on the business are occurring because of the volatility,” says Mark Moccia, a vice president and research director at Forrester. “This may result in tech budget reductions in the short-term due to [profit and loss] pressures.”
‘A perfect storm of challenges’ for IT leaders
IT leaders say they are not daunted by the challenge geopolitical tensions are inflicting. Tadas Tamošaitis, CTO of Vilnius, Lithuania-basedFL Technics, a global independent aircraft maintenance, repair, and overhaul (MRO) services provider, is all too familiar with them. The aviation industry operates at the intersection of some of the world’s most demanding regulatory, geopolitical, and supply chain pressures. It’s up to the IT group to hold it all together in real-time, he says.
“Airlines expect aircraft back in service on tight schedules, so any disruption to our digital systems has immediate, measurable consequences on the ground,” Tamošaitis says.
Right now, the global MRO sector is navigating what he calls “a perfect storm of challenges,” given that post-pandemic demand surges have strained already fragile aerospace supply chains. Component lead times for critical parts are reaching record lengths, Tamošaitis says.
“Geopolitical tensions — from tighter export controls on dual-use technologies to airspace restrictions that affect where and how we move aircraft and parts — are constantly reshaping the logistics map,” he says.
At the same time, global regulators and a growing number of national aviation authorities are evolving their digital and data requirements in ways that don’t always align, Tamošaitis says.
“For an MRO operating across multiple jurisdictions, this creates real complexity: The same data about an aircraft configuration may need to be stored, accessed, and shared differently depending on which authority has oversight,” he says.
Layered on top of that is the constant threat of cyberattacks. “MRO companies hold highly sensitive engineering data — aircraft configurations, maintenance histories, logistics systems — making them attractive targets,” Tamošaitis says. “A successful cyberattack doesn’t just disrupt IT; it can ground aircraft. We must build systems that are air-gapped and resilient enough to withstand attacks while remaining connected enough for 24/7 global coordination.”
Recently, FL Technics completed its acquisition of Job Air Technic, which Tamošaitis says added a significant systems integration dimension. It was a complex task that required consolidating legacy IT infrastructure, data warehouses, and operational procedures across the acquired entities — without interrupting maintenance operations that run around the clock.
“It’s one thing to plan an IT integration on paper; it’s another to execute it when an aircraft entering the hangar at 2 a.m. can’t wait for a data migration to finish,” he says.
Global challenges reshape IT stacks and strategies
For Moe Rosenfeld, CIO of New York-based eCopier Solutions, supply chain woes are what’s keeping him up at night.
“The hardware side of document management runs through a global manufacturing chain, and geopolitical tension shows up in lead times, component availability, and vendor stability in ways that weren’t on my radar five years ago,” explains Rosenfeld. “You have to think about your technology stack the way a logistics person thinks about freight routes now.”
IT leaders used to evaluate technology mostly on features and cost, he notes. “Now, I’m asking questions I never used to ask, like where is this vendor headquartered, where are their servers physically located, what happens to my clients’ data if there’s a trade disruption, or a sanctions situation that affects that vendor’s country of origin.”
Global supply chains are forcing a fundamental shift in how IT architectures are designed, agrees Victoria Ma, head of services and digital innovation USA and Canada at supply chain consulting company Miebach, which operates across four continents.
“Instead of optimizing for a single, centralized model, organizations now have to support a network that spans multiple regions, regulatory environments, and operating models,” Ma says. “This introduces significant complexity across systems and data. Planning and execution systems must integrate not only across internal functions, but also across external partners — suppliers, manufacturers, and logistics providers — often operating on different platforms and standards in different parts of the world.”
Identifying AI use cases that can work across regions
Navigating AI adoption in a globally distributed operating environment is also a core pain point. Remi Alli, CIO of Black Wallet, the parent company of Kiros, a token ecosystem, says that agent sprawl — the chaos of hundreds of autonomous AI tools popping up in different business units without a cohesive plan — is a global headache.
“The biggest hurdle is keeping a unified, secure infrastructure when [dealing with] regional regulations, like new AI transparency laws,” Alli says. “This makes one-size-fits-all impossible and forces us to move from global, centralized sourcing to more complex regional strategies.”
Black Wallet is working through this by creating “AI Councils” that act as gatekeepers to vet use cases, ensure data compliance, and prevent fragmented architectures. “We are also replacing annual planning with quarterly ‘tech-business co-creation’ workshops to make sure our AI projects actually move the ROI needle, rather than just experimenting,” Alli says.
AI and the global regulatory landscape are “making an already complicated situation genuinely chaotic,” Rosenfeld says. “The EU AI Act is in motion, the US is still figuring out its federal approach, individual states are moving on their own, and other countries are doing all of the above at different speeds and with different philosophies.”
For anyone managing cross-border data workflows, AI-embedded tools now carry regulatory weight that didn’t exist two years ago, he says. “And the hard part is the rules aren’t finished being written. You’re making infrastructure decisions today against a compliance target that’s still moving. That’s not a comfortable place to be, but it’s where we are.”
To further complicate matters, while there is strong pressure from boards and executives to accelerate AI strategies, organizations are struggling to identify use cases that hold up across regions with differing data quality, regulatory requirements, and operational maturity levels, according to Ma.
At the same time, the vendor landscape is crowded with “AI-enabled” platforms that often don’t translate well across global supply chains, Ma observes.
“A solution that performs in one region may not scale due to differences in data availability, infrastructure, or compliance constraints,” she says. “This puts IT leaders in a difficult position: They must filter through vendor claims while ensuring that selected technologies can operate consistently across a fragmented global footprint.”
The challenge is less about adopting AI quickly and more about building a scalable, regionally adaptable foundation that delivers measurable value across the entire network, Ma says.
Coping with compliance
Maintaining regulatory compliance across borders is another big challenge. As far as Rosenfeld is concerned, no one is talking enough about how fast the compliance surface area has expanded.
“A few years ago, you were thinking about HIPAA, maybe some state-level privacy rules,” he says. “Now, I’m looking at clients with distributed workforces and asking whether their document workflows touch EU data subjects, because if they do, GDPR is in the room, whether they invited it or not.”
This is before having to stay abreast of AI-related regulations that are still being written in real-time across different jurisdictions, Rosenfeld adds.
Elijah Fernandez, co-founder and CTO of virtual behavioral health platform Cerevity Health, agrees, saying his purview has shifted from managing physical networks to securing a heavily dispersed clinical workforce and navigating fragmented data regulation.
“In health tech, data sovereignty and cross-border regulations are moving targets. When your workforce is highly distributed, traditional perimeter defense completely fails. You are no longer securing a corporate office building,” Fernandez says. “You are securing hundreds of individual endpoints operating on different local networks, often subject to overlapping or conflicting regional privacy laws.”
For FL Technics’ Tamošaitis, the mantra is maintain flexibility within structure. “We are implementing unified ERP and logistics platforms that operate across regions while respecting local regulatory silos — data residency rules, export controls, and jurisdiction-specific compliance requirements.”
Where cloud is permitted, the company leverages hybrid and multicloud architectures for resilience and scalability. Officials maintain on-premises infrastructure in countries whose regulations require it, such as EU data centers for GDPR, and US-based systems for FAA requirements, Tamošaitis says. “It adds complexity,” he admits, “but it’s non-negotiable.”
To maintain compliance across boundaries, Fernandez says they had to mandate “absolute standardization” at the infrastructure level.
“For example, to ensure our audit logs and clinical records remain forensically sound across different geographies, we configured our entire electronic health record system to operate strictly on Pacific Standard Time,” he notes. “No matter where a provider logs in from, the infrastructure standardizes the chronological data to a single source of truth. We also shifted entirely to a zero trust architecture, assuming every local network our workforce uses is inherently compromised.”
Regulatory compliance is also an impetus for FL Technics to invest heavily in training its IT teams, as well as heightening cybersecurity for critical infrastructure environments and digital integration in operationally intense, engineering-heavy contexts.
“The technical tools matter, but you need people who understand the domain well enough to make the right calls under pressure,” Tamošaitis says.
And for companies like FL Technics that are dealing with cross-border acquisitions, Tamošaitissays IT needs to do its due diligence ahead of time — and plan for the long haul.
“A pre-planned integration roadmap is essential. … Expect 12-to-18 months of parallel systems,” he says. “The cost of maintaining that redundancy is far lower than the cost of operational disruption if you rush the cutover.”
Build for flexibility — and think of your people
Asked about how IT leaders can navigate today’s global realities, IT leaders and experts offered the following advice.
Modularity is king. Tamošaitisadvises IT leaders to ensure they build for modularity from the outset, given that regulations shift, geopolitical realities change, and new markets bring new requirements. “IT architectures that can be reconfigured quickly are a genuine competitive advantage,” he says. “Rigid, monolithic systems become a liability the moment the external environment changes.”
Reassure the board about resiliency. Maintaining resiliency in uncertain geopolitical times is a boardroom top concern. With critical infrastructure in particular, boards need to know that IT can sustain operations during a serious cyberattack, he says. “That conversation needs to happen at the highest level, and budgets need to reflect the stakes — not just peer benchmarks,” Tamošaitis says.
Streamline decision-making and reduce concentration risk. Forrester’s Moccia says it’s a good idea to have a ready-to-go, always-on prioritization process to quickly de-prioritize any “below the line” items that can wait. He also recommends reducing concentration risk in suppliers and platforms, and to continue looking for areas of possible consolidation and contracts that don’t need to be renewed.
Get in front of the global compliance challenge. Rosenfeld advises global organizations to stop treating global compliance as a legal department problem that occasionally touches IT. “It lives in IT; the data flows, the access controls, the residency requirements, etc.,” he stresses. “Those are technical decisions with legal consequences, and if you’re waiting for counsel to tell you what to build, you’re already behind. Get in front of it, map where your data actually goes, and own that conversation.”
Invest in talent. On the people side, invest in specialized talent, and do not underestimate the importance of retention, Tamošaitis says. “Geopolitical friction and regulatory complexity require IT professionals with deep domain knowledge; people who understand aviation regulation, export controls, or data sovereignty, not just technology,” he says. “That talent is already scarce and will become even scarcer. Build training programs, career paths, and the kind of environment where those people want to stay.”
Leadership matters. As you reassure your boards, keep your employees in the loop, too. Moccia says leaders should continue to be transparent and visible with the entire IT organization and share C-suite insights on impacts from the volatility to the company and what leadership is doing to minimize that.
Don’t shortchange self-care. Moccia also advises IT leaders not to forget self-care. “The job of any C-suite leader is intense and always on. Volatility is just another flavor or change and chaos in your day, so maintaining personal stress levels is more critical than ever, whatever shape and form that takes for the CIO personally.”
Read More from This Article: CIOs rise to the global challenge
Source: News
