Periodic musings
Most board directors still treat cybersecurity as something they oversee: a dashboard, a quarterly report, a briefing from the CISO. That framing is now incomplete.
Directors are not just governing cyber risk. They are increasingly part of the attack surface itself, in an environment where AI has dramatically lowered the cost, speed, and precision of attacks, the gap between what directors assume about their own exposure and what adversaries already understand is rapidly widening.
Read MoreCorporate governance is undergoing a structural shift driven by three forces: AI oversight, geopolitical influence on governance frameworks, and evolving expectations around transparency and board composition. Across the United States, Europe, Asia, Africa, and the Middle East, regulators, investors, and institutions are redefining what effective governance means in an environment where technological risk, geopolitical influence, and stakeholder trust increasingly intersect.
The result is a transition from governance focused primarily on financial oversight and compliance toward governance that must now incorporate technology oversight, geopolitical awareness, and broader stakeholder transparency. Boards that fail to adapt risk not only regulatory exposure but also strategic blind spots as technology and regulatory environments evolve faster than traditional governance frameworks.
Read MoreWe talk about leadership maturity. Operational maturity. Cultural maturity. We rarely talk about governance maturity. But your board has a hierarchy of needs just like everything else — and most are stuck somewhere between survival and safety, calling it strategy.
Read MoreBuilding on my last article about the challenges facing SMEs considering global expansion, I wrote about the challenges of hitting the “ethical compliance wall.”
The "Ethical Compliance Wall" is the point at which an SME's global growth is no longer limited by sales or logistics, but by its ability to provide legally auditable proof of its environmental and social impact.
In 2026, the era of "voluntary reporting" is effectively over. Large multinationals are now legally liable for their entire supply chains, meaning they are aggressively offloading their compliance burdens onto their SME partners.
Read MoreThe dream of global expansion has fundamentally shifted. That "low-cost, high-speed" playbook of the past decade has been replaced by one with a focus on the "high-resilience, high-compliance" reality. For small and medium-sized enterprises (SMEs), the barriers to entry are no longer limited to finding a distributor of a local salesperson; those barriers include navigating a fragmented geopolitical landscape and meeting rigorous new digital and ethical standards.
Read More
