The One Skill No CPA or Cyber Professional Can Ignore Anymore

There is one message I keep drilling into every young CPA, analyst, and early‑career cyber professional I teach: you cannot operate in these fields today without a working understanding of geopolitics. Not casual awareness. Not headline level familiarity. I mean disciplined, ongoing tracking of how global tensions, sanctions, chokepoints, and state‑aligned actors shape the financial and technical systems you’re responsible for. If you ignore geopolitics, you’re already behind the risk curve.

The last six months have made that painfully clear. The Iran “war” and the volatility around the Strait of Hormuz demonstrated how quickly a regional flashpoint becomes a global operational threat. The assumption that the Strait could be “managed” through surveillance, deterrence, or maritime control strategies evaporated once real‑world escalation began. The lesson is simple: technical confidence without geopolitical literacy creates blind spots that no toolset can compensate for.

The same dynamic is playing out across supply chains. Companies are relearning that their dependencies are not technical, they are geopolitical. A single chokepoint, sanction regime, or misaligned alliance can break a quarter’s worth of financial assumptions or destabilize an entire security architecture. You cannot model risk if you don’t understand the forces shaping the environment your systems operate in.

Even the AI sector is now a geopolitical case study. Anthropic’s work with the Department of Defense is reshaping how national‑security institutions think about model alignment, dual‑use risk, and operational oversight. At the same time, NVIDIA’s decision to halt certain AI hardware and software exports under regulatory pressure shows how quickly commercial AI companies can be pulled into geopolitical gravity. For CPAs, that affects valuation, audit exposure, and regulatory posture. For cyber professionals, it reshapes threat modeling, vendor governance, and adversary capability assumptions.

This is why I tell students relentlessly that technical skill is no longer enough. You need geopolitical awareness to interpret risk, understand why controls matter, anticipate where failures will originate, and explain to leadership why the world outside the firewall or the balance sheet is now the primary driver of internal risk. The professionals who thrive will be the ones who can connect the dots: global tension → supply‑chain fragility → financial exposure → cyber vulnerability → operational risk. That is the new literacy. And it’s not optional anymore.