New Delhi: Geopolitical instability, cyber crime and supply-chain disruption are poised to become the most significant threats to business travel in 2026, according to a new global risk outlook published by International SOS (ISOS), a leading travel risk management firm. The report warns that organizations are struggling to keep pace with a world where disruption is no longer episodic but constant.
Drawing on a survey of 860 health, security and risk professionals across 94 countries, the report paints a sobering picture of corporate readiness. More than half of respondents said new risks are emerging faster than their organizations can respond, while budgets and resources to manage those threats are largely expected to remain flat—or shrink.
“Volatility is no longer the exception—it is the operating environment,” said Arnaud Vaissié, chairman and chief executive of International SOS.
A Convergence of Global Pressures
Nearly 47 percent of respondents identified geopolitical tensions as the single biggest driver of uncertainty heading into 2026, far outpacing other concerns. Cyber crime followed at 27 percent, with political instability and trade disruptionclose behind.
The report emphasizes that these risks rarely operate in isolation. Ongoing conflicts, shifting trade alliances and regulatory uncertainty are increasingly interlinked, creating cascading effects that can rapidly derail travel plans and expose employees to danger.
According to the Global Peace Index, cited in the report, 159 state-based conflicts were recorded worldwide in 2025—the highest number since the end of World War II. The continuing war in Ukraine, the Israel-Gaza conflict, civil war in Sudan, and unrest across parts of Southeast Asia have all contributed to an environment of sustained instability.
Even traditionally low-risk regions are no longer immune. Drone incursions into European airspace and rising defense spending across the EU have made “the risk of conflict on European soil more real,” ISOS said, altering how companies assess risk in markets once considered stable.
Cyber Threats Move From IT Issue to Travel Risk
Cyber crime is emerging as a direct operational threat to business travel, the report found, citing data from the U.S. Cyber Intelligence Threat Integration Center, which tracked 2,593 ransomware attacks globally in 2024, a 15 percent increase over the previous year.
High-profile incidents in 2025—including cyber attacks on European airports and the Qantas data breach—illustrated how digital intrusions can trigger physical disruptions, grounding flights, compromising personal data and damaging corporate reputations.
“Cyber incidents are no longer confined to back-office systems,” the report noted. “They now directly affect mobility, safety and continuity.”
Preparedness Lags as Risks Accelerate
Despite rising threat levels, preparedness appears to be falling behind. Nearly two-thirds of respondents said security and health risks had intensified over the past year, with similar increases expected in 2026.
Yet 66 percent of security specialists and 68 percent of health experts said their organizations expect resources to manage these risks to remain unchanged next year. About one in ten anticipate budget cuts.
“This mismatch between rising risk and static capability is where organizations are most exposed,” Vaissié wrote. “Human capital has never been more strategically important—or more vulnerable.”
‘Hush Trips’ Expose a New Grey Area
One of the most striking findings in the report relates to so-called “hush trips”—undisclosed business travel undertaken by remote or hybrid workers who relocate temporarily without informing their employers.
International SOS said an increasing number of companies have been caught off guard by emergency calls from employees facing medical or security crises in countries where they were not expected to be working.
Only 22 percent of surveyed organizations said they can monitor hush trips, while just 17 percent said they are equipped to respond effectively to incidents arising from such travel.
The legal implications remain unclear. An employer’s duty of care in these scenarios has yet to be fully tested in courts, but ISOS warned that companies must decide in advance how much support they are prepared to offer when employees fail to disclose their location.
“Hush trips must be accounted for in travel management and crisis response procedures,” the report said, urging companies to clarify remote-working boundaries and ensure insurance coverage aligns with real-world practices.
A Test for Corporate Risk Culture
The report ultimately frames 2026 as a test of organizational adaptability. As geopolitical fragmentation, cyber threats and climate-driven risks intensify, businesses face a choice between reactive crisis management and proactive resilience-building.
For international firms, the message is blunt.
“If you’re an international business, you need to be all over it,” said Kelly Johnstone, senior security adviser at International SOS. “These risks aren’t theoretical anymore—they’re operational.”
