Building AI Resilience Into Your Business Strategy

In the essay A moment of truth for Europe's AI Strategy I argued that AI sovereignty is the wrong goal. What businesses actually need is resilience: the ability to keep operating when things go wrong, and genuine choices about how to rebuild. That argument is only useful if it translates into something which a leadership team can act on. This is that translation.

Let’s start with the disappointing baseline: most organisations are not even asking the right questions yet.

Research by analyst Daniel Kopp finds that only 15% of companies treat AI risk as a CEO or board-level issue. When it does come up, the focus is usually on legal compliance or data protection. Both matter, but neither is enough. AI has become core infrastructure for most businesses, and that infrastructure now carries geopolitical risk.

Two very different kinds of risks

The first category is external risk: disruption that arrives from outside, driven by geopolitics, vendor decisions, or regulatory action, with little or no warning.  A government sanctions a country. A vendor interprets a regulation differently than expected. Your cloud provider acts, and you have no say.

Here is what that looked like in practice. In July 2025, the EU imposed sanctions on an Indian oil refinery with Russian ties. Within days, Microsoft suspended the refinery's access to Outlook, Teams and Microsoft 365, acting on its own interpretation of the sanctions. The refinery handles around 8% of India's oil processing capacity. Microsoft restored access after a few days under legal pressure. But the lesson was stark: when your daily operations run on a foreign vendor's cloud, that vendor's decisions become your operational reality. The refinery had done nothing wrong. The platform shifted under them.

The lesson here is that a dependency which had never been stress-tested against a geopolitical scenario failed the moment one arrived. This was a failure in lack of planning for external risk.

The second risk type is systemic disruption: a change in the threat environment that affects every organisation at once, regardless of which tools you use.

On April 2026, Anthropic announced its most powerful AI model to date, called Mythos, and chose not to release it publicly. The reason being that Mythos can independently find and exploit security vulnerabilities across major operating systems and browsers. In Anthropic's own tests, it found thousands of serious vulnerabilities, 99% of which are still unpatched. Before early 2025, no AI could do anything like this. The time between discovering a vulnerability and exploiting it was once measured in months. Today it takes minutes.

The message was clear: if Anthropic can build this, adversaries will build something comparable. Anthropic committed $100 million to use Mythos defensively, giving controlled access to a small group of companies.

These two cases define the problem. One shows what happens when your vendors get caught in geopolitics. The other shows what happens when the AI threat environment changes faster than your defences can keep up. Most organisations are not prepared for either.

The stack beneath your stack

To build resilience against both categories of risk, you first need to understand what you are actually dependent on. Jensen Huang describes AI infrastructure as a five-layer cake: chips and hardware, systems and servers, infrastructure software, AI frameworks and models, and applications. Most businesses think seriously only about the top layer, i.e. the applications they use or build. The layers beneath are treated as utilities, as reliable and invisible as electricity.

They are not. Each layer has its own risks. Export controls can restrict hardware. Acquisitions can change who owns the software you rely on. Sanctions can cut off cloud access overnight. The question worth asking right now: if any one of these layers were disrupted tomorrow, how long could a company keep operating?

Four questions your strategy needs to answer

Drawing on risk framework developed by Digital New Deal , there are four questions that leadership teams should be actively working through.

1. How robust is your model supply chain? Do your critical workflows depend on a single AI provider? If that provider changes its pricing, shuts down an API, or gets caught up in a geopolitical event, do you have alternatives ready? This already happened with GPT-4.5: OpenAI shut down the API with little notice, leaving products built on it scrambling.
2. Which laws govern your data? Choosing a cloud provider is also a legal decision. Different countries have different rules about who can access your data and under what circumstances. The Nayara case showed what happens when you find out about your legal exposure during a crisis rather than before one.
3. What is your continuity plan when a critical AI function fails? Every organisation needs a prepared path to switch AI tools without rewriting everything from scratch. Research suggests you need around 20 engineers who genuinely understand your AI infrastructure to maintain that kind of independence. Most European companies fall well short of that.
4. How exposed are you to AI-powered attacks? he Mythos announcement made this question urgent. Security can no longer be treated as a stable baseline. The tools available to attackers are advancing as fast as the tools available to defenders, and organisations need to treat this as an ongoing risk, not a solved problem.

The role of European and open models

One option many European businesses underuse: AI models built in Europe, or models with open weights that you can run on your own infrastructure. Mistral from France, ALIA from Spain, and Apertus from Switzerland are real alternatives to the major American models. There are also quality open weight alternatives from the US like Googles Gemma 4 or Meta's Lllama 3 that allows for independent architectures. Additionally the growing number of European neoclouds like Scaleway or Nebius offer an independent and scalable way to deploy these.

For many business applications, especially those involving sensitive data or specific languages, these models are the more sensible choice. And because you can run them yourself, you are not exposed to another company's pricing decisions, API changes, or access restrictions.

Direction with multiple paths

The organisations that will navigate the next decade of AI most successfully will not be those with the most advanced models or the largest compute budgets. They will be those that understood their dependencies earliest, built genuine optionality into their architecture, and took the time to stress-test their operations against the scenarios that seemed unlikely right up until they happened.

Emad Mostaque, founder of Intelligent Internet and Stability AI writes about what he calls the Incan lesson. The Incas survived ecological crises because they cultivated three thousand varieties of potato. If one failed, others survived. They were not optimising for export. They were optimising for survival. He uses this as a historic example of what he calls the Law of Resilience.

For organisations looking to harness AI they need to have a multi-pronged approach. Translated to business strategy: have a clear direction, but map several routes to get there. Be ready for the scenario where your first route closes. In an environment where geopolitics, vendors, and AI threats can all shift within a single quarter, that flexibility is not a nice-to-have. It is the strategy itself.

Nayara thought its cloud infrastructure was a solved problem. The organisations that had never heard of Mythos thought their security was adequate. Both found out they were wrong faster than they could adapt. The question for every leadership team is not whether something similar could happen to them. It is whether they have already decided what they will do when it does.