The ‘follow the Sun’ model is dead. No more IOC sharing. Gone are the days where we openly pass valuable information to our peers, partners, friends and sometimes even frenemies. Oh, and did I mention our global coworkers? We don’t share lots of info with them either. Also, the 5 eyes is no longer.

This rather gloomy future is not that far away.

With the dramatic political changes happening in US we all need to quickly rethink how we are going to do ‘global’ cyber a year from now, and in the years that follow.

The ‘cyber’ of the last few decades was very clearly defined: there are some bad guys out there, and they are being chased by the good guys. All of us doing the ‘cyber’ in the Western democracies were obviously assuming the role of the good guys.

But this global collective of the good guys is no longer.

Global companies need to adapt very quickly. My friend suggested FedRamp model to follow and I think it’s a very valid value proposition.

Data transfer between regions needs to stop. Separate systems of records must be introduced in all the global locations. Your global SOC/CERT needs to be decentralized. Cross-regional access restricted. Risk registers split into many local instances.

This is gonna hurt. This is gonna cost.