Since the birth of the World Wide Web in 1989, despite the fact that the key function of the Internet is to communicate, share and distribute information without borders, countries have varied in their understanding and policies on how the Internet should work in their jurisdiction; some have codified laws bolstering Internet sovereignty or built firewalls to control online information flows. At the 25th anniversary of the Internet in 2014, the Pew Research Center invited over 1400 technology industry leaders and academics to reflect on the impact of the Internet over the next ten years. The top Internet threat these experts named was that nation-states could increasingly block, filter, segment and Balkanize the Internet for geopolitical, economic, social and security reasons. In 2020, six years after that Pew report, amidst a global pandemic, growing populist partisanship in many countries, and heightened geopolitical tensions between the world’s largest economies, the splintering of Internet communities seems even more imminent than before, as governments seek to limit the sometimes harmful power of social media speech and Internet companies' encroachments on personal privacy. Is the global trend towards segmentation and Balkanization of the Internet forthcoming? What are its implications for business operations globally in terms of cost, planning, continuity, and liabilities ? How will cyber threats evolve as businesses adjust their operations to adapt to a more-segmented Internet? This talk will address these issues by identifying and characterizing the evidence of the segmentation and Balkanization of the Internet and by providing broad cyber threat and risk profiles for each region and practical mitigation measures to improve business resilience.

1. Accenture Cyber Threat
Intelligence
It is a World Wide Web, but All Politics
is Local: Planning to Survive a
Balkanizing Internet
Mei Nelson
October 29, 2020

2. What is Internet Balkanization?

3. The Internet
A Free and Borderless Space?
Or a Space Divided by Geopolitical Decisions?

4.  Cyber-balkanization (1997)
 Splinternet (2001)
 Internet Balkanization
 Internet Sovereignty
 Digital Colonialism
 Slowbalization
Many Names of Internet
Balkanization
"Electronic Communities: Global Village or Cyberbalkans?”
Alstyne & Brynjolfsson; March 1997

5. Risks of an Open Internet
Digital nationalism Threats to privacy and
data security
Threats to intellectual
property
Vulnerability to
attacks
A Balkanizing Internet
Driving factors

6. Political factors
 Non-intervention
 Internet governance rights
 Nationalism
 Politically motivated filtering
Economic factors
 Technological
development
 Data = Oil
 Commercial
interests
Social factors
 Religion
 Cultural acceptance
Security factors
 Edward Snowden case
 State surveillance
A Balkanizing
Internet
Driving factors

7. China
Cybersecurity
Law
June
2017
Japan Act on the
Protection of
Personal
Information (APPI)
May 2018
June
2018
May
2019
Aug
2020
May
2021
General Data
Protection
Regulation (EU
GDPR)
The California
Consumer Privacy
Act of 2018 (CCPA)
The Russian
Internet
Sovereignty Law
China Global Data
Security Initiative
Brazil Lei Geral de
Proteçāo de Dados
Pessoais (LGPD)
May
2017
Trends of Segmentation and Internet
Balkanization
Regulations and Legislation

8. Trends of Segmentation and Internet
Balkanization
Action taken – Internet cutoff
Democratic
Republic
of Congo
Bangladesh
Papua New
Guinea
Belarus
Egypt
India Indonesia
Iran
Iraq
Sudan
Myanmar
Zimbabwe

9. Trends of Segmentation and Internet
Balkanization
Action taken
Online content
filtration
US sanctions India App bans

10. What does Balkanization Mean for
Global Businesses?

11. Implications (I)
What does a Balkanizing Internet
mean for businesses?
Business operation costs likely go up
Costs of compliance
in each business
operation region
Costs of data localization
Costs to address the
technical requirements
for each environment
Costs of building
segregated network
infrastructure
Costs of keeping seamless
online connectivity, particularly
for businesses operating
globally
Costs of integrating data
across regions and countries

12. Implications (II)
What does a Balkanizing Internet
mean for businesses?
Weaponization of Supply Chains
Hard technologies
Digital platforms
Data

13. Implications (III)
What does a Balkanizing Internet
mean for businesses?
Fragmentation
of Markets
Market Access
Restrictions

14. Risks & Vulnerabilities
Implications (IV)
What does a Balkanizing Internet
mean for businesses?
Data security
Cyber attacks

15. Segmentation and Internet Balkanization
Scenarios
Source: Ministry of Electronics & IT , India
India app bans

16. Affect security
policies?
Segmentation and Internet Balkanization
Scenarios
India app bans
Affect workflow?
Affect workforce
communication?
Affect work
efficiency?

17. Source: iDefense Intelgraph Rsearch
Segmentation and Internet Balkanization
Scenarios
Russian Internet Sovereignty Law

18. Source: iDefense Intelgraph Research
Russian Internet Sovereignty Law
Segmentation and Internet Balkanization
Scenarios
What an attack on
DNS would look like

19. Segmentation and Internet Balkanization
Scenarios
A DNS alternative
could likely do
A potential backup
to conduct an
offensive attack?
Increasing possibility
of large-scale
cyberattack?
Increasing difficulty
of tracing
disinformation
spreaders?
Russian Internet Sovereignty Law

20. How Can Companies Survive A
Balkanizing Internet?

21. Architect for a Balkanizing Internet
Action Reasoning
Regionally Isolate Active Directory Implementations Cross-Border Authentications Could Be Challenged by Policies/Laws
Heavily Segment Enterprise Networks Force Ingress and Egress Inspection at Virtual Borders
Multiple Software Defined Network
Control Planes
Shared Resources Invite Manipulation. Segment networks at Layer 2 and
Layer 3
Regional Data Governance Strategies Data Should Only Reside in Where Necessary. Utilize API integrations
across borders.
Closely map intellectual property rights Understand where your company’s most valuable IP is located. Limit its
ability to migrate to less stabile regions
Make long term investment decisions in
more stabile regions.
Intellectual property should be integrated and grown in cloud fabrics with
most political stability.
Create In-Region Disaster Recovery Plans
and Infrastructures
Cross-Border Disaster Recovery Can Result in Fragment
Aggregate security data at the local and
global levels
Companies should assess risk at both the regional and global level to best
inform investment decisions
21

22. Maintaining Awareness to Survive a
Balkanizing Internet
Policy Initiatives
Any local policy, national,
and multilateral
initiatives relevant to
business operations?
Cybersecurity
Campaigns
Any regional
cybersecurity campaigns
may affect your current
security structure?
Cyberthreat alerts
Any cyberthreat
activities targeting your
industry or operating
region(s)?

23. Taking Proactive Measures to
a Balkanizing Internet
23
Conducting tabletop
exercises
Establishing a robust
geopolitical threat
intelligence program
Identify indicators of
balkanization
Participating industry
policy formulation
process

24. Thank you

25. Accenture
Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting,
interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience
and specialized capabilities across more than 40 industries — powered by the world’s largest network of Advanced Technology and
Intelligent Operations centers. With 506,000 people serving clients in more than 120 countries, Accenture brings continuous
innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at
www.accenture.com.
Accenture, the accenture logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of
accenture and its subsidiaries in the united states and in foreign countries. All trademarks are properties of their respective
owners. All materials are intended for the original recipient only. The reproduction and distribution of this material is forbidden
without express written permission from accenture. The opinions, statements, and assessments in this report are solely those of
the individual author(s) and do not constitute legal advice, nor do they necessarily reflect the views of Accenture, its subsidiaries,
or affiliates. Given the inherent nature of threat intelligence, the content contained in this document is based on information
gathered and understood at the time of its creation. It is subject to change. Accenture provides the information on an “as-is” basis
without representation or warranty and accepts no liability for any action or failure to act taken in response to the information
contained or referenced in this report.
Copyright © 2020 Accenture. All rights reserved.