The Great Geopolitical Fragmentation in Cybersecurity has just started.

At the end of February 2025, U.S. Cyber Command was ordered to stand down planning potential operations against Russia. And more than 130 staff at the US CISA were fired. 

The invasion of Ukraine in February 2022 was the latest known warning: geopolitics was stepping in to shape cybersecurity more than ever. Stuxnet was just a nuisance. In Ukraine, cyber operations support kinetic operations.

Three year later, despite continuously agressive cyber and information operations against "the free world", Russia from President Putin have recently found an unexpected ally: the Trump administration. Up to, last week, the US taking sides with Russia, North Korea, Sudan, Hungary and other countries in a vote against a UN Resolution condemning Ukraine invasion, proposed by Europe.

The New Cybersecurity Landscape

Since end of February, the Trump administration is reportedly shifting its cyber resources toward countering China. And considering the Kremlin as no longer a threat for cyber operations. This raises critical questions:

• Will the U.S. agencies, particularly CISA, remain a reliable partner for cybersecurity intelligence sharing?

• Will the U.S. cybersecurity industry continue to produce high-quality threat intelligence?

• Can organisations worldwide still trust the same technology providers for their cybersecurity assessment and operations?

• Should organisations in Europe and across the globe start to plan for a potential shift away from US-dependent technology providers?

Russia has already won a significant battle in the U.S. information war. The Trump administration now openly supports Russian propaganda, shifting narratives away from traditional allies and weakening international military coordination. And probably cybersecurity coordination as well.

The Future of Cyber Threat Intelligence is US-independent

The decision by the Trump administration to refocus US CyberCom - incidently first reported not by traditional media but by American cybersecurity company RecordedFuture - raises concerns about the shifting priorities of U.S. cyber operations.

A related critical question emerges: Will the U.S. Cybersecurity and Infrastructure Security Agency (CISA) continue to cooperate with international partners such as the UK's NCSC, the Netherlands' NCSC, and France's ANSSI? The outcome of these partnerships could significantly impact global threat intelligence sharing and cyber defense coordination. A key question: can the US government still be considered a trusted ally, in defense operations and cybersecurity?

The global cybersecurity research and industry faces new strategic considerations. In France, research organizations such as INRIA and CNRS may need to review their collaborations in light of shifting global alliances. Fortunately, several european companies like ESET (Slovakia), WithSecure (Finland), Sekoia (France) —which was appraised by the FBI in January 2025—have started to create independent threat intelligence. Also, organizations like InterCERT, gathering more than 100 member organisations and 1000 experts, have started to produce their own threat intelligence, and plan to do more in 2025.

In cyber threat intelligence, diversification and self-reliance is now vital for countries as well as major organizations

The Integrated Cyber and Influence Strategy

While cyber defense was always geopolitical to some extent, we are now facing a strong warning: wether we see it or not, influence operations are already reshaping how we approach cybersecurity strategies.

This is not anecdotal—the Russian strategy encompasses traditional cyber operations tightly integrated with influence operations. A 2021 report by NATO had already sounded the alarm about this development. Yet, we are only beginning to grasp the full impact of these tactics, and there is growing concern that we “the free world” are not organizing properly our resources to fight back.

At best, governments have two approaches, one against cyber operations (such as ANSSI in France) and one against influence operations (Viginum in France). But to date, there is limited integrated approach to counter these hybrid cyber and influence operations.

The Role of Science in Cybersecurity Strategy and Operations

Joining the ranks of the dismissed staff at CISA, among many scientists in US administrations, 880 staff of the US National Oceanic and Atmospheric Administration (NOAA) were fired, leading to serious issues with the reliability of weather forecasts both in the US and internationally.

The broader scientific community is trying to fight against the Trump administration’s dramatic impact on research programs. Science, a well-respected scientific publication, and media of the American Association for the Advancement of Science (AAAS) has started compiling a list of dramatic impacts on science policy and research. More on their coverage can be found here: Science and Trump.

JD Vance, the sitting US Vice-President, once labelled the university professors as "the enemy". To which the American association of University professors responded “Professors are not the enemy, fascists are”.

Indeed, without science, there is no strategy and no operations. Without mathematics, there are no computers. Without computers, there are no ballistic missiles. Without space, there is no GPS, no guided bombs. No military operations can be planned. And the civil life becomes dangerous. In a way, without science, there is no modern country such as the US, or any European country.

It’s exactly the same in cyber: without science, there is no cryptography, and without cryptography, there is no communications security, no trust. No operations, even military, can be seriously planned. Without science, no polls, no studies can be trusted.

This is why, at StratOps, we try our best to have a science-based approach to our insights and decisions.

This is why global cybersecurity experts, technologists and citizens alike need to stand up for science

Does This Threat Extend to Global Infrastructure?

This raises a critical question: Does this new geopolitical stance of the US pose a risk to infrastructure, including cloud environments that companies worldwide—especially in Europe—depend on daily?

If cloud and critical infrastructure providers are subject to the influence of governments shifting their cybersecurity posture, enterprises may need to rethink their dependencies on U.S.-based providers or prepare contingencies for an increasingly fragmented cyber landscape. If your ally can stop you from using the F16 you bought, can it also stop you from using their cloud services?

Practical Takeaways

1. Review your media sources – Some U.S. and international media, including European outlets, now relay Russia's propaganda, making it crucial to cross-check information and seek independent, fact-based journalism. Do it for general news and for tech and cyber-related news.

2. Review your threat intelligence sources – Are they still aligned with your risk model given the changing geopolitical landscape? Diversify your cybersecurity intelligence feeds – Relying too heavily on one country’s cybersecurity industry might not be sustainable.

3. Assess geopolitical risks in your cybersecurity strategy – Cyber resilience is not just about technology; it’s about anticipating political shifts that influence cyber threats.

4. Evaluate cloud and infrastructure dependencies – With shifting geopolitical alliances, organizations emay need to rethink their reliance on U.S.-based cloud and infrastructure providers. Prepare for, ultimately, a shift of your operations to other providers. Ensure your architecture is interoperable, using standards such as Kubernetes, S3, WASM, etc. instead of using specialized services with proprietary APIs without an abstraction layer.

Cybersecurity, is no longer just a technical domain—it’s now deeply entangled with global politics. Technological infrastructure independence also joined the game. How will you - we - adapt?

What do you think? Are organizations still underestimating the impact of new geopolitics in play on cybersecurity and technical infrastructures? Let’s discuss in the comments or reply to this email.

If you are eager to access, as promised, our ressources on DORA, it’s right below.