— What happened
Trump imposed sanctions on the ICC. Within days, chief prosecutor Karim Khan was locked out of his Microsoft 365 email — a foreign vendor executed a political instruction with zero notice, crippling the organisation’s communications. The ICC immediately began migrating to open-source software, but had no time to plan.
— Root cause
100% dependence on a single foreign SaaS vendor for mission-critical communications. No local alternative. No contractual protection against suspension. No warning. No 90-day notice clause. The ICC discovered in real-time that digital sovereignty is not a technical problem — it is a political one.
— How our model mitigates this
Prevention (our model)
At Level 2, encryption keys are held locally and vendor access is cryptographically gated. Microsoft cannot disable a locally-keyed system. At Level 3, a sovereign alternative — open-source email on national infrastructure — is validated and ready to activate in hours, not weeks.
Detection (our observability)
Our sovereign telemetry stack flags the moment a SaaS dependency goes unreachable — before users report it. Automated runbooks initiate failover to the local alternative without manual intervention. The kill-switch register classifies M365 lockout as CRITICAL and ranks it in the top-3 single-point failures.
— Our specific action
We assess the client’s SaaS dependency map in the Level 0→1 engagement, identify every single-vendor communication critical path, and design the Level 2 key-custody architecture that makes a vendor lockout technically impossible without the client’s own cryptographic consent.
Commission an assessment
Could this happen to you?
Our Level 0 assessment maps every exposure of this type across your digital estate — in 4 weeks, at a price a director can approve. The findings answer this question precisely.