For nearly three decades, enterprise technology followed the broader logic of globalization. Software, data, and talent moved across borders with relatively few constraints. That made it possible to operate unified global models: centralized technology stacks, a small number of global vendors, and delivery teams distributed wherever skills were available.
Global scale and standardization became the organizing principles of IT strategy. But the conditions that made that formula work have changed.
Over the past few years, geopolitical tensions have intensified, national regulations have multiplied, and technology itself has been reclassified by governments as strategic infrastructure. Data, hardware, cloud platforms, and even talent mobility are now subject to political, regulatory, and security considerations that did not meaningfully exist when global software delivery models were first designed.
At the same time, another premise is quietly breaking down: the idea of the fully unified enterprise. The notion that one stack, one operating rhythm, and one delivery model can serve every market equally is becoming harder to sustain. Data localization laws fragment architectures. Security requirements restrict access. Remote work expands the talent pool but introduces time zone and governance challenges.
This transformation is happening in parallel with the rapid acceleration of AI. Generative AI has compressed development cycles, automated parts of testing and documentation, and lowered the barrier to producing code. But it has not eliminated the need for senior engineering judgment, architectural ownership, or disciplined delivery.
Instead, it has moved friction away from writing code and into other parts of the value chain.
The result is a new tension for IT leaders. The speed gains enabled by AI can easily be lost through delivery friction, regulatory constraints, or misaligned global teams. Time zones now matter more when cycles are shorter, and handoffs are more frequent. Vendor concentration, once a source of efficiency, can quickly become a single point of failure in an uncertain geopolitical environment.
“Glocalization” sets the tempo
In response, many organizations are moving (deliberately or implicitly) toward a new operating logic: “Glocalization” or thinking globally while operating locally.
For multinational organizations, this transition forces a reassessment of software delivery at a strategic level. And questions that once felt settled are back on the table:
- What does outsourcing look like in a more fragmented world?
- How much distribution is still an advantage, and when does it become a source of friction or risk?
- And how do organizations preserve speed and flexibility in software delivery without overexposing themselves to geopolitical or regulatory shocks?
AI increases velocity. It also exposes coordination constraints.
Let’s start with the point that’s probably been discussed the most these days: how AI is changing the way software is delivered.
As we’ve mentioned in other articles in our blog, AI has accelerated parts of the software development cycle, especially code writing. But it hasn’t fully replaced the capability, experience, or judgment of software engineers. What we’re really seeing is a shift in where friction shows up.
The friction is no longer concentrated in writing code itself; it’s moving to other parts of the DevOps chain, for example: reviewing AI-generated code, integrating it with existing systems, planning architecture, and making the right decisions around how everything fits together.
It doesn’t make much sense to spend too much time on that discussion here.
We’ve already covered this evolving relationship between AI and software development in depth in several pieces, such as:
What matters more for this article is what happens as a result of that acceleration.
AI can clearly speed up parts of the delivery cycle. According to Bain & Company, productivity gains in software development can range between 10 and 15 percent. But that speed (and the time saved) can easily be affected by another factor that many multinational companies already struggle with: working across distributed teams in different time zones.
When teams can’t work synchronously, alignment becomes harder and communication slows down. Progress often turns into an exercise in patience: you move forward to a certain point, hit a question or dependency, message someone on the other side of the world, and wait until the next day for a reply on Slack.
At that point, an honest question comes up. Is the time saved by AI really making teams faster, or is it getting lost in coordination and time zone delays?
Geopolitical Turbulence Is Reshaping What “Resilient Delivery” Means.
But AI isn’t the only force changing the conditions of software delivery.
In 2026, the backdrop is a world that feels more competitive, more fragmented, and harder to plan around. The World Economic Forum’s Global Risks Report 2026 puts geoeconomic confrontation at the top of the near-term risk list, and about half of experts expect a “turbulent” or “stormy” global outlook over the next two years.
Other concerns highlighted by the leaders surveyed in the report include armed conflict, misinformation, cyber insecurity, and economic downturn. Together, these macro factors are setting off alarms for multinational companies operating with globally distributed teams. They are already starting to change the rules of the game when it comes to hiring partners and vendors, building teams, and even rethinking how and where technology investments are made.
McKinsey makes an important distinction here. Capital-intensive companies, with physical assets and supply chains on the ground, tend to experience geopolitical risk through factories, logistics, and trade exposure. Capital-light and digitally native companies face a different version of the same problem. Their core assets are software, data, cloud infrastructure, and people. They may not ship goods across borders, but they absolutely depend on cross-border delivery models to operate.
And in practice, almost every modern enterprise now falls somewhere in between. Regardless of industry, software has become the backbone of operations. That means delivery models once designed for a relatively frictionless global environment are now exposed to a new set of constraints.
A delivery model that looks efficient on paper can suddenly become fragile if a critical capability, vendor, or team is concentrated in a single geography. As the Global Risks Report points out, shocks today propagate faster and across more interconnected systems.
A political decision or regulatory change in one region can surface hidden dependencies elsewhere, stalling delivery even when the technology itself appears sound.
This is particularly relevant for organizations that rely on IT outsourcing, not just to optimize cost, but to access hyperspecialized talent they cannot realistically build in-house. In many markets, those skills are scarce, expensive, or fiercely contested.
Outsourcing has long been a rational response.
What’s changing is the risk profile around it. Concentrating delivery, expertise, or operational control in a single country now introduces geopolitical, regulatory, and continuity risks that barely featured in delivery discussions a decade ago.
For example:
A key engineering function locked into one time zone, a vendor footprint overly exposed to a single jurisdiction, or a delivery model that assumes smooth, synchronous collaboration across continents. When development cycles were slower, teams could absorb that friction. With AI compressing parts of the software lifecycle, those frictions become more visible and more costly. Time saved at the coding stage can be quickly wiped out by coordination delays and delivery bottlenecks downstream.
Broadly speaking, multinational companies are converging around two strategic postures:
1). Some are reaffirming a non-naïve global operating model, one that still prioritizes scale and selective standardization, but does so with an explicit recognition that geopolitical fragmentation, regulatory divergence, and coordination risk are now permanent features of the environment.
2). Others are moving toward structural segmentation, deliberately introducing separation across parts of their operating model to reduce concentration risk.
Those are slightly different approaches but driven by the same realization: the delivery logic that worked under globalization needs adjustments to work in this new “glocalization” era.
So what does this mean for the CIO’s role?
Of course, this has a direct impact on what boards now expect from CIOs.
A few years ago, technology strategy was drawn on one map. Geopolitics on another. Today, those maps are starting to overlap.
CIOs are increasingly expected to operate at the intersection of both worlds. Not just keeping systems running or optimizing cost and performance, but helping leadership understand how geopolitical turbulence translates into technology risk.
And, more importantly, how delivery models, vendor choices, data sovereignty, and talent localization can affect a company’s resilience. In short, CIOs now need one eye on technology and another on what’s happening in the world.
The questions they are expected to answer have also become more complex:
- Can the organization keep operating if regulations change?
- If a region becomes unstable?
- If a critical vendor or delivery team suddenly becomes unavailable?
That’s why, increasingly, IT leaders are expected to contribute perspective and judgment in areas such as:
- Mapping where critical systems, data, vendors, and scarce talent actually sit, and where geographic or vendor concentration creates silent points of failure.
- Introducing regional separation when regulation or geopolitics demand it, without allowing the technology estate to collapse into unmanaged sprawl.
- Stress-testing delivery models.
- Translating technology decisions into resilience outcomes.
The base decision: one global model or structural segmentation?
If the global map is changing. If some of the assumptions that sustained globalization are eroding. And if rising tensions between states are increasingly influencing technology decisions, it is worth asking a fundamental question:
How should multinational organizations structure their global software delivery going forward?
As discussed earlier, McKinsey identifies two dominant responses to this new reality.
Some organizations are reaffirming a unified global model. Others are moving toward structural segmentation. Both are logical responses to protect strategic assets that are no longer just corporate concerns but have become top-of-mind priorities for nation-states.
Questions that were once considered operational or technical now sit at the center of national interest:
- Where data is stored and under which jurisdiction it is governed;
- Who the vendors are and which interests they are aligned with;
- Who supplies those vendors;
- How corporate PI and R&D advances are protected from falling into the wrong hands;
- And how the race to develop more powerful AI models is reshaping global competition (just to name a few among a growing list of concerns).
As a result, software delivery pipelines are now directly impacted by many of these national-level considerations. Added to this is a growing concern around fraudulent candidates and insider threats, including the risk of individuals acting as vectors for information leakage.
Global delivery models that were designed for a world that experienced decades of relatively low geopolitical conflict are now showing clear signs of strain.
Against this backdrop, it is worth examining in detail the two main paths multinational organizations are taking to reorganize their delivery models:
1). One global delivery model (non-naïve globality)
In this model, organizations preserve a largely unified global software delivery structure, but without assuming a frictionless world.
Delivery platforms, tooling, and governance remain centralized. Global partners and distributed teams operate under shared standards. The benefits of scale, speed, and consistency are deliberately protected.
Multinational companies adopting this path apply friend-shoring principles. That means prioritizing delivery partners, cloud regions, and talent pools located in geopolitically aligned or “trusted” countries (even when teams remain globally distributed).
This approach accepts higher exposure to global volatility but assumes it can be managed through diversification, governance, and alignment rather than splitting the organization into parallel regional structures with their own delivery stacks, vendors, and decision-making layers.
This approach still appeals to organizations where fragmentation would create more problems than it solves (particularly software-driven or asset-light businesses).
2). Structural segmentation of software delivery
Here, organizations intentionally introduce separation into their delivery model.
Certain systems, workloads, or teams are deliberately bounded by region. Technology stacks and data flows are segmented to comply with regulatory requirements and to limit geopolitical exposure. Outsourcing and delivery partners are selected not only for capability or cost, but also for where they operate, under which jurisdiction, and how closely they align with the company’s risk profile.
In this model, friend-shoring also becomes an explicit design principle.
This approach prioritizes resilience over efficiency. On one hand, reduces concentration risk. On the other hand, it increases complexity and operating costs.
Structural segmentation typically emerges in environments where data sovereignty, IP protection, or operational continuity outweigh the benefits of global uniformity.
3). A third path: selective localization with deliberate distribution
As Managing Partner at Inclusion Cloud, Nick Baca-Storni works directly with CIOs, technology leaders, and procurement teams at large multinational organizations (many of them Fortune 500 companies).
And because of that direct contact, he has started to see a third option taking shape as companies rearrange their operating models in response to a changing geopolitical chessboard:
“What we’re seeing is that companies are no longer choosing between fully global or fully segmented models,” Nick says. “There’s a third option emerging.”
That third path doesn’t abandon global delivery. And it certainly doesn’t push companies to break themselves into isolated regional units. What it does is introduce a new set of criteria for deciding where delivery partners, teams, and activities should operate.
Nick explains: “Today, the challenge is figuring out which parts of delivery you can outsource globally without exposing key assets, and which parts need tighter control.”
The key change regarding the other two models is that distribution is decided according to the criticality of the software assets and activities involved.
Strategically sensitive elements (core platforms, regulated data, intellectual property, AI models, and architectural decisions) tend to move closer to home, or at least into geopolitically aligned regions.
At the same time, other parts of the delivery can remain distributed. To continue capturing the advantages of outsourcing, companies still move certain activities outside the organization. These benefits include access to new talent pools with less competition, highly specialized skills that may not be available locally, lower operating costs in other regions, and additional delivery nodes that reduce the risk of total disruption (something far more likely when everything is concentrated in a single center).
“Not everything needs the same level of protection,” Nick says. “What really matters is knowing what’s critical and making sure those pieces are close, aligned, and easy to respond to. Time zones play a big role there as well.”
So… What does time zone alignment have to do with all of this?
More or Less Outsourcing? Nearshore, Onshore, Smartshore.
From Nick’s perspective, time zone alignment has everything to do with it.
As geopolitical and regulatory pressure increases, pure offshore setups, especially in strategically sensitive areas, are coming under closer scrutiny.
But the issue is not only geopolitical. It’s operational:
“Offshoring is starting to show its limits because it works best when everything is stable,” Nick says. “Today, vendor controls are much stricter. Companies look closely at where vendors are based, how their countries are geopolitically aligned, and how exposed those setups are. And when you add large time zone gaps on top of that, delivery risk increases very quickly.”
Large time zone gaps amplify friction. When teams barely overlap and operate more than ten hours apart, even minor incidents can take much longer to resolve. Coordination slows down, decisions get delayed, and handoffs multiply.
Nick often sees this play out in very simple ways.
“I’ve seen cases where a small change takes a full day just because of time zone differences,” he says. “Someone sends a message on Slack while they’re online. The other team is asleep. When they reply, the first team is already offline again.”
In unstable contexts like the ones businesses operate in today, these delivery frictions become much more apparent and painful: priorities shift quickly. A regulatory update, a security concern, or a sudden business decision can force teams to change course fast.
In that context, the ability to react quickly becomes essential.
“In volatile situations, those delays are costly,” Nick explains. “Not just in terms of time or money, but in terms of resilience. You stay exposed longer than you should, and that adds risk.”
That’s why many organizations are rethinking their delivery models, especially when it comes to time zones and geographic proximity.
Delivery models that fit this reality better
Under these circumstances, companies are leaning toward delivery models that allow synchronous work, or at least meaningful overlap during most of the workday. They also want enough room to maneuver to adapt quickly when changes are needed.
For Nick, these are the models attracting the most attention lately.
- Onshore delivery places teams in the client’s home country. It offers the highest level of alignment with regulatory, security, and accountability requirements, and makes real-time coordination easier.
- Nearshore delivery relies on geographically close regions with overlapping time zones. It allows teams to collaborate in real time, respond faster to issues, and still benefit from access to broader talent pools.
- Smartshore delivery, sometimes referred to as bestshore or rightshore, combines both approaches. It keeps critical capabilities, delivery centers, and service management onshore, while using distributed teams (mostly nearshore) to scale capacity without concentrating risk in a single region.
According to Nick, what makes all three models attractive is the flexibility they offer.
“Companies don’t want to be locked into a single model anymore,” he says. “They want delivery setups that let them scale up fast when new projects start, but also scale down just as quickly when priorities change, or initiatives get paused. In this environment, that flexibility matters more than optimizing for cost alone.”
That flexibility becomes a form of risk management.
Organizations are more cautious about long-term commitments, whether that means large hiring plans or rigid vendor contracts. Delivery models that can expand and contract without forcing structural changes give them room to respond as conditions shift.
Who wins in this new delivery landscape?
The definition of a “good partner” is shifting, and the vendors that meet more of these expectations are clearly the ones winning ground.
According to Nick, the winners are not defined by geography alone, but by how well they fit into this third path.
Vendors whose value proposition has been built almost entirely around cost, especially those operating in strategically sensitive areas, are starting to feel the shift. The attributes that mattered for years have not disappeared. Technical proficiency, competitive pricing, low attrition, and fast access to talent are still very much top of mind for multinational companies.
But they are no longer enough on their own.
Today, large organizations are looking much more closely at things like data protection certifications, intellectual property safeguards, compliance with regional regulations, and the ability to operate under the security and governance standards required by global enterprises. They want partners that are certified to work in specific regions, familiar with multinational procurement and audit processes, and able to integrate into complex vendor ecosystems without introducing additional risk.
In short, companies are no longer just buying delivery capacity. They are buying trust, compliance, and operational maturity.
“We’re seeing much deeper scrutiny of vendors,” Nick explains. “Where they operate, under which jurisdiction, how exposed those setups really are.”
The vendors gaining ground share a few common traits:
- They offer delivery flexibility across onshore, nearshore, and hybrid models.
- They prioritize time zone alignment, reducing friction and response times.
- And they operate with enterprise-grade standards.
“The bar to be accepted as a partner is much higher now,” Nick says.
From his perspective, this is where Inclusion Cloud is really well-positioned for this new reality:
“We have delivery centers in the US, and we also work with teams in LATAM that share time zones with the US. That allows us to adapt delivery to each client’s regulatory, security, and operational requirements,” he says.
He adds that they are prepared for those requirements. “We meet the standards large corporations expect, which is why we already work with several Fortune 500 companies.”
Conclusion: Delivery in a world that no longer stands still
To summarize, three forces are now converging, and together they are changing enterprise software delivery as we knew it.
The first is geopolitical fragmentation. Borders matter again. Data, intellectual property, infrastructure, and even talent mobility are increasingly shaped by national interests, regulations, and security constraints. The free movement of resources between regions can no longer be taken for granted.
The second force is AI-driven acceleration. Development cycles are shorter, feedback loops are tighter, and expectations around speed (especially at the board level) are much higher. Generative AI has compressed parts of the delivery lifecycle, but it has not eliminated the need for senior engineering judgment and architectural ownership.
The third force (often underestimated) is time zone friction.
As delivery cycles accelerate and uncertainty increases, time zones start to matter more. Faster iteration means more frequent handoffs, quicker decisions, and far less tolerance for waiting. When teams are separated by ten or twelve hours, even minor issues can introduce delays that quickly erase the productivity gains AI is supposed to deliver.
These three forces are closing the chapter on naïve global delivery. What replaces it is not deglobalization, but a more selective, constrained, and intentional form of globality.
For vendors and outsourcing partners, this shift is particularly demanding:
The bar to participate in enterprise delivery has risen sharply. It is no longer enough to offer skilled teams at competitive rates. Vendors are now expected to prove that they can operate safely inside complex regulatory, geopolitical, and operational environments.
That means being able to answer questions such as:
- Where are delivery centers physically located, and under which jurisdictions do they operate?
- How is client data handled, segmented, and protected to meet sovereignty and compliance requirements?
- What controls exist to prevent data leakage, IP exposure, or insider risk?
- How are access rights and environments managed across regions?
- Which security, quality, and compliance certifications support these claims?
- And how quickly can teams respond when conditions change?
As Nick Baca-Storni puts it:
“We’re seeing much deeper audits before contracts are even discussed,” he says. “Security certifications, compliance, and delivery governance have become baseline requirements. Companies want partners that can clearly demonstrate operational maturity, not just talk about it.”
This is why nearshore, onshore, and smartshore delivery models are gaining ground.
On one hand, multinational organizations need the flexibility to scale capacity up or down as priorities shift. On the other hand, these models make it possible to operate within the client’s home country (reducing cross-border tension) or in nearby, geopolitically aligned regions, while still providing the assurance that certified delivery centers exist within national boundaries and comply with local regulatory and security requirements.
The organizations that will succeed in this new era will not be the ones that centralize everything or fragment everything.
They will be the ones able to coordinate globally while meeting local requirements; protecting data and IP; and still benefiting from partners that provide access to specialized talent, integrate AI into delivery workflows, and do so without adding unnecessary friction (such as wide time zone gaps) into an already tense environment.
If you want to see how we work with Fortune 500 companies, explore our case studies.
And if you have questions about our delivery models or certifications, you can talk directly with our specialists here.