amr/hermes-brain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

gbrain: sync converted org-mode brain files

Browse Source
This commit is contained in:
Hermes
2026-05-24 03:00:35 +00:00
parent b3d91f2e55
commit 94f1871177
67 changed files with 4307 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
ideas/compliance/revenue-table.org
View File

@@ -9,39 +9,39 @@
| Framework | Region | Gate price/yr | Addressable orgs | Revenue potential | First-mover window | Gate rule type |
|-----------|--------|--------------|------------------|-------------------|---------------------|----------------|
| HIPAA | US | $50K | 500K+ | $25B | Mature (incumbent disruption) | Privacy + access control |
| [[file:hipaa.org][HIPAA]] | US | $50K | 500K+ | $25B | Mature (incumbent disruption) | Privacy + access control |
| SOC 2 | US/Global | $50K | 100K+ | $5B | Mature (incumbent disruption) | Access control + audit |
| GDPR | EU | $50K | 500K+ | $25B | Mature (incumbent disruption) | Privacy + consent |
| FedRAMP | US | $100K | 1K (providers) | $100M | Moderate (<300 authorized) | Continuous monitoring |
| SOX | US | $50K | 10K | $500M | Mature (manual audit disruption) | Financial controls |
| GLBA | US | $40K | 20K | $800M | Moderate | Financial privacy |
| NY DFS 500 | US (NY) | $30K | 3K | $90M | Wide | Cybersecurity controls |
| [[file:gdpr.org][GDPR]] | EU | $50K | 500K+ | $25B | Mature (incumbent disruption) | Privacy + consent |
| [[file:fedramp.org][FedRAMP]] | US | $100K | 1K (providers) | $100M | Moderate (<300 authorized) | Continuous monitoring |
| [[file:sox.org][SOX]] | US | $50K | 10K | $500M | Mature (manual audit disruption) | Financial controls |
| [[file:glba.org][GLBA]] | US | $40K | 20K | $800M | Moderate | Financial privacy |
| [[file:ny-dfs-500.org][NY DFS 500]] | US (NY) | $30K | 3K | $90M | Wide | Cybersecurity controls |
| CCPA/CPRA | US (CA) | $40K | 50K+ | $2B | Moderate | Privacy opt-out flows |
| NIS2 | EU | $50K | 160K | $8B | Critical (2025) | Cybersecurity + supply chain |
| EU AI Act | EU | $75K | 100K+ | $7.5B | Critical (Aug 2026) | AI risk management |
| DORA | EU | $50K | 22K+ | $1.1B | Critical (in effect) | ICT resilience |
| [[file:nis2.org][NIS2]] | EU | $50K | 160K | $8B | Critical (2025) | Cybersecurity + supply chain |
| [[file:eu-ai-act.org][EU AI Act]] | EU | $75K | 100K+ | $7.5B | Critical (Aug 2026) | AI risk management |
| [[file:dora.org][DORA]] | EU | $50K | 22K+ | $1.1B | Critical (in effect) | ICT resilience |
| eIDAS 2.0 | EU | $30K | 10K+ | $300M | Wide (wallet buildout) | Identity gates |
| CRA | EU | $40K | 50K+ | $2B | Wide (phased 2025-2027) | Product security |
| UK GDPR | UK | $40K | 100K+ | $4B | Mature (GDPR derivative) | Privacy |
| APPI | Japan | $40K | 100K+ | $4B | Moderate | Cross-border privacy |
| ISMAP | Japan | $75K | 500 (providers) | $37.5M | Wide (<100 registered) | Gov cloud assessment |
| PIPA | South Korea | $35K | 50K+ | $1.75B | Wide (2024 amendments settling) | Privacy + consent |
| [[file:cra.org][CRA]] | EU | $40K | 50K+ | $2B | Wide (phased 2025-2027) | Product security |
| [[file:uk-gdpr.org][UK GDPR]] | UK | $40K | 100K+ | $4B | Mature (GDPR derivative) | Privacy |
| [[file:appi.org][APPI]] | Japan | $40K | 100K+ | $4B | Moderate | Cross-border privacy |
| [[file:ismap.org][ISMAP]] | Japan | $75K | 500 (providers) | $37.5M | Wide (<100 registered) | Gov cloud assessment |
| [[file:pipa.org][PIPA]] | South Korea | $35K | 50K+ | $1.75B | Wide (2024 amendments settling) | Privacy + consent |
| Privacy Act | Australia | $35K | 50K+ | $1.75B | Wide (reforms legislating) | Privacy + AI transparency |
| APRA CPS 234 | Australia | $40K | 500 | $20M | Moderate | Info security controls |
| IRAP | Australia | $75K | 300 (providers) | $22.5M | Wide | Gov cloud assessment |
| DPDP Act | India | $30K | 500K+ | $15B | Wide (rules drafting) | Privacy + consent |
| LGPD | Brazil | $30K | 200K+ | $6B | Moderate | Privacy |
| [[file:apra-cps-234.org][APRA CPS 234]] | Australia | $40K | 500 | $20M | Moderate | Info security controls |
| [[file:irap.org][IRAP]] | Australia | $75K | 300 (providers) | $22.5M | Wide | Gov cloud assessment |
| [[file:dpdp-act.org][DPDP Act]] | India | $30K | 500K+ | $15B | Wide (rules drafting) | Privacy + consent |
| [[file:lgpd.org][LGPD]] | Brazil | $30K | 200K+ | $6B | Moderate | Privacy |
| LFPDPPP | Mexico | $25K | 50K+ | $1.25B | Wide | Privacy |
| ISO 27001 | Global | $40K | 60K+ | $2.4B | Mature (manual disruption) | ISMS controls |
| ISO 27701 | Global | $35K | 1K+ | $35M | Wide (growing) | Privacy management |
| Basel III | Global (banking) | $100K | 500 (G-SIBs) | $50M | Mature (incumbent disruption) | Capital adequacy |
| FATF AML/CFT | Global | $50K | 50K+ | $2.5B | Mature (incumbent disruption) | CDD + screening |
| IFRS 17 | Global (insurance) | $75K | 5K+ | $375M | Mature (actuarial verification) | Contract classification |
| [[file:iso-27001.org][ISO 27001]] | Global | $40K | 60K+ | $2.4B | Mature (manual disruption) | ISMS controls |
| [[file:iso-27701.org][ISO 27701]] | Global | $35K | 1K+ | $35M | Wide (growing) | Privacy management |
| [[file:basel-iii.org][Basel III]] | Global (banking) | $100K | 500 (G-SIBs) | $50M | Mature (incumbent disruption) | Capital adequacy |
| [[file:fatf.org][FATF]] AML/CFT | Global | $50K | 50K+ | $2.5B | Mature (incumbent disruption) | CDD + screening |
| [[file:ifrs.org][IFRS]] 17 | Global (insurance) | $75K | 5K+ | $375M | Mature (actuarial verification) | Contract classification |
| UN/CEFACT | Global (trade) | $30K | 50K+ | $1.5B | Latent (no market exists) | Cross-border data rules |
| World Bank ESF | Global (dev finance) | $50K | 1K+ (projects) | $50M | Latent (no market exists) | ES compliance gates |
| IFC PS | Global (project finance) | $50K | 500+ (deals) | $25M | Latent (no market exists) | ES compliance gates |
| [[file:world-bank-esf.org][World Bank ESF]] | Global (dev finance) | $50K | 1K+ (projects) | $50M | Latent (no market exists) | ES compliance gates |
| [[file:ifc-ps.org][IFC PS]] | Global (project finance) | $50K | 500+ (deals) | $25M | Latent (no market exists) | ES compliance gates |
A compute marketplace provider with authorization in 5+ frameworks (FedRAMP +
A [[file:../compute-marketplace.org][compute marketplace]] provider with authorization in 5+ frameworks (FedRAMP +
ISMAP + IRAP + SOC 2 + ISO 27001) becomes the default infrastructure provider
for regulated cloud globally. The gate package portfolio alone — a mid-size
enterprise running 10+ packages — generates $500K/yr+ in recurring revenue.
@@ -56,5 +56,5 @@ for regulated cloud globally. The gate package portfolio alone — a mid-size
enterprise running 10+ packages — generates $500K/yr+ in recurring revenue.
At 10,000 such enterprises: $5B/yr.
See also: [[file:_index.org][Compliance index]], [[file:first-mover-window.org][First-mover window analysis]],
[[file:../../ideas/verification-monopoly.org][Verification monopoly]], [[file:../../ideas/compute-marketplace.org][Compute marketplace]]
See also: [[file:compliance-index.org][Compliance index]], [[file:first-mover-window.org][First-mover window analysis]],
[[file:../../ideas/verification-monopoly.org][[[file:../verification-monopoly.org][Verification monopoly]]]], [[file:../../ideas/compute-marketplace.org][Compute marketplace]]