Cybersecurity and digital sovereignty: Can Europe regain control?
Awareness of the importance of digital sovereignty is growing rapidly in European organizations. In the cybersecurity environment, choosing a sovereign solution means greater resilience against cyberattacks as well as secure data integrity, trust, and decision-making autonomy.
According to the Digital Sovereignty Barometer 2025 According to EY, four out of five companies already consider sovereignty to be a key criterion that will become even more important in the future. This trend highlights a fundamental shift in understanding how control over data, infrastructure, and digital technologies can be regained.
Digital sovereignty is increasingly coming into focus, not least due to growing concerns about cybersecurity, data protection, and geopolitical tensions. Companies are now systematically incorporating this strategic factor into their technology decisions—whether for cloud solutions, software, or partnerships—in order to secure control and independence and reduce systemic exposure to foreign providers. This development will have a lasting impact on the technology market and give a boost to those providers who meet the increasing demands for sovereignty.
Building trust through digital autonomy
True digital sovereignty requires solutions that are designed from the outset to comply with local standards and fit seamlessly into regulatory frameworks such as the NIS2 Directive or the Cyber Resilience Act. The following applies: Sovereignty and performance are not mutually exclusive. Those who rely on European cybersecurity solutions that are certified by independent authorities such as France's ANSSI or Germany's BSI have been tested or certified, receive technologies that are reliable, effective, and secure—without having to accept a loss of control over data or infrastructure. Such solutions must be easy to implement and offer a high level of protection without compromising productivity.
Choosing a sovereign solution means greater resilience against cyberattacks, as well as secure data integrity, trust, and decision-making autonomy. It is not enough to simply certify products, i.e., have them evaluated according to technical safety criteria. They must also be approved by European authorities. qualified This qualification goes beyond certification: it confirms that a solution is reliable in the long term, meets operational requirements, and is suitable for sensitive environments. If source codes are also independently tested, both unintended vulnerabilities and potential backdoors can be identified. This strengthens trust and contributes directly to the goals of digital sovereignty.
Bringing key players together – for confident cybersecurity
Digital sovereignty requires the commitment of all stakeholders. From public institutions to companies of all sizes, everyone faces the same challenges: protecting employee and citizen data as well as business-critical and sensitive information. This requires a shared commitment to trustworthy cybersecurity solutions that enable a sovereign, resilient digital ecosystem. Equally necessary is a consensus among states whose political systems or geopolitical interests do not always align with those of the European Union.
In a market that continues to be dominated by non-European players, the decision in favor of local alternatives is an important step. It not only enables the regaining of technological and data control, but also strengthens Europe's strategic autonomy in security and digital issues.
This technological shift has an impact on security and at the same time strengthens the economy. The development and deployment of European solutions will boost the digital and cybersecurity industry across the continent and create skilled jobs. Conversely, the continuing massive import of American technologies, for example, means indirect financing of the US digital economy – at the expense of European capacities.
To achieve these economic goals and strengthen digital sovereignty, organizations already have numerous tools at their disposal: research funding, cooperation and information exchange between relevant actors, the creation and use of common standards, and a robust regulatory framework. All these elements contribute to building a resilient European digital ecosystem that fulfills the demand for sovereignty as well as the need for collective innovation.
Reducing technological dependencies also means protecting oneself against extraterritorial legislation. The US Cloud Act, for example, allows US authorities to access data even if it is stored outside the US. This example clearly illustrates the risks associated with a lack of sovereignty: it allows third parties to access sensitive information, possibly even without the owner's knowledge.
A shared path towards an independent digital Europe
The most important task is to achieve broad collective solidarity between all relevant forces in the public and private sectors. Only by working together can we create an independent, secure, and sustainable digital Europe. Sovereignty cannot be based on the decisions of individuals, but requires broad-based, coordinated, and ambitious collective action.
The change has already begun. Public institutions are driving forward initiatives in this area, and in practice, companies and their customers are increasingly expressing a desire for technological independence. If these impulses are combined, digital sovereignty can become a real, tangible strength—to the benefit of security, the economy, and the future of Europe.
Author:
Pierre-Yves Hentzen is Chairman and CEO of Stormshield, a provider of cybersecurity solutions for businesses, government institutions, and defense agencies. www.stormshield.com
This article originally appeared on m-q.ch - https://www.m-q.ch/de/cybersicherheit-und-digitale-souveraenitaet-kann-europa-die-kontrolle-zurueckgewinnen/
