EMEA’s cloud sovereignty puzzle takes shape

Digital sovereignty is not a new topic, but recent events on the world stage have catapulted it to the top of the top of boardroom agendas and government priorities alike. According to a 2025 BARC study, 84% of surveyed companies view data sovereignty as a central point of their strategy, and 70 percent report significantly increased relevance in the past one to two years. Meanwhile, industry analyst firm Gartner forecasts the sovereign cloud IaaS market will be worth $169 billion in 2028, up from $37 billion last year.

Different countries and organisations are adopting different approaches to digital and cloud sovereignty, some are cautiously waiting and watching to see how things shake out, others are acting fast. While there remains a certain degree of uncertainty over exactly what digital and cloud sovereignty looks like, most industry watchers agree that it will be ‘need to have’ rather than ‘nice to have.’ For a broader perspective on digital sovereignty, we caught up with Red Hat country and regional leaders across Europe to test the waters in local markets.

Gregor von Jagow, Country Manager, Germany: “We’re seeing demand across all sectors.”

Germany has long prioritized digital sovereignty, partly due to the cautious nature of its businesses. With geopolitical tensions and market consolidation, local cloud providers play a vital role. We partner with local players like IONOS and StackIT (a subsidiary of Schwarz Group) that are driving the sovereignty conversation in Germany. These providers are often best positioned to deliver the level of control and adherence to local regulations that truly define sovereign cloud solutions for customers.

We’re seeing demand across all sectors, not just government. Financial services, mid-sized enterprises, everyone is evaluating where to place workloads with greater security. Not everything needs a sovereign cloud, but for critical data, businesses are turning to trusted local providers.

Open source is a game-changer for sovereignty, it offers transparency, flexibility, reversibility and control over data, which is crucial in areas like AI, where models are often a 'black box.' Red Hat’s hybrid cloud approach bridges on-prem, public cloud, and local providers, helping customers deploy workloads where they make the most sense, whether for compliance, cost,or sovereignty.

Rune Stenbaek, Country Manager, Denmark: “Open source is the way forward”

Our minister of digitalisation in Denmark made a statement that everything needs to be European or as national as possible and advocated for open source. The hybrid cloud setup supports sovereignty well. It’s about the flexibility to move data and the option that open source provides in a supported manner with a stronger security footprint.

In Denmark's push for national solutions, there is an important aspect to consider: even as open source is advocated, the significant operational commitment needs to be addressed. That's Red Hat’s sweet spot, as we combine open source innovation with enterprise-grade stability. The Danish mindset favours local control, yet they're realizing even national solutions need global-scale support. Our hybrid approach lets them keep data and operations anchored locally, yet crucially, it connects them to a worldwide open source ecosystem, highlighting that while national control is vital, the true strength of open source lies in its global, collaborative foundation. 

Red Hat’s enterprise open source solutions are a resilient foundation for sovereignty. When an organization runs on Red Hat, they're not just getting code, they're getting bug fixes and vulnerability patches tested by millions of developers worldwide. Proprietary vendors can't offer that collective scrutiny. This geopolitical moment isn't a blip, it's the tipping point where open source becomes the default for sovereign infrastructure, not just the alternative.

Remy Mandon, Country Manager, France: “Customers are turning away from proprietary lock in”

Significant global events have underscored the critical need for digital sovereignty and self-reliance. What was once gradual progress in sovereignty initiatives suddenly accelerated into urgent action. France isn't waiting for EU consensus though. The government, through ANSSI (the French National Agency for Information Systems Security), is providing an approved label and is advocating to have this become Europe’s “EUCS High+” qualification. 

We collaborate with several regional cloud providers, like Cloud Temple, which are already SecNumCloud and BSI C-5 -qualified. Customers can choose them today, wait for Thales/S3NS to certify, or choose from multiple providers; this is the flexibility that Red Hat offers. Regardless of the provider, it’s the same OpenShift code, the same console, and IT teams use the same skills. If customers opt to cancel their subscription with Red Hat, they  have the right to continue running the installed code, albeit without the subscription benefits of support, security scanning and more. With proprietary licenses you can lose access entirely.

Of course, not every type/level of workload needs SecNumCloud - that's where our hybrid approach shines. Banks might run core banking on certified clouds while keeping marketing sites on public infrastructure. The key is having both the freedom to run any workload and any algorithm as well as architectural freedom. Sovereignty isn't an all-or-nothing proposition, it's about intelligent workload placement.

Jo Hodgson, UK & Ireland Regional Leader: “Partners are key”

There isn’t a single definition of digital sovereignty in the UK compared to France or the Nordics, where governments are being more prescriptive. Here, organisations are evaluating. They want sovereignty assurances but aren’t overhauling systems yet. Our government hasn’t moved decisively, but the question has evolved. It’s no longer just ‘Is my data in the UK?’ Rather it’s ‘Who owns the stack it runs on?’ Proprietary cloud offerings don’t fully resolve that tension, which is where open source and local partners come in.

CEOs are asking their teams, ‘How are we staying in control of our data and operations?’ It’s not just about where data sits physically anymore, it’s about who controls the infrastructure underneath, it is about digital sovereignty. Open source and hybrid cloud let us offer flexibility here, because one size doesn’t fit all.

Because digital sovereignty means different things to different industries, our job is to articulate how open source and hybrid cloud address those shades of concern. For example, enabling a financial institution to achieve robust data residency and operational control through open source solutions can be a significant step towards their sovereignty goals, while also laying the groundwork for future innovations like AI. To help customers navigate these complex and nuanced debates, we are investing in dedicated expertise and resources.

Leonard Bodmer, Regional Leader Western Europe: “ Control is paramount”

The geopolitical changes we've seen recently have dramatically accelerated sovereignty concerns. Cloud adoption leaders suddenly have to completely rethink how they treat their data. Sovereignty isn't just theoretical anymore, it's about operational survival.

In Switzerland, sovereignty isn't new, it's in our DNA. We’ve maintained independence for centuries, and that extends to our digital infrastructure. But what’s changed is the realisation that even traditionally neutral countries can’t take technology dependencies for granted. Our challenge now is applying that historical sovereignty mindset to modern cloud environments.

Red Hat is the enterprise bridge to the global open source ecosystem. Our Czech engineering hub and worldwide teams package community innovation into supported solutions without locking customers into any single geography’s technology stack. That's why a Swiss bank trusts us as much as a German manufacturer does.

Open source is the linchpin for sovereignty. Unlike proprietary software that can be rendered unavailable if you stop paying, our technologies remain usable because the code is fully available for every customer. Globalization’s risks now outweigh its cost benefits for critical infrastructure. But crucially, open source must remain the exception - the one global collaboration we protect. Because true sovereignty isn't about isolation, it's about having choices in an interconnected world.

There is no one-size-fits all - flexibility matters

As digital sovereignty evolves from aspiration to necessity, one truth emerges: There is no one-size-fits-all solution. From Germany’s collaboration-driven model to France’s uncompromising SecNumCloud standards, each nation is writing its own playbook, but there is a strong drive across Europe for some level of standardisation.  What unites the continent is the recognition that sovereignty isn’t just about data location, it’s about control, choice and continuity.

Open source and hybrid cloud are proving to be the great enablers of this transition, offering the flexibility to meet diverse regulatory demands without sacrificing innovation. Whether organisations are acting now or waiting for clearer signals, one thing is certain, sovereignty is no longer a ‘nice to have’. With a significant presence across all key markets, Red Hat has its finger on the pulse, helping customers navigate this complex landscape with open technologies that put them firmly in the driver’s seat.