Digital sovereignty: From principle to practice

Step by step toward digital independence: This new SUSE white paper shows what digital sovereignty really means, what drives successful implementation, and why our open, European approach makes us the right partner on this journey.

How can we regain control of our digital infrastructures and secure them for the long term? This question is top of mind for business and public sector leaders alike. According to HarfangLab’s latest State of Cybersecurity Report, 78% of European executives see digital sovereignty as more important today than a year ago, and 70% call for reducing dependence on non-European technologies.

Yet there is still a gap between aspiration and reality. The State of Digital Sovereignty 2025 study by Myra Security found that while over 84% of IT decision-makers believe critical infrastructures should rely primarily on European solutions, many organizations continue to use products from a few large U.S. corporations – often out of habit, lack of awareness of alternatives, or concerns about migration efforts.

Sovereignty requires more than an EU cloud

How can companies and public institutions actually become more digitally sovereign? Many organizations still believe that this question is primarily about where they store their data. However, simply moving to an EU-based cloud service does not guarantee control over digital resources. Technical, organizational, and legal dependencies remain – especially if the provider is from a country with extraterritorial access rights.

The U.S. CLOUD Act, for example, obliges American companies to grant authorities access to data upon request, even when stored in European data centers. This undermines principles such as the GDPR and puts organizations at risk of losing control over their most sensitive information.

True digital sovereignty means having full control over data, processes, and technologies at every level – from infrastructure to software. It also requires the flexibility to adapt systems, replace solutions, and change providers at any time.

Digital sovereignty is a long-term strategy

The new SUSE white paper “Building Digital Sovereignty” outlines how organizations can systematically pursue this goal: from analyzing dependencies and building open, interoperable architectures to driving continuous improvement in operations. 

In the white paper, you will learn:

• the three key aspects of digital sovereignty and how they interrelate in practice,
• how to implement a sovereignty strategy using the Cycle of Digital Sovereignty,
• what SUSE has delivered for digital sovereignty for over 30 years—and how customers benefit from services such as SUSE Sovereign Premium Support,
• why leading organizations in both the public and private sector rely on open source technologies to strengthen their independence,
• and which three actions decision-makers should take immediately.

Why act now?

Geopolitical tensions, regulations such as NIS2 and the Cyber Resilience Act (CRA), and rising security risks make digital sovereignty a strategic necessity for both businesses and the public sector. Acting early helps reduce risks, maintain resilience, and open up new room for innovation by overcoming dependencies.

Read our white paper to learn how to strengthen your organization’s digital sovereignty.

Download the free white paper now >