New Horizons - Jun 9, 2026

Principles for digital capability in a connected world.

Digital sovereignty as a strategic guiding principle.

Digital transformation has delivered on its promise of greater freedom for organisations. Digital sovereignty is now moving into focus as a new consideration. What businesses and public sector organisations need to keep in mind.

When digital freedom reveals new risks.

What happens when a digger outside cuts through the internet cable – which parts of the business keep running? What if the container ship carrying critical hardware never arrives – how long does your IT project stall? What if you want to switch cloud providers – how do you retrieve all your data, and how quickly? And can you do it at all? Even in smaller organisations, IT leaders now find themselves engaging with global events and geopolitics. They take notice when the US government sanctions judges at the International Criminal Court and excludes them from email services. They read closely when a cargo ship blocks the Suez Canal. And they watch as a single faulty software update brings down payment systems, cash machines and entire airports. Businesses, public authorities and other organisations everywhere have embarked on the journey towards greater IT freedom. Now that they’ve arrived, the view is not quite as open as it first seemed. On the horizon, new boundaries and risks are beginning to emerge. And it is becoming clear: operational freedom alone does not amount to digital sovereignty.

At a glance.

Focus: Digital capability in a connected, global environment.
Context: Cloud adoption, platform economies and global dependencies are reshaping control and flexibility.
Core idea: Digital sovereignty as the foundation of resilient operational capability.

Objective: Safeguarding the ability of organisations to act in the face of disruption and change.
Key levers: Freedom of choice in selecting providers, transparency around dependencies, and resilient IT architectures.
Relevance: Strategic IT decisions have a direct impact on resilience, flexibility and business continuity.

What digital sovereignty means for organisations.

What does “digital sovereignty” mean? There is still no widely accepted definition. The term is used to describe everything from far-reaching technological autonomy to a local course on “responsible social media use”. The debate is further clouded by a basic question: who is actually meant to be sovereign – the European Union, individual countries, citizens or businesses? In this context, digital sovereignty refers specifically to individual organisations. It is important to recognise that complete control, full independence in decision-making and absolute autonomy do not exist – and never have – for organisations or their IT. Every business operates within a global, interdependent economy where unexpected developments are inevitable. Modern management has long recognised this reality and offers a well-established way of dealing with it: risk management.

At its core, digital sovereignty is about managing risk – balancing, understanding and actively reducing it. Absolute digital sovereignty may be out of reach, but increasing it is not.

Three priorities stand out:

Freedom of choice across technologies and providers
Robustness in the face of disruption
Resilience through clearly defined alternatives

The principle of risk diversification – Building resilience through deliberate IT architecture.

The starting point for any move towards digital sovereignty is a clear understanding of the current setup. Organisations first need to establish where their data actually resides – something many cannot say. Without that transparency, meaningful action is not possible. From there, the focus shifts to assessing risk: how likely is it that access to critical data could become restricted or disrupted, and how severe would the impact be depending on the type of data? The overarching goal of any risk management approach – and of the steps taken towards greater sovereignty – is to ensure business continuity: keeping operations running in the face of disruption or restoring them quickly where necessary. Established approaches such as backup strategies or multi-cloud architectures play a key role.

When selecting providers, another important factor is spreading risk across different legal jurisdictions. In today’s geopolitical landscape, the cloud has effectively acquired a physical address: where data centres are located – and which legal frameworks apply – can make a material difference. Even a so-called sovereign cloud – designed to ensure that data is stored and processed within defined national or regional boundaries – can significantly strengthen an organisation’s independence.

Similar principles apply to hardware sourcing, where risks can be mitigated by diversifying supply chains and transport routes. Relying exclusively on a single US supplier creates clear dependencies. Adding another source may reduce that reliance, but still ties both options to the same legal and geographic environment. Should regulations shift or supply routes be disrupted, exposure remains. A more resilient setup emerges when alternative suppliers from regions such as Japan or the UK are introduced, with fundamentally different supply chains and transport routes.

A person jumps from a dock into a mountain lake

Avoiding vendor lock-in and enabling real choice.

You are only truly sovereign if you can walk away. Organisations need to be in a position to say, “We’re leaving.” What’s at stake is the freedom to choose between providers – whether for software, data centres, cloud environments or related services. There are many valid reasons to switch: rising costs, changes to terms and conditions, reduced functionality, internal standards around ethics or sustainability, a lack of innovation, or simply a more compelling alternative. The real problem begins when a move feels so complex or risky that organisations decide to stay put, however reluctantly. That is vendor lock-in – and with it comes a gradual loss of freedom in decision-making. Where a provider is based makes no real difference in this context. Dependence on a single European technology provider carries the same risks as dependence on any other.

There are, however, effective ways to design IT architectures that avoid vendor lock-in and ensure a realistic fallback option is always available. Where weaknesses are identified, redundancy strategies can help. Organisations can also prepare for a potential switch in advance – for example by introducing open-source components at suitable points.

Shaping digital sovereignty – Making the most of today’s flexibility.

In November 2025, Berlin hosted the European Digital Sovereignty Summit, a joint Franco-German initiative bringing together political and business leaders to develop practical approaches to strengthening the EU’s economic independence. For IT leaders in both the private and public sectors, the key takeaway is simple: there is no need to wait for major policy decisions to come out of national capitals. Steps can be taken now—strengthening digital sovereignty, using the process as an opportunity to make IT landscapes and data environments more resilient, crisis-ready and adaptable, while gaining a deeper understanding of how they actually work. Seen this way, building greater freedom becomes less of a burden – and even a bit rewarding.

results by Bechtle.

This article is an excerpt from the current print edition of results by Bechtle.

Order or subscribe

Please note that the magazine is only published in German.

This post was published on Jun 9, 2026.