Europe on the path to digital sovereignty

Tariffs and trade barriers are drawing increased attention to dependence on transatlantic IT service providers – a situation that is causing concern for many companies. In this context, implementing cybersecurity is proving particularly challenging. Digital sovereignty is seen as the key to the solution, but despite numerous innovative approaches, its realisation remains complex.

"We are currently experiencing great momentum in favour of Europe," said event manager Thimo Holst at the opening of this year's it-sa Expo&Congress. Trade conflicts and tariffs are unsettling companies, which are reacting with increasing concern. Even international IT giants such as Samsung are affected: customers are worried about dependencies on products and components. "Large corporations now want to have it in writing where Samsung manufactures and where our suppliers are located," says Tuncay Sandikci, who is responsible for Samsung's business customer segment in Germany. "We have seen growing interest in this since April," he adds, when the issue of tariffs arose in the USA. There have also been increasing enquiries about the location of the servers for the Knox suite, Samsung's enterprise solution for securing mobile devices. Customers are reassured to learn that these are located in South Korea and, for Europe, in Dublin, Ireland. But some companies are demanding more: "Individual customers with high security requirements want to operate the Knox platform on-premise," adds Sandikci. That can also be arranged.

 

Top topic: digital sovereignty

Dependencies on transatlantic IT providers are a cause for concern for many companies. This is due to changes in US policy and the discussion about tariffs and trade barriers. The US is considered the market leader in technologies such as cloud and artificial intelligence, but China also plays a pioneering role. Reducing dependence on these countries for key IT technologies is the goal of the much-discussed concept of digital sovereignty. This was the overriding theme at this year's it-sa Expo&Congress. However, this does not mean self-sufficiency, autocracy. International cooperation remains important. But greater independence, especially from market-leading monopolists, could make the economy less vulnerable to disruptions caused by external factors. Europe is not only dependent on US technologies for cloud computing and artificial intelligence. It also covers broad areas of IT, including the cybersecurity sector, which is strongly dominated by US providers. "We estimate that around 70 per cent of the market is currently covered by non-European providers," reported Joanna Swiatkowska in an interview at the trade fair. She is the head of the European Cyber Security Organisation (ECSO), which aims to promote cooperation between public and private actors in the field of cyber security. Around 50 per cent of all acquisitions and mergers of European security providers are carried out by companies outside Europe, she emphasised during the press conference. A prominent example is the acquisition of the German email security specialist Hornetsecurity from Hanover by the US company Proofpoint in the spring of this year. Even when European security companies offer alternatives, they often use US cloud services in the background. The growing use of AI in almost all areas and products of cybersecurity further increases this dependency. "In addition, the increasing technological decoupling between China and the US is increasingly forcing companies and countries to choose sides," fears Swiss security researcher Jean-Marc Rickli, who gave the special keynote speech at this year's trade fair.

These international changes are increasingly becoming the focus of companies. According to a survey by Slovakian security provider ESET, 44 per cent of the companies surveyed are therefore considering changing their IT security provider. 75 per cent of them would prefer European providers. "In sensitive areas such as healthcare, as many as 82 per cent of companies are planning to switch to an EU provider," the study says.

 

The 11 billion market 

The economic consequences should not be underestimated, as according to Bitkom, the market volume in Germany alone is 11 billion euros. Swiatkowska notes: "The cybersecurity sector is a market segment that promises high growth opportunities." Bitkom President Ralf Wintergerst backs this up during the press conference with figures for the current year: "The German cybersecurity market is growing by ten per cent, while the entire German IT market is growing by only five per cent." Nevertheless, Wintergerst criticises that German products account for less than five per cent of the global market. Swiatkowska therefore calls for it to be crucial to raise awareness of European products and promote a "Buy European" attitude. To this end, EU products should be given greater consideration in procurement.

Opportunities to do so exists: "There are areas where European solutions are available and competitive," says Maik Wetzel, referring to his employer ESET, where he is responsible for strategic business development in the DACH region. When it comes to cloud connectivity, ESET customers have alternatives, as the products can also be operated on-premise or in a hybrid model. "In addition, customers can already select the cloud location, for example Germany," adds Wetzel. As an exception, he allows a glimpse behind the scenes: ESET is currently working on establishing cooperation with other European providers in order to create synergies for complete solutions. ESET, like many others, has already joined such an alliance, the Technology Alliance Programme (TAP). At the it-sa Expo&Congress, exhibitors are looking for further opportunities: "We also use the trade fair for meetings with providers to see where cooperation is possible," explains Wetzel. German industrial security specialist Asvin could also be interested in this. "The issue of digital sovereignty is a major concern for our customers," emphasises Mirko Ross, security expert and CEO at Asvin. But he points out: "The economy alone will not be able to regulate this." Ross adds: "The big monopolists in the USA have grown massively through government contracts and agreements."

 

No quick solution in sight

Wintergerst has also noticed the change in how competitors interact with each other: "German suppliers are talking to each other much more than they used to," he notes. At the same time, he warns against exaggerated expectations: "We won't be able to replace American products in the next 1-2 years; that would be completely unrealistic," he is convinced. After all, the status quo did not arise overnight, but is the result of decades of development. Many US companies are market leaders for good reason, "they simply have good solutions," says Wintergerst. These solutions are now often part of established work processes in companies and cannot be easily replaced. Claudia Plattner, President of the German Federal Office for Information Security (BSI), shares this view. During the press conference, she advocated a "dual strategy: developing new technologies in Germany and making foreign technologies secure for us."

 

Sources:

Spiegel Wirtschaft: EU plant sechs neue KI-Fabriken, keine davon in Deutschland

Interview with Jean-Marc Rickli: it-sa Expo&Congress: Keynote speech by Jean-Marc Rickli on artificial intelligence as a geopolitical game changer

Interview with Joanna Swiatkowska: "Buy European": Why Europe's cybersecurity needs more visibility

Bitkom press release: German market for IT security sees double-digit growth

Press release on the ESET study: German companies demand digital sovereignty – and rely on IT security "Made in the EU"