At the KINTalk “Digital Sovereignty — From Strategy to Practice”, the discussion did not begin with a definition, but with a crisis scenario. Marcuse led an interactive simulation in which participants were confronted with an urgent situation: their organisation was under attack, and the crisis team had to quickly determine what digital sovereignty means in practice — and which trade-offs they are willing to make.
Key takeaways
Sovereignty is not binary.
Drawing on a European Commission framing, Marcuse described sovereignty across eight domains: strategic, legal/jurisdictional, data & AI, operational, supply chain, technology, security & compliance, and sustainability. The practical implication is that this structure can serve as a “license to buy” — a way to ground procurement decisions rather than treating digital sovereignty as an abstract principle.
Boardroom drivers are clear — so are the costs.
Key drivers include geopolitics, regulation, cost efficiency, resilience, and sustainability. However, building a viable business case requires accounting for migration costs, new licensing models, and reskilling efforts — often amounting to 15–25% of the annual IT budget. The benefits are not only financial (with compute and storage payback typically within 12–24 months, and potential egress savings even sooner), but also strategic: reduced jurisdictional exposure, improved negotiating power, and decreased vendor lock-in.
Start with your “crown jewels.”
In a crisis, clarity is essential. Marcuse emphasised the importance of prioritisation: identifying which systems and data are truly mission-critical and therefore require the highest level of protection.
Geo-patriation is increasing — and some domains are “zero-tolerance.”
A key discussion point was which systems should not fall under foreign jurisdiction. Examples included identity and access management (IAM), email and communications, ERP and financial systems, and data platforms and AI/ML models.
Sovereignty becomes harder higher up the stack.
From on-premises infrastructure to IaaS, SaaS, and FaaS/serverless environments, vendor lock-in typically increases. A practical approach is to build a heat map of assets and dependencies to identify where sovereignty risks concentrate and where viable exit options exist.
Alternatives exist — but ownership requires investment.
Resources such as european-alternatives.eu and initiatives like the Open Cloud Alliance highlight viable European alternatives. However, true sovereignty often implies investing in open-source ecosystems such as OpenStack, including contributing time, funding, and organisational commitment.
The KINTalk concluded with an engaging Q&A and networking session, where participants exchanged insights and explored potential collaborations over drinks and snacks.
Join a KINTalk
Are you keen to hear vivid stories from experts who are at the forefront of various forms of digital innovations? Do not hesitate to join us in our next KINTalk! Stay tuned for more information and sign up for the next event on LinkedIn or Meetup. Looking forward to seeing you at our next KINTalk!
Become a KINTalker
Would you like to impart your expertise to a community of practitioners and researchers? Reach out to us at e.elshan@vu.nl, and let’s shape the future together!