Digital sovereignty has gone from being a buzzword to a concrete goal in European IT leadership committees. The latest Gartner report, presented during the Gartner IT Symposium/Xpo held in Barcelona, makes this clear: 61% of CIOs and IT leaders in Western Europe plan to increase their reliance on local cloud providers in the coming years.
The shift is significant. For over a decade, major global cloud platforms have been the default target for any technology modernization strategy. Now, geopolitical tensions, regulation, and fears of losing effective control over data are prompting European companies to reconsider their decisions.
Less blind trust in global hyperscalers
According to the Gartner survey, 53% of CIOs already assume that geopolitics will limit the future use of large global cloud providers. This doesn’t mean they will disappear from architecture maps, but it does anticipate a different hybrid scenario than in recent years:
- More critical workloads in sovereign clouds or local providers.
- More selective use of global public clouds for specific, less sensitive services.
- Stricter contractual requirements regarding data residency, applicable jurisdiction, and local support.
Gartner goes further, setting a timeline for this transformation: by 2030, more than 75% of companies outside the U.S. will have an explicit digital sovereignty strategy supported by sovereign cloud infrastructure that ensures regulatory compliance, security, and operational autonomy.
Regulation, critical infrastructure, and customer pressure
Rene Buest, senior director analyst at Gartner, recalls that many European organizations simply cannot run their critical systems on non-European clouds. It’s not a matter of preference, but of legal framework and risk:
- Sector-specific regulations (finance, health, public administration, defense, energy).
- Contractual demands from major clients requiring data residency within Europe and European jurisdiction.
- Participation in infrastructures considered “sensitive national assets,” which demand reinforced control over data and platforms.
In this context, local and regional cloud providers — ranging from national sovereign clouds to specialized European operators — become key pieces enabling organizations to comply with regulations… and sleep better at night.
“Geopatriation”: bringing workloads back home
One concept highlighted in the report is called “geopatriation”: the movement of workloads from global providers toward local and sovereign alternatives. It’s not a simple “lift & shift,” nor an overnight change, but it is becoming a deliberate strategy.
For many CIOs, this involves:
- Auditing which data and systems currently reside in clouds regulated by external jurisdictions.
- Classifying applications and databases based on sensitivity and legal requirements.
- Designing phased migration plans toward local platforms for the most critical systems.
Geopatriation has costs and frictions, yes, but it’s increasingly seen as a necessary investment to reduce geopolitical and legal exposure in the medium to long term.
The rise of open source in cloud strategies
Another notable finding: 55% of CIOs and IT leaders state that open source technologies will be key in their future cloud strategies.
The reasons are clear:
- Flexibility and portability: avoiding dependence on proprietary APIs that are difficult to replicate outside a single provider.
- Mature ecosystems: Kubernetes, open source databases, observability platforms, and hundreds of projects enable building private and sovereign clouds based on de facto standards.
- Alignment with digital sovereignty: access to the code and the ability to deploy on-premises or in local clouds better meet control and audit requirements.
However, Gartner reminds that open source isn’t a magic bullet: it requires internal capabilities, good governance over the software life cycle, and a clear support and maintenance strategy.
From infrastructure providers to strategic partners
The report also emphasizes a shift in organizational expectations. It’s no longer enough to provide virtual servers, storage, and a web console. Organizations seek providers capable of acting as long-term technology partners.
What are CIOs demanding?
- Ongoing training for their teams, beyond mere technical documentation.
- Real 24/7 availability, with specialized support and teams understanding the business context.
- Honest advising, not always pushing to “move everything to the cloud” without analyzing costs, risks, and hybrid alternatives.
- Ability to support complex digital transformation projects, application modernization, and AI adoption — not just providing “hardware and dashboards.”
As Rene Buest states, “CIOs must create and protect their organization’s digital sovereignty. No one else will do it for them: neither their cloud providers nor their service partners.” This encapsulates the report’s tone: ultimate responsibility cannot be outsourced.
Opportunity (and pressure) for the European ecosystem
For Europe’s tech ecosystem, this shift is both an opportunity and a challenge. If over 60% of CIOs plan to rely on local providers, opportunities include:
- National and regional sovereign clouds.
- Specialized providers of private cloud infrastructure and bare-metal within the EU.
- Integrators and consultants skilled in orchestrating complex hybrid environments, combining public cloud, local clouds, and on-premises setups.
At the same time, these providers will need to demonstrate they can compete in:
- Scalability and performance, including for AI workloads and large data volumes.
- Cost efficiency and predictability, compared to the highly optimized models of global giants.
- Regulatory compliance and security, with certifications and auditable processes.
The core message is clear: digital sovereignty is no longer an ideological luxury but an operational requirement. Those who can deliver truly sovereign clouds without sacrificing innovation or efficiency will be better positioned in the coming decade.
Frequently Asked Questions about Digital Sovereignty and Local Cloud Providers
What does it mean for a company to have a “digital sovereignty strategy”?
It involves defining how it protects and controls its data, applications, and critical infrastructure against legal, regulatory, and geopolitical risks. This includes decisions about data storage locations, jurisdictions, provider choices, and ensuring portability and resilience.
Why are CIOs now looking at local cloud providers?
Because many European and sector-specific regulations demand greater control over critical data and systems. Additionally, geopolitical tensions and concerns about third-country access to data are pushing organizations to reduce their dependence on infrastructure governed outside European law.
Does this mean the end of large global cloud providers?
Not necessarily. They will remain relevant, especially for less sensitive workloads or certain advanced services. However, their role will shift toward more hybrid architectures, where local and sovereign clouds play a much larger part in core systems.
What role do open source technologies play in digital sovereignty?
Open source enables portability across clouds, reduces vendor lock-in risk, and allows deployment with the same technologies on public clouds, private clouds, or local infrastructures. That’s why more than half of European CIOs see open source as a key component of their future cloud strategies.