Palo Alto Networks (NASDAQ: PANW) and Deutsche Telekom (XETRA: DTE) have announced the launch of Sovereign Cortex with T Security, a new offering that brings Palo Alto Networks’ AI-powered security operations platform Cortex® to Europe’s most regulated sectors. This solution incorporates advanced data sovereignty mechanisms managed independently by Deutsche Telekom.
The increasing sophistication of AI-driven threats requires organizations to have cybersecurity capabilities that can act instantly and in real time. However, many highly regulated industries such as healthcare, government agencies, financial services, and critical infrastructure face the challenge of adopting cloud security solutions without violating Europe’s strict digital sovereignty requirements.
These regulatory demands, reflected in frameworks like GDPR, NIS2, DORA, and other European standards, no longer just focus on where data is stored. They also require proof of who can access the data, the encryption mechanisms protecting it, how access is monitored and audited, and how it is managed during support and maintenance processes.
To address these needs, Sovereign Cortex with T Security enables European organizations to benefit from cloud security capabilities and AI without losing control over their data. The solution combines all the functions of the Cortex platform with a set of sovereignty controls specifically designed to comply with the European regulatory framework, with Deutsche Telekom serving as an independent trusted partner.
In addition to the data residency guarantees already included in Palo Alto Networks’ cloud services, the new offering introduces additional protection and control measures across all layers of the environment. These include data on clients as well as system information and telemetry, encryption keys, and access logs subject to independent audits. Moreover, all support personnel operate exclusively from Europe, and contractual agreements are governed by European law.
Helmut Reisinger, CEO of Palo Alto Networks for EMEA
“European organizations, from public administrations to critical infrastructure operators, have made it clear: they need AI-driven security in real time and verifiable data sovereignty controls, and shouldn’t have to choose between the two. This is our direct response to the demands expressed by customers and regulators across Europe—a service that respects European sovereignty, maintains effective security, offers the modular platform our clients rely on, and demonstrates the trust they place in us.”
Thomas Tschersich, CEO of Deutsche Telekom Security GmbH and CSO of Deutsche Telekom AG
“Our joint offering is currently unique in Europe in terms of quality. We meet the requirements of NIS2, DORA, and KRITIS mandates on data sovereignty without our clients having to compromise on cybersecurity effectiveness.”
A sovereignty approach driven by client needs
This solution is the result of close collaboration with regulated organizations and government authorities across Europe. It has been designed around specific, verifiable controls required by these entities, rather than a broad interpretation of sovereignty. It is also built to evolve as European sovereignty regulations develop. Sovereign Cortex with T Security will initially be available to organizations in the healthcare, financial, and public sectors, as well as national critical infrastructure operators. Later, its availability will expand. The initial launch is scheduled for the third quarter of 2026.