The concern for sovereignty es one of the main barriers to cloud adoption by large companies in Spain. This is confirmed by 71% of IT managers and directors and AI engineers who participated in a Red Hat study carried out in Spain and other countries in the EMEA region. In fact, 78% of participants in Spain have identified sovereignty as one of the main technological priorities for the next 18 months.
Sovereignty has taken on greater importance as a result of the convergence of increasing operational issues, such as supply chain instability and the threat of cyberattacks, and ever-changing geopolitical dynamics. Challenges such as these, together with the desire to harmonize different national regulations in the various countries of the European Union, have led to additional regulatory pressure, with laws such as the Digital Operational Resilience Act (DORA) and NIS2 mandating stricter operational controls for critical sectors, such as finance. Sovereignty, therefore, focuses on resilience, the ability to operate independently and strengthen security without uncontrollable dependencies.
This need for control and independence is causing businesses and the public sector to reevaluate the risks of considering the cloud as a one-size-fits-all strategy. While cloud adoption is essential for digital transformation, traditional cloud models often involve ceding some degree of operational control to a small group of global providers, creating a potential single point of failure. Concerns about data privacy, access to data from abroad, and the risk of vendor lock-in can completely paralyze cloud migration projects.
Open source is the basis of digital sovereignty
In the search for sovereignty, enterprise open source with the support of a supplierr appears as a critical facilitator. An impressive 92% of IT professionals in EMEA agree that enterprise open source software is an important part of achieving sovereignty, and this percentage increases to 96% when IT professionals in Spain are asked.
Open source offers transparency, control and freedom, while a trusted provider offers quality assurance, lifecycle management and technical support, along with interoperability and validated integration with ecosystem partners.
With access to source code and an “upstream first” development model that is decentralized and community-driven, organizations are not dependent on a single vendor’s roadmap. This encourages innovation, enables independent security audits, and lays the foundation for trust.
Open source makes it easier for governments and businesses to access and nurture new talent by lowering barriers to entry and providing modern, publicly available technology stacks. Ultimately, open source is the key to developing digital infrastructures that can be operated and developed independently, offering a path to solidify EMEA’s digital future.
Key priorities for a sovereign cloud strategy
In defining their cloud sovereignty priorities for the next 18 months, IT leaders in Spain are focusing on a set of clear and interconnected objectives, focused on control, security and governance. Top priorities are ensuring full transparency and auditability of their systems (90%), partnering with suppliers in specific geographies (89%), and maintaining operational control and autonomy (88%).
These are followed by regulatory compliance, which is ranked as an essential factor for 87% of respondents, while 85% agree on the importance of protecting both the integrity of the software supply chain and data privacy. Flexibility in the choice of suppliers (84%) and the guarantee of continuity of service and support (80%) are also among the priorities.
Sovereignty and AI
Sovereignty also affects artificial intelligence. 81% of those surveyed believe that AI sovereignty is a priority for your organization’s AI strategy over the next 18 months. As AI becomes more integrated into core business functions, controlling data, models and underlying infrastructure becomes paramount to establishing compliance with regulation such as the EU AI Law and to maintaining a competitive advantage.
The cost efficiency of hardware supporting AI is also an important factor influencing infrastructure strategies, and we are already starting to see banks and other companies turn to the development of local data centers to drive their AI ambitions.
Not all companies can afford to Buy GPUs and build data centers, but where the banks go, others will follow. GPUs are only part of the equation, and organizations will look for a hybrid cloud platform that allows them to run any AI model on any accelerator on any cloud.
How to achieve sovereignty
He path to digital sovereignty It is not about rejecting the cloud, but about address it with a smarter and more open cloud. A model based on enterprise open source and a hybrid cloud strategy offers the transparency, control and portability required by regulations and operational resilience.
This allows organizations to distribute workloads across proprietary data centers, on-premises sovereign clouds, and hyperscalers, avoiding lock-in to a single vendor and ensuring data resides where it belongs.
Collaborating with local cloud providers and systems integrators who understand the legislation and regional context is key to building solutions that are not only technologically robust, but also fully compliant. As AI sovereignty becomes the next big challenge, the ability to control the entire lifecycle, from data and models to hardware, over a flexible infrastructure will become the main competitive differentiator and the ultimate proof of true digital autonomy.
By Julio Guijarro, Chief Technology Officer, EMEA de Red Hat
