[Report] Cybersecurity: European businesses are increasingly concerned about sovereignty

Sapio Research interviewed 800 IT and cybersecurity leaders in Q2 2025, spanning France, Germany, Belgium, and the Netherlands, with organizations ranging from 300 to 5,000 employees across healthcare, manufacturing, technology, and government services. 

Sovereignty is a priority for IT security decision makers 

Foreign actors and lack of control over data and cybersecurity deployments are key concerns. Matters of jurisdiction, legal control, and transparency are taking center stage. Cybersecurity tool performance is crucial, but it’s no longer enough.  

54% of European IT security decision makers mention that data sovereignty is a priority when it comes to purchasing decisions, and up to 11% consider it a top priority, showing a clear shift in perception amid the global cybersecurity landscape. 

From reliance to resilience, and greater strategic autonomy 

As Europe faces growing geopolitical instability, foreign surveillance concerns, and regulatory complexity, businesses are shifting from reliance to resilience, demanding greater control over data storage location and strategic autonomy. 
 
The report also reveals that 70% of respondents agree that European businesses are too dependent on foreign technologies – with the highest concern in Germany (84%) and France (82%). In response, most organizations are actively considering sovereign solutions, as European vendors are seen as better aligned with local compliance and regulatory needs. 81% of respondents also consider that European cybersecurity companies better understand the region’s specific threat landscape and priorities. 

In that respect, the ability of cybersecurity platforms to provide On-Premises solutions comes as the number one criterion for 26% of IT decision makers, followed by performance (22%), and the proximity and quality of the customer support (22%), highlighting the importance of trust when looking for a security provider.  

On-Prem solutions for total control over IT stack and data 

37% of European companies stated they are “very” or “extremely” concerned about foreign access to data stored in cloud-based cybersecurity systems. This growing anxiety is influencing procurement decisions, and as IT decision makers increasingly prioritize sovereignty and control, On-Premises deployment is gaining ground: 17% are planning a shift to On-Premises solutions. 

The motivations are clear: organizations Europe-wide want full control over deployment, updates, and infrastructure – with the strongest sentiment in Germany (34%) and Belgium (33%). European companies also want to reduce dependency on third-party Cloud providers, and they are motivated by reducing exposure to geopolitical risk or foreign surveillance. 

But this doesn’t mean that Cloud cybersecurity solutions are out of the game! When deployed as a conscious choice, with a platform that guarantees transparency about data storage, Cloud platforms can meet sovereignty requirements just as well as On-Prem solutions can meet legal and technical constraints without comprising performance. 

Read the full report for a detailed data breakdown by country  
and many other insights into European cybersecurity trends: