Digital sovereignty and resilience are no longer theoretical topics for the future, but tangible factors for competitiveness and security in everyday business life. Global dependencies, growing cyber threats and the pressure to comply with legal frameworks pose enormous challenges for organisations in Germany. In this interview, Katharina M. Schwarz, Head of Global Communications at Myra Security, explains why digital freedom of choice and resilience are not only technical but also strategic issues – and why European solutions play a central role in this context.
Ms. Schwarz, “resilience” and “digital sovereignty” are major buzzwords. What do these terms mean for you in concrete terms in everyday business life?
For me, digital sovereignty means genuine freedom of choice: enabling companies to independently choose and run technological solutions – without becoming structurally dependent. In everyday life, this becomes a challenge when central services are dominated by a few global providers, especially when they are not subject to the same legal frameworks as we are.
Resilience means being resilient: not only hardening systems, but also having alternatives – both technologically and contractually. Monocultures are always more susceptible to damage. That’s why we need a technological “mixed forest”. This includes distributed architectures, interoperability and exit strategies – so that we remain able to act in the event of a malfunction or changed compliance requirements. Freedom of choice is an essential part of true resilience. That is why digital sovereignty is not a luxury, but an operational necessity – especially in light of the market consolidation driven by non-European platforms.
Where do you currently see the greatest risks and dependencies for German companies – and how can these be addressed in the short term?
The greatest risk lies in the constantly tense threat situation, combined with a misjudgement of one’s own independence. Germany is among the most frequently and severely attacked countries in Europe. Figures from our study on digital sovereignty also show that we are heavily dependent on non-European providers in many areas. At the same time, however, many IT decision-makers overestimate their own independence. We rent our technology, but think we own it. The non-European landlords dictate their technical standards and terms and conditions to us, which lie outside our legal framework. This results in asymmetrical dependencies, particularly in cloud infrastructures, identity services and AI platforms.
In the short term, this can only be countered by becoming aware of the security situation and no longer viewing cybersecurity as merely an IT issue, but as a business objective. At the same time, organisations should create transparency about their own dependencies and actively seek interoperable, sovereign alternatives. Multi-cloud strategies and hybrid models for technical security, as well as modular platform concepts, help to regain flexibility. However, this is also a challenge for the government: without the political and regulatory will to ensure market diversity and fair competition, freedom of choice remains limited – with all of the associated risks for the security, compliance and innovative capacity of German companies.
Many organisations rely on international solutions. Why do you think it is worthwhile to focus on European, GDPR-compliant strategies – especially now?
Because it’s not just about data protection, but also about guaranteed availability and democratic control over digital infrastructures: European providers are subject to the same regulatory requirements as their customers – in other words, they are not only technically but also legally compatible. Short distances and uniform standards greatly simplify coordination, as well as contracting drafting and audits – which not only saves time and resources but also creates legal clarity. International providers, on the other hand, often operate in a grey area: they benefit from the European market but are not subject to the same rules. They market themselves as a “sovereign” solution, but are subject to laws that grant intelligence agencies comprehensive access rights. This “sovereignty washing” distorts competition – at the expense of compliance, transparency and innovation.
That is why choosing European, GDPR-compliant strategies is not about protectionism, but about structural fairness. Only when we as organisations can choose between genuine alternatives, digital sovereignty is possible. And only then can we credibly fulfill our responsibility to customers, partners and society.
Katharina M. Schwarz will be a spokesperson at the eco Internet Security Days on the topic of “Resilience and Sovereignty: What Do They Mean – and for Whom Are They Relevant?”
Don’t miss her exciting presentation and join the discussion!
