No sooner has the security industry come to terms with digitalisation, NIS2, DORA and artificial intelligence than the next big thing is already making the rounds: digital sovereignty. Once again, strategy papers are being drafted, conferences organised and new mission statements formulated. There is undoubtedly a valid concern behind the term. Yet experience teaches us that buzzwords alone do not make either companies or critical infrastructure any safer.

In recent years, one thing in particular has grown – bureaucracy. Documentation requirements, proof of compliance and regulatory requirements now keep entire departments busy. At the same time, fundamental measures are still lacking in many places: up-to-date systems, qualified staff, robust security concepts and sufficient investment in operational cyber defence.

Of course, technological independence is an important goal. But digital sovereignty must not become the next marketing cliché or a synonym for new regulations. Security is not achieved through a constant stream of new terms, but through consistent implementation, robust technology and practical solutions. Those who merely swap the label without solving the actual problems gain one thing above all else: more paperwork.

Perhaps it is time to invest less energy in the next buzzword and instead consistently close the existing security gaps. After all, resilience is not built through panel discussions, but in data centres, in control rooms and amongst the people who have to ensure security on a daily basis.

If you’d still like to find out more on the subject, here’s our feature article: https://euro-security.de/en/digital-sovereignty-europes-path-back-to-technological-self-determination-2/