ECIPE Webinar: Cloud Cybersecurity, Sovereignty, and EU Competitiveness
The rapid evolution of cloud computing presents the European Union with a critical opportunity to strengthen its digital infrastructure. However, achieving the right balance between cybersecurity, digital sovereignty, and global competitiveness remains a complex challenge. This was the central theme of the recent webinar, “Cloud Cybersecurity, Sovereignty, and EU Competitiveness”, hosted by the European Centre for International Political Economy (ECIPE), where our Policy Manager for AI and Digital Policy, Maxime Ricard, participated as a speaker.
The discussion focused on the EU Cybersecurity Certification Scheme (EUCS) — currently being developed under the leadership of ENISA — and its far-reaching implications for cloud innovation, security, and the digital single market. While the EUCS aims to establish robust cybersecurity standards and enhance trust in cloud services, panellists raised concerns about early drafts that include stringent sovereignty requirements potentially limiting the participation of non-European cloud providers.
ECIPE Director and moderator Dr. Matthias Bauer opened the discussion by highlighting the broader economic implications of restrictive digital sovereignty measures. Drawing on ECIPE research, he pointed to a $1.4 trillion ICT investment gap between Europe and the United States and warned that sovereignty-driven barriers could cost the EU up to €600 billion annually in GDP, significantly undermining innovation and market openness.
The Startup Perspective
Speaking on behalf of the startup ecosystem, Maxime Ricard stressed the importance of a harmonised and inclusive EUCS framework that protects cybersecurity without stifling innovation or limiting access to best-in-class technologies: “Startups always want to access the best solutions available, regardless of the nationality of providers, in order to scale effectively.” He cautioned that fragmented or overly restrictive policies would disproportionately impact startups, driving up costs and limiting their ability to compete globally.
Industry Voices on Transparency and Flexibility
Marcus Corry, Director of Technology and Operations at AFME, provided insights from the financial sector. While supportive of common cybersecurity standards, he criticised the lack of transparency in the EUCS development process. He underscored the need for sovereignty issues to be debated through primary legislation, not technical implementing acts, to ensure legal clarity and democratic oversight — echoing lessons learned from the development of the Digital Operational Resilience Act (DORA).
Damien Rilliard, EMEA Sovereignty Lead at Oracle, offered a balanced perspective on sovereignty, noting its dual role as both necessary and potentially restrictive. He warned that excluding global innovators from the European market could further widen the technological gap Europe seeks to close: “If we exclude innovation brought by non-EU companies, we risk forbidding the EU industry from bridging its technological gap.”
He pointed to Oracle’s EU Sovereign Cloud as an example of how foreign providers can operate within the EU under local laws, combining data localisation and robust cybersecurity without sacrificing market openness.
A Call for Harmonisation and Strategic Vision
Throughout the discussion, speakers repeatedly emphasised the need to avoid regulatory fragmentation across Member States, which could deter investment and increase compliance burdens — especially for startups and SMEs.
Ricard concluded with a call for startup-friendly policies in the final EUCS framework, advocating for an approach that ensures cybersecurity without creating unnecessary barriers to scale. Corry and Rilliard echoed the call for a balanced, transparent, and inclusive approach, one that recognises the value of global innovation in strengthening Europe’s digital sovereignty and competitiveness.
As Dr. Bauer summarised: “Avoiding fragmentation, avoiding discrimination, and engaging in stocktaking are essential for moving ahead.”
With so much at stake, the EU’s approach to cloud cybersecurity will play a defining role in shaping the future of its digital economy. Transparent, non-discriminatory, and innovation-friendly policies will be essential to ensure Europe remains competitive in a rapidly evolving global tech landscape.
Startup Innovation
in Action
Join the conversation where policy meets innovation. Allied for Startups brings together entrepreneurs, policymakers, and industry leaders to tackle the biggest challenges and opportunities facing startups today.
Stay Informed
Stay Ahead
Discover how we change the game. Our news and publications offer an inside look at the policy work driving innovation and change in the startup ecosystem.