German Companies Struggle with Digital Sovereignty and Access Control Security
German companies face major hurdles in digital sovereignty and cybersecurity, with few having strategies and most lacking robust access controls, risking their competitiveness and security.
- • 92% of German companies consider digital sovereignty important, but only 21% have a strategy.
- • Over 60% of companies rely on non-European providers for key digital technologies.
- • Only one-third of companies use Zero Trust Network Access for remote employees.
- • 45% of companies lack transparency over shadow IT, increasing security risks.
Key details
A recent study highlights significant challenges German companies face in achieving digital sovereignty amidst mounting cybersecurity risks. While 92% of businesses acknowledge the importance of digital sovereignty, only 21% have developed a concrete strategy, according to the "Index Digitale Souveränität" by Adesso and the Handelsblatt Research Institute. Despite a general perception of being well-equipped, over 60% of these companies rely heavily on non-European providers for crucial technologies like cloud services, software, and AI.
The study found the average maturity level of digital sovereignty at 65.8%, with smaller companies faring slightly better. Though 80% of companies are willing to pay about 17% more for sovereign digital solutions, only 25% have corporate board-level responsibility for digital sovereignty, and just 13% have incorporated it into their overarching corporate strategy. Firms aim for a balanced sovereignty level of 77.8%, emphasizing self-determination and resilience without isolation (Source: 99696).
Compounding these challenges is a lack of robust access controls critical to cybersecurity. Ivanti’s recent report reveals that most companies lack adequate protection, with only one-third utilizing Zero Trust Network Access for remote employees. Although 79% of IT experts recognize the need for strong access controls, only 30% actively employ Privileged Access Management. Furthermore, 75% of IT staff use their own devices, but slightly over half of companies permit this, while 45% have no transparency on shadow IT activities. This creates blind spots and unmanaged edge devices, which pose serious vulnerabilities—two out of five edge devices remain unmonitored (Source: 99695).
Together, these findings underscore that despite an awareness of digital sovereignty’s importance, German companies are still struggling with both strategic adoption and the practical security measures needed to safeguard their digital infrastructure effectively.