Europe's digital future between control and data sovereignty: Cisco CEO's recipe

Greater control over technological infrastructures and critical data: this is one of the dogmas of governments and organisations and it is, in various respects, especially so for companies in the Old Continent, grappling with the pervasive spread of artificial intelligence and the necessary steps to be taken to comply with the regulatory stakes imposed by the AI Act, with the ever-present need to reinforce digital security levels and to create the conditions for realising the project of a sovereign cloud. Europe's digital sovereignty is a strong theme that has long been circled in red on the agendas of EU bodies and big companies with respect to a convergent thinking towards the creation of secure and reliable foundations to win the bet (present and future) of a society and an economy increasingly linked to the capabilities made available by AI. It should come as no surprise, then, that two giants of the global tech scene such as Amazon Web Services and SAP announced in recent hours an extension of their partnership to make the solutions contained in the German company's Sovereign Cloud platform available on the new independent infrastructure (called European Sovereign Cloud and ready to debut with its first Region in Germany, in Brandenburg, by the end of 2025) of the North American company, backed by a multi-year investment of 7.8 billion euros.

Responding to the digital sovereignty needs of European companies is a common goal of all major vendors, and a player that has been active in this market for over 35 years, such as Cisco, is certainly no exception. Cisco has announced a new package of hardware and software solutions specifically designed to support governments, public sector organisations, critical infrastructure providers and companies active in highly regulated sectors (such as banking, healthcare and manufacturing) in this delicate transition with secure data management as a dogma.

The Californian networking giant's approach to the control of digital infrastructures has for years contemplated the combined use of on-premise technologies (installed inside companies' systems) and solutions delivered 'as a service' (in the cloud), and is now being expanded precisely to be more responsive to the changes imposed by the advancement of artificial intelligence. The fact that the launch of the Sovereign Critical Infrastructure is an important step for Cisco is also confirmed by the fact that the company's CEO Chuck Robbins, Chief Product Officer Jeetu Patel, and EMEA President Gordon Thomson all spoke at the same time to present it to the media (Il Sole24ore was the only Italian publication invited to the virtual round table). The latter explained the rationale behind the announcement, explaining how this advanced infrastructure idea responds to three key areas of sovereignty that are at the top of the list of demands from corporate customers. The first concerns the control of data, which will be completely the prerogative of customers: all the products contained in the Sovereign Critical Infrastructure (routers, switches, wireless devices, endpoint devices, collaboration tools, and proprietary and partner Splunk security solutions) are in fact 'air-gapped' on premise, i.e. both 'isolated' and operating off-line, totally manageable by the company that deploys them in its own physical environments and without Cisco being able to disable them remotely in any way. The second is closely linked to the first and reflects the need for possible (non-European) interference in the management, control and use of user companies' data and networks. The third, on the other hand, reflects the need to maximise the competitive advantage promised by AI infrastructures, without compromising data security in any way and ensuring that the data used for training artificial intelligence models remain under the total control of the client. Finally, there is a further prerogative of the Sovereign Critical Infrastructure portfolio, and that is compatibility with certifications such as Common Criteria and IPv6, and (this is the roadmap) with the parameters defined within the European Union Cybersecurity Certification (EUCC).

Chuck Robbins opened the table with the European media by emphasising the importance of this region for his company and recalling the substantial investments made in the Old Continent, including in training. But what is the CEO's view on the hypothesis, aired by some experts, that the big US technology suppliers cannot really contribute to European digital sovereignty without creating dependency? To our precise question, the number one of the Californian company dismissed the 'accusations' as it were, pointing out that Cisco's work in Europe is far from being an approach that could generate 'lock-ins' or constraints that could lead to serious consequences for companies. "We have a long history of working in Europe and around the world," the manager explained, "and we have always operated as reliable partners in all the countries in which we serve our customers, and this has always been a core belief for us. A lot of the technology that will be provided to European businesses and governments in the future will be US-based, and I think that is why it is extremely important for them to make sure they choose partners they trust and with whom they have built a history. We have never operated under the assumption of creating dependency or even an inability to switch to one of our competitors, should a customer wish to do so'. The CEO's clear (and also absolutely understandable) stance is actually reflected in the announcement of a portfolio of solutions based on 'air gap' licences that, unlike the sovereign infrastructure offerings proposed by other vendors, is not limited to individual products or to a specific corporate environment, but concerns the entire catalogue of Cisco solutions, from data centre equipment to networking equipment for branch offices, from collaboration applications (eventually the entire Webex suite) to cybersecurity applications. And all these products, Thomson confirmed in this regard, will be brought to companies by channel operators with the necessary skills (only a few large customers purchase directly from Cisco) and will benefit from regular updates not in the cloud but directly in the customer's local network, without any external connection.