From technical detail to strategic priority
Geopolitical tensions, stricter regulations, GDPR, NIS2, AI Act, and the rapid rise of AI are making data sovereignty more urgent than ever. Yet many organizations still treat it as an IT matter. A mistake, says Nordi.
It’s not about bits and bytes, but it’s about the business question. What are your organizational goals? Which data is critical to your continuity? What risks are you willing to take, and which are you not?
Dependence on large cloud platforms continues to grow, while the rules of the game are changing faster than ever. What happened with VMware and Broadcom’s licensing models shows how vulnerable that position can be. Organizations that don’t know where their critical data is stored or which legislation applies to it don’t have a technical problem, but they have a strategic one.
Freedom of choice as a competitive advantage
At its core, data sovereignty is about control and freedom of choice. Can your organization move its data if you’re no longer satisfied with a vendor? Do you know which jurisdiction your data storage falls under?
For organizations in the mid-market and corporate segment without a fully staffed internal CIO, CISO, DPO, and/or security team, the challenge is even greater. These organizations are often in the middle of their digital transformation and are the most impacted by the decisions they make today.
A hybrid approach as the starting point
Full data sovereignty is not a realistic goal for most organizations. But making deliberate choices per type of data is. Privacy-sensitive information and business-critical processes should be kept local or in a sovereign cloud. For less sensitive workloads, hyperscalers offer scalability that you don’t need to build yourself.
Databalance follows a vendor-agnostic approach: providing guidance based on business needs, not on a specific brand or platform.
Data sovereignty is not a project with an end date. It is a way of thinking that your organization needs to adopt, just as you don’t manage your finances or security just once.
AI Exponentially Increases the urgency
AI dramatically amplifies the importance of sound data management. Poor input leads to poor output, and therefore to poor decisions. Nordi compares the current AI wave to the breakthrough of the internet: generic technology that impacts every industry, but one where we are still in an early stage.
A concrete example: at a client with three hundred employees, half of whom were external contractors, temporary staff turned out to have access to sensitive information. With tools like Microsoft Copilot, that risk grows because employees can find data more easily. Basic classification was missing, let alone a policy.
Things will go wrong. The question is not if, but how you ensure that AI becomes an opportunity rather than a problem. And that starts with the data, not the tool.
Start now, even if you start small
A complete transformation in a single move is not realistic. But postponing it ultimately costs more: in continuity, competitiveness, and trust.
Start by mapping what you have. Maybe you’re only going thirty kilometers per hour at first. But you’re moving, and that’s all that matters.
Read the full interview with Nordi Malih in the FD, April 3, 2026 edition – part of the AI & Data Sovereignty special, page 12. View the digital edition here.