New research reveals while nearly all enterprises (98%) are prioritizing digital sovereignty, just over half (52%) are actively taking steps to achieve it. This highlights a growing gap between ambition and execution, according to SUSE.
This is based on insights from 309 IT leaders across France, Germany, India, Japan and the United States. They were surveyed independently and were not aware SUSE sponsored the research.
“Organizations are often forced to choose between accelerating AI and maintaining digital sovereignty, but it’s a false tradeoff,” said Margaret Dawson, chief marketing officer at SUSE.
“Sovereign AI makes it possible to achieve both, embedding control, compliance and innovation into the same foundation,” said Dawson.
While digital sovereignty is widely recognized as essential to AI, many organizations remain early in their journey. The race to adopt AI reveals a clear tension between priority and readiness.
Three-fifths (62%) of respondents in India say digital sovereignty is a genuine strategic priority they are actively investing, followed by 57% in both Germany and Japan, 52% in the US and 39% in France.
In terms of determining vendors, 45% included sovereignty in recent RFPs and 42% ultimately selected vendors based on it.
Also, 41% say they only act on sovereignty when required by customers or regulation, suggesting external pressure remains the primary catalyst.
AI is emerging as both the catalyst for digital resilience and a source of increased complexity, forcing organizations to rethink control over data, models and infrastructure.
Among IT leaders, 64% say AI transparency — control over model training and AI provenance — will be the top driver of digital resilience in the next five years.
Even with an unexpected 20% budget increase, organizations overwhelmingly prioritize AI over sovereignty — signaling that pressure to adopt AI may be outpacing efforts to manage the risks it introduces.
While definitions of digital resilience vary, organizations are converging around a core principle: control.
According to SUSE, resilience is no longer just about protection, but about maintaining control in increasingly complex, AI-driven environments.
Top priorities for achieving resilience include cybersecurity and threat detection (63%) and multi-cloud or hybrid diversification (52%).
Continuous monitoring (44%) and backup and recovery (45%) also rank as critical components of resilience strategies.
Adoption and attitudes toward digital resilience vary by region, with some markets moving faster from strategy to execution.
In the US, 61% of respondents are optimistic about digital resilience and 41% already have a formal digital sovereignty strategy in place.
Meanwhile, more mature regulatory environments like Germany and Japan show different prioritization patterns, reflecting varying stages of adoption.
Enterprises continue to rely heavily on hyperscalers, even as sovereignty concerns grow.
Among respondents, 65% say hyperscalers are relevant for supporting sovereign workloads.
This creates a balancing act between the scale and convenience of global providers and the need for jurisdictional control, driving demand for open, interoperable solutions and regional ecosystems, according to SUSE.
