Cloud was never meant to be political. It entered the enterprise as a promise of agility, then became a lever for cost efficiency. Today, it raises a more uncomfortable question: who is actually in control?

For Belgian CIOs, this is no longer abstract. Every architectural decision now sits within a wider context shaped by regulation, jurisdiction, and shifting external pressures. The uncomfortable truth is that your infrastructure not only reflects your strategy. It also reflects the constraints and interests of those who provide it.

What starts as a partnership can quietly turn into an entanglement.

The sovereignty issue rarely arises as a crisis. It appears as a persistent doubt. What if regulation forces you to redesign your data landscape? What if access to key services becomes uncertain? What if your vendor increases prices at the exact moment you are least able to move?

These are not edge cases. They are the predictable outcome of deep dependency.

At that point, the conversation changes. It is no longer about innovation or performance, but about leverage. If exit is not realistic, control is already reduced.

This is where many organisations are exposed. Strategic sourcing is still treated as a commercial discipline, while it has become a structural one. The real objective is not to negotiate better terms, but to ensure that negotiation remains possible at all.

A sovereign CIO designs for reversibility.

That requires a more critical look at the past decade. Consolidation brought efficiency, but also concentration risk. Platform dominance accelerated delivery while reducing freedom of action. What looked like optimisation has, in many cases, created dependency by design.

Sovereignty is not about stepping away from global providers. It is about ensuring that no single dependency can dictate your options. In practice, that means designing for optionality in an environment that naturally removes it.

It also changes what a partner should be. A credible partner reduces exposure. They enable portability and flexibility. If they do not, they are reinforcing the very risk you are trying to manage.

The European direction, evident in frameworks such as the EU AI Act, points to greater control and accountability. But regulation will not resolve structural dependency. That can only be addressed in the architecture itself.

The real question is whether we are acting on this with enough clarity.

We will explore these questions at The Sovereignty Play on 23 June at Quartier Papier in Zaventem, focusing on practical ways to retain control in an environment that steadily erodes it.

Because, in the end, the issue is simple: control is either built in or lost over time.