Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- SUSE shifts course to digital sovereignty for all.
- The approach focuses on partners, products, and services.
- This strategic shift includes the Linux desktop.
At SUSECON 2026, it was obvious that European Linux powerhouse SUSE had found its new north star. The company isn’t just talking about digital sovereignty to please its European Union (EU) customers and regulators. No, it’s rebuilding its Linux, Kubernetes, and AI story around the idea that sovereignty is now the only practical route to choice and resilience in enterprise IT globally.
The reason? It’s what customers around the world, wary of centralized, proprietary, and US-centric tech services and hyperclouds, want. SUSE research revealed at the company’s annual trade show in Prague, Czech Republic, that among IT leaders worldwide, 98% prioritize digital sovereignty. Of those, just over half (52%) are already taking steps to achieve freedom from US-based hypercloud providers such as Microsoft and Google.
Also: How digitally sovereign is your organization? This Red Hat tool can tell you in minutes
SUSE is trying to turn digital sovereignty into an operating model. What does that approach mean? Frank Feldmann, SUSE’s chief strategy officer, explained, when you strip away the policy talk, it’s “how quickly you can detach from a vendor or platform that no longer fits, and how easily you can move to the next one.” That adaptability is important when you can’t trust proprietary companies governed by countries that don’t respect your rights to act in your or your customers’ best interests.
This isn’t a theoretical problem; it’s real and serious. According to SUSE, 51% of executives say they have already suffered a breach by a foreign entity. SUSE wants to help you find the “exit velocity and pivot ability” you need to react almost as fast as “a politician signs an executive order” to protect your data and services.
Also: Built for a hostile internet: Canonical VP of Engineering on Ubuntu 26.04 LTS
Feldmann also sees a classic execution gap between executives and implementers. “People at an executive level… understand they need to change. But if you then would ask a DevOps engineer or platform engineer, ‘Is there stuff happening already?’ the answer very often is still ‘no, not yet’… We’re articulating frameworks… but the real move is still a little left behind.” That gap, between strategy decks and kubectl, is where SUSE thinks it can make money.
Code‑level control
SUSE’s answer doesn’t start with a glossy “sovereign cloud” marketing slide. It starts with engineering.
In an interview, Miguel Pérez Colino, who oversees SUSE’s Linux strategy, made the connection between SUSE’s build processes, European legal frameworks, and digital sovereignty explicit.
“We have a completely open mechanism for building everything,” he said. “Companies want to be in control, and they don’t want anyone messing with them. What is the guarantee? SUSE is completely open source — the build, the test bits, everything. What is the warranty? Being able to reproduce what you’re doing. So reproducible builds are key for us.”
Today, SUSE has quietly pushed reproducible builds past 97%, and Pérez Colino added that they will soon be at 100%. The point is that customers can, in principle, rebuild and verify the binaries they run rather than trusting a black box binary.
Also: France is ditching Windows for digital sovereignty – and its new Linux stack is taking shape
From there, he walked straight into politics. “The European laws guarantee that your privacy is kept… So we’re saying that being European guarantees sovereignty. It’s not for sovereignty for Europe, it’s for sovereignty everywhere, because the legal framework where we work enables us to do it.”
That’s SUSE’s message: open source gives you code‑level control, while European jurisdiction constrains what SUSE and its European-based partners can do with your data and systems. To move beyond rhetoric, SUSE is rolling out a set of tools and offerings designed to make sovereignty measurable and actionable.
That approach starts with SUSE’s Cloud Sovereignty Framework Self‑Assessment. This structured survey, aligned with the EU Cloud Sovereignty Framework, enables you to achieve a Sovereignty Effective Assurance Level (SEAL) score (from 0 to 4) across eight objectives. This gives CIOs and CISOs a number they can take to the board, regulators, and procurement officers to demonstrate progress or risk.
Underneath that assessment sits SUSE Linux Enterprise 16 (SLES 16), which SUSE CEO Dirk Peter van Leeuwen cast as more than just another long‑term support release in his keynote. “SLES 16 makes Linux exciting again,” he said. “It’s the first platform of its kind that integrates agentic AI. It’s designed specifically to handle the transformation from virtual machines to containers and from the datacenter to the edge. It’s not just an OS. It’s a platform for adaptation.”
Also: The new rules for AI-assisted code in the Linux kernel: What every dev needs to know
That “platform for adaptation” message is very deliberate. If sovereignty is about exit velocity and pivot ability, SLES 16 is supposed to be the infrastructure layer that never blocks you. Already running a “Red” Linux and don’t want to switch? No problem, SUSE’s Multi‑Linux Support plays the same game from another angle. Customers can keep Red Hat Enterprise Linux (RHEL)- or CentOS‑derived systems running while pointing their updates and support to SUSE instead.
“You have one company, you switch the company, you move to another company for your support,” Pérez Colino said. “This is based on the basics of open source. You have open source, and you provide the service on open source.” In other words, sovereignty also means being able to change who you pay without having to reinstall the world.
Keeping options open
SUSE has also been building out its Sovereign Premium Support, a Europe‑centric support tier aimed at customers with strict jurisdictional and regulatory requirements.
At the sovereignty panel, Arnab Chatterjee, senior infrastructure engineering manager at Nomura, Japan’s largest investment bank, described why that support matters when trying to unwind long‑term dependencies. He compared years of reliance on VMware to carrying “a 500‑pound pet gorilla on your back”, saying his organization needed a partner to move forward: “With SUSE premium services, we found somebody who can walk with us through the journey, advocate for us where there were problems and pitfalls, and be part of our team.”
To scale this kind of work, SUSE is extending its SUSE One Partner Program with a new sovereign specialization. “This provides,” explained Hayley Wienszczak, head of SUSE global partner programs, “a horizontal layer across the whole program, so it will be open to all of our partners to join. This really is about helping our customers by working with and investing in service providers to build a sovereign stack based on SUSE.” In other words, if SUSE can’t provide the specific services you need from its portfolio of programs, its partners likely can instead.
Also: 5 Linux servers that let you ditch the public cloud and reclaim your privacy – for free
The pitch is straightforward: partners build and run SUSE‑based sovereign stacks, SUSE validates the architecture and backs it with its own premium support, and customers get auditable, jurisdiction‑aware environments without having to chase every new update.
Beyond the obvious geopolitical issues that make digital sovereignty a hot topic, AI is throwing gasoline on the digital sovereignty bonfire. In particular. Van Leeuwen said, “Shadow AI is becoming the new shadow IT.” That reality means organizations are approving one vendor’s AI service while staff quietly paste confidential data into another, with security teams struggling to track where models run, how confidential tasks are segregated, and whether employees are ready to manage 47 different agents. AI has become the moment sovereignty stops being a theoretical risk and becomes a daily operational question.
The debate over what, exactly, sovereignty covers is still very much alive. Marc O’Regan, Dell EMEA CTO, argued in a panel for a full‑stack view, warning that patterns extracted by AI can be more sensitive than raw data. “Data is only data. It becomes valuable when it becomes information… The exposure of the patterns associated with that information is massively risky,” he said, pointing to AI and even post‑quantum cryptography as new sovereignty battlegrounds.
Also: I wanted to self-host without paying, and this user-friendly server OS delivered
Mattias Åström, CEO of evroc, a Stockholm-based company building a sovereign European cloud and a SUSE partner, pushed back on the same panel with a blunt litmus test: “Does the foreign state have a kill switch? Can the foreign state see your data? Those are the definitions.”
Whether you prefer the nuanced stack view or the blunt kill‑switch test, SUSE wants to be the vendor that can tick the boxes either way.
SUSE customers, such as Airbus Defense and Space, view sovereignty as a long‑term survival issue. Nichol Reuters, Airbus’s SVP for innovation and technology, stated, “If we’re locked in, we’re not able to scale into the future or fulfill the customer requirements of future adaptations.” This is the customer lens SUSE is trying to align with: sovereignty as the only way to keep options open over decades, not just to pass this year’s audit.
Operationalizing sovereignty
In short, SUSE wants to be your foundation for digital sovereignty. But it’s not just infrastructure. On the desktop, Pérez Colino is pushing SUSE Linux Enterprise 16 with a Workstation extension as a sovereign Linux desktop/workstation, especially for European public-sector migrations away from proprietary operating systems.
Here, SUSE is separating the operating system from applications. SUSE relies on upstream kernels for hardware support and leans on Flatpak and Flathub for third-party desktop apps. That approach enables SUSE to focus on delivering a hardened, reproducible base, while partners and the broader ecosystem handle most user‑space software.
Also: Why even a US tech giant is launching ‘sovereign support’ for Europe now
Pérez Colino said: “If you want to set a desktop that is protecting you, that is completely open, that you can audit, that you can control, that you can customize, and that, on top of that, is built in a place where the laws are protecting you, we are providing [it]… with [the] same bits we provide with the server, so it’s resilient, built high‑quality, reliable, trustable.”
SUSE has always sold itself as the open, independent alternative in enterprise Linux and, more recently, Kubernetes. What’s new is how far it’s willing to stretch that story into law, geopolitics, AI, and long‑term escape planning.
Between reproducible builds, multi‑Linux support, EU‑centric premium support, partner specializations, and sovereign AI factories, SUSE now has enough concrete pieces to argue that it’s not just talking about sovereignty, it’s operationalizing it. The strategy is not as simple as a single product. SUSE’s combination of products, partnerships, and services can keep your company safe during uncertain times.
If SUSE can demonstrate that its approach really does increase exit velocity and pivot ability, enabling customers to change course quickly without losing control of their data, models, and infrastructure, while increasing resilience, it won’t just have a new marketing slogan. It will have carved out a defensible niche as the open‑source backbone for sovereign IT, especially in Europe’s public sector and regulated industries.
I’ve been following SUSE since they were founded in 1992. I think they can deliver the digital sovereignty goods.