IBM expands digital sovereignty push with new cloud compliance and visibility platform
IBM launched Cloud Sovereignty Risk Profile, a tool to help enterprises track AI workloads and prove compliance with data regulations across hybrid and multicloud environments. The platform addresses growing concerns over digital sovereignty, with 93% of executives now prioritizing it in business strategy, though many lack visibility into AI system locations and controls.
IBM introduced Cloud Sovereignty Risk Profile, a new platform designed to assist enterprises in demonstrating compliance, operational control, and governance for AI deployments in hybrid and multicloud environments. The tool provides continuous monitoring of cloud workloads, helping organizations verify data protection, regulatory adherence, and operational independence. According to IBM’s Institute for Business Value and the Dubai Future Foundation, 93% of executives now consider digital sovereignty essential to business strategy, yet fewer than one-third know where AI workloads run, and only 18% maintain an up-to-date inventory of AI systems. The Sovereignty Risk Profile integrates with IBM’s Security and Compliance Center Workload Protection platform, offering audit-ready evidence for regulators and stakeholders. It assesses risks related to data residency, encryption, resilience, and operational independence while supporting IBM’s four digital sovereignty principles: provability, prevention, privacy, and portability. Provability ensures enterprises can prove compliance with regulatory requirements, while prevention focuses on encryption and customer control over cryptographic keys using IBM’s Keep Your Own Key technology, certified to FIPS 140-3 Level 4 standards. Privacy emphasizes deployment flexibility, allowing workloads to remain within specific jurisdictions or under local operational control through dedicated multizone regions, single-tenant environments, and partnerships with local operators. Portability relies on open-source technologies like Red Hat OpenShift and Kubernetes, enabling workloads to move seamlessly between public cloud, private cloud, and on-premises environments without vendor lock-in. IBM highlights these features as critical for addressing stricter oversight of data management practices amid scaling AI deployments. The announcement follows IBM’s recent launch of Sovereign Core, a software platform aimed at managing digital sovereignty in enterprise environments. IBM Cloud General Manager Alan Peacock noted that leaders face pressure to demonstrate data locations, system behavior, and authority over critical workloads, yet visibility into these areas remains a challenge. The new tool aims to bridge this gap by providing real-time insights and compliance documentation for organizations navigating complex regulatory landscapes.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.