Data Sovereignty HENSOLDT Migrates to SAP Cloud Infrastructure Amid Push for Digital Sovereignty

With its decision to adopt SAP’s cloud infrastructure operated within Germany, defence electronics manufacturer HENSOLDT is the latest company in a sensitive industry to seek greater data sovereignty. But what does this shift actually mean for defence-sector IT, and how sovereign can "sovereign cloud" solutions be?

Digital transformation in the defence sector has long been shaped by a structural tension: while modern cloud environments promise scalability, cost-efficiency and integration potential, they often fall short of the strict regulatory and sovereignty requirements imposed by national and European frameworks. HENSOLDT’s recent move to adopt SAP’s sovereign cloud infrastructure—operated entirely within SAP-owned data centres in Germany—signals a pragmatic attempt to resolve this tension.

The solution in use is hosted in-country and, according to SAP, aligned with the most stringent German and EU requirements in areas such as data governance, IT security and operational transparency. These factors are particularly relevant for companies like HENSOLDT, which process defence-related information and operate in a highly regulated environment.

Crucially, HENSOLDT’s deployment will initially be limited to non-classified data—a distinction that reflects both regulatory caution and technical pragmatism. Operating in this "grey zone" allows the company to validate the infrastructure in practice before extending its use to more sensitive domains. At the same time, the scope of certifications and oversight mechanisms—such as whether the infrastructure meets BSI C5 or comparable standards—has not been made public.

What is clear is that the cloud migration forms part of a broader trend in Europe to reduce technological dependency on foreign hyperscalers and regain control over critical digital infrastructure. Unlike AWS, Microsoft Azure or Google Cloud, SAP is both headquartered and governed under European law, which provides legal and jurisdictional clarity for companies operating in the defence domain. However, even SAP’s solutions remain technologically embedded in global ecosystems—raising the question of how far digital sovereignty can be achieved purely through location-based hosting.

In strategic terms, HENSOLDT is not only modernising its own IT, but also contributing to an emerging industrial standard in secure cloud use. If successful, this controlled migration approach may serve as a blueprint for other medium- and large-scale players in the defence industry who face similar constraints.

The technical details of the platform—such as its tenant architecture, access management, encryption and integration depth—remain undisclosed. What is likely, however, is that the infrastructure will enable greater automation and interoperability with SAP's broader Business Technology Platform in the future. Whether this transition will also influence operational IT systems or remain confined to administrative and development environments is still open.

For the time being, HENSOLDT is framing the move as a clear step towards greater autonomy, resilience and innovation capability. In a statement, CIO André Scheidhammer emphasised that “responsible innovation and digital sovereignty” are not mutually exclusive—and that HENSOLDT intends to play an active role in shaping Germany’s secure digital future.

From a defence-policy perspective, the timing of the announcement is also notable. With geopolitical uncertainty and cybersecurity threats on the rise, European governments have placed renewed emphasis on strategic IT control. Projects like GAIA-X and the push for a European Secure Cloud reflect broader political will—but also underline the complexity of balancing innovation, regulation and industry needs in practice.

The partnership between HENSOLDT and SAP can thus be seen as both a technological pilot and a political signal. Its success—or failure—will likely inform how other actors in sensitive sectors approach sovereign IT infrastructure in the years ahead. (mbf)