Omdia, an independent analyst and consultancy firm, recently published a comprehensive market radar paper focusing on the sovereign cloud market and how cloud service providers (CSPs) have adapted to this emerging trend.
The 2025 IT Enterprise Insights study conducted by Omdia analyzed the top five Western public cloud providers – AWS, Azure, Google, IBM, and Oracle – and revealed that they collectively control 86% of the cloud market. These providers have a presence in 33 countries as of 2024, with North America hosting 347 data centers, Europe 194, and China only three. Despite the availability of cloud services globally, the report highlights that the infrastructure remains predominantly regional.
Omdia’s research indicates a rise in new formats such as edge cloud and sovereign cloud, as well as an increased emphasis on environmental sustainability. This shift is expected to attract more players to enter the market in the coming years.
As China-based CSPs expand globally, CSPs worldwide are anticipated to face mounting pressure. The market has evolved significantly, with CSPs diversifying their offerings to accommodate operational autonomy, data residency, and resiliency requirements.
According to Omdia, the European Union (EU) leads in data protection and sovereign cloud initiatives, including the General Data Protection Regulation (GDPR) and Gaia-X. Other regions like the Middle East are also beginning to develop similar regulations, with initiatives such as the Saudi Vision 2030 paving the way. The Middle East has seen the establishment of 60 new data centers, signaling the region’s growing local infrastructure.
The proliferation of artificial intelligence (AI) has prompted countries to consider “sovereign AI,” which involves developing and running AI systems within national borders to maintain local control over data. This poses challenges for CSPs that lack local facilities, potentially causing them to lose business to locally-based data centers.
Looking ahead to 2026/27, Omdia anticipates significant advancements in AI development, with the concept of “sovereign generated data” gaining traction. Organizations will need to safeguard this AI-generated data, treating it with the same level of protection as original datasets. This evolution raises complex questions about digital ownership in the AI era.
Omdia has outlined recommendations for enterprises, service providers, and technology vendors based on its sovereign cloud model. Enterprises are advised to identify the parts of their business and data subject to local regulations and develop an architectural approach to implement sovereign cloud capabilities in their IT systems. Service providers are encouraged to form partnerships with local organizations to obtain official approval from national governments to deliver sovereign cloud solutions. Technology vendors should investigate the requirements for meeting local sovereignty regulations and consider modularizing applications to comply with local rules.
Omdia has introduced a six-level sovereign cloud model to assess the degree of sovereignty in a cloud deployment, reflecting increasing levels of control and compliance necessary. This model addresses data residency, data processing, data privacy, generated data access and control, cloud resiliency, and treating the cloud as critical infrastructure.
In response to the growing demand for sovereign cloud services, CSPs have adopted two main approaches. The first approach involves full isolation with region-specific offerings, where CSPs create separate, isolated cloud environments in a country or region to meet stringent compliance needs. The second approach entails a partnership model, where local service providers or national telecom companies operate cloud services on behalf of global CSPs, facilitating localized compliance and data jurisdiction.
Overall, CSPs are evolving to tailor their cloud solutions to comply with specific regional regulations, as one-size-fits-all approaches are no longer viable. Omdia emphasizes that the optimal approach for sovereign cloud services depends on individual customer needs.
To delve deeper into cybersecurity and cloud technology, consider attending the Cyber Security & Cloud Expo, a series of industry-leading events held in Amsterdam, California, and London. Stay informed about upcoming enterprise technology events and webinars by visiting TechForge’s event page.
