DT, Palo Alto pitch sovereign cloud cybersecurity, Security

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points. Deutsche Telekom, one of the most vocal supporters of European digital sovereignty, has teamed up with Santa Clara, California-based Palo Alto Networks to develop a cybersecurity solution for European enterprises and public sector users that boasts “data sovereignty controls”.

The product – Sovereign Cortex with T Security – will bring the cybersecurity specialist’s AI-enabled Cortex SecOps system to Deutsche Telekom’s cloud platform, with the promise that users in “Europe’s most regulated industries,” such as healthcare, the public sector, financial services and critical national infrastructure, can secure their operations and workflows thanks to “data sovereignty controls independently governed by Deutsche Telekom”. The telco noted in this announcement (in German) that “encryption is fully controlled by Deutsche Telekom, which uses Google Cloud’s External Key Manager. Deutsche Telekom holds and manages the key encryption key (KEK) outside of Palo Alto Networks and Google, retaining sole authority over data access.”

The service will be available from the third quarter of this year.

Companies operating in the European Union are required to comply with a growing list of sovereign regulations linked to the region’s directives such as GDPR, NIS2 (the latest Network and Information Systems directive) and DORA (Digital Operational Resilience Act). “These requirements demand demonstrable controls that go beyond data residency: Control over who can access data, how it is encrypted, how provider access is audited, and how it is handled in support operations,” noted Palo Alto Networks in this announcement.

DT and its cybersecurity partner believe Sovereign Cortex with T Security “addresses these requirements and enables Europe’s most regulated organisations to adopt cloud-delivered security without sovereignty compromises” by adding multiple levels of control above and beyond data residency, including the provision of customer and systems (telemetry) data, encryption keys and independently audited access logs. “Furthermore, all support personnel are based exclusively in Europe, and all contractual agreements are governed by European law,” added noted Palo Alto Networks.

Thomas Tschersich, chief security officer (CSO) at Deutsche Telekom and CEO of Deutsche Telekom Security, stated: “Our joint offering is currently unique in Europe at this level of quality. We meet the compliance requirements of NIS2, DORA, and KRITIS [Germany’s Umbrella Act for Critical Infrastructure Protection] with respect to data sovereignty without asking our customers to compromise on the effectiveness of their cyber defence.”

Helmut Reisinger, CEO of EMEA at Palo Alto Networks, added: “European organisations – from public authorities to critical infrastructure operators – have been clear with us: They need real time AI-driven security and they need verifiable data sovereignty controls, and they should not have to choose between them. This is our direct response to what customers and regulators across Europe have been asking for – a service that honours Europe’s sovereignty, maintains the security effectiveness and modular platformisation our customers depend on, and reflects the trust they place in us.”

For more insights into digital sovereignty developments, check out these free-to-download reports, available from TelecomTV – Digital Sovereignty: What It Means for Telcos and Unthinkable Lab Report: The Telecoms Sovereignty Gap – How to Bridge it.

– Ray Le Maistre, Editorial Director, TelecomTV