Tag: EU

Posted on

What is Cisco’s Sovereign Critical Infrastructure?

Cisco yesterday announced what they referred to as a “significant milestone” in Europe’s journey toward digital sovereignty.

Their Sovereign Critical Infrastructure portfolio is a comprehensive, air-gapped solution designed to give European organisations full control over their digital environments – from infrastructure, through collaboration, through to data.

This will be available from the end of this month (September 2025).

Why Sovereignty Matters?

The concept of digital sovereignty is not new, but its urgency has accelerated due to the increasing geopolitical tensions, evolving compliance frameworks, and the rise of AI-powered infrastructure. Some organisations across Europe – ranging from governments to banks and healthcare providers are looking for more ways to obtain better more autonomy and control over all or aspects of their IT environments, expecially in fields such as research and development or for high wealth clients etc.

You may recall, Microsoft announced their Sovereign Cloud offering for Microsoft 365 and Azure “local” earlier this year.

The technology will enable organisations to formally meet compliance requirements by delivering solutions aligned with key foundational, EU and country certifications and standards and ultimately achieving the new European Union Cybersecurity Certification (EUCC).

Is this just on-prem Data Centers?

Yes… but no. Cisco’s new offering is not just about hosting data and compute services locally; it’s about owning the infrastructure, managing encryption, and ensuring operational resilience without external dependencies. The other important aspect is the infrastructure is managed in the same fluid ways that cloud infrastructure is managed rather than the trabdiotnal ways of managing and patching applications and updates that were familiar in on premises environments.

It will enable organisations to deploy hybrid or on premises solutions aligned with key foundational, EU and country certifications and standards and ultimately achieving the new European Union Cybersecurity Certification (EUCC).

What does Cisco’s  Sovereign Infrastructure include?

This infrastructure portfolio includes:

  • Configurable and Air-Gapped: Customers will be able to deploy the infrastructure on-premises, with full control over licensing and encryption. Cisco cannot remotely disable or update products — a major shift in trust and control.
  • Compliance-Ready: The portfolio aligns with EU and country-specific certifications, including IPv6-readiness, Common Criteria, and a roadmap toward the EU Cybersecurity Certification (EUCC).
  • Broad Coverage: It will span routing, switching, wireless, collaboration, and select endpoint devices. It will be enhanced by Cisco and Splunk’s end to end security and observability solutions.

Strategic Business Enablement

What is important to take away here is that this is not just a new product announcement. For many EU organisations it will be seen as a niche buisness enabler.

For organisations needing or wanting to  navigate true hybrid environments, address increasing regulatory pressures, and manage AI adoption, model training and AI R&D for closed systems, Cisco’s Sovereign Critical Infrastructure offers a flexible foundation for building secure, compliant, and future-ready AI and digital estates.

IDC’s commentary on this shares that they are seeing huge increases in spend (across KEY European counties) on on-premises DC infrastructure which is reinforces this shift. They say that on-prem IT is now commanding the majority of IT budgets across parts of Europe despite the overall continual rise of hybrid and cloud services models.

On-prem IT still requires connectivity. Here the importance of network sovereignty cannot be underestimated, especially for organizations responsible for critical national infrastructure. Operational resilience is key for these organizations, who seek the extra controls, protections, and autonomy that genuine digital sovereignty solutions can bring. This is especially true when it comes to network sovereignty—a challenge that few network infrastructure providers thus far have been able to address.” | IDC

Sovereignty, especially in networking, in these scenarios is essential.

Closing thoughts

Cisco’s goal is to better enable European organisations to build infrastructure that uniquely aligned to their needs whether that is hybrid cloud or descretely on-premises. The platform promises not only secure and compliant infrastructure services but also benefits from modern management, resilient and autonomous operations which is a critical capability in the AI and digitial transformation era.

More reading and source: https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m09/cisco-announces-sovereign-critical-infrastructure-portfolio.html

Posted on

Understanding the EU AI Act and Microsoft’s Commitment to Compliance..

TL:DR

The EU AI Act, effective from August 2024, regulates AI systems within theEU, categorizing them into prohibited, high-risk, and limited or minimal risk. Microsoft is committed to compliance through tools like Purview Compliance Manager, continuous monitoring, data privacy measures, bias mitigation, and transparency initiatives.

Understanding the EU AI Act

The EU AI Act, effective from August 2024, is a comprehensive regulation designed to govern the development, deployment, and use of AI systems within the European Union. It categorises AI systems into three risk levels: prohibited, high-risk, and limited or minimal risk.

  • Prohibited AI Systems: These are AI applications that pose unacceptable risks, such as those that manipulate human behavior or exploit vulnerabilities of specific groups. Organisations must decommission such systems by February 2025.
  • High-Risk AI Systems: These include applications used in biometric identification, critical infrastructure, education, and law enforcement. High-risk systems are permitted but must undergo stringent compliance checks, including conformity assessments by accredited third parties or through self-assessment.
  • Limited or Minimal Risk AI Systems: These cover applications like chatbots and AI-generated content, which are generally permitted but require transparency and informed consent from users.

Key Challenges in AI Compliance

Organisations will likely face several challenges in navigating AI compliance:

  • Ensuring Continuous Compliance: AI regulations are dynamic, and organisations must continuously update their systems to remain compliant. This involves tracking regulatory changes and implementing necessary updates promptly.
  • Managing Data and Privacy: AI systems often process vast amounts of data, including sensitive information. Ensuring that AI applications do not inadvertently access or misuse sensitive data is a significant concern.
  • Addressing Bias and Inaccuracy: AI systems must be trained on diverse and representative data sets to avoid biases. Inaccurate or biased AI outputs can lead to ethical and legal issues.
  • Maintaining Transparency: Organisations must ensure that their AI systems operate transparently, providing clear information on how data is used and decisions are made.

Microsoft’s Commitment to AI Compliance

Microsoft is at the forefront of ensuring AI compliance and ethical use. Here are some key initiatives and tools that demonstrate Microsoft’s commitment:

  • Purview Compliance Manager: Part of the Microsoft Purview family, this tool helps organizations manage compliance with various regulations, including the EU AI Act. It offers templates for different regulatory requirements, enabling organizations to streamline their compliance processes.
  • Continuous Monitoring and Updates: Microsoft ensures that its AI applications, such as Microsoft 365 Copilot, are continuously monitored and updated to comply with evolving regulations. This proactive approach helps organisations stay ahead of compliance requirements.
  • Data Privacy and Security: Microsoft emphasizes robust data privacy and security measures. AI applications are designed to prevent unauthorised access to sensitive data, and tools like Data Loss Prevention (DLP) policies help safeguard information.
  • Bias Mitigation: Microsoft is committed to reducing bias in AI systems. By using diverse data sets and implementing rigorous testing protocols, Microsoft aims to ensure that its AI applications provide fair and accurate results.
  • Transparency and Accountability: Microsoft promotes transparency in AI operations. Users are informed about how their data is used, and AI systems are designed to provide clear explanations for their decisions.

Conclusion

The EU AI Act represents a significant step towards ensuring the ethical and responsible use of AI. As organisations navigate this complex regulatory landscape, Microsoft’s tools and initiatives provide valuable support in achieving compliance. By prioritising continuous monitoring, data privacy, bias mitigation, and transparency, Microsoft is helping organisations harness the power of AI while adhering to the highest standards of ethical conduct.

What organisations can do

As we move forward in this AI-driven future, it’s crucial for every organisation large and small, private and public to stay informed and proactive about regulatory compliance in this space.

If you are invested in Microsoft Technology, be that Microsoft 365 or Azure, ensure to further explore Microsoft’s extensive and comprehensive suite of tools and resources to ensure your organisation and AI connected systems are not only compliant but also ethical and transparent.

1. You can check out Microsoft AI Compliance Hub

2. Check out their YouTube video https://youtu.be/briI9LdiZuc

3. Speak to your Microsoft Partner.

Proudly powered by WordPress