In an unstable geopolitical landscape, how can European companies build digital resilience without stalling their acceleration?
On a December morning in 2024, an undersea communications cable between Finland and Estonia went silent. It hadn’t been a storm. It wasn’t a maintenance mishap. The cable, a lifeline for data between two EU nations, had been physically severed. Investigators would later link the incident to deliberate sabotage, underscoring a reality that many European business leaders still underestimate: the physical and political fragility of the infrastructure that underpins our digital lives.
This wasn’t an isolated event. Earlier this year, a Norwegian hydroelectric dam operator fought off a sophisticated cyberattack aimed at its industrial control systems. In both cases, the immediate threat was neutralised. But for days, critical services and businesses were on edge, wondering what might come next.
These stories are more than cautionary tales. They are symptoms of a new baseline: geopolitics and digital infrastructure are now inseparable. We no longer operate in an environment where “instability” is a rare, external shock. It is woven into the everyday operating conditions of European companies, from the smallest manufacturer in Brabant to the largest multinational in Frankfurt. And while these incidents grab headlines, the deeper challenge isn’t just the dramatic act of sabotage; it’s the slow, often invisible shifts in policy, regulation, and alliances that reshape the rules of digital business overnight.
The many faces of instability
Geopolitical instability doesn’t always arrive in the form of a cyberattack or a cut cable. More often, it’s a shifting of the rules, an unexpected barrier, or a reordering of global relationships that forces companies to rethink how they operate.
Hostile acts and direct disruption still grab headlines, from Finland’s undersea cables and the Norwegian dam incident to SolarWinds, which quietly compromised thousands of organisations. But the real risk is in the ripple effect: one breach in the supply chain can hit everyone downstream.
Policy and regulation shocks can be just as disruptive. In 2020, the EU’s Schrems II ruling instantly invalidated the EU–US Privacy Shield, leaving countless companies in legal limbo on data transfers. No hacks, no broken infrastructure. Yet cloud migrations froze and compliance teams scrambled. Today’s Data Act, NIS2 Directive, and Digital Services/Markets Acts carry similar weight, reshaping tech roadmaps whether businesses are ready or not.
Trade and supply chain shifts have made technology a bargaining chip. US semiconductor export controls to China disrupted chip availability worldwide, and Europe’s Huawei ban forced entire 5G rollouts to be redesigned midstream. Economic swings, from inflation spikes to euro–dollar volatility, add another layer of unpredictability, with licensing costs for US-based cloud services sometimes jumping overnight.
Even natural events can carry geopolitical weight. A pandemic can freeze supply chains; heatwaves can throttle data centre capacity. These aren’t political in origin, but their ripple effects cross borders and test resilience.
The government’s mandate vs. the company’s reality
You can’t legislate your way out of geopolitical risk, but you can design your strategy so political shifts don’t stop your business.
“Digital sovereignty” is now a political rally cry in Brussels and The Hague, from GAIA-X to sovereign cloud partnerships, aimed at keeping European data, infrastructure, and standards out of foreign jurisdiction.
But sovereignty is a government project, not a corporate one. A Dutch logistics firm can’t rewrite the US CLOUD Act, and a French retailer can’t dictate Washington’s export policies. What companies can do is prepare for the impact of sovereignty debates. Because when the rules shift, those unprepared pay the highest price.
Schrems II was the warning shot: those with vendor diversity and contractual agility adapted quickly; those without stalled. The lesson is clear, you can’t legislate your way out of geopolitical risk, but you can design your digital strategy so that when political ground moves, operations keep running.
Resilience as an enabler, not a brake
Too often, resilience is misunderstood as building a thicker wall. The instinct is to fortify: lock systems down, minimise change, add more approval layers. The problem? In the digital economy, immobility is fragility. The thicker the wall, the harder it becomes to move when you need to.
True resilience isn’t about rigidity. It’s about fluidity under pressure. It’s the ability to keep delivering, keep innovating, and keep meeting customer expectations when the environment shifts beneath your feet.
We’ve seen this in practice. After Schrems II, one Dutch healthcare provider quietly executed a cross-region migration of sensitive patient data without a minute of downtime. Their secret wasn’t an expensive new tool; it was that they had already invested in a modular architecture and a vendor-agnostic compliance framework.
Resilience done right doesn’t slow acceleration, it removes the friction that would otherwise force you to stop.
Building the digital strategy for a moving world
If volatility is the baseline, then digital strategy must be built for motion. That means designing not just for where you want to go, but for the detours you might be forced to take.
Several principles stand out:
These principles aren’t about slowing down projects in anticipation of risk. They’re about removing the single points of failure that would stop you in your tracks.
Acceleration and resilience are not competing priorities, they’re the same priority seen from different angles. Without resilience, acceleration is brittle. Without acceleration, resilience is stagnation.
Leadership in the age of instability
In this environment, leadership cannot be about maintaining a steady state. The steady state is gone.
Leaders today must normalise change inside their organisations. That means embedding adaptability into culture, not just systems. Teams should expect that tools will change, providers will shift, and processes will be reengineered, and they should see that as progress, not disruption.
It also means balancing opportunity and risk with equal weight. Too much focus on risk and you freeze; too much focus on opportunity and you stumble into avoidable failures. The best leaders are those who view every geopolitical development not just as a threat, but as a prompt to find competitive advantage in the response.
Finally, leadership in this era demands clear-eyed communication. When the rules change, whether it’s due to new sanctions, regulatory rulings, or trade disputes, your teams need to understand not just what is changing, but why, and how the company will respond.
The mandate for European business
The European business environment will not become more predictable in the coming years. The forces at play, from policy rulings like Schrems II, to trade disputes, to acts of physical sabotage, will continue to test our digital foundations.
We cannot legislate our own sovereignty as companies. That is the work of governments. But we can design our digital strategies so that no single policy shift, trade sanction, or geopolitical shock can derail our momentum.
The mandate is clear:
In a world where the ground is always moving, standing still is the fastest way to fall behind.
Digital Acceleration | AI-Enthusiast | Sustainability | BEYONDER | Chief Marketing & ESG
2moGoed artikel Daan!