Cyber Security in the Age of Uncertainty: Digital Sovereignty Between Technology and Geopolitics

Summary

Podcast host Sascha Lobo analyzes the Cyber Security Conference 2026 in Heilbronn and paints a picture of the current security situation in Germany and Europe. At the center is the dilemma between digital sovereignty and dependence on US cutting-edge technology – exemplified by the cooperation between Schwarz-Digits and the US company CrowdStrike. The new world situation with Trump, geopolitical escalation, and AI automation forces a paradigm shift: not autarky, but reduced existential dependency is the goal. Notably, there is widespread optimism among German CEOs and executives – despite real threats.

People

• Sascha Lobo (Podcast Host, Technology Journalist)
• Christian Müller (Co-CIO Schwarz-Digits)
• Rolf Schumann (Co-CIO Schwarz-Digits)
• Claudia Plattner (BSI President)

Topics

• Digital sovereignty and IT security
• CrowdStrike disaster (July 2024)
• AI and cybercrime automation
• Geopolitical threat and cyber warfare
• European independence vs. Silicon Valley

Clarus Lead

Germany and Europe must rethink IT security: not as a departure from US technology, but as reducing existential dependencies through strategic partnerships. The CSC 2026 in Heilbronn revealed a reorientation – Schwarz-Digits is porting the CrowdStrike platform to European cloud infrastructure, thus securing data sovereignty without technological compromise. For companies, the key insight lies in this: average enterprises suffer 5–6 cyberattacks per hour, exponentially more for critical infrastructures. The turning point toward hope: German CEOs recognized that cybersecurity has become a matter of survival – and they want to solve it.

Detailed Summary

Lobo begins with a personal anecdote from 2007/2008, when hackers from the Chaos Computer Club read passwords from unencrypted WLAN traffic live at a Berlin conference. This episode illustrates a timeless truth: raising awareness for security often requires painful insight. At that time, HTTPS was not yet standard; today the threat landscape has grown exponentially.

The new reality: Not state-of-the-art, but process-of-the-art is required – a continuously self-renewing security system without stagnation. The Cyber Security Conference 2026 in Heilbronn showed that executives of major German energy suppliers, telecommunications corporations, and industrial enterprises have elevated cybersecurity to the executive level. The signal: it is no longer about isolated IT problems, but about corporate existence in the digital age.

The cooperation between Schwarz-Digits and CrowdStrike illustrates pragmatic sovereignty: CrowdStrike operates world-leading endpoint protection; Schwarz-Digits ports the solution to Stack-It cloud with European servers and EU data protection. Even if the US CEO were imprisoned, data could not be extorted – a wink at real risks under Trump. The dilemma is solvable: one does not need to choose between US technology and European control, but rather combine both through negotiation.

On the threat landscape: the Indian stock exchange NSE suffers 170 million cyberattacks daily – fully automated, not by individual hackers. The asymmetric rule remains compelling: the attacker can fail a thousand times; the defender must succeed without exception. This requires state-of-the-art not as a luxury, but as a survival condition.

The CrowdStrike disaster on July 19, 2024 reinforces this point: a faulty software update paralyzed millions of Windows systems, locked hospitals, stopped flights worldwide. That this failure had such massive impact paradoxically proves CrowdStrike leadership – the solution had become so widespread and critical that a single error caused global standstill.

The surprise at the conference: despite geopolitical escalation (Iran war, Trump unpredictability, climate crisis), there was cautiously optimistic sentiment among German top executives. They articulated not bunker mentality, but will to shape – "we can manage it" for a prosperous, functioning Europe over the next 15 years.

Key Statements

• Digital sovereignty is not an end in itself, but a means against being subject to extortion by external powers – achievable through strategic negotiation with US providers, not through autarky.

• Cyberattacks are a permanent condition: average enterprises suffer 5–6 attacks per hour; systems must function normally while defending and continuously evolve.

• AI sharpens the security dilemma asymmetrically: it automates attacks (shotgun strategy) but also strengthens defensive capabilities – both sides benefit.

• Attribution is not only technical but political: determining who is behind cyberattacks is not decided only by security experts but by foreign policy makers – a new hybrid governance approach.

• German executives have learned: to understand Trump and geopolitical escalation as a catalyst for genuine digital independence – not as a pessimistic bunker strategy, but as a European future investment.

Critical Questions

1. Evidence/Data Quality: What verified data supports the claim that average enterprises "suffer 5–6 cyberattacks per hour"? Are these verified logs or estimated automations? How does Lobo define "attack" versus automated scanning?

2. Conflicts of Interest: Schwarz-Digits presents the CrowdStrike partnership as a sovereignty solution – is this not also a business strategy for market differentiation? How neutral is the assessment of a solution both partners profit from marketing?

3. Causality/Alternatives: Lobo connects Trump's geopolitical unpredictability with increased CEO attention to cybersecurity. Is this not also explainable by regulatory pressure (NIS Directive, critical infrastructure) or simply by increased attack rates – without Trump?

4. Sovereignty vs. Dependency: If German companies use CrowdStrike solution on European servers – is that genuine sovereignty or merely geographically displaced dependency? Can CrowdStrike block access even if data remains local?

5. AI Asymmetry: Lobo claims AI strengthens both sides (attack and defense). What evidence shows that defenders can keep up with AI automation if attackers have years of lead time?

6. Attribution Risks: Claudia Plattner hints that political considerations influence attribution. Is this not reckless – can false attribution lead to overreaction or diplomatic crises?

7. Realism of Hope: Lobo concludes with optimism about German will to shape. Is this based on empirical surveys or subjective impression of 50–100 CEOs at one conference? How representative is this for the broader middle market?

8. Technology Realism: Lobo rejects European autarky but says state-of-the-art is indispensable. How long does Europe remain competitive if innovation centers (AI, semiconductors, cloud) remain west of the Atlantic and Trump limits exports?

Source Directory

Primary Source: [Tech, AI and Butterflies – Cybersecurity in the Age of Uncertainty] – https://audio.podigee-cdn.net/2394492-m-9a52092e8b45e340ac39cbb0e65c77bd.mp3?source=feed

Mentioned Institutions & Events:

• Cyber Security Conference 2026 (CSC 2026), Heilbronn, Baden-Württemberg
• Schwarz-Digits GmbH (digital technology provider, Germany)
• Federal Office for Information Security (BSI)
• CrowdStrike Holdings Inc. (Endpoint Protection, USA)
• Chaos Computer Club (CCC)

Verification Status: ✓ 14.03.2026

This text was created with the support of an AI model.
Editorial responsibility: clarus.news | Fact-check: 14.03.2026