IBM has launched Sovereign Core, a software stack that aims to offer enterprises and governments full operational control over sovereign cloud deployments without relying on hyperscaler-managed regions.
Sovereign deployments, typically, try to combine cloud benefits with strategic autonomy. They are IT infrastructures that have been set up locally, ideally in isolated cloud environments, to ensure complete national or organizational control over data, operations, and security, while ensuring compliance with local laws, such as data residency regulations.
Unlike traditional sovereign clouds from Microsoft or Google that hinge on dedicated data center locations, IBM’s Sovereign Core, expected to be available in tech preview in February, is trying to make sovereignty an inherent property of any software or application that an enterprise or government wants to deploy, enabling customers to run workloads on their own hardware, local providers, or even other clouds.
“It’s less a sovereign cloud and more of a software stack to build your own sovereign cloud,” Dion Hinchcliffe, lead of the CIO practice at the Futurum Group, said, adding that Core can be used across environments, such as on-premises data centers, supported in-region cloud infrastructure, or through IT service providers.
Avoiding vendor lock-in
That shift in approach, according to analysts, could redefine how CIOs manage sovereign deployments and help them avoid vendor lock-in.
In traditional sovereign cloud deployments, hyperscalers retain control over critical operations like updates and access, creating regulatory risk and locking customers into provider-specific architectures, APIs, and compliance tools, Hinchcliffe said.
When workloads move, identity management, encryption keys, and audit trails tied to the old provider don’t transfer seamlessly, forcing CIOs to rebuild governance frameworks to meet regulatory requirements in the new environment, Hinchcliffe added.
In contrast, Sovereign Core is trying to offer more control to CIOs by allowing them to keep encryption keys, identity management, and operational authority within their jurisdiction, which should enable them to switch providers without rebuilding governance frameworks, Hinchcliffe pointed out.
Seconding Hinchcliffe, HyperFRAME Research’s leader of AI stack Stephanie Walter noted that the frequency and stringency of regulator-driven audits were increasing, specifically the EU: Regulators are no longer satisfied with promises of compliance but are seeking more evidence, audit trails, and continuous compliance reporting.
Sovereign Core, according to Hinchcliffe, could also help CIOs tackle these demands with automated evidence collection and continuous monitoring, reducing overhead for banks, government agencies, and defense-adjacent industries.
Boost for moving sovereign AI pilots to production
Analysts say Sovereign Core could help CIOs and their enterprises push their AI pilots into production, especially the ones that require strict data residency and compliance controls.
Most enterprises and organizations are hesitant to send proprietary data to a public AI model, and at the same can’t run GPU-backed inference completely inside their own sovereign boundary, said Phil Fersht, CEO of HFS Research.
Sovereign Core’s functionalities and capabilities, in contrast, will allow enterprises to run local AI inference inside their own four walls, ensuring the AI model is as “sovereign” as the data it’s processing, in turn providing CIOs with a credible landing zone to move AI from pilots into production under sovereign conditions, Fersht added.
Changing market dynamics
Sovereign Core could be a strategic move by IBM to double down on the sovereignty market ahead of broader AI regulation and surge ahead of hyperscalers such as Microsoft, AWS, and Google.
“With Europe tightening controls and APAC following, IBM is betting that sovereignty will be a major gating factor for enterprise AI adoption. For some companies, much more even than cost or performance,” Hinchcliffe said.
More so in Europe because regulations restrict foreign entities, such as the hyperscalers, which are all headquartered in the US, from having access to data or control over critical IT systems.
To comply with European regulations, hyperscalers typically work with local integrators and managed service providers, but retain operational control of the underlying platform while partners build and manage services on top, Hinchcliffe said.
IBM’s Sovereign Core takes a different approach: partners can operate the entire environment on behalf of the customer, with IBM stepping out of the operational loop altogether, ensuring more compliance with regulations, Hinchcliffe added.
To that extent, IBM said that it is planning to collaborate with IT service providers globally, starting with an initial rollout in Europe with Computacenter in Germany.
IBM plans to make Sovereign Core generally available around the middle of 2026 with additional capabilities, which are likely to be disclosed soon.
Read More from This Article: IBM pushes sovereign computing with a software stack that works across cloud platforms
Source: News