Any successful cloud service provider needs a strong foothold in Europe. But cloud executives are finding that winning in Europe requires a different strategy than other regions—and a strong stomach for uncertainty.

CIOs in Europe control a quarter of global IT spending, and more than a third of them estimate that at least 30% of their computing resources will be allocated to the public cloud within three years. Western Europe’s cloud market alone is expected to grow more than 20% annually over the next three years to €44 billion.

But cloud companies can’t apply the same playbook in Europe as the rest of the markets they serve. There are more than 20 official languages in Europe, as well as significant differences in per capita GDP, political situations, degrees of technological maturity, and regulatory hurdles at the continental, national, and local levels. As a result, cloud buyers in Europe have significantly different priorities than CIOs in other regions. CIOs in Europe are much more concerned about data security, control and governance, and regulatory compliance than buyers in North America and Asia, according to a Bain survey conducted this year (see Figure 1).

This frequently forces CIOs in Europe to keep critical workloads on-premise rather than transition them to the cloud. Moreover, the disparities between global and Europe-based cloud service providers in regional market share and scale of physical infrastructure will strongly influence their strategies in Europe.

Figure 1

CIOs in Europe have stricter concerns about data security, governance, and regulatory compliance

Regulatory compliance has become even more critical to CIOs in Europe as sweeping new regulations have emerged in the past few years, including the General Data Protection Regulation (GDPR) and the proposed Digital Markets Act (DMA) and Digital Services Act (DSA). The Clarifying Lawful Overseas Use of Data Act (CLOUD), passed in the US in 2018, introduced privacy concerns for data hosted by US-based technology companies. In addition, the European Union’s 2020 Court of Justice decision to invalidate the Privacy Shield Framework between the EU and US governments, commonly known as “Schrems II,” has raised further doubts about the legal compliance for services from international cloud companies in EU countries. Such developments create uncertainty for cloud services buyers and sellers. Requirements for regulatory compliance can change quickly, and different stakeholders might come to different conclusions about what’s truly compliant.

Regulatory requirements have a huge bearing on cloud purchase decisions. Our research shows that customers in highly regulated industries often lag cloud adoption in other industries by 10% to 20%. The upshot is that cloud service providers have an opportunity to grow faster if they can figure out how to earn the trust of these more cautious buyers. Healthcare companies, for example, find it tremendously difficult to share patient data across borders—even within the EU—due to GDPR’s strict requirements for local governments to implement their own rules. Other industries have different cloud needs, not necessarily based on regulations. For utility companies, customization and the costs of migration from legacy computing systems are key criteria, whereas telecom companies care more about scalability and the flexibility to react to customer needs.

The result is the European cloud market is moving toward offerings tailor-made for specific industries, with rigorous testing to ensure they meet customers’ varied requirements. IDC estimates that by 2022, European enterprises will allocate 20% of new cloud services spending to industry-specific cloud solutions.

A Europe-based cloud service provider might have an edge over global hyperscalers in addressing each sector’s requirements for housing critical computing workloads, given its decades of experience working within European regulatory frameworks. But the global cloud companies will have a scale advantage in serving customers’ less-critical workloads, which make up 60% of Europe’s roughly €11 billion infrastructure-as-a-service market (see Figure 2). For CIOs, however, the decision is rarely either/or. Many are adopting a multicloud strategy that gives them the best of both on-premise and cloud infrastructure, while still meeting their needs in data security, compliance, and sovereignty.

Figure 2

A range of European industries offer opportunities in cloud services, especially for less-critical workloads

So, what’s the recipe to win Europe’s cloud market?

Global hyperscalers have a huge head start. Since they entered the market in the mid-2010s, Amazon Web Services, Google, and Microsoft have been gradually ramping up their data-compliance efforts with new physical data centers and additional guarantees of data sovereignty. Now, this trio controls more than two-thirds of the EU market. These companies can use their physical infrastructure superiority and cost advantages to target multinational or fast-growing European customers whose No. 1 purchasing criterion is scalability. Regulatory compliance and local sales and service structures will likely be mere hygiene investments, while these global players learn how to “be more European.”

Europe-headquartered cloud companies, on the other hand, can build upon differentiators of their own. Many have invested in their customer relationships for decades, keeping their fingers on the pulse of client needs and cloud-migration concerns. French cloud provider OVHcloud, for example, offers a product with IT services firm Atos aimed at serving customers with strong data-security requirements. The product, which houses data in France, earned the SecNumCloud designation from French cybersecurity agency ANSSI, which gives OVHcloud and Atos additional credibility in the market.

In some cases, European cloud companies own physical infrastructure in markets where global hyperscalers simply aren’t present, enabling them to offer products with lower latency and better control over customer data. In most parts of Europe, regional cloud providers will want to avoid competing head-to-head with the global hyperscalers. Instead, focusing on segments with special data requirements and staying involved with political initiatives like Gaia-X—a decentralized, EU-compliant cloud framework intended to help European companies compete with global players—can help Europe-based cloud service providers occupy a smaller but profitable market niche.

While a shift in market power between global hyperscalers and local cloud providers is unlikely in the near future, given the fundamental differences in scale, the European cloud market will be large enough to provide sustainable growth paths for all participants.