Infosecurity Europe brings together leading experts in cybersecurity every year in London. This year, Proton made its first appearance at Infosecurity Europe 2026. We welcomed hundreds of visitors to our booth, which showcased our business password manager and other business solutions, and our business VPN(nueva ventana) product manager gave a talk on cyberattack patterns and how small teams can respond. Proton COO Raphael Auphan also spoke to Infosecurity Magazine(nueva ventana) about how we fight criminals on our platform.

As a result of all those conversations, we came away with a clear picture of what people care about right now in IT security. Today we’re sharing our key takeaways to keep those conversations going.

The core topics included:

What everyone is talking about

During more than 500 conversations at our booth, we spoke to people of all seniorities across industries, from insurance to media, cybersecurity firms to supermarkets. Our conversations ranged from broad discussions about European tech to technical questions about switching from US tech to Proton.

Attendees were keen to understand how Proton fits into a quickly changing tech landscape. They also spoke about their concerns regarding business continuity and data protection.

Businesses want tech sovereignty

The push for EU tech sovereignty has gained significant momentum in the last year. We’ve seen governments moving to reduce or even eliminate dependencies on American tech, and the European Commission has proposed a new tech sovereignty package to build domestic capacity. The US has already weaponized its tech dominance against the rest of the world, banning foreign access(nueva ventana) to Anthropic’s most powerful large language model. The EU already had to beg the US administration(nueva ventana) for access to the prior model, Mythos.

Watching this play out in the news, many of the attendees at Infosecurity Europe had strong feelings about the risks of relying on US tech. Surveillance and third-party data sharing were always concerns when using Google or Microsoft. But geopolitical tensions and the risk of service cutoff or data loss have made the risks too significant to ignore. Business leaders say they no longer feel like they’re in control.

Thankfully, a groundswell of support for tech sovereignty means that businesses have significantly more options if they want to move away from US tech. Many European companies and governments alike are actively seeking European alternatives which can offer stronger privacy protections and a more secure future.

Leaders are worried about business continuity

Last year, US sanctions against the International Criminal Court(nueva ventana) showed how political decisions could affect legal proceedings in Europe. Any institution outside the US could find itself cut off from data and cloud services instantly. If that happens, it can bring business to a standstill.

We spoke with businesses asking exactly this question: If a US tech provider cuts off my organization, can we continue to communicate and stay operational? At Proton, we’ve already developed solutions.

In March, we launched an encrypted European suite for businesses, including email, calendar, drive, docs, sheets, VPN, password manager, video conferencing, and AI assistant. And this month, we introduced Easy Switch for Businesses to help them migrate with zero downtime. But not everyone is ready to fully migrate all their data to a new platform. Some just want a plan B standing by. So we’ve also introduced business continuity option that gives organizations a way to stay online in an emergency.

Businesses aren’t fully aware of US tech risks

Even though attendees spoke to us about US risks generally, many of them still weren’t sure why they should be skeptical of Google or Microsoft business offerings. While Big Tech’s consumer privacy failures are frequently in the news, businesses assume they benefit from enterprise protections since they’re paying for the service and their data isn’t monetized with ads. But this isn’t the case.

Big Tech providers are consistently sovereignty-washing, claiming that they’re offering a European cloud. But that doesn’t stop them from moving the goal posts. We saw this when Microsoft in particular introduced flex routing to process Copilot data outside Europe.

Businesses are also affected by Big Tech’s data capture for the purpose of AI training. Even if emails and documents aren’t being used for training at scale, model development is being prioritized over customer privacy. Many companies are also insisting on inserting their AI solutions (such as Gemini) into everything, even when they aren’t wanted. Beyond exploiting data for training AI, the tools themselves don’t even guarantee security: Passwords saved in the Microsoft Edge browser are left unencrypted by design.

Even if businesses aren’t aware of the biggest risks caused by their existing US tech, they’re noticing that the tools they once relied on aren’t as good anymore. Europe has an opportunity to develop better tech at home to remedy this.

AI oversaturation and confusion

AI has dominated public discourse of late, and conversations at Infosecurity Europe were no different. We spoke to attendees who are themselves adopting AI and ones who are watching their service providers incorporate AI into their products. There were two recurring themes:

  1. Over-investment in unproven AI products: Big Tech companies prioritize establishing themselves as leaders in AI at the expense of core products and the needs of smaller business clients.
  2. Confusion about AI offerings: People are overwhelmed by the sheer number of AI tools on the market and finding it increasingly difficult to discern helpful tools from cash grabs.

AI is absolutely everywhere, so how can you tell what’s innovative and what’s a marketing ploy? As with any new tool, users have rushed to be early adopters while developers land grab for market share. But now that the landscape is settling, we heard many attendees wondering how to discern the buzzy from the genuinely useful. We also heard dissatisfaction with the support and attitude of Microsoft towards their customers in particular: with regards to data, attendees mentioned that even though our data in Europe and they were assured it can’t be resold, Microsoft’s IT team can access it.

Trust in the AI age is important. Too often, AI tools incorporate ads or abuse personal data in return for a service that doesn’t even respect its users. When it comes to business use, AI can be particularly risky. Depending on where your data is stored for processing, your queries and any data you give an AI tool could be accessed by foreign governments. There’s also no guarantee you’re protected by data laws.

AI is a powerful and useful tool if used and managed properly, but it should be private by design and it should be optional. It’s also essential that European AI tools are adopted by individuals and businesses alike. We built our AI chatbot Lumo as an alternative to AI services that don’t put their users first and protect their privacy. It’s part of our business offering because we know that businesses can benefit from it if they choose to, but AI isn’t going to detract from our mission of building a more private internet for individuals and businesses alike.

Bottom line: digital sovereignty is on the way

After so many illuminating conversations, we’re hopeful that digital sovereignty is closer than ever. There have never been more European digital offerings than there are today. And data privacy, economic investment in Europe, and strengthened cybersecurity are more possible for businesses now that European alternatives are widely available. We welcome a future where European companies can invest in tech that puts them first and builds a more private future.