There’s a strong possibility that we’re now collectively at a technology crossroads in Europe. But this isn’t due to the explosion of artificial intelligence, or the emergence of quantum technology. It’s because of something far more central to existing technology teams and operations – a potential move away from Microsoft.
In the public sector especially, there are early signs that organisations across Europe are replacing Microsoft products with alternatives.
High profile examples
There have been several high-profile examples illustrating this growing trend, including:
- The ministry of Digitalisation in Denmark announced its intention to remove Microsoft in 2025.
- The German state of Schleswig-Holstein announced a shift away from Microsoft products in 2024.
- The Austrian armed forces moved to LibreOffice, a project that began in 2020.
Key reasons behind the shift
There are a number of factors driving the shift away from Microsoft, including:
- An increased focus on digital sovereignty: Whilst this is not a new concept, it’s still a growing concern for organisations and states – not just within the EU. The ability of an organisation to meet the requirements for digital sovereignty whilst using SaaS and cloud first strategies is currently challenging, and removing Microsoft (a US based organisation) could be a key part of this. Within Europe, the Interoperable Europe Act, and other similar regulatory initiatives, are gathering pace in this space.
- Fiscal pressures: Alternatives to Microsoft will include open source options, that could offer comparable functionality at a fraction of the cost.
- A political act: Cutting dependency on an American technology giant in the current political climate could be a symbolic act, particularly considering the growing convergence of technology giants and politics.
- Reducing cybersecurity risk: ENISA has named Microsoft as the most reported vendor across vulnerabilities exploited in the EU (at 43.45%). The extent to which Microsoft products are in use across Europe, coupled with the fact that their services are often externally facing, are factors to consider here. But, even so, this is an enormous number. Cybersecurity leaders in businesses could feel that, by removing traces of Microsoft across their organisations, they are reducing their cyber risk.
The reality though is that there will not be an immediate shift away from Microsoft due to the extent to which their technology is embedded and integrated across companies and industries.
Microsoft products as a threat vector?
The crucial factor that will likely convince any businesses undecided on whether to retain Microsoft products and services, could be the extent to which they are being exploited by cybercriminals. Moving away from a highly targeted vendor to a lesser-known product could change the cybersecurity risk profile for an organisation, and the insights from ENISA provide data points that CISOs and risk managers can use to make this call.
So, it could be a question of ‘if’, rather than ‘how long’ before we see a critical mass of organisations shifting away from Microsoft. Will your organisation be one of them?