Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The debate over data sovereignty spurred by the U.S. CLOUD Act is intensifying. On June 10, 2025, France’s Senate held a hearing on the role of procurement in data sovereignty, where Anton Carniaux, Director of Public and Legal Affairs at Microsoft France, testified. He stated he could not guarantee that data from French citizens would not be shared with U.S. authorities without explicit authorization from French authorities.

With the abundance of compliance requirements that organizations must comply with, such as HIPAA, PCI and GDPR to name a few, there is an increasing need for organizations to properly classify sensitive data and safeguard it accordingly. Identifying and classifying sensitive data is a crucial initial step in an organization’s compliance journey.