How SIDN Is Moving to AWS Despite Political Pressure

Digital sovereignty has become one of the most widely discussed topics within the Dutch cybersecurity and IT sector. Governments, businesses, and public organizations are all grappling with the same question: how do you maintain control over critical digital processes in a world that is becoming increasingly dependent on a small number of international technology platforms?

Few organizations have experienced this debate as publicly as SIDN, the organization responsible for the .nl domain. What began as a strategic decision to modernize its domain registration system and move parts of its underlying infrastructure to the public cloud evolved into a national debate about digital autonomy, dependence on American technology, and the future of critical Dutch digital infrastructure.

Now that SIDN has reached the final phase of this journey, with the planned launch of its new .nl registration platform in September 2026, Ferry Stelte, Chief Information Security Officer at SIDN, will take the stage at Cybersec Netherlands 2026. His keynote, “70 Shades of Sovereignty: A CISO’s First Crisis Inside a National Cloud Decision,” offers a unique look behind the scenes of a case that has attracted attention from the media, politicians, and the cybersecurity community over the past several years.

A Crisis in the First Week on the Job

For Stelte, the story did not begin with an architecture diagram or a long-term strategic roadmap. His first week as SIDN’s CISO coincided with the moment when the debate surrounding the migration to AWS became public.

What was meant to be the start of a new role quickly turned into a practical lesson in public accountability, stakeholder management, and decision-making under intense scrutiny. The discussion was not limited to technical experts. The media covered the story, parliamentary questions were raised, and political stakeholders began examining the implications of the proposed migration.

As a result, what started as a technical infrastructure issue transformed into a much broader discussion about digital sovereignty.

Not a Black-and-White Story

According to Stelte, this is precisely where an important lesson can be found for organizations facing similar decisions today. In public debates, digital sovereignty is often portrayed as a choice between two extremes: becoming completely dependent on hyperscalers or moving entirely to European alternatives. In reality, the situation is far more complex.

Throughout the process, SIDN conducted additional studies, refined its risk assessments, and incorporated recommendations from external parties into the further development of its architecture. The outcome was not a complete change of direction, but rather a refinement of the original plan, including additional safeguards designed to strengthen autonomy, continuity, and control.

This nuance lies at the heart of Stelte’s story. “Digital sovereignty is not a black-and-white discussion,” is the central message running throughout his keynote. “It is more like seventy shades of grey.”

From Theory to Practice

While many discussions about sovereignty remain largely theoretical, the SIDN case demonstrates how complex decision-making becomes when public interests, political pressure, technical realities, and operational continuity converge.

How do you make decisions when the solution that is socially desirable is not automatically the most technically or operationally logical one? How do you deal with public criticism while remaining responsible for the stability of one of the most important components of the Dutch internet? And how do you prevent ideology from outweighing risk analysis?

These are exactly the questions that will take center stage during the session.

A Real Story from the Field

With his keynote, Stelte delivers exactly the type of story that Cybersec Netherlands is intentionally creating space for this year: not a theoretical vision of the future and not a marketing presentation, but a real-world story from the front lines.

It is a story about leadership under pressure. About making difficult decisions. About public accountability. And above all, about how organizations can arrive at well-considered decisions in a time of geopolitical tensions, growing dependencies, and increasing attention to digital autonomy.

For visitors involved in cloud strategy, security, governance, or digital sovereignty, this promises to be one of the most timely and relevant sessions at Cybersec Netherlands 2026.

Visit Cybersec Netherlands 2026

Discover the latest developments in cybersecurity at Cybersec Netherlands on September 9 and 10, 2026, at Jaarbeurs Utrecht. Be inspired by industry experts, real-world case studies, and innovative solutions.