In today’s volatile digital landscape, data protection now sits firmly at the center of the enterprise risk agenda. Across industries, regions, and business models, organizations are grappling with rising complexity, accelerating technological change, intensifying geopolitical pressures, and an expanding network ecosystem that is increasingly difficult to govern.
Arelion’s latest research report, Connecting through chaos: how enterprise networks are protecting their data in a volatile world, highlights just how deeply these pressures are being felt. And while the findings are sobering, they provide crucial insight into what enterprises must prioritize if they are to build secure, resilient, and future-ready networks.
Leaders are losing sleep over data security
Corporate data protection has become the single biggest worry for enterprise network leaders – and by a wide margin. A striking 70% of leaders admit they are losing sleep over the security of critical data, and nearly a third acknowledge that, ”We know we should do more than we do.” Security now vastly outweighs traditional priorities like network speed or performance.
This shift is not surprising. In a world where a single breach can cost an organization more than 4.8 million USD (IBM, 2024), and where regulatory scrutiny is tightening across continents, any margin for error has all but disappeared.
But what stands out most is a growing confidence gap. While just over half of leaders (52%) feel “very confident” about the security of data inside their organization’s own network, that confidence drops sharply to 40% when data travels across third-party provider networks. Even more concerning, 11% of leaders openly acknowledge they know of weak points in those third-party networks.
As enterprise networks become more distributed, more cloud-centric, and more dependent on partners, the battle to maintain visibility and control becomes harder – and more strategically important – than ever before.
The top challenges
When we asked leaders where the biggest barriers lie, their answers were consistent across markets:
- Managing encryption
- Coping with multi-cloud complexity
- Enforcing security policies consistently across environments.
Encryption is seen as the most important protective technology – and simultaneously the toughest challenge to manage well.
Artificial intelligence is another central concern. While AI presents enormous potential, 60% of leaders now view AI-related threats to their critical data as moderate to extreme. This reflects a growing tension: AI is becoming essential for business efficiency and innovation, yet its opaque processes and expanding threat surface introduce new risks that organizations are still learning to manage.
Data in transit also emerged as a major pressure point. An overwhelming 83% of decision-makers agree that fewer third-party network hops increase security, reinforcing a message we at Arelion have long championed: the physical path your data takes matters. Routing is a risk factor.
Controls are improving, but confidence is not
Enterprises are investing heavily in protective controls, including:
- Real-time alerts (used by 70%)
- Security information and event management (SIEM) integration for backbone visibility (68%)
- Regular resilience testing, including against nation-state and supply-chain threats.
Yet despite this, almost half of leaders (48%) are not fully confident they could demonstrate regulatory compliance – a troubling finding in an era shaped by the EU Cyber Resilience Act, China’s emerging rules, and expanding global data sovereignty requirements.
Some regional variations are striking. Only 28% of leaders in France feel confident they meet current regulatory requirements, compared with 60% in the UK. Whether due to regulatory complexity, network fragmentation, or inherited infrastructure constraints, this confidence divide points to a wider issue: compliance demands visibility – and visibility becomes harder as networks sprawl across jurisdictions and providers.
Data sovereignty: the next frontier of network risk
As data laws proliferate, enterprises face growing scrutiny over where data is processed, how it moves, and who can access it. Our research shows:
- 32% of leaders do not know where all their own data centers are located
- 49% do not know the location of third-party data centers
- 77% say data sovereignty requirements heavily influence their choice of backbone provider.
In a world where legal jurisdiction can determine whether foreign governments can access your data, this lack of visibility is alarming – and fueling an urgent demand for greater transparency, stronger encryption governance, and more sovereignty-aware routing.
Enterprises need support
A key conclusion from the report is that complexity has grown to a level that is beyond what most enterprises can manage alone. Modern enterprise networks now span:
- Multiple public cloud providers
- Multiple third-party network domains
- Distributed data centers
- Global user bases
- AI-powered platforms
- A maze of local and international regulations
- Thousands of third-party dependencies.
Enterprises need partners that can provide scale, visibility, and regulatory clarity. They need partners that can help them reduce third-party exposure, provide resilient routing, maintain sovereign-aware paths, and deliver end-to-end transparency.
Priorities for enterprises
Drawing on this research, as well as the conversations I have with customers globally, several pressing strategic imperatives have emerged:
Know exactly where your data lives – and under which laws
Enterprises must gain full visibility of data locations, not only for owned assets but for every underlying subcontractor, cloud provider, and transit network.
Reduce unnecessary network hops
Fewer third-party links means lower exposure, clearer accountability, and stronger data integrity.
Align encryption strategy with actual risks
Encryption is only as strong as its management model. Leaders must ensure strong keys, clear ownership, and boundaries for where encryption terminates.
Treat compliance as a continuous operational discipline
With regulatory frameworks tightening, compliance can no longer be a periodic audit exercise. It must become a real-time operational requirement supported by partners with the right legal and technical expertise.
Choose network partners based on transparency, not just capacity
The question is no longer simply “How fast is your network?” but also, “How well do you protect my data across borders, jurisdictions, and vendors?”
Future resilience demands clarity
As enterprise networks become more distributed and as geopolitical and regulatory pressures intensify, data protection will continue to define corporate resilience. Enterprise leaders recognize this – their challenge now is to turn awareness into action.
Our report sends a clear message: in a chaotic world, enterprises need partners who can provide trusted networking that is visible, controlled, and sovereignty-aware – at global scale. At Arelion, we believe this clarity is not simply a security requirement, but a business enabler. In a world of constant disruption, organizations that understand – and control – the path their data takes will be best positioned to innovate, expand, and thrive.
For more detailed information, download the full report: Connecting through chaos: how enterprise networks are protecting their data in a volatile world.
Mattias Fridström, Chief Evangelist