The response to new Regulatory Powers, such as the US Cloud Act, has been ignited by geopolitical instability, alliance shifts and exposed uncertainty around cross-border access - data sovereignty is both a legal and security issue. These new Regulatory Powers requires organisations to prioritise custody and protection for the cryptographic keys that is protecting access to their data in non-sovereign IT cloud platforms and solutions. In this session we will look at how organisations should adapt to this new world for both themselves and their supply chains.