Security . 16 Jul 2026 . By Serhii

Nexus, VivaTech, UADEVC2026: Europe Has Chosen Tech Sovereignty

In two weeks of June, we attended three technology events in three capitals in a row — Nexus in Luxembourg, VivaTech in Paris, and the Ukrainian-German Venture Capital Summit (UADEVC2026) in Berlin. A42 co-founder and CEO Olga Nasibullina shares the key technology trends from European capitals.

Different formats, different audiences, different geopolitical and economic contexts, but everywhere, the same message sounded equally loud: Europe no longer relies on foreign technology and is ready to pay for its own. And it is inviting Ukrainian companies to take part, although on its own terms.

This tension — "you are invited, but there is an entrance ticket" — is the main thing we took away from those two weeks. All the other observations, one way or another, come back to it.

A course toward sovereignty with public money behind it

This is the most striking change we saw in each of the capitals. Nexus, VivaTech, UADEVC2026 — everywhere, in different voices, people were talking about how critical technological sovereignty has become. Geopolitical tension, complications in EU–US relations, and the growing role of technology in national security are making support for the domestic tech sector the new norm. And this readiness to invest is backed at the highest level.

Nexus is an annual AI and technology summit in Luxembourg with more than 10,000 participants — businesses, government, and startups. It is organized with the support of the local Chamber of Commerce, and many of the stands belong to partner chambers from other countries, including Ukraine. For foreign startups, the organizers laid out everything on offer: an incubator, an accelerator, grants, a national cloud, and even a supercomputer for training their own AI models. The main condition: register a legal entity in Luxembourg or partner with local companies.

VivaTech in Paris is a different order of magnitude: almost 200,000 participants from more than 100 countries. The spirit of public-private partnership is present here too, but in a different form — smaller players under the umbrella of larger structures: national stands, group stands of ecosystems like La French Tech, regional clusters, investment funds working with public money, government bodies. At one stand under the France Numérique brand, few state institutions were represented at once — from the Ministry of the Interior to CNIL, the personal data protection authority. They were showcasing their own sovereign digital solutions, looking for startups to partner with, and openly recruiting technical specialists. The state in France is not an observer — it is a market player.

Berlin's UADEVC2026 is a closed investment summit that brought German and DACH investors together with the most investment-ready Ukrainian startups. A different scale, but the same signal. A national cloud, data storage within the country, compliance with national and European cybersecurity requirements are mandatory for anyone who wants to gain a foothold in the German market. So is company registration: if not in Germany, then in Central or Western Europe.

AI Factory: sovereign AI becomes a state project

The most concrete expression of this course is that states have started building their own "AI factories". At Nexus, this was visible first-hand: the national cloud and the supercomputer I mentioned above are exactly what makes up Luxembourg's AI Factory. At its heart is the sovereign supercomputer MeluXina-AI, with more than 2,100 GPU accelerators, launched precisely so that companies can train and fine-tune their own AI models on secure, certified infrastructure without handing their data and intellectual property over to someone else's servers. 

Luxembourg is among the first seven countries selected for the AI Factories initiative of the European Commission and EuroHPC, alongside Germany, Spain, Finland, Greece, Italy, and Sweden. The EU and national budgets are investing around €1.5 billion in this first wave. The priority sectors include finance, space, the green economy and cybersecurity.

Notably, Ukraine is doing exactly the same. The country is building its own sovereign “AI factory” — its first state-owned AI infrastructure, where all data is processed inside Ukraine, in Ukrainian data centres. It will power government AI services, from the assistant in Diia to the AI tutor in Mriia, and later projects in defence, medicine, and science. The logic mirrors the European AI Factories: own computing power, own data on own territory for full technological independence and control.

This is the best illustration of how Ukraine's course aligns with Europe's. AI no longer exists apart from sovereignty, it has become sovereignty's technical foundation, and Ukraine is not chasing a trend set by others, we are moving in step with it.

Cybersecurity and compliance: the most painful point for European business

This is another thread that ran through all three events. Regulators are tightening the requirements for protecting information infrastructure, especially critical infrastructure, and for European business this is becoming an increasingly expensive problem. Directives like NIS2 are widening the circle of companies that must build security by the book rather than as an afterthought, and mid-sized businesses feel it most sharply: the requirements are high, but they lack the budgets and in-house security teams of large corporations.

That is why we saw such lively interest from business owners in solutions that help build processes in line with regulatory requirements without costing a fortune. The conclusion is simple: compliance has stopped being a formality to deal with "later". It has become a condition for entering the market. And Ukrainian companies aiming at Europe should think about it in advance — not sort out the consequences after the fact, when the deal is already on the table.

What this means for Ukrainian companies

If the most obvious growth direction for Ukrainian startups used to be the US, now Europe too is ready to become a platform for scaling and is actively inviting us to come and show ourselves. The market is attractive in both size and capital, especially for companies that so far operate only in Ukraine.

But the invitation has a price. Registering a legal entity locally, localizing customer data, meeting information and cybersecurity requirements, and, of course, compliance. Add to that something formulated with absolute precision at one of the VivaTech panels: Europe is 27 different ways of doing business. Understanding the local mentality, how sales work in a specific region, how the audience makes decisions, and what partners are looking for is a separate job, not smaller than the technology itself.

Europe is open, that is now a fact, not a forecast. And the question is no longer whether we are allowed in, but what we bring with us.

Registration, data localization, and compliance can be seen as a barrier — a list of what is demanded of us. Or as what will set apart the Ukrainian companies ready to play by the rules of a mature market from those who arrive with nothing but technology and hope. The doors are opening now — and it is easiest to walk in for those who prepared in advance, not for those catching up with the requirements on the doorstep.