Across Germany, Austria, and Switzerland, a new mood is defining how large organisations invest in technology. The excitement around AI and automation is still present, but decision-makers are now demanding results, control, and clarity before opening their budgets.
From discussions with over 100 senior IT leaders in DACH, ranging from CIOs and CISOs to Heads of Digital and Infrastructure, one truth is emerging: AI is not the centrepiece. It’s a tool. And right now, they’re focusing investments on the foundations that make AI (and everything else) viable in their complex operating environments.
Here are the real priorities shaping enterprise IT investment in DACH.
AI adoption: Cautious steps, not revolutions
AI is on everyone’s radar, but few are betting the house on it. Less than 25% of participants reported scaling generative AI tools beyond pilot stage. In most cases, AI deployment remains confined to specific internal use cases or productivity tools like Copilot, not enterprise transformation.
- One CIO said: “We’re in love with the idea of AI, but in practice, we’re unsure where the ROI will truly land.”
- Over 60% are still in exploratory phases, especially in public-sector and compliance-heavy environments.
The tone? Pragmatic, not paralysed. Investment in AI will continue, but only where it enhances existing workflows or solves known inefficiencies.
Cybersecurity is a board-level investment, and a daily battle
Across the board, cybersecurity is the most urgent and universally accepted area of ongoing IT spend.
Why?
- One Swiss banking leader shared that they repel over 1,000 attacks per day.
- A German manufacturer revealed that ransomware had cost them €7 million in downtime and remediation.
Several organisations in the DACH region have now centralised cyber across business units, placing CISOs closer to the board. Over 75% reported increased cybersecurity budgets for 2025, with particular spend on:
| Cybersecurity Investment Area | % Prioritising |
|---|---|
| End-user training and simulations | 82% |
| Identity & access management | 76% |
| Cloud infrastructure hardening | 70% |
| Vendor risk and supply chain | 64% |
| Real-time threat detection | 58% |
One participant summed it up:
“We’re not treating cybersecurity as an IT issue anymore. It’s a business continuity strategy.”
Sovereignty matters more than speed
DACH IT leaders share a cultural and strategic priority that’s often underappreciated by international vendors: data control and sovereignty.
- Over 50% of participants raised concerns about hyperscalers storing sensitive data outside the EU.
- Several public sector leaders are prioritising on-premise infrastructure for sensitive workloads—despite cost pressures.
- Even cloud-native companies are asking for more transparency from vendors around storage locations, encryption protocols, and jurisdictional risk.
One Austrian CIO commented:
“If we can’t explain to our stakeholders where their data lives, the solution is dead on arrival.”
Investment in sovereign cloud, self-hosted LLMs, and multi-cloud governance tools is rising in response.
Shadow IT and platform sprawl are breaking enterprise visibility
Despite aggressive digitalisation goals, many large DACH organisations remain fragmented in their architecture. Several CIOs described environments with:
- Over 500 applications in use across different business units
- “Invisible IT” being run by departments outside of central governance
- Redundant licences and overlapping tools discovered during audits
The result? Low visibility, high risk, and rising costs.
A German healthcare executive described the situation as:
“We have the tools. We just don’t know how they’re being used, or if they’re helping.”
Investment priorities in this space include:
- IT asset discovery tools
- Licence rationalisation platforms
- Cross-department data governance
One organisation reduced annual spend by €2 million after consolidating unused platforms across five regions.
Cloud strategies are evolving, from “everything” to “what makes sense”
Cloud adoption remains high across the DACH region, but the mindset is shifting. Where once “cloud-first” was seen as strategic, many leaders now refer to a “cloud-fit” approach.
Key insights:
- Over 60% of participants have brought some workloads back on-premise for cost or compliance reasons.
- Public cloud costs have spiralled, prompting re-evaluation of contracts and architecture.
- Hybrid models are becoming dominant, with spend split across public cloud, private cloud, and local servers.
One Austrian technology leader noted:
“Cloud isn’t the goal. Performance, control, and transparency are.”
Expect investments in cloud cost-optimisation, orchestration, and data migration services to grow in 2025.
Legacy pain is limiting transformation speed
Many organisations acknowledged that technical debt is a bigger obstacle than vendor capability. Legacy ERP systems, fragmented data lakes, and outdated identity infrastructure are common blockers.
- Over 40% reported they are still integrating core systems deployed before 2010.
- “If the foundation’s unstable, even the best AI doesn’t land,” noted one DACH enterprise architect.
This is leading to increased spend on:
| Modernisation Focus Area | % Planning Investment |
|---|---|
| Legacy ERP upgrade | 61% |
| Identity management system overhaul | 55% |
| Middleware/API layer modernisation | 48% |
| Mainframe-to-cloud migration | 36% |
Transformation won’t succeed until the basics are fixed—and CIOs are shifting budget accordingly.
Workforce and skills are strategic, not HR’s problem
While talent shortages are global, DACH leaders are taking an increasingly strategic view of digital capability.
Key insights:
- Many are investing in internal academies to reskill existing staff in cloud, security, and data roles.
- Over 50% of organisations are expanding partnerships with universities and apprenticeships.
- AI tools are being explored not just for automation, but to augment smaller, leaner teams.
There’s a growing recognition that sustainable transformation depends on workforce investment just as much as platforms.
Summary: DACH IT Investment Priorities for 2025
| Priority Area | Top Investment Focus |
|---|---|
| Cybersecurity | IAM, cloud hardening, phishing simulation |
| Data sovereignty & compliance | On-prem LLMs, sovereign cloud, transparency frameworks |
| Platform rationalisation | IT asset discovery, licence audits |
| Cloud cost control | Hybrid architecture, cloud-fit migration |
| Legacy modernisation | ERP and ID management upgrades |
| Workforce enablement | Upskilling, lean team augmentation with AI |