AI model sovereignty: what happens when the control plane is not yours?

TL;DR: A single US export-control order disabled Anthropic’s Fable 5 and Mythos 5 for customers and staff alike, exposing how quickly AI capability can disappear when access is concentrated in one provider and one jurisdiction, according to Unosecur. The real issue is not where the model sits, but whether identity and access control stays under your authority when the provider cannot guarantee continuity.

NHIMG editorial — based on content published by Unosecur: After Fable 5, sovereignty is no longer optional

By the numbers:

• Only 5.7% of organisations have full visibility into their service accounts.
• 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
• 92% of organisations expose NHIs to third parties, raising concerns about supply chain security.

Questions worth separating out

Q: How should security teams govern AI capabilities that can be revoked by a provider or regulator?

A: Treat the capability as a governed entitlement, not a permanent service.

Q: Why does AI sovereignty matter for IAM programmes?

A: Because AI access can be withdrawn by a third party, which turns continuity into an identity issue.

Q: What breaks when an organisation depends on one AI provider in one jurisdiction?

A: The organisation loses the ability to guarantee continuity.

Practitioner guidance

• Map AI capability revocation paths Identify every external party that can suspend, narrow, or revoke access to a model, agent, or AI workflow.
• Move authorization authority into the enterprise control plane Ensure your identity and access layer, not the provider, decides which users, service accounts, and AI agents may use each capability.
• Test model failover without control-plane rebuilds Run a tabletop where the primary model is unavailable and prove that the workflow can switch to an alternate model while keeping the same identity, authorization, and audit logic intact.

What's in the full article

Unosecur's full blog covers the operational detail this post intentionally leaves for the source:

• How Unosecur says it built its control plane to run in different deployment models, including managed service, customer-owned infrastructure, and air-gapped use cases.
• The article's discussion of sovereignty properties such as model portability, jurisdictional visibility, graceful degradation, and control-plane ownership.
• The specific implications Unosecur draws from the Anthropic order for European-hosted and self-hosted AI architectures.
• The vendor's own framing of why a European flag is not itself a security control.

👉 Read Unosecur's analysis of AI sovereignty, concentration risk, and control planes →

AI model sovereignty: what happens when the control plane is not yours?

Explore further

View Full Forum →  |  NHI Foundation Course →  |  Our Services →