ISO 27001 and 27017 force you to deal with potential exit scenarios early on.

In DACH you often need both to get public contracts.

I also noticed that costumers are weary of American cloud solutions and SaaS solutions.

Most are aware that they already are one White-House-decision away from being non operational and do not want to make things worse.