Unifying NIS2, GDPR, IEC 62443 defensible architecture — data sovereignty, regulatory control, and enterprise security doctrine.