Cloud Outages Highlight the Need for Resilient, Secure Infrastructure Recovery

TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTogether, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.News, news analysis, and commentary on the latest trends in cybersecurity technology.Two massive technical outages over the past year underscore the need for cybersecurity teams to consider how to recover safely from disruptions without creating new security risks.October 30, 2025An Amazon Web Services (AWS) outage on Oct. 19 caused significant disruptions to numerous websites and online services. Error messages splashed across users' screens as they attempted to access popular sites like Amazon itself, as well as Snapchat and Disney+. The outage lasted two days, but spillover effects sprawled across industries. On Wednesday, the Microsoft Azure cloud platform and the Microsoft 365 service experienced a multihour outage due to what Microsoft described as an "an inadvertent configuration change." The Azure outage crippled critical business applications, bringing many organizations to a standstill. Like last year's CrowdStrike outage, these outages exemplified the blast radius that occurs when one or two vendors dominate a market area and own the infrastructure that everyone else relies on. While both incidents were the result of technical glitches, these extensive disruptions have serious cybersecurity implications for enterprises. Large enterprises trickling down to small businesses all use AWS to host websites, applications, and databases. The cloud provider offers security tools to help companies bolster identity and access management and data protection. Even if a company isn't affected directly, providers they use for identity, incident response (IR), or threat detection could be down. The AWS outage affected services that many security and identity management services depend on, including EC2, DynamoDB, and Network Load Balancer. Related:Microsoft Security Change for Azure VMs Creates PitfallsWhen a widespread cloud outage like AWS occurs, it doesn't necessarily indicate an active security breach, but it can create vulnerabilities that lead to problems for enterprises, explains Ketaki Borade, senior analyst of infrastructure security at Omdia. "During the downtime and chaos of restoring services, IT teams can inadvertently leave gaps in monitoring or patching — similar to leaving a window unlocked while rushing out for a trip — that can become potential entry points for threat actors," Borade tells Dark Reading. Outages create security blind spots and put pressure on enterprises to restore services quickly, which can lead teams to bypass security controls. Heightened vulnerability surfaces are a real concern for enterprises following outages, says Jean-Christophe Gaillard, founder and CEO of Corix Partners. Enterprises may be forced to restart systems in degraded or fallback modes that lack standard security controls. Returning to standard secure configurations can take time, giving attackers an opportunity to strike. Related:Botnets Step Up Cloud Attacks Via Flaws, Misconfigurations"Emergency patches and configuration changes are often made without proper review or security, potentially leading to misconfigurations or insecure settings that attackers can exploit," Gaillard tells Dark Reading. Change management breakdowns could also lead to cybersecurity problems. Enterprises may forget to return to standard protocols altogether, which would leave systems and data exposed, he adds.But IT teams aren't the only ones who need to remain vigilant during widespread outages. Attackers may view it as the perfect opportunity to conduct phishing campaigns, sending messages that prompt users to "verify credentials" or "restore access," Borade warns.     Incidents like these highlight the risks of relying solely on a single cloud provider, so enterprises need resilient security strategies and contingency plans to stay protected, Borade says. Resiliency levels play a large role when it comes to the extent of cybersecurity issues enterprises face following prolonged outages, like the one AWS recently suffered. In many cases, like a ransomware attack, for example, enterprises need strong backup systems to recover. In cases like this, it's important to have more comprehensive fallback arrangements because recovery requires more than effective data backup systems, says Rik Turner, chief analyst at Omdia. Any local or on-premises backup systems should be fully up-to-date with all the necessary patches if they are to take over securely, he explains.Related:Microsoft Adds Agentic AI Capabilities to Sentinel"If an organization has the ability — which I suspect is pretty rare — to fully switch to an alternative cloud provider while an AWS or any other cloud service provider is down, that will need to be both a seamless and a secure switchover process,” Turner says. “Frankly, I can see it being fraught with issues."  Artificial intelligence (AI) can help offset mitigation efforts during widespread outages. Wild Moose, an AI-powered site reliability engineering platform, emerged from stealth this week, focusing on addressing cloud outages. During widespread outages, it can be difficult to distinguish cyberattacks from technical failures, which delays appropriate responses, says Yasmin Dunsky, Wild Moose CEO and co-founder. AI is used as part of incident response to uncover the root cause analysis — a vital but difficult assessment for security teams to make. Wild Moose can help address security concerns that stem from technical glitches with its rapid root-cause analysis. It can extend its analysis to the affected company's dependents and customers, Dunsky says. "This helps both the affected company and its downstream customers understand the scope of the problem and coordinate their response, rather than each organization independently scrambling to diagnose the same root cause," she says.Borade sees the benefits of AI to mitigate the impact of highly disruptive outages that lead to cascading effects. AI systems can detect anomalies faster than humans, trigger automated responses, and even suggest remediation steps, she adds."That said, it's worth noting the irony: We're often using automation to fix issues caused by automation," she says. "It's a bit of a 'who watches the watchmen?' scenario, which is why human oversight remains critical." Read more about:Arielle WaldmanFeatures Writer, Dark ReadingArielle spent the last decade working as a reporter, transitioning from human interest stories to covering all things cybersecurity related in 2020. Now, as a features writer for Dark Reading, she delves into the security problems enterprises face daily, hoping to provide context and actionable steps. She previously lived in Florida where she wrote for the Tampa Bay Times before returning to Boston where her cybersecurity career took off at SearchSecurity. When she's not writing about cybersecurity, she pursues personal projects that include a mystery novel and poetry collection.   2025 DigiCert DDoS Biannual ReportDigiCert RADAR - Risk Analysis, Detection & Attack ReconnaissanceThe Total Economic Impact of DigiCert ONEIDC MarketScape: Worldwide Exposure Management 2025 Vendor AssessmentThe Forrester Wave™: Unified Vulnerability Management Solutions, Q3 2025How AI & Autonomous Patching Eliminate Exposure RisksThe Cloud is No Longer Enough: Securing the Modern Digital PerimeterSecuring the Hybrid Workforce: Challenges and SolutionsCybersecurity Outlook 2026Threat Hunting Tools & Techniques for Staying Ahead of Cyber AdversariesYou May Also LikeFEATUREDCheck out the Black Hat USA Conference Guide for more coverage and intel from — and about — the show.AI Security Agents Get Persona MakeoversSora 2 Makes Videos So Believable, Reality Checks Are RequiredOperational Technology Security Poses Inherent Risks for ManufacturersAI App Spending Report: Where Are the Security Tools?Copyright © 2025 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466.