Microsoft Azure Outage: A Push For Cyber Resilience?

This week's Microsoft Azure outage, lasting over eight hours, has highlighted the vulnerabilities in the global cloud ecosystem.

The event follows a major Amazon Web Services (AWS) disruption earlier this month, with both incidents stemming from Domain Name System (DNS) issues.

The Azure outage impacted major enterprises, including Asda, M&S and Heathrow Airport.

These back-to-back failures raise questions about the growing reliance on a few global cloud platforms that form the backbone for many critical services and calls for improved cyber resilience and a re-evaluation of digital dependency.

The ‘digital pandemic’ effect

The recurring nature of these large-scale outages points to a systemic issue.

Chris Dimitriadis, Chief Global Strategy Officer of ISACA, describes the situation as a “digital pandemic”.

“When the CrowdStrike outage hit last year, I coined the term ‘digital pandemic’ – where a single point of failure can cause ripple effects across multiple industries,” Chris explains.

“We are witnessing recurrent widespread outages... It’s yet another stark warning of how interconnected and fragile our digital world has become.”

Chris suggests that such vulnerabilities could be exploited by attackers: "Organisations are now at a crossroads. Today we may have faced a bug in the system; tomorrow, attackers may be able to exploit this fragility and cause massive impact.

"By weaponising AI, hacking will become mainstream, permitting anyone to launch an attack at the speed of intent.”

Global dependence and digital sovereignty

The Azure outage shows how a single fault can have a widespread global impact.

This concentration of risk on a few vendors is a growing concern, with Raphael Auphan, COO at Proton, stressing the danger of this widespread dependence.

He says: “For the second time in two weeks, we've seen a massive portion of the internet taken offline thanks to the mistakes of a solitary tech giant."

"This is further proof that relying on a handful of major cloud providers creates serious vulnerabilities and puts whole economies at risk.”

Raphael highlights the geographic concentration of these providers.

“The outage highlighted the danger of our global dependence on US technology. When the whole world relies on tech from a tiny number of companies from one country, then the whole world is vulnerable," he says.

"The only answer for the UK, Europe and elsewhere is to prioritise digital sovereignty – to develop their own native services. We need to stand on our own two feet.”

The need for greater cyber resilience

These events make cyber resilience and robust supply chain protection an urgent priority.

Chris urges businesses to take immediate action.

“We must act now to embed cyber resilience into the very fabric of our digital infrastructure. That means investing in education, training and building a larger, better-equipped army of cybersecurity professionals.”

Mark Odom, Senior Solutions Engineer at Black Duck, highlights the importance of diversifying infrastructure using the classic adage “don’t put all your eggs in one basket”.

He advises that “Important services should use automatic failover to ensure business continuity in the event that their providers experience an outage”.

“It’s critical to keep disaster recovery plans fluid and dynamic,” Mark adds.

Jamie Beckland, CPO at APIContext, notes that even well-prepared companies were affected.

“We saw several of the Fortune 500 impacted by this outage within minutes,” he says.

“Companies know that it's essential to failover gracefully and have multi-cloud infrastructure. But too often operational resiliency is treated as an afterthought.

"Continuous monitoring of your vendors and critical third parties is essential to hold them accountable for delivering as expected.”