Skip to content
Post
Post
Share
Annotate
Save
By Ansh Kanwar
Two of the world’s largest cloud platforms, responsible for running much of the global digital economy, recently went dark within the span of one week.
When the first of these platforms went offline in October 2025, the eight-hour disruption potentially cost billions of dollars in lost productivity and halted operations. Days later, a second platform experienced a broad outage that took thousands of services and applications offline worldwide.
For organizations dependent on these platforms, the message was clear: the promise of cloud resilience doesn’t equal resilience by default. Without a doubt, both cloud providers offer a number of mechanisms that increase the odds of avoiding downtime in the face of failures, but in the Age of Intelligence, these protections need to be incorporated by design and with intent.
The question is, what should business leaders do before the next outage strikes?
From IT Problem to Boardroom Crisis
For decades, organizations across every industry have been moving mission-critical operations to several large global cloud providers, drawn to the flexibility, scalability, and reliability they offered. Geographic redundancy and sophisticated infrastructure were supposed to keep businesses running no matter what.
But concentration risk has consequences. Even companies running a hybrid or multi-cloud infrastructure often depend on software-as-a-service (SaaS) platforms tied to a single provider. If one region falters, the ripple effect can freeze the entire digital nervous system of a business within minutes.
When an outage strikes, customer relationship management systems fail, mobile applications go dark, and artificial intelligence (AI) pipelines stop processing. Beyond immediate service disruptions, businesses also face reputational damage, increased regulatory scrutiny, and lost competitive advantage. In industries where data must flow continuously—and today, that’s most industries—even brief interruptions compound into existential threats.
Indeed, industry analysts have been sounding the alarm for years about cloud concentration risk, and research group Forrester called the October 2025 outages “a wake-up call for cloud resilience.” So what now?
Regulators Demand Proof, Not Promises
Recognizing these systemic vulnerabilities, regulators have moved to mandate action.
Under the Bank of England’s new rules, financial institutions in the U.K. must show they can still operate and move critical systems even if a major cloud provider goes down or leaves the market. The European Union has a similar requirement: its Digital Operational Resilience Act requires companies to prove they can handle disruptions at the provider level.
In the U.S., regulators have issued guidance rather than hard mandates, but the Treasury Department’s ongoing concerns about cloud concentration risk suggest stricter requirements may be on the horizon.
Cloud resilience is a clear business risk and a board-level risk-management imperative that requires strategic planning, measurable safeguards, and continuous verification.
Resilience as a Continuum
Instead of accepting whatever default fault tolerance their cloud provider offers, enterprises need to design architecture that dials resilience up or down based on business criticality, regulatory requirements, and risk tolerance, so they can keep their most critical data continuously available across regions and cloud providers, with automated replication and zero downtime.
“The promise of cloud resilience doesn’t mean resilience by default,” says Manish Sood, CEO and founder of Reltio. “It must be designed, tested, and continuously verified.”
The key is reframing resilience as a configurable business capability rather than a fixed technical specification.
Enterprise technology and data leaders should look for data architecture that continuously synchronizes, enriches, and delivers trusted data in real time to power critical business operations.
Organizations may choose multiple levels of resilience. They can start with foundational protection and scale up to multi-region or multi-cloud deployments as needs evolve, ensuring their operational data remains accessible even when cloud providers experience outages.
Four Questions About Resilience
To determine what level of cloud resilience their organizations need in the Age of Intelligence, every executive should be asking four questions:
1. Can we quantify the business impact of losing access to our primary cloud provider for one hour? Eight hours? Twenty-four hours?
2. Do we have documented, tested procedures for maintaining operations if our cloud provider experiences a regional failure?
3. Are our mission-critical applications designed to run on multiple providers, or are we locked into proprietary services?
4. Can we demonstrate compliance with emerging regulatory requirements around cloud resilience?
The answers to these questions are business-critical in an era when digital operations underpin every aspect of business performance.
Resilience in the Age of Intelligence
Cloud concentration risk has evolved into systemic risk. The massive October 2025 outages were a stress test most organizations didn’t know they would be taking. Some passed. Many didn’t. But will businesses treat these outages as one-time incidents or recognize them as the new baseline?
The urgency around resilience is heating up as organizations deploy AI systems that depend on continuous data flows. When AI agents make real-time decisions—approving loans, routing shipments, personalizing customer experiences—any downtime breaks the automation that modern business models depend on.
Organizations that plan for continuous operation will define competitive advantage in the Age of Intelligence. The time to act is before the next outage, not after.
Ansh Kanwar is Chief Product Officer of Reltio.
See how Reltio enables trusted continuity and confidence across the cloud.
