& cplSiteName &

What if a Major Cloud Platform Goes Down?

Steven J. Vaughan-Nichols

How bad could a major public cloud outage be?

What if, say, Amazon Web Services Inc. or Microsoft Azure went belly-up for a few days. How bad would it be?

Jaw-droppingly bad. Loosely paraphrased, that's the conclusion of insurance giant Lloyd's and risk modeler AIR Worldwide's report on what would happen if a major public cloud provider went down.

To be exact, "An extreme cyber incident that takes a top cloud provider offline in the US for 3 to 6 days would result in economic losses of $15 billion and up to $3.5 billion in in insured losses." That would leave a mark on even the biggest company.

The Fortune 1000 aren't the ones who would be taking it on the chin. Smaller companies, "who are more likely to use cloud provider services -- would carry a larger share of the economic and insurance losses than Fortune 1000 companies," Lloyd's and AIR said. By their estimate, "businesses outside the Fortune 1000 would carry 63% share of economic losses and 57% of insured losses."

That's a business killer. So make sure your cloud Service Level Agreement (SLA) covers what you think it does. You do not want to find out the hard way that your coverage doesn't really cover you.

The precise breakdown of costs looks like this:

  • Manufacturing would see direct economic losses of $8.6 billion;
  • Wholesale and retail trade sectors would see economic losses of $3.6 billion;
  • Information sectors would see economic losses of $847 million;
  • Finance and insurance sectors would see economic losses of $447 million;
  • Transportation and warehousing sectors would see economic losses of $439 million.

Service firms are especially sensitive to damage, according to previous Lloyd's research with KPMG International and DAC Beachcroft, which shows that "services firms are particularly vulnerable to the reputational impacts of a cyber attack where service disruption can have an immediate effect on clients, leading to customer churn, loss of competitive advantage and loss of revenue."

Business insurance companies would be in deep trouble too. "A major cloud failure would significantly impact the insurance industry, and our research has shown that such an event is plausible. The findings from this report show that while the cyber insurance industry is growing, there's still a significant gap in cyber coverage," Scott Stransky, AIR Worldwide's assistant vice president and principal scientist, said.

But, how likely is such a cloud doomsday scenario? Trevor Maynard, Head of Innovation at Lloyd's, explains, "Clouds can fail or be brought down in many ways -- ranging from malicious attacks by terrorists to lighting strikes, flooding or simply a mundane error by an employee."

But I'm skeptical. I'm not a highly paid insurance executive, but I do know a little bit about clouds.

Sure, cloud regions and even availability zones (AZ) can go down for the reasons Maynard cites. But an entire cloud system? I don't think so.

To crash an entire cloud, no single physical attack can do the job. A hack based on a fundamental architecture problem could do it. While the Meltdown and Spectre chip vulnerabilities do have that potential, it's hard to see that happening.

To quote the Latin phrase beloved of cop shows, "cui bono" -- who benefits? It's hard to say who would benefit by taking down an entire cloud.

No, if you want to worry about an entire cloud going under, then you need to worry about far bigger problems. Such as, say, the United States and North Korea lobbing nukes at each other. If that happens, we'll all have bigger worries than how our cloud provider is doing that day.

That said, you need to be aware of your risk to cloud failure. Even a day without access to your cloud region can be damaging. Make sure you're protected by having your cloud run in more than one AZ and by making sure your SLA and business insurance is able to protect you against this more realistic worse-case scenario.

Related posts:

– Steven J. Vaughan-Nichols has been writing about technology and the business of technology since CP/M-80 was the cutting-edge PC operating system, 300bps was a fast Internet connection, WordStar was the state-of-the-art word processor, and we liked it!

(7)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
User Rank: Light Sabre
3/22/2018 | 10:29:13 PM
Unlikely, But....
As you point out, much would have to go down for an entire cloud service (like AWS) to go down, but, as someone who had three 100-year storms in my first 15 years in my home, I know that worst-case scenarios can and do happen. That and keeping a vendor on its toes is a good argument to have a couple of cloud providers.
Educational Resources
sponsor supplied content
Educational Resources Archive
Featured Video
From The Founder
Ngena's global 'network of networks' solves a problem that the telecom vendors promised us would never exist. That doesn't mean its new service isn't a really good idea.
Flash Poll
Upcoming Live Events
March 28, 2018, Kansas City Convention Center
April 4, 2018, The Westin Dallas Downtown, Dallas
April 9, 2018, Las Vegas Convention Center
May 14-16, 2018, Austin Convention Center
May 14, 2018, Brazos Hall, Austin, Texas
September 24-26, 2018, Westin Westminster, Denver
October 9, 2018, The Westin Times Square, New York
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 7-8, 2018, London, United Kingdom
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
Dell CTO: Public Cloud Is 'Way More Expensive Than Buying From Us'
Mitch Wagner, Mitch Wagner, Editor, Enterprise Cloud, Light Reading, 3/19/2018
IBM Faces Age Discrimination Accusations
Mitch Wagner, Mitch Wagner, Editor, Enterprise Cloud, Light Reading, 3/22/2018
Eurobites: Cambridge Analytica Feels the Heat
Paul Rainford, Assistant Editor, Europe, 3/20/2018
HR: Cable Dominates US Broadband
Carol Wilson, Editor-at-large, 3/21/2018
Animals with Phones
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed