Is Your Cloud Architecture Designed to Survive
a Regional Outage? The Four-Layered Cloud Resilience

In March 2026, drone strikes on AWS data centres in the UAE and Bahrain took down cloud services for 92 SaaS platforms, while an Iran-linked cyberattack disrupted the global operations of medical technology firm Stryker. These were not edge cases. Between August 2024 and August 2025, AWS, Azure, and Google Cloud together experienced more than 100 service outages, and now the threat model has expanded from software failures to physical strikes and nation-state cyber operations.

Most organisations still treat cloud resilience as a binary: either “we have backups” or “we don’t.” That framing is dangerously incomplete. Business continuity in the cloud requires four distinct layers working together: infrastructure resilience, regional disaster recovery, backup and cyber recovery, and operational continuity. Organisations that had all four in place remained operational during the March 2026 incidents, while most had only one or two. This whitepaper outlines the risks, presents a comprehensive framework, and highlights the key actions leadership teams need to take now.