Cyber security and operational resilience go hand-in-hand. Organizations have invested heavily in defending against breaches, ransomware, and service disruptions, building layered defenses designed to keep attackers out and systems running. But recent geopolitical developments are forcing a broader and more uncomfortable realization – the next major disruption may originate in the physical world rather than in code.

As cloud infrastructure becomes more deeply embedded in the fabric of global economies and national systems, it is no longer just a platform for operations, but an extension of the attack surface. And it is this shift that introduces an entirely new category of risk. Instead of services failing while infrastructure remains intact, organizations must now consider scenarios where the infrastructure itself is degraded or destroyed.

Cloud Infrastructure as a Physical Target

We saw this shift on display in March 2026. During a period of heightened geopolitical tension involving Iran, the U.S., Israel, and several Gulf states, hyperscale cloud infrastructure was directly impacted by military action. Iranian drone strikes targeted data centers in the UAE and Bahrain, damaging multiple facilities supporting major cloud providers. The impact was not limited to localized disruption. Structural damage, power outages, and even water damage caused by fire suppression systems led to severe impairment across multiple availability zones within a single region.

What made this moment significant was not just the scale of the damage, but what it revealed about resilience. Cloud architectures have long relied on redundancy models built around the assumption that failures would be isolated and contained. Availability zones were designed to operate independently so that if one failed, others could seamlessly take over. In this case, multiple zones were affected simultaneously, and, fortunately, the redundancy model held.

While alarming, this incident is not an outlier. It fits into a broader and accelerating pattern. In 2025, disruptions to undersea cables in the Red Sea affected roughly 17% of global internet traffic, demonstrating how fragile global connectivity can be when physical infrastructure is compromised. In the same year, major web infrastructure failures associated with large-scale providers caused widespread outages, underscoring how much of the internet depends on a relatively small number of centralized systems.

The Failure of Traditional Resilience Assumptions

Taken together, these events point to a fundamental shift. Points of presence, backbone connectivity, and cloud infrastructure are no longer just enablers of digital operations – they’ve now become targets. And regardless of how the disruption occurs, the result is the same. Traditional cloud resilience models are being tested in ways they were never designed to handle.

For decades, cloud architecture has been built on a set of implicit principles. Failures were expected to be contained and localized. Infrastructure itself was assumed to remain intact, even when services running on top of it failed. Carefully engineered redundancy across zones and regions was expected to absorb disruption and maintain continuity. These assumptions enabled the scalability and reliability that define modern cloud computing.

But the assumptions of the past are now increasingly misaligned with reality. Today’s failure scenarios are broader and more complex. Entire regions can become unreachable. Network paths can disappear without warning. Multiple availability zones can fail at the same time, not because of software bugs or misconfigurations, but because the underlying infrastructure is physically compromised.

In this environment, high availability is no longer enough. Resilience must account for the possibility of losing entire segments of infrastructure. When this happens, architecture becomes the defining factor between continuity and collapse.

Rethinking Resilience in Light of Modern Risk Scenarios

What resilience requires now is a shift in thinking. Instead of optimizing for efficiency within stable conditions, organizations must design for survivability under unstable ones.

A globally distributed architecture becomes critical. Resilience is no longer about density within a single region, but about the ability to operate across regions when one or more become unavailable. This demands true global distribution of points of presence, combined with the ability to reroute traffic instantly and intelligently based on real-time capacity and availability. In such scenarios, proximity becomes secondary. What matters is whether the infrastructure you depend on is still reachable at all.

Equally important is the concept of unified and portable policy. During a disruption, users may be rerouted across different regions, traffic paths may shift dynamically, and enforcement points may change in real time. Security cannot depend on location-specific configurations. Policies must follow the user and the data, applying consistently regardless of where traffic enters the network. Any gap between policy definition and enforcement introduces risk precisely when stability is most fragile.

Distributed enforcement is another essential component. Architectures that rely on centralized inspection points create inherent vulnerabilities. If those points become unavailable, enforcement collapses with them. A resilient model distributes enforcement across the network fabric, ensuring that inspection and protection continue regardless of where traffic flows. This removes single points of failure and allows the system to adapt dynamically under stress.

At the same time, organizations must confront the limitations of purely cloud-based models. SASE architectures that depend entirely on consistent, high-quality cloud connectivity assume ideal conditions that do not always exist. In reality, connectivity can degrade. Latency can spike. Entire regions can become unreachable. Under these conditions, resilience depends on the ability to continue operating even when the cloud is not fully accessible.

This is where hybrid approaches become essential. By extending enforcement to endpoints and branch locations, organizations can maintain policy continuity even during partial outages. Instead of failing outright, the system degrades gracefully, preserving core security functions until full connectivity is restored.

Designing for Disruption, Not Stability

This evolving reality is precisely what has shaped the design philosophy behind Check Point’s SASE architecture. Rather than assuming perfect infrastructure conditions, it is built with the expectation that disruption will occur. Our globally distributed points of presence provide geographic resilience, while a unified policy plane ensures consistent enforcement across all environments. Distributed enforcement eliminates reliance on any single control point, and hybrid capabilities allow protection to continue even when cloud connectivity is impaired.

The result is an architecture designed not just for performance under normal conditions, but for continuity under adverse ones. It reflects a broader shift in how resilience must be understood – not as the ability to prevent failure entirely, but as the ability to operate through it.

The cloud was originally designed to handle failure within controlled parameters. Those parameters are now expanding. Infrastructure itself can become unavailable. Regions can lose connectivity. Network paths can fragment in unpredictable ways. These are no longer edge cases but emerging realities.

Resilience must be defined by the ability to maintain operations despite partial infrastructure loss. Organizations that continue to rely on assumptions of stable, always-available infrastructure face increasing risk. Those that embrace distribution, adaptability, and architectural consistency are better positioned to navigate disruption.

The question is no longer whether infrastructure will fail. It is whether the systems built on top of it are prepared when it does.

You may also like