Lessons Learned from October 2025 AWS Outage 

24.10.25

General

Recently, the digital world experienced significant disruption as Amazon Web Services (AWS) suffered a major outrage. This incident affected a multitude of platforms, including banking applications, social media tools, and educational services; underscoring the critical role that cloud infrastructure plays in our daily operations.  

AWS, one of the world’s largest cloud providers, experienced a technical problem in one of its main data centres in the US. This issue caused a chain reaction, affecting multiple AWS services that power apps, websites, and digital platforms around the globe. As a result, services like banking apps, social media platforms, and even some online learning tools went offline for several hours. While the issue was eventually resolved, the outage demonstrated how reliant many organisations are on cloud infrastructure; and how quickly problems can ripple across industries. 

The AWS outage serves as a stark reminder of the vulnerabilities inherent in relying heavily on cloud services. The key lessons for all organisations are: 

In response to incidents like the AWS outage, the Cyber & Fraud Centre – Scotland works with organisations to strengthen their resilience and prepare for unexpected digital disruptions. Through our membership programme, organisations gain ongoing support and guidance on cyber readiness, including practical advice on managing risks, preventing fraud, and maintaining continuity when systems go offline. Members also benefit from access to our expert team on what to do in the event of a cyber crisis. You can learn more about membership here.  

For senior leaders, our Cyber Executive Education Programme, taking place this November in Glasgow and Edinburgh, offers a deep dive into strategic cyber risk management. The sessions are designed to help decision-makers understand their organisation’s exposure to digital threats, develop robust business continuity plans, and implement effective incident response strategies. Attendees leave equipped with actionable knowledge that can be applied immediately to protect operations and maintain customer trust during outages or other disruptions. You can sign up here.  

Even with strong plans in place, the only way to know if they will work in practice is to test them. At the Cyber & Fraud Centre, we support organisations in carrying out both tabletop exercises and technical cyber testing, helping teams to rehearse their response to real-world scenarios in a safe and guided environment. These sessions are designed to highlight gaps in communication, system reliance, and recovery steps, while building staff confidence and organisational readiness. Regular testing ensures that your business continuity and incident response plans are not only well-documented but also practical, actionable, and understood by the people who will need to implement them. You can read more in our recent blog which breaks down the importance of testing and how to get started here.  

By understanding the vulnerabilities in digital infrastructure and taking proactive steps to address them, organisations can build more resilient systems capable of withstanding future disruptions. Understanding and regularly reviewing your cyber posture is a strong step towards enhancing cyber resilience and ensuring continuity in your organisation.