Cyberside Chats: Cybersecurity Insights from the Experts

The AWS Outage and Hidden Fourth-Party Risks

Listen Later

When Amazon Web Services went down on October 20, 2025, the impact rippled around the world. The outage knocked out Slack messages, paused financial trades, grounded flights, and even stopped people from charging their electric cars. From Coinbase to college classrooms, from food delivery apps to smart homes, millions discovered just how deeply their lives depend on a single cloud provider. 

In this episode, Sherri Davidoff and Matt Durrin break down what really happened inside AWS’s U.S.-East-1 region, why one glitch in a database called DynamoDB cascaded across the globe, and what it teaches us about the growing risk from invisible “fourth-party” dependencies that lurk deep in our digital supply chains. 

Key Takeaways 

  1. Map and monitor your vendor ecosystem — Identify both third- and fourth-party dependencies and track their health. 
  2. Require vendors to disclose key dependencies — Request a “digital bill of materials” that identifies their critical cloud and service providers. 
  3. Diversify critical workloads — Don’t rely on a single hyperscaler region or platform for mission-critical services. 
  4. Integrate vendor outages into incident response playbooks — Treat SaaS and cloud downtime as security events with defined response paths. 
  5. Test your resilience under real-world conditions — Simulate large-scale SaaS or cloud failures in tabletop exercises. 

    6. Resources: 

    • https://www.wired.com/story/what-that-huge-aws-outage-reveals-about-the-internet 
      • https://www.LMGsecurity.com/our-q3-2024-top-control-is-third-party-risk-management-lessons-from-the-crowdstrike-outage/ 
        • https://www.pandasecurity.com/en/mediacenter/aws-outage-cybersecurity-risk/ 
          • https://ccianet.org/wp-content/uploads/2003/09/cyberinsecurity%20the%20cost%20of%20monopoly.pdf

            • #cybersecurity #thirdpartyrisk #riskmanagement #infosec #ciso #cyberaware #Fourthpartyrisk #cybersidechats #lmgsecurity #aws #awsoutage

            ...more
            View all episodesView all episodes
            Download on the App Store
            Cyberside Chats: Cybersecurity Insights from the ExpertsBy Chatcyberside
            • 5
            • 5
            • 5
            • 5
            • 5

            5

            2 ratings

            More shows like Cyberside Chats: Cybersecurity Insights from the Experts

            View all
            No Agenda Show by Adam Curry & John C. Dvorak

            No Agenda Show

            5,948 Listeners

            Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

            Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

            370 Listeners

            The DSR Network by The DSR Network

            The DSR Network

            1,782 Listeners

            Conspirituality by Derek Beres, Matthew Remski, Julian Walker

            Conspirituality

            2,041 Listeners

            What Rough Beast by Virginia Heffernan and Stephen Metcalf

            What Rough Beast

            63 Listeners