The AWS Outage: A Lesson in Cyber Readiness

Nearly 2,000 companies felt the impact of the Amazon Web Services (AWS) outage on October 20, which lasted for almost 15 hours, and BD Emerson was one of them. AWS, the world’s largest Cloud Services Provider, said the disruption was caused by a rare DNS (Domain Name System) timing issue at a data center in Virginia.

The massive ripple effect caused by the issue resulted in a loss of billions of dollars in revenue and productivity worldwide when systems began to go offline. In the aftermath, clients have been asking: “How do we prepare better for next time?”

Here are our major tips on how to prepare for future outages:

• Adopt a Multi-Cloud Strategy: Don’t put all your eggs in one proverbial basket. This will ensure that your business operations don’t buckle under a single point of failure.

• Review your Disaster Recovery and Business Continuity Plans: Are they complete and accurate? Make sure you have a clearly defined recovery timeline so that downtime doesn’t result in loss.

• Implement Routine Security Tests and Advanced Monitoring: Regularly testing your security infrastructure and monitoring for threats or failures can flag concerns before they snowball out of control.

• Review Cyber Insurance Coverage and Contracts for Cloud SLA Terms: Make sure you have a clear understanding of the financial impact of an outage and the compensation your company may be entitled to.

• Run Outage Drills and Implement Employee Training: Practice diverse outage scenarios and train employees on communication plans, alternative workflows, and failover protocols.

How many of these strategies have you adopted into your organization already? Whether it’s helping your organization implement a multi-cloud structure, reviewing your cyber insurance contract, or developing your business continuity plan, BD Emerson has experts available every step of the way.

☎️ Build a resilient cyber readiness program with BD Emerson

SSP Help from the Experts

Our CMMC guru, Julie Chatman, created a guide for businesses that need to provide a System Security Plan (SSP) for NIST SP 800-171 Rev. 2 and CMMC 2.0. While developing an SSP can seem daunting, BD Emerson’s compliance experts guide your security team through documentation, control mapping, and framework alignment, ensuring you meet SSP compliance requirements before they can lead to lost business.

The highlights:

• A rundown of CMMC SSP requirements by level

• Why an SSP is a critical compliance artifact

• Types of organizations that need an SSP

• Steps to creating a compliant SSP

📖 Read BD Emerson’s Guide to System Security Plans (SSP)

Working on ISO 27001? Think about adding ISO 42001 to your strategic plan.

If your organization is already ISO 27001 certified and operating an established Information Security Management System (ISMS), the next logical extension is ISO 42001, which is the first international standard defining requirements for an AI Management System (AIMS).

The idea of implementing another framework can be daunting, but there is an upside: ISO 27001 and ISO 42001 share a common structure under Annex SL, allowing seamless integration of controls, governance processes, and continual improvement mechanisms. Together, they establish a unified framework for managing both information security risks and AI-specific risks.

Choosing to implement an Integrated Management System (IMS) means your team can consolidate documentation, coordinate risk assessments, and sync audit cycles so that your infosec program becomes a well-oiled machine.

👉 Read the full blog post and streamline your ISO certification projects.

Build Confidence in the Face of Chaos

Outages, audits, and evolving regulations can feel intense. That’s why we’re here to help you build the right strategy. Working with BD Emerson will help you build confidence through resilient systems, smart compliance, and actionable readiness planning. Take it from us: The best time to prepare for a disruption is before it happens.

Let’s Start the Conversation and Get You Prepared