Managing Cloud Challenges in Military Operations

There you have it. On March 1, 2026, Iranian Shahed drones struck two Amazon AWS data centers in the UAE and damaged a third in Bahrain. The first deliberate state attack on commercial cloud infrastructure in history. This isn't just an Amazon problem. It's a DoW problem. We spent decades building GovCloud — a handful of hyper-classified, physically concentrated regions with brutal security requirements, limited vendors, and massive bottlenecks. The promise was security through isolation. What we actually built was a fragile, concentrated, high-value target list. AWS has 39 geographic regions. The unclassified US GovCloud has two. You know what Iran knows? Exactly where they are. I've been saying this for years at the DoD: concentration is not security. Geographic distribution is resilience. The commercial cloud, properly secured with the right Zero Trust architecture and a real security stack, gives you hundreds of availability zones across dozens of countries. An adversary would need to simultaneously destroy a global distributed network to meaningfully degrade operations. That's a fundamentally harder problem than taking out a building in Northern Virginia. GovCloud made sense in 2010 when "cloud" was still a dirty word in uniform and the threat model was insider leakage. The threat model in 2026 is different. Peer adversaries with precision strike capability targeting the exact nodes they believe power our AI-assisted operations. The fix isn't to abandon classified environments. It's to distribute them. Use commercial multi-cloud architectures — AWS, Azure, Google — with proper security stacks, Zero Trust, cryptographic isolation, and geographic redundancy baked in. JWCC was a step in that direction. We need to move faster. Because right now, if someone takes out the right two buildings, US military AI goes dark. That's not resilience. That's a target.

Lower operating costs, faster decisions, and better data control are the outcomes that Defense leaders are increasingly seeking as AI transitions from pilots to real mission use. In discussions with senior DoD leaders, there is a growing acknowledgment that architecture is crucial. A cloud-only AI model does not always align with operational realities, particularly in contested, disconnected, or time-critical environments. The path forward is leaning towards a hybrid approach. Centralized cloud environments are vital for training, collaboration, and scalability. However, inference, analytics, and decision support are most effective when situated closer to the mission—at the edge—where latency, resiliency, and trust are paramount. A representative analysis we've reviewed illustrates this point: shifting inference and analytics closer to the edge led to a reduction in ongoing AI run-rate costs by approximately 50%, while significantly enhancing responsiveness for operators and analysts. For Defense CIOs, these discussions are not merely theoretical technology debates. Hybrid AI architectures are influencing mission readiness, resilience, and long-term budget sustainability. If you are navigating similar tradeoffs, I would appreciate the opportunity to exchange insights and learn from your experiences.

NATO’s ISR challenge is no longer about collecting more data; it is about fusing and acting on it at operational speed across a 32-nation alliance. An Atlantic Council brief highlights that despite strong sensing capabilities, intelligence remains fragmented across national systems, limiting responsiveness in a persistent multi-domain threat environment. Ukraine’s Delta system demonstrates what cloud-enabled fusion can achieve, reducing timelines from ~72 hours to minutes. The report argues NATO should move faster by mandating interoperability standards, allocating defence spend to shared cloud infrastructure, accelerating timelines to 2027–2029, adopting verifiable trust frameworks, and prioritising dual-use digital infrastructure. Their recommended priorities include: • Mandatory interoperability standards for all ISR/cloud systems • Defined share of spending on shared digital infrastructure • Verifiable, outcome-based trust frameworks (not geography-led) • Dual-use civilian–military cloud and data infrastructure • Accelerated cloud transition timelines (2027–2029) • Open architectures (APIs, containerisation, standardised data) • Vendor-agnostic, performance-based procurement • Harmonised certification across allies • Common identity and access management • Digital interoperability treated equal to platform interoperability Without this, increased defence spending risks scaling fragmentation rather than capability. Cloud is becoming the connective layer that determines whether NATO can operate at the speed of relevance. #nato #defence #cloud #isr #digitisation

$20B of cloud infrastructure became a military target Two Amazon Web Services (AWS) data centres in the UAE were struck by drones this week. A third facility in Bahrain was damaged. This is one of the first known kinetic attacks on cloud infrastructure. For the past decade, cloud was treated as abstract infrastructure - distributed, resilient, invisible. Outages were caused by software failures, configuration errors or cyberattacks. Yet cloud data centers are physical assets with an address and can become targets. The locations involved were strategic: The AWS Bahrain region hosts standard cloud services and also satellite ground-station capabilities, enabling satellite comms and data processing. In a world increasingly shaped by: ▫️ satellite imagery ▫️ AI-driven intelligence ▫️ real-time logistics ▫️ autonomous systems compute infrastructure sits at the intersection of civilian & strategic systems. Within hours, the disruption rippled across the region’s digital economy. 🔹 Companies running workloads on AWS reported transaction delays, authentication failures, degraded systems. 🔹 Regional services such as Careem confirmed operational disruptions. 🔹 Financial institutions reported degraded digital services. 🔹 Public systems were also exposed, as they increasingly run key digital infrastructure on cloud: digital identity systems, licensing platforms, smart-city infrastructure, analytics. The strikes occurred in the middle of a $20B+ investment wave, as the Gulf positions itself a global hub for AI compute infrastructure: 🔸 $15.2B Microsoft investment in AI and cloud infrastructure in the UAE 🔸 $5.3B AWS infrastructure region planned in Saudi Arabia For decades, conflicts targeted the infrastructure of the industrial economy: oil fields, pipelines, ports and telecoms. In the digital economy, compute is becoming energy infrastructure. AI data centres consume power at the scale of industrial plants, tying the resilience of digital systems to energy systems. In parallel, cloud is highly concentrated. AWS (~31%), Azure (~24%) and Google (~11%) host 50%+ of global cloud workloads. What EU boards should now prioritise 1️⃣ Build cloud resilience: Ensure critical workloads can move across regions and providers. 2️⃣ Reduce infrastructure dependency: Map exposure and diversify where strategic systems run. 3️⃣ Integrate geopolitics into risk models: Treat regional infrastructure disruption as an operational scenario. 4️⃣ Clarify financial & insurance exposure: Define who bears operational risk when a cloud region is unavailable and ensure coverage beyond cyber. The cloud was designed as distributed infrastructure, but it depends on servers, energy, and physical facilities inside the geopolitical landscape. #Geopolitics #Cloud #BusinessStrategy #Boardroom #AIGovernance

The modern battlefield is saturated with data but starved for time. With autonomous systems generating massive data and sensors proliferating every corner of the fight, the old model of "collect, send to cloud, analyze" is no longer viable. In a contested environment, bandwidth is precious, and latency is lethal. Edge AI reverses that dependency by moving trained models and data processing out of the data center and into the hands of operators-on handheld devices, tactical servers or autonomous platforms. When a squad leader or sensor operator can run inference locally, the unit maintains decision advantage even when satellite links are jammed or the terrestrial network goes dark. Read the full VMblog article: https://lnkd.in/gJKgUVMx #AutonomousNetworkOrchestration #MissionDataGrid #VMblog #TALON Peter O'Donoghue | Victoria Da Poian | Michael Polmar | Dennis Kelly | Tyto Athene, LLC | James Longacre | Reid Beveridge | Patti Chanthaphone | Hector Pelayo | Lavar M. | John West | John Koehnen | Jhordan F | USSOCOM | United States Department of War | U.S. Department of Homeland Security | U.S. Coast Guard | U.S. Customs and Border Protection | Gaurav Pal | Russell Harris | Chris Froude, PMP | MindPoint Group, A Tyto Athene Company

Everybody is hyped about the federal government “moving to the cloud.” Sounds great, right? More speed, scalability, and modern tech. But here’s the part nobody talks about: cloud adoption in government does not automatically make everything better. In fact, it introduces a whole new set of compliance and security headaches. Here are the biggest challenges agencies are facing: Legacy Systems and Migration Most agencies still rely on outdated IT systems. Migrating those to the cloud is complex, costly, and carries downtime and compatibility risks. Security in Hybrid Environments It is hard enough to secure one environment. In the cloud, you are managing multi-cloud and hybrid setups, misconfigured APIs, and inconsistent security policies across providers. Compliance and Governance Meeting requirements like FedRAMP and FISMA is not one-size-fits-all. Different providers have different rules. Agencies must still prove compliance and continuously monitor. Workforce Gaps Federal teams need modern cloud security skills. Without training and investment in the workforce, agencies cannot safely operate in this new environment. Budget Constraints Modernization is not cheap. Agencies are still paying to maintain legacy systems while trying to fund cloud migration. Procurement cycles only slow it down more. Operational Control Moving to the cloud means losing some direct control. Agencies now rely on vendors, contracts, and SLAs to keep systems reliable and compliant. Integration Roadblocks Connecting old systems with new cloud platforms is still messy. Standardizing data and achieving seamless integration is one of the hardest problems to solve. The takeaway is clear. Cloud is the future of federal IT, but it does not erase compliance. It multiplies it. If you understand both the promise of cloud and the hidden risks that come with it, you become the person agencies and contractors want in the room. Because in federal compliance, it is not just about adopting the latest tech. It is about making it secure, compliant, and mission-ready. #CloudCompliance #FedRAMP #GovTech