Maksym Ageyev, Co-founder and CEO of De Novo, Ukraine’s leading national cloud provider

Five years ago, I wrote about "magical thinking" in IT. Little has changed since then, except perhaps that the world's dependence on hyperscalers has grown even deeper. But magical thinking itself hasn't gone anywhere. As before, it nudges many toward a very convenient but dangerous idea: that a cloud service exists somewhere beyond physics, beyond war, and beyond real-world threats.

This is a mistake. Clouds live in physical data centers. They have specific addresses and a completely material vulnerability to strikes, accidents, and catastrophes. The incident in the UAE simply reminded everyone of what a portion of the market preferred to ignore. Hyperscalers can no longer be perceived as a panacea simply because they are "big."

To be frank: any provider looks great until it faces a real stress test. AWS data centers fell under strikes just as any other data center in the world would have. After this, I consider the discussion regarding the supposed "inferiority" of Ukrainian data centers closed. Our facilities undergo daily verification under such harsh conditions that hyperscalers could never have imagined.

Ukraine as a Cloud Testing Ground for Digital Infrastructure Resilience

War has effectively turned Ukraine into a unique laboratory—or rather, a proving ground—for testing the resilience of digital infrastructure. This is why Ukrainian cloud services increasingly use a distributed model, where workloads and data are spread across several geographically distant clouds, including those in the EU. Such an architecture reduces dependence on a single geographical region and increases the overall resilience of IT systems.

However, the main conclusion lies elsewhere. The cloud model in itself does not guarantee either fault tolerance or service availability, even if it is AWS or anyone else. The cloud only changes the way infrastructure is organized. It does not cancel out physics, it doesn't remove the consequences of war, and it doesn't fix architectural errors.

There is another uncomfortable truth here. The "availability zones" architecture, which hyperscalers have marketed for years as the universal answer to resilience, can also fail. In my opinion, one of the key reasons is that within a region, a shared management and security domain is often maintained. When too much is tied to a single management logic, a local failure easily turns into a systemic problem.

"My IT Guy Said Everything Will Be Fine" – Doesn't Work

No provider in the world can guarantee business continuity or data availability if the customer’s own IT system architecture does not provide for redundancy and disaster recovery.

That is why it is necessary to clearly understand the business's own zone of responsibility. It is the company's CIO or CTO who must answer key questions:

— Does the company have a Business Continuity Plan (BCP)? — Where and how are data backups stored? — What does the Disaster Recovery (DR) architecture look like? — How much time is needed to restore critical systems in the event of an accident?

I believe that something must be done about the deficit of applied knowledge among a segment of top-level executives. The formula "my IT guy said everything will be fine" no longer works in today's world. There are usually no simple or cheap solutions here. None. But the scale of dependence on digital components today is such that treating it as a secondary expense item is simply dangerous.

Architecture is Everything

Today, everything depends on the digital component—business, the state, society. Without it, there is no operational resilience, no continuity of processes, and no effective management. However, the approaches to protecting these assets in many companies still do not match the level of threats.

Critically important data and computing must not depend on a single data center or a single provider. Infrastructure must be distributed across several sites so that the company can continue to operate even in the event of a serious incident. This is the essence of a mature approach to digital resilience. Its foundation is engineering discipline, redundancy architecture, and a readiness to pay for disaster recovery before the disaster, not after.

By the way, this is exactly the logic embedded in the approach promoted by DSUA—the Digital Sovereignty Union of Ukraine, co-founded by De Novo. We are talking about the decentralization of information processing and storage, a distributed national cloud ecosystem, and a multi-domain security system. This is a practical response to the challenges of the real world, where data centers can be physically attacked, communication channels disrupted, and individual cloud regions temporarily lost.

I emphasize once again: a modern IT strategy begins with architecture. It is the architecture that determines whether a business can continue to function when one of its data centers ceases to be an operational site.