Commentary

The self-inflicted wounds of tech monoculture

AWS and Crowdstrike outages show the need for more diversity in technology.

November 3, 2025

Listen to this article

0:00

This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment.

A traveler checks flight information at Ronald Regan Washington National Airport on July 19, 2024 in Washington, DC. A global computer outage started from an update from the cybersecurity company CrowdStrike that impacted flights worldwide along with disrupting broadcasters and banking services. (Photo by Nathan Howard/Getty Images)

For years, technological soothsayers have been warning about the dangers of IT monoculture — the dominance of a single software, platform, or vendor across critical systems — and the need for diversity, out of fear of one colossal failure that brings the world to a standstill. If that sounds a little farfetched, just look at the news recently.

An Amazon Web Services cloud service outage last month disrupted websites and services around the world, limiting people’s access to banking services, preventing students from accessing study materials during exam season and delaying U.K. residents from accessing information about essential services, including pensions. The effects were far-reaching and not isolated to companies or individuals that depend on AWS. Workers were forced offline, and everyday tasks and conveniences often taken for granted became impossible, from sending money to friends for meals to changing airline tickets.

A week later, Microsoft’s cloud and productivity platforms went dark hours before the company’s quarterly earnings report, leaving its users unable to access critical business applications or even Microsoft’s website.

These were not the only warning signs recently. Last year, the CrowdStrike outage took less than 1% of Windows machines offline. That miniscule amount translated to 8.5 million Microsoft Windows operating systems going offline, affecting health systems, airlines and banks, and even bringing down networks for essential services like 911 phone lines.

Microsoft, like AWS, enjoys a dominance across government and corporate IT infrastructure, with 95% of Fortune 500 companies using Azure and an 85% market share in U.S. government productivity software. Similar to the AWS outage, an overreliance on Microsoft made the CrowdStrike outage as expansive as it was.

The magnitude of these major outages at the hands of big tech providers highlights a glaring vulnerability that puts all sectors at risk. When the majority of businesses and government agencies are overreliant on any single provider, an isolated disruption will have cascading effects that can escalate the incident from an inconvenience to a catastrophe.

That’s precisely why healthy competition in the cloud marketplace is important. Organizations should not be locked into one vendor. The ability to find the best solutions not only provides better outcomes, but also strengthens the collective security of the systems everyone relies on — whether it’s apps for banking and groceries, or platforms used for communication.

A Bain study found that 71% of companies use only one cloud provider. The other 29% may use multiple vendors, but they still spend, on average, 95% of their cloud budget on a single one. For its part, AWS accounted for 37% of the market share in 2024. The incentives for large companies to stymie competition is a recipe for failure.

Outages like the ones the world just experienced have made clear the risk of public or private sector overreliance on a single, dominant provider — particularly as organizations continue to expand their workloads and reliance on cloud infrastructure and AI. As cloud adoption deepens and AI becomes increasingly more interconnected, routine software updates or configuration errors run a greater risk of cascading disruptions across sectors. To mitigate these systemic risks, both public and private sectors must diversify their vendors and ensure that no single provider can take entire systems offline or compromise critical networks.

Apart from reliability and security, there are also cost benefits of fostering better tech diversity and competition. For instance, the U.S. government’s software procurement system has been outdated and broken for years, whereby agencies are locked into contracts with legacy vendors with little to no genuine competition. Meanwhile, taxpayers could save $3 billion annually as a result of increased competition in government software. Not only would more robust competition save the government money, but it would break apart the current IT monoculture that leaves sensitive government systems vulnerable to single points of failure.

Bold action is required to encourage resiliency and redundancy for the long term. Public and private sector customers would benefit from an ecosystem that encourages multiple vendors to protect themselves from being impacted by a similar incident in the future. We know the benefits of vendor diversity, and failing to heed the warnings will result in more self-inflicted wounds and more frequent outages that break the internet.

Michael Garland is a software and government procurement industry expert, having held executive leadership roles in large IT companies and supported digital modernization at federal agencies, including GSA, DOD, USDA, HUD, OPM, and DOJ. Since 2015, he has run Garland LLC, a consulting firm that provides advisory and litigation services for topics focused on government acquisition.