Failure Modes and Digital Dependency
This section maps how control, dependency, and chokepoints turn capable systems fragile under stress.
Start with
- The sovereignty question the Big Three cloud providers cannot answer
- Why many “sovereign clouds” aren’t actually sovereign
- Is Microsoft Authenticator a Single Point of Failure? The Attack Surface vs. Blast Radius Trade-Off
Chokepoint Concentration
Multiple critical functions depend on the same upstream node. A local failure cascades across dependent systems.
Key question: How many independent systems would fail if this upstream node failed?
Operational Control Asymmetry
The system only works if another party keeps cooperating. If they refuse or change terms, your system stops working.
Key question: Can this system continue functioning if the upstream provider refuses to cooperate?
Coercive Control
An external authority can force the system to behave differently. Technical safeguards do not protect against legal or political orders.
Key question: Can a foreign authority legally require this system to deny access, alter behaviour, or expose data?
Upstream Control Transfer
Control of a dependency can change without you changing the dependency itself. Exposure can increase without any technical change on your side.
Key question: If ownership changed tomorrow, would your exposure increase while your dependency remained?
Lock-in
Leaving becomes too expensive, complex, or disruptive. Dependency persists even when conditions deteriorate.
Key question: Could you exit within 6–12 months without systemic disruption?