By David B. Cross, CISO, Atlassian
For the average small-to-medium enterprise (SME), the Internet is no longer just a “business tool.” It is the oxygen of the operation. Whether you are running a boutique marketing agency, a local distribution hub, or a mid-sized manufacturing plant, your ability to process payments, track inventory, and talk to customers happens through a digital connection we often take for granted. We treat the Internet like a light switch: we flip it, and it works. But this assumption of reliability is exactly where the risk lies.
The reality is that our digital world is far more fragile than it appears. We tend to think of “the cloud” as something abstract and indestructible. In truth, your business connectivity isn’t just a line from an ISP; it is a complex web of hidden dependencies. It relies on power grids that need maintenance, cooling systems that require water, and global supply chains that provide the very hardware your data travels on. If any one of these “invisible” threads snaps, the impact on your bottom line is immediate.
This is the central challenge addressed by the Marconi Society’s Internet Resilience (IR) Institute. Their work highlights a critical truth for business owners: the greatest threats to your uptime don’t usually come from a single, massive failure. They come from these hidden interconnections that quietly underpin every byte of data your company sends. To help navigate this, the Hyperscaler Business Resilience Guide provides a framework for understanding these risks, moving us toward a necessary shift in mindset: “Moving from Awareness to Action: Turning Insight into Practice.”
For an SME, “awareness” is easy. You already know that if the Internet goes down for a day, you lose money. You are aware that a cyberattack could be devastating. However, moving to “action” is where most businesses stumble. Turning insight into practice means moving past the “what if” and actually mapping out how your business survives a disruption.
The research suggests a practical way to look at this through three conceptual layers. First is the Upper Layer, which includes the apps and software you use every day to interface with customers. Next is the Lower Layer, the actual routing and physical transmission of data. Finally, there is the Dependency Layer—the power, machinery, and governance that keep the first two layers running.
For a Fortune 500 company, mapping these layers is the job of an entire department. For an SME, it’s a matter of survival that often falls on the owner or a small IT team. The goal is to move from a vague sense of worry to a concrete plan of action. This starts with a “mapping exercise.” If your primary cloud provider goes dark, do you have a secondary backup? If the local power grid fails, does your critical data have a “failover” path? If a key hardware vendor in your supply chain faces a months-long delay, can your operations pivot?
This isn’t just about technical “fixes.” It’s about governance and coordination. Resilience is a global challenge, but the practice is local. It requires assigning responsibility within your team to monitor these dependencies and conducting regular “tabletop” drills to see how the team reacts when the “unthinkable” happens. By identifying these complex interdependencies before a crisis hits, you aren’t just reacting to a disaster; you are engineering your business to withstand it.
Ultimately, we have to stop viewing Internet resilience as someone else’s problem. Every business that relies on a digital connection is a stakeholder in this ecosystem. By taking the insights from recent research and turning them into daily business practices, SMEs can bridge the gap between being “aware” of the risks and being “prepared” for the reality. To get the resilient Internet we want, we must move beyond the light-switch mentality and start managing the invisible threads that keep our doors open. It is time to turn our collective insight into a practical, resilient future.
