Unpredictable Cloud Costs and Physical Resiliency Failures Are Driving Enterprises Back to Hybrid Infrastructure

The enterprise "all-in on cloud" mandate is breaking down. After years of aggressive migration, large organizations are discovering that public cloud economics do not behave the way the original business case promised. Costs spike unpredictably, egress fees compound across multi-cloud environments, and physical resiliency guarantees have failed under real-world stress. Now, a growing number of enterprise leaders are reconsidering the architecture decisions they made at scale and looking toward hybrid and private sovereign alternatives.

Debjani Roy, a former Senior Director of Data and AI at BT, one of the UK's largest telecommunications companies, led a team of 600 and delivered over £1 billion in benefits across AI, data, and cloud transformation programs. Her career spans senior technology leadership at Barclays, Citi, and Groupon, with deep experience in financial crime analytics, capital markets architecture, and enterprise-scale cloud migration. Roy saw the cracks form firsthand while implementing cloud at two of the UK's largest institutions.

"The penny dropped when I was implementing cloud in both Barclays and BT. We saw the cloud charges increasing, particularly over the three-year period of the business case, and it was very hard to link the outcome to the cloud costs," says Roy. The financial pressure built from multiple directions. Engineers left servers running. Providers raised prices by 25% to 50% without adequate notice. GPU training costs for machine learning workloads spiked unpredictably. And egress fees accumulated as data moved between AWS, Google Cloud, and other providers inside the same enterprise. By 2023, Roy found herself fielding questions from the CFO that neither she nor the business case could fully answer.

• When the cloud goes dark: The cost problem, however, is only half the story. Roy points to two physical infrastructure failures that expose a deeper systemic risk. A flood at a Google Cloud data center in France knocked services offline for three days, despite contractual promises of 99.95% uptime. Then, in March 2026, drone strikes hit an Amazon data center in Dubai, disrupting digital banking services across the region. "Back in the days when we had on-prem, a payment system was considered critical national infrastructure," Roy says. "That brings the question how much have we assessed the systemic risk that cloud poses?"
• The contract gap: Roy also highlights a cybersecurity dimension that many leaders overlook. "Contractually, the cloud provider is not on the hook if they can prove the problem is at your end," she says. "But a lot of CSOs didn't know how to run penetration testing. It was very difficult to figure out what was happening under the hood." The combination of opaque network configurations, proprietary tooling, and contractual asymmetry leaves enterprises exposed in ways that the original migration plans never accounted for.
• Telcos as sovereign providers: Roy argues that telecommunications companies are uniquely positioned to fill the gap. Rather than viewing themselves solely as network operators, telcos should become digital infrastructure providers offering sovereign cloud services with utility-like pricing and data sovereignty guarantees. "You get your telephone bill. If you don't like your ISP charges, you shift providers," she says. "That's where we need to go. We are very far from cloud being a utility."
• The lock-in escape route: For mid-market and enterprise organizations with predictable workloads, Roy prescribes a specific architectural strategy. Build the application layer on Kubernetes, the open-source container orchestration framework, and move the data layer to a multi-cloud platform like Databricks. Together, the pairing decouples an organization from its underlying cloud provider and creates a viable path back to private or hybrid infrastructure. "Between Databricks and Kubernetes for your application, you're much more likely to shift to a private cloud with very little pain," she says.

Roy also calls for structural changes beyond any single organization. Cloud consumers need their own forum for sharing operational intelligence. Regulators need to mandate where sovereign data centers are located and how providers configure their networks. And CFOs need to be brought into cloud investment decisions with the same rigor applied to any long-term capital commitment, including ten-to-twenty-year depreciation schedules that account for compounding price increases.

The public cloud delivered real value in agility and speed. But for large enterprises carrying sensitive data across predictable workloads, the economics and the risks have shifted. "Private clouds have now become very resilient, where companies can explore moving back," Roy says. "I think the time has come now to move back into the hybrid cloud."