Missiles, Models & a Pentagon Deal: March 2026

1.The Resilience Assumption that Just Broke

On March 1st, Iranian drone strikes struck down three Amazon Web Services (AWS) data centres located in the UAE and Bahrain Availability Zones. There has been confirmed damage to buildings, disrupted power supply, fire, and significant water damage due to fire suppression systems.

At peak disruption, more than 109 AWS services in the ME-CENTRAL-1 region were impacted, including two of the three Availability Zones in the UAE simultaneously.

On March 24, drone activity struck the Bahrain region a second time, prompting Amazon to formally advise customers to migrate workloads out of the region. Iranian state media asserted the facilities were legitimate military targets because U.S. intelligence operations, including AI systems hosted on AWS, were being run from them.

What this reveals

Multi-AZ redundancy was designed for hardware failures and natural disasters, not for coordinated military strikes that can take out multiple zones within the same geographic conflict radius.

The incident identifies a significant structural gap in many organizations that had workloads routing through these regions without knowing it, invisible in their architecture diagrams until the outage hit. Standard commercial business interruption insurance frequently excludes acts of war.

Why it matters to you

Existing enterprise casualties included Careem, Snowflake, Alaan, Hubpay, and some of the largest UAE banking services. If these names are part of our vendor stack, you already felt the downstream effects.
More broadly, this is the first publicly confirmed military attack on a hyperscale cloud provider, meaning this risk category now has a confirmed precedent, and your insurers and board know it.

Key takeaways:

• Audit whether any of your cloud workloads route through geopolitically exposed regions without your knowledge. Routing transparency is now an architecture requirement, not an IT preference.
• Evaluate whether your DR and BCP documentation accounts for conflict-zone outages as a named scenario alongside fire and flood.
• Engage your insurance broker specifically on war exclusion clauses in your cloud and business interruption policies.

2. This AI Shipped a New Capability Every Seven Days

Anthropic released a material product update roughly every week throughout March. Persistent memory rolled out to all users, including the free tier.

• In addition, Claude preserves a user’s name, preferences for communication, writing style, and contexts across sessions, while providing users with complete and transparent edit/delete functionality for all data captured.
• The Claude Marketplace launched on March 6, consolidating billing for six partner integrations under a single Anthropic relationship.
• Computer Use moved to Research Preview on March 23, enabling Claude to click, scroll, and navigate applications to complete tasks autonomously, and to pair with Dispatch, a mobile interface for delegating desktop tasks remotely.
• Claude Code Security shipped with semantic data-flow analysis across entire codebases, reporting a false-positive rate below 5% versus the 30–60% typical of legacy scanners.
• Claude for PowerPoint and an updated Claude for Excel (with Opus 4.6, pivot table editing, and conditional formatting) extended the product suite into daily enterprise workflows.

What this reveals:

The cohesive release cadence demonstrates intent, not happenstance; and engineers within Anthropic’s engineering organisation are using Claude approximately 60% of the time to do their work (up from 28% one year ago), report productivity increases of approximately 50%, and ultimately building Claude themselves based on feedback from engineers that are using the product.

As a result of this feedback loop, the release cycle is being compressed in ways that traditional software vendors cannot compete.

Why it matters to you

If you are evaluating AI vendors for enterprise deployment, the relevant comparison is not just benchmark scores; it is release velocity, governance transparency, and ecosystem integration depth.

Computer Use in particular, changes the automation calculus: tasks that previously required RPA tooling or custom scripting now have a conversational interface with a semantic understanding of what the task actually requires.

Key takeaways:

• Assess whether your current AI tooling vendor is releasing at this cadence; if not, model the compounding productivity gap over 12 months.
• Evaluate Claude Computer Use as a direct substitute for point-solution RPA in at least one workflow before Q2.
• For development teams: Claude Code Security’s false-positive rate warrants a head-to-head comparison against your current SAST tooling.

3. The Deal that Broke AI Trust

Anthropic declined a Pentagon contract that lacked guarantees against autonomous weapons use and mass domestic surveillance. The U.S. Department of Defense responded by designating Anthropic a “supply chain risk”, a classification normally reserved for entities with foreign adversary ties, never before publicly applied to a U.S. AI company.

OpenAI moved within hours to sign its own agreement, permitting use of its technology for “all lawful purposes.” The user reaction was quantifiable: ChatGPT uninstalls spiked 295% on February 28. By Monday, Claude ranked No. 1 on the U.S. Apple App Store free downloads chart.

The #QuitGPT movement claimed more than 1.5 million user actions. Sam Altman acknowledged the rollout was botched. Caitlin Kalinowski, head of OpenAI’s robotics division, publicly resigned, citing the decision as one that crossed lines and “deserved more deliberation.”

What this reveals

AI vendor ethics positioning is no longer soft marketing; it is producing measurable market behavior. The user migration following this event is the largest single AI vendor shift ever triggered by a policy decision rather than a capability gap.

For enterprise buyers, it introduces a new evaluation axis: what is your AI vendor willing to do with its model, and are you liable by association?

Why it matters to you

Procurement of AI tools now carries reputational and contractual exposure that did not exist 18 months ago. Your legal and risk teams need to be in the room for AI vendor decisions.

Enterprise customers in regulated sectors, financial services, healthcare, and defence contractors face the additional question of whether their AI provider’s government contracts create data-handling conflicts with their own compliance obligations.

Key takeaways

• Add a vendor ethics and government contract review to your AI procurement checklist, specifically covering autonomous weapons and surveillance clauses.
• If your organization has AI tooling agreements currently under renewal, this month’s events provide legal grounds to request updated terms of use disclosures from vendors.

4. AI Model Wars: 12+ Major Releases in One Month

February and March together produced the highest AI release density ever recorded in a 30-day window: GPT-5.4 (1M token context, native computer use), Gemini 3.1 Pro, Claude Opus 4.6 (90.2% on BigLaw Bench, top-ranked for finance agent tasks), Grok 4.20, Qwen 3.5, ByteDance Seed 2.0, NVIDIA Nemotron 3 Super (120B parameters, frontier performance at lower inference cost), and at least five others across language, video, and 3D reasoning.

OpenAI crossed $25B in annualized revenue. Anthropic reached $19B. Major labs now ship significant updates every two to three weeks.

What this reveals:

The performance gap between frontier models is narrowing to the point where capability is no longer the primary differentiator for most enterprise use cases. The competition has shifted to workflow fit, ecosystem depth, pricing architecture, and agentic reliability. The organizations winning in AI deployment right now are not those who picked the “best” model; they are those who matched the right model to the right workflow with the right governance wrapper.

This acceleration isn’t new—it’s been building since the start of the year. In our January and February briefs, we highlighted the early signs of model velocity and ecosystem competition. March confirms that the shift has now reached enterprise impact scale.

Why it matters to you

The Gartner data on this is direct: enterprise leaders who deploy generic AI broadly are falling behind those deploying specialized, mission-critical AI in targeted workflows.

At $19–25B in annualized revenue, these providers are now infrastructure-scale vendors, not experimental tools, and should be evaluated and contracted accordingly. Indian enterprises, particularly in IT services, BPO, and financial services, are now facing direct model-level competition for work that was previously workflow-protected.

Key takeaways:

• Conduct a workflow audit: list your top 10 highest-cost cognitive workflows and map each to the model best suited to it based on capability, cost, and compliance fit, not brand familiarity.
• Renegotiate any AI vendor agreements signed before Q4 2025, as pricing and capability thresholds have materially shifted since then. .

5.One Threat Model Doesn’t Fit Four Markets

Three region-specific developments demand separate attention this month.
In the United States, the Trump administration issued executive guidance discouraging state-level AI regulation, creating a fragmented, state-by-state compliance landscape for multi-state operators.

In Singapore, the 2026 Budget acknowledged critical infrastructure as a primary target of cyber-attacks, a new National AI Council was formed, and an updated Cybersecurity Act expanded its regulatory scope to include cloud workloads, containerized environments, and remote systems supporting essential services, with incident reporting timelines now measured in hours.

In Canada, EY’s 2026 Threat Report identified third-party concentration risk and state-aligned espionage as primary vectors, with board-level cyber governance flagged as structurally insufficient across most sectors.

Across all regions, Moody’s 2026 outlook specifically named model poisoning and adaptive malware, AI-generated code that dynamically evades detection, as the two fastest-rising threat categories of the year.

Why this reveals

The regulatory environments across your four target markets are diverging rather than converging. A single security posture cannot serve all four simultaneously without deliberate localization. Attackers now have access to the same model capability improvements your defensive teams do, with fewer compliance constraints on how they deploy them

Why this matters to you

Singapore’s new Cybersecurity Act creates direct compliance exposure for organizations running cloud workloads that support essential services, with mandatory incident reporting timelines that most organizations’ current IR playbooks cannot meet.

For U.S. operations, the state-by-state regulatory fragmentation means compliance costs are rising even as federal guidance retreats. For Canada, the data by EY on third-party concentration risk is a direct audit trigger for any organization running complex vendor ecosystems.

Key takeaways:

• Map your incident response SLAs against Singapore’s updated reporting requirements immediately if you operate essential services in-market.
• Commission a third-party concentration risk review of your vendor stack, especially if your supply chain includes any AI or cloud infrastructure providers currently under government contract scrutiny.
• Add model poisoning as a named attack vector in your threat model if you are running AI systems trained on external or third-party datasets.

The One Decision Each Story Demands, Before Q2

The Pattern Is Clear. The Window Is Short

Technology decisions are no longer isolated—they are interconnected risks.
If your cloud, AI, and security strategies are being evaluated separately, you’re already behind.
The organizations that will outperform in Q2 are not the ones reacting to headlines—but the ones aligning architecture, vendor strategy, and compliance as a single system.
Over the next 30–60 days, every technology leader should be able to answer:

• Do we have visibility into where our workloads actually run—and the risks tied to those regions?
• Are our AI vendors aligned with our compliance, legal, and ethical boundaries?
• Which workflows should be automated now—and which AI model is best suited for each?
• Is our cybersecurity strategy built for AI-driven threats—or legacy attack patterns?

If you don’t have confident answers yet, that’s the signal.
Connect with our team to assess where you stand—and what needs to change before Q2.