On April 27, 2025, large parts of Spain and Portugal experienced a sudden and widespread power outage. The recent power outages initially led many to believe it was a cyberattack. Although this turned out not to be the case, the pattern is clear: the risk of such attacks is increasing.
These events are a wake-up call for all of us. In our digitalized society, we are extremely vulnerable if something goes wrong. Sensitive information can be lost, users can be left without water, hospitals can lose access to vital equipment, and communication can break down. Imagine a world where our critical systems do not function – where hospitals cannot provide care, water supply is interrupted, and communication is disrupted. It is a frightening reality that we must avoid at all costs.
A Pattern That is Becoming Too Familiar
This is not the first large-scale disruption.
In 2024, a major blackout in the Western Balkans left entire regions without power for hours. The ENTSO-E report revealed a chain reaction triggered by infrastructure overloads, made worse by insufficient system safeguards and monitoring software.
Around the same time in Sweden, the Akira ransomware group targeted essential municipal services in a municipality in Skåne, temporarily shutting down core digital infrastructure and prompting a full-scale recovery effort. These are just a few of many examples of the same magnitude, facing challenges as those provided.
While each of these cases has unique causes and effects, they all point to the same truth: modern society depends on complex software systems, and when they’re compromised, the consequences are tangible and wide-reaching.
The Role of Quality Assurance in a Connected World
Events like these underscore the importance of robust, secure, and resilient systems. They also highlight that quality assurance (QA) is no longer just about functionality or performance — it must now account for system stability, failure recovery, and risk exposure.
QA teams, testers, and developers are often among the first lines of defense when it comes to:
These practices are not only technical; they contribute directly to public trust in the systems that power daily life.
Moving from Reactive to Proactive
In the wake of major incidents, there is always a push to investigate what went wrong — but the more pressing question is how to prevent similar events in the future.
Governments, infrastructure operators, and security experts have their roles to play. So do we — those of us working in software, testing, and systems assurance.
By focusing on resilience, security-minded development, and cross-functional collaboration, we can help reduce risk long before an attacker finds a way in. But it doesn’t stop there.
Preparedness also means having a well-defined continuity plan — and making sure that everyone knows how to act on it. A technically sound system is only as effective as the people operating it under pressure. That’s why regular education, drills, and communication strategies are just as essential as secure code and quality testing.
We need to build systems that don’t just function, but that can recover quickly, with teams trained to respond calmly and effectively when things go wrong.
The recent blackout in Spain and Portugal is a reminder that software quality is not only a technical concern — it’s a social one. Reliable systems support essential services. And when they fail, the impact is felt not in abstract metrics, but in real lives disrupted.
It’s time to think more holistically about how we build and test the systems that connect and sustain our communities.
Creating resilient systems is a shared responsibility — and one we take seriously. If you're looking to strengthen the quality and security of your digital infrastructure, we're here to support you. Read more at our Defence Industry page.
Let’s start a conversation about how we can help protect your critical systems, build preparedness into your operations, and contribute to a more secure future for everyone.