The same connections that bring business partners, consumers, competitors and suppliers together in a digital world can also introduce problems from anywhere in the system. No organization is fully protected because there are too many moving parts beyond one’s control.
Instead of erecting fortresses of isolation, executives are seeking out operating models and skills that can build resilience into the organization. At the same time, CIOs are working from within the C-suite to strike the right balance between spending to protect and spending to enable. Managing risk is a necessary core competency for any organization looking to take advantage of opportunities for innovation, growth and greater customer connection in the digital realm.
In spite of a steady stream of threats, organizations do not seem to be taking the need for business resilience seriously enough.
Two-thirds of 900 executives surveyed said their organizations experience significant attacks that test the resilience of their IT systems on a daily or weekly basis.
Nine percent stated that they proactively run inward-directed attacks and intentional failures to test their systems on a continuous basis.
Twenty-five percent consistently design resilience parameters into their operating model and technology architectures.
Fifty-three percent have a continuity plan that is refreshed as needed.
Forty-five percent have produced threat models to existing and planned business operations.
Failures and hostile cyber actions have profound impacts on enterprise performance—even enterprise viability. Yet, combined properly, the same technologies that are driving the digital enterprise can enable resilience at a level not possible before.
Business resilience in a potentially hostile environment requires thoughtful attention and action. C-level executives should be working together to:
Embrace the digital ecosystem. Protection at the expense of connection is not a viable option.
Manage digitally. Chains of command and business siloes need to make way for a more organic style of parallel project management. >
Institutionalize resilience. Anticipating and reacting to cyber threats is not a one-off activity—it is an ongoing and evolving requirement for any digital business.