Decoupling Tech: (Tech-)Resilience in a New World Order

In recent years, the level of disruption has increased significantly worldwide. Between 2011 and 2016, it rose by just 4%. From 2017 to 2022, by contrast, it climbed sharply by 200%. Key factors in this sizeable upswing include geopolitical fragmentation, regulatory divergence, supply chain reconfigurations, and growing concerns over data sovereignty.

In view of the challenges posed by disruption on such a scale, it’s imperative for organizations to ensure that they’re sufficiently resilient. While overall enterprise resilience now seems to have returned to the high level seen in the immediate wake of the pandemic, many companies appear considerably more resilient than they actually are.

Enterprise Resilience: Shaping Up for the Challenges of an Unpredictable World

True enterprise resilience calls for a cohesive and structured strategy throughout the organization. However, companies’ efforts to reduce their vulnerability all too often take the form of isolated ad-hoc fixes, resulting in a fragmented landscape of unconnected resilience silos.

To master the manifold challenges of disruption, it’s essential to take a joined-up approach to enterprise resilience. This is best achieved by developing a dedicated framework geared to addressing resilience in the key areas of architecture and technology, operations, geopolitics, and the organization and its people. Let’s take a closer look at each of these.

Resilient Architectures and Technologies

Architectural/technology resilience revolves around designing IT systems capable of withstanding disruption caused by a variety of factors – ranging from regional outages to vendor lockouts and shifts in jurisdiction. Its core elements include multi-cloud strategies; platform abstraction layers to ensure portability of applications across environments; event-driven architectures, providing modularity and fault tolerance; and cloud-native edge capabilities to help maintain service continuity.

This type of resilience is especially important in regions with evolving data sovereignty rules – such as EU’s General Data Protection Regulation (GDPR). To address these factors, organizations use sovereign cloud models and region-specific service deployments that enable them to remain compliant without losing out on scalability.

Disruption-Proofed Operations

The central aim of operational resilience is to ensure that critical IT services stay up and running during and after disruptions due to cyberattacks, system failure, global crises and the like.

Here, the focus is on tools for end-to-end observability, automated failover and disaster recovery mechanisms, such as disaster-recovery tiers. Physical redundancy also plays a key role, ensuring that if an application, service, or data center fails, another is always available.

Other core elements of operational resilience include zero-trust security models, cloud-native backup and restore tools spanning multiple geographies and zones, and identity and access management.

Continued Agility in the Face of National-Level Disruptions

As the name suggests, geopolitical resilience is all about effectively tackling disruptions at national level – including sanctions, export controls, shifting trade alliances, and internet fragmentation. Recent examples of such disruption include the EU AI Act, Data Act, and DMA.

This type of resilience is achieved by implementing compliant data architectures that use policy-aware routing and tagging; region-restricted deployments to meet regulatory requirements; and vendor diversification strategies designed to avoid dependence on individual countries.

In this context, it’s worth considering that, in early 2024, more than 80% of global chip production still flowed through geopolitically sensitive regions, exposing enterprise IT to material supply risk.

The Human Factor: Organizational/People Resilience

Finally, any effective enterprise resilience framework must also consider the aspects of organization and personnel. The aim here is to empower, prepare, and align teams to respond effectively to digital disruptions.

This can be achieved by establishing cross-functional crisis-response protocols and escalation paths. Organizations should also implement strategies for spreading their talent across multiple geographies. What’s more, they should develop targeted skilling programs for resilience-focused staff, such as cyber-risk managers. And, more generally, they should embed resilience KPIs in their digital-transformation governance.

Recent research by Accenture shows that approaches of this kind deliver tangible results: Companies that strengthen both their talent and their technology are four times more likely to achieve long-term profitable growth.

A Closer Look at Technology Resilience

The key role of technology resilience in safeguarding continued business operations merits particular attention. To weather shocks and unforeseen setbacks, organizations must be able to maintain secure, compliant, and scalable digital operations. This calls for a resilient tech strategy that is adaptive, diversified, and context aware.

A strategy of this kind encompasses four main dimensions:

• Hardware

• Software

• Networks

• Data

  
  

Of course, each of these dimensions comprises multiple subareas and associated tasks. Take networks, for example. Here, steps to ensure resilience must consider the availability and criticality of network components such as routers, firewalls, cable systems and connectivity elements. Key tasks include implementing redundant network designs, distinct network pathways, and network segmentation and physical redundancy.

Reaping the Rewards of a Unified Enterprise Resilience Framework

Experience shows that developing a systematic and unified approach to resilience pays dividends – delivering particular value during periods of disruption. Resilient organizations consistently outperform their peers during such periods, achieve a higher “return on resilience”, and are better placed to radically reinvent themselves, should this become necessary.

As mentioned, however, many of today’s organizations are not nearly as resilient as they might superficially appear. For example, the following graphic, from a recent Accenture study, shows that people resilience and operational resilience are both still well down on their pre-pandemic levels.

While technology resilience is clearly faring comparatively well, operational resilience is currently on a continued downward trajectory.

But it’s not all bad news. A growing number of organizations are implementing measures to counter vulnerabilities. For example, Gartner predicts that by 2026 some 70% of multinationals will take steps to reduce their geopolitical exposure by adjusting the countries in which they operate.

What Do You Think?

In times of radical disruption, resilience is a top priority for any organization. What are your thoughts on this hot topic? If you’d like to share them, please leave a comment a below.