Cyber threats intensify. Tech advances. Resilience needs an urgent rethink
As technology accelerates, so do both opportunity and exposure. AI‑enabled cyber attacks are growing, supplier‑driven contagion is more common, and evolving regulations are extending both the cost and duration of incidents across IT, operations, finance, legal and reputation. Although leaders appear confident in their long‑term recovery capability, incidents often disrupt the business far longer than the technical recovery window.
Resilient organisations are responding by strengthening scenario testing and governance, investing in early‑detection capabilities such as Managed Extended Detection & Response (MXDR) and exposure management services, and ensuring insurance coverage aligns to realistic recovery timelines and cyber‑physical loss scenarios.
Ultimately, resilience is less about preventing every attack and more about reducing impact - and ensuring the right capabilities, services and financial resources are in place to support recovery.
Threats now spread further and last longer
Most businesses today operate within externally connected ecosystems - from basic functions to complex operations – and just one small incident can unleash a ripple effect of consequences beyond IT into operations, finance, legal and reputation.
In parallel, contagion risks from supplier attacks or software errors are increasing. Messy, expensive fallouts can spiral into multi-line losses.
Yet 82% of the global executives we surveyed say they feel ‘prepared’ for such risks. A level of confidence that signals a critical underestimation of the consequences on business operations, recovery time, cost and reputations.
