Digital Operations underpin the resilience of contemporary businesses. Esteemed Chief Marketing Officer at Everbridge, David Alexander, delves into the crux of this concept in this video. He discusses the role of automation, AI, and cross-disciplinary teamwork in equipping organizations to minimize downtime, optimize responses, and maintain seamless operations. David underscores the fact that Digital Operations transcends mere IT functionalities—it is indeed a pivotal strategy for securing long-term business success.

The security landscape has never been more complex. In this blog, Tracy Reinhold talks about how leaders can stay ahead of growing threats and create a security strategy that keeps their organizations strong.

Corporate security has evolved dramatically over the past decade. No longer confined to physical risks like break-ins or property damage, security now encompasses cyber threats, insider risks, and even the impact of global instability. The convergence of physical and digital risks has created a complex threat landscape, requiring organizations to think holistically about security.

For security leaders, this complexity presents both challenges and opportunities. Those who adapt quickly, leverage technology, and foster collaboration across teams can position their organizations as resilient and forward-thinking. This blog explores the current security landscape, key leadership strategies, and actionable lessons for managing security in an era of constant change.

The current security landscape: Challenges and trends

The traditional view of corporate security, focused primarily on physical assets, has shifted dramatically. Modern organizations face a convergence of risks that are deeply interconnected. Consider these key trends:

1. The convergence of physical and digital risks

Cyber-physical threats are on the rise. For example, a cyberattack on a building’s access control system could compromise physical safety, while a disruption to IoT-connected devices could shut down entire operations. Organizations must address these hybrid threats with integrated strategies that span both physical and digital domains.

2. Global instability

From political unrest to natural disasters, global instability is introducing new vulnerabilities. According to the Global Peace Index, incidents of civil unrest have increased by over 50% in the past decade, affecting supply chains, employee safety, and business continuity.

3. The expanding security perimeter

The rise of remote work and hybrid models has blurred the traditional security boundaries. Home networks, personal devices, and cloud-based platforms have expanded the attack surface, creating new vulnerabilities for cyberattacks and insider threats.

These trends underscore the need for organizations to rethink their approach to security, moving from reactive measures to proactive strategies that anticipate and mitigate risks.

Key leadership lessons for modern security management

Effective security leadership requires more than technical expertise; it demands strategic vision, adaptability, and collaboration. Here are three essential lessons for navigating today’s complex security landscape:

1. Security is a shared responsibility

Security cannot be siloed within a single department. It must be embedded across the organization, with clear roles and responsibilities for every team. Employees should be educated about potential risks, from phishing emails to suspicious activity on-site, and empowered to act.

For example, a manufacturing company implemented a company-wide security awareness program, including regular training and simulated phishing exercises. As a result, employees became more vigilant, reducing the likelihood of both cyber and physical breaches.

2. Agility Is essential

In a world where threats evolve rapidly, agility is a critical capability. Security leaders must be able to pivot quickly in response to emerging risks, whether it’s a new ransomware attack or geopolitical instability.

Agility also requires access to real-time data and insights. Leveraging tools like threat intelligence platforms and incident response systems enables organizations to detect and respond to risks faster. For instance, a retail company used predictive analytics to identify potential disruptions during a major protest, allowing it to reroute deliveries and avoid delays.

3. Data-driven decision making

Data is one of the most powerful tools for security leaders. By analyzing historical incident reports, monitoring current risks, and leveraging predictive analytics, organizations can make informed decisions to mitigate threats proactively.

For example, a healthcare organization analyzed patterns of attempted breaches on its network and used this data to strengthen its defenses, reducing the likelihood of future attacks. Data-driven insights also help leaders allocate resources effectively, focusing efforts where they’re needed most.

The role of collaboration in security

Collaboration is at the heart of modern security strategies. No single team or department can address today’s multifaceted risks alone. Here’s how collaboration drives better security outcomes:

1. Breaking down silos

Security leaders must foster collaboration across IT, HR, operations, and leadership. For example, IT teams can work with HR to identify insider threats, while operations teams can coordinate with security to ensure physical safety during an emergency.

2. External partnerships

Collaborating with external partners, such as local law enforcement, emergency responders, and industry peers, enhances an organization’s ability to respond to crises. During a natural disaster, for instance, organizations that have pre-established relationships with emergency services can recover faster and protect employees more effectively.

3. Sharing threat intelligence

Participating in threat intelligence sharing networks allows organizations to stay ahead of emerging risks. For example, cybersecurity organizations that share data on new malware strains can help others prepare and defend against similar attacks.

Case studies: Security resilience in action

1. Tech sector

A global tech company faced increasing risks from cyberattacks targeting its remote workforce. By implementing zero-trust architecture, requiring multifactor authentication, and deploying endpoint detection tools, the company significantly reduced successful breaches. Collaboration between IT, security, and HR teams ensured smooth implementation and employee compliance.

2. Retail sector

During a period of heightened civil unrest, a retail chain leveraged its security operations center (SOC) to monitor real-time data on protests near its stores. The SOC coordinated with local law enforcement to implement precautionary measures, including adjusting store hours and rerouting deliveries. These actions prevented property damage and ensured employee safety.

Looking ahead: The future of corporate security

As the threat landscape continues to evolve, organizations must stay ahead by embracing innovation and fostering collaboration. The future of corporate security will be defined by adaptability, proactive planning, and the integration of technology and human expertise.

Key trends to watch include the rise of AI-driven threats, the growing importance of supply chain security, and the convergence of cybersecurity with physical security. Leaders who prioritize agility, data-driven decision-making, and collaboration will be best positioned to navigate these challenges.

Corporate security is no longer just about protecting assets—it’s about enabling resilience, building trust, and driving long-term success. By adopting these principles, organizations can thrive in an era of complexity and uncertainty.

Security resilience starts with leadership. Tracy’s approach focuses on preparation, communication, and building a culture of vigilance. Take a fresh look at your security posture today and see where your organization can strengthen its defenses.

Operational resilience has become a defining priority for organizations in sectors like finance and insurance, especially in the UK and Europe.  Although there are some differences between the FCA and PRA operational resilience frameworks and DORA (digital Operational Resilience) there are many overlaps and best practices which will slowly be adopted by other industries if it proves to be effective.  The concepts within operational resilience have merit even in pharmaceutical, healthcare, and manufacturing. With increasing disruptions caused by cyberattacks, supply chain issues, and evolving regulations, businesses need robust frameworks to protect critical services and maintain customer trust.  

From the framework defined by the Bank of England a key component of defining metrics around important business services is “impact tolerance”—an essential concept that offers some tangible goals to determine how much disruption a business can tolerate before its operations, the consumers, the company or even the market are jeopardized.  

This guide explores what impact tolerance means in the context of operational resilience, why it matters, and how businesses can effectively design and track their thresholds to strengthen resilience.  The concepts in this can be applied to any industry, even if not regulated by FCA/PRA or DORA.

What are impact tolerances in operational resilience?  

Defining impact tolerance  

Impact tolerance commonly is defined as the maximum tolerable level of disruption that an organization can endure without causing unacceptable harm to its operations, stakeholders, or customers. There are many metrics that can be used to measure what could or would cause harm and unlike broader risk management strategies, which aim to prevent disruptions entirely, impact tolerances acknowledge that incidents are inevitable. Instead, they focus on defining clear limits for disruption and ensuring the organization is prepared to recover before these thresholds are breached.  

For example, an impact tolerance might represent the maximum system downtime a business can allow before reputational harm or financial losses escalate. An impact tolerance could also be measured as a threshold of impacted customers, a financial loss threshold, an unacceptable wait time, a dropping NPS score or breach of SLAs. 

Impact tolerance vs. risk appetite and recovery time objectives  

While related, impact tolerance differs significantly from concepts like risk appetite or recovery time objectives (RTO). Risk appetite reflects the level of risk an organization is willing to take across its operations, while recovery time objectives set specific targets for restoring functions after an incident.  

Impact tolerance, on the other hand, takes a broader and more dynamic perspective. It considers the level of pain an operation endures during a disruption, focusing on more than just whether the system is operational. By continuously monitoring and responding to this “pain level,” organizations can adapt on the fly—potentially avoiding full-scale interruption.  Impact tolerance can also be used proactively, if a threshold is monitored, then potentially warnings can trigger alarms to indicate a escalating situation or pending disaster. 

Examples of impact tolerance metrics  

Common metrics to define impact tolerance include:  

• System downtime: Maximum allowable hours of service unavailability.  

• Financial thresholds: Dollar values representing unacceptable costs from disruptions.  

• Customer impact levels: Number of clients affected before customer trust is compromised.  

• Supply chain delays: Maximum tolerable delays in delivery or procurement processes.  

• SLA levels: Breach or approaching breach of SLAs 

• Customer complaints: This can be NPS scores, dropping renewals, customer complaint increases and levels of response time or customer satisfaction changes. 

• Larger impacts: Larger impacts to the company or market. 

Why are impact tolerances critical for resilience?  

Safeguarding critical business services  

Impact tolerance ensures important critical business services—those essential for delivering customer value or meeting regulatory obligations—are protected during disruptions. It challenges businesses to predefine acceptable levels of disruption, enabling faster, coordinated responses and minimizing downtime.  

Aligning with regulatory expectations  

Global regulatory frameworks increasingly demand that organizations define and maintain impact tolerances to demonstrate operational resilience. For example, financial services regulators like the Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) in the United Kingdom mandate impact tolerance assessments as part of operational resilience programs.  While Impact Tolerances are not necessarily part of Digital Operational Resilience Act (DORA) as a regulatory requirement, the importance of outlining services and their dependance on technology, supply chain, functions and CTPS (Critical Third Party Services) still align with concept of impact tolerance. 

Practical benefits

Impact tolerances support resilience by improving decision-making and fostering stakeholder confidence and having a better understanding of triggers, thresholds and warnings surrounding a company’s important business services. Furthermore, they help allocate resources better by focusing investments where they matter most.

The cost of disruptions

Operational disruptions have direct consequences for businesses, with financial and reputational costs rising every year. According to IBM, the average cost of a data breach alone globally was $4.88 million in 2024. Organizations with robust resilience frameworks, including impact tolerance thresholds, not only reduce the frequency of incidents but also mitigate their cost.

Steps to set effective impact tolerances

1. Identify critical business services

Pinpoint the services essential to achieving your organizational goals, meeting regulatory requirements, and serving customer needs. Examples include payment processing in financial services or supply chain coordination in manufacturing.

2. Identify critical dependencies

Identify dependencies on information and communication technology, functions/processes, supply chain and critical third parties. 

3. Assess risks and threat scenarios

Evaluate the risks that pose the greatest threat to your critical services, such as cyberattacks, power outages, or pandemic-related disruptions. Prioritize risks with the highest likelihood and potential impact on your operations. Treat the risks with controls and risk methodology.

4. Determine impact tolerance thresholds

Define your organization’s limits for tolerable disruption based on financial, operational, and reputational factors.

• Example Case: A bank might determine its payment processing service cannot afford downtime exceeding 2 hours, as this would result in significant customer dissatisfaction and regulatory scrutiny.

Use financial modeling, stakeholder insights, and historical data to set realistic and achievable thresholds.

5. Test the impact tolerances in scenarios

Create scenarios to test the impact tolerances, document the results, report any issues or action items and update recovery strategies and tolerances to adapt.

6. Document and align with stakeholders

Work with leadership, departmental heads, and external regulators to ensure your impact tolerances align with organizational objectives and compliance standards.

Challenges in setting and tracking impact tolerances

Common obstacles

• Lack of clear data: Defining thresholds can be difficult without reliable metrics or historical data.
• Misaligned priorities: Different departments may have conflicting views regarding what qualifies as “critical.”
• Rigid approaches: Using inflexible methodologies can undermine efforts to adapt to evolving risks.
• Technology gap: Leveraging tools that do not effectively automate risk management can increase the negative impact of threats.

Overcoming challenges

• Implement cross-department collaboration to align on priorities.
• Leverage third-party experts to conduct unbiased impact tolerance analyses.
• Automate data collection, analysis and communication with cutting-edge tools, such as software solutions.

Strengthening operational resilience

Operational resilience is the ability of an organization to deliver critical business operations, even during disruptions. This concept, as defined by the European Banking Authority, emphasizes ensuring that essential services continue to function amid challenges such as cyber-attacks, natural disasters, regulatory changes, or supply chain disruptions. 

Unlike organizational resilience, which focuses on the broader capacity of an organization to adapt and survive, operational resilience focuses on maintaining critical operations. Its growing importance stems from the increasingly interconnected and complex environments businesses operate in today. 

Why operational resilience matters 

Disruption is an unavoidable reality in today’s business environment. With increasingly sophisticated cyber threats, geopolitical uncertainties, natural disasters and a hyperconnected digital world, the question is no longer if a critical incident will occur, but when. The ability to anticipate and mitigate such incidents can mean the difference between navigating the storm successfully or facing significant losses.  

Beyond financial impacts, failing to maintain operations during a crisis can severely harm your reputation and strain relationships with customers and vendors. In some industries, it could even lead to regulatory penalties. Being prepared is not just an advantage—it’s a necessity. 

For industries such as Financial Services, Healthcare, Energy and Utilities, Telecom, and Manufacturing, disruptions can have far-reaching effects. Operational resilience ensures: 

• Business continuity even under adverse circumstances. 
• Protection of critical services for customers and stakeholders.  
• Regulatory compliance, reducing the risk of penalties.  
• Enhanced organizational reputation, fostering trust and loyalty.  

Ultimately, operational resilience sets businesses up not only to survive but to thrive, ensuring they remain competitive no matter the challenges. 

Key elements of operational resilience 

Building operational resilience requires focusing on three critical areas: people, processes, and technology.  

People 

• Cross-functional collaboration: Teams from IT, security, leadership, compliance, and operations must work together to identify potential vulnerabilities and develop strategies. 
• Leadership is key: Leaders must foster a culture of resilience that encourages proactive problem-solving and organizational readiness. 

Processes  

• Protect critical business functions: Identify which processes are vital to operations and design safeguards to keep them running. 
• Flexibility is critical: Operational workflows must be adaptable to accommodate unforeseen challenges or evolving risks. 

Technology & systems   

• Robust IT infrastructure is essential: This includes cybersecurity measures, disaster recovery plans, and reliable data backup systems.  
• Modern tools pave the way for real-time insights: Technologies like artificial intelligence can help monitor vulnerabilities and predict potential disruptions. 

How to build operational resilience  

Implementing operational resilience starts with actionable steps that organizations can take today.  

Assessing operational risks & vulnerabilities  

• Conduct comprehensive risk assessments to identify potential threats.  
• Map out dependencies across operations, including third-party vendors and supply chains.   

Establishing a response framework   

• Develop incident response plans that outline clear steps to handle unforeseen disruptions.  
• Regularly test frameworks through drills and simulations, ensuring readiness during high-stress events.  

Embedding resilience into strategic decisions  

• Align operational resilience with business goals, risk management strategies, and business continuity planning.  
• Make continuous adaptation a priority, recognizing that risks and operational landscapes constantly evolve.  

Continuous improvement  

• Track performance over time using KPIs specific to resilience and refine strategies accordingly.  
• Stay informed about emerging risks and industry changes that may require new approaches.  

Operational Resilience vs Business Continuity  

While operational resilience and business continuity often overlap, they are distinct approaches.  

Operational resilience takes a proactive and broader approach. It considers not just internal operations but external dependencies, regulatory requirements (like DORA in financial services), and long-term risks.  

Business continuity, on the other hand, focuses on reactive measures, such as predefined plans to recover quickly after disruptions. Its priority is minimizing downtime and restoring operations.  

Both disciplines depend on cross-functional collaboration, emphasize the identification of critical business functions, and require regular testing. However, operational resilience builds on business continuity by ensuring adaptability to future challenges.  

Future of operational resilience 

The future of operational resilience is rooted in proactive planning and continuous improvement. To remain competitive, businesses must anticipate risks and integrate resilience into their everyday strategies.  

This means fostering collaboration across departments, leveraging advanced technologies, and aligning resilience with organizational goals. By combining operational resilience with business continuity, organizations position themselves to withstand turbulent conditions and meet future challenges head-on.  

Now is the time to act. Continuity experts should assess their organization’s operational resilience framework, identify gaps, and take strategic steps to strengthen it.

For more ways to operationalize resilience, visit our resource on understanding DORA and explore our Operational Resilience Solutions.  

Operational resilience isn’t just a priority—it’s a business imperative. Take the next step to protect your critical operations today. 

In December 2024 a prominent CEO was shot and killed outside of a Manhattan hotel where they were attending an investor meeting. The incident has drawn significant public attention, with speculation surrounding both the suspect’s motives and the broader implications for corporate security, given ongoing controversies and protests against the company at the time of the attack.

The best way to protect your company and your executive assets from this risk is developing a comprehensive executive protection and secure journey management plan.An intelligence led approach can limit your risk exposure and enhance your executive protection in a variety of ways.

– Adam DeLuca, Everbridge Director of Risk Intelligence

Monitoring

Early detection of threat and risk is invaluable to executive protection. Monitoring collection platforms in real-time allows you to identify potential threats before they become major problems and enables executive protection teams to proactively manage risk to their clients in a timely manner.

Utilizing different types of intelligence  

OSINT gathers information from publicly available sources. Human intelligence collects information obtained through direct contact with individuals who may have relevant insights. Signal intelligence monitors electronic communications and data to identify potential threats. Protective intelligence focuses specifically on identifying and assessing threats to an individual. These types of intelligence analyze incredible amounts of data from various sources to provide a comprehensive picture of the threat landscape to help shape risk assessments. 

Trend analysis / Threat assessments

Looking at the threat landscape and doing comprehensive threat assessments allows security teams to anticipate potential risks and vulnerabilities, develop targeted mitigation strategies, and make informed decisions to safeguard the principal through detailed situational awareness, rather than simply reacting to incidents.

Situational awareness

By monitoring real-time information, intelligence provides a comprehensive understanding of the environment surrounding the executive, including potential dangers in specific locations or during travel.