Light Dark
December 13, 2021 By George Platsis 3 min read
Risk Management
Incident Response
Security Services

The last stop on our organizational resilience journey touches one of the issues organizations have the least control over: geopolitical and socio-economic trends and threats.

However, they can be some of the most impactful on your organization. Today, the ubiquitous use of interconnected information systems to carry commerce exists on a scale that never did before.

Previously, only certain industries, like the financial sector, had the absolute need and requirement to rely on interconnected information systems to carry out automated transactions and processes. Nowadays, organizations could come to a screeching halt if their staff does not have a stable internet connection to work from home.

Times have indeed changed.

Inheriting global risks

We have not only inherited the benefits of an information system-based economy, but also its vulnerabilities. These added pressures and capabilities increase the surface attack area and risk profile.

Today, threat actors can target specific industries that have multiple dependencies. Concurrently, transnational crime syndicates can cut out intermediaries and launch campaigns without ever having to leave their own homes, giving them in-house theft and extortion capabilities.

And, all of this is happening because an organization inherits a third party’s risks, threats and decision-making. Gone are the days where you could operate your local, regional or even national business with little care about what was going on halfway across the world.

You need to be ready for disaster recovery as external forces – no different than natural hazards – can knock out your operations. So how do you prepare and improve your resiliency posture?

The risk assessment is your mitigation tool

The introduction of NIST Special Publication 800-39, Managing Information Security Risk: Organization, Mission, and Information System View opens with the following:

Information technology is widely recognized as the engine that drives the U.S. economy, giving industry a competitive advantage in global markets, enabling the federal government to provide better services to its citizens and facilitating greater productivity as a nation.

There is your foundational statement. If you want to operate and remain competitive in global markets, your engine is information technology. And because even local markets are integrated and impacted by global trends, not even they can operate in isolation anymore.

Think about it like this: if you are a local food producer, you may think you have a level of isolation, but are you relying on a national payment processor to perform your financial transactions? If yes, you are caught in the web.

In other words, unless you are operating using the barter system, you better have, as a minimum, some type of crisis management plan in place, even if you are a small local business.

So how do you plan? Well, here are two important first steps:

  1. Really, I mean really, understanding makes your business tick.
  2. Perform a risk assessment that encompasses reasonably expected geopolitical and socio-economic risks (and NIST Special Publication 800-30, Guide for Conducting Risk Assessments is a helpful resource if you do not know how to start).

Reasonableness matters. For example, worrying about how to respond to a nuclear strike from a geopolitical enemy is probably beyond your scope, whereas losing a payment processor (say, because the same geopolitical enemy is ready to attack the processor because of some government policy) is something to be concerned about. Why? Because you may need a new payment processor after they get hit!

A reasonable risk assessment will draw out these types of issues and ultimately, you may find that the assessment can change some of your business relationships. You are inheriting their risks and that may just be well beyond your risk tolerance.

Slowly decouple from global threats, if you can

Decoupling completely from external threats is unlikely. We are too integrated, globally, and the only remedy is increased regional capabilities, which require a reorientation of resources and capital expenditure to rebuild capabilities. That’s an entirely different sort of risk appetite some may not be ready for, but you really want to cut out as many external pressures as possible.

For example, you may decide to own and operate more data centers to monitor or choose to walk away from certain markets. One has a cost, the other presents a loss. Understanding your business and the risk assessment help you may that decision.

Industry information sharing

There is one more option: the industry working together. It’s actually not too uncommon, but intra-industry cooperation can fly under the radar. Industries have a pretty good idea of who is trying to target them, so if your organization can get over the hump of working with the competition for a common defense mechanism (call it an “off the books” relationship with implied non-disclosures and non-competes), the sector becomes more resilient.

These relationships are nuanced and delicate, as they are not necessarily public-private partnerships (being a part of a PPP can sometimes increase your exposure). Instead, it is industry working together for common defense with an agreement not to exploit each other’s vulnerabilities for market gain.

Bringing it all together

Are there more issues this journey could have touched on? Yes, but with what we have passed through, you can be confident that you are walking with an incredible amount of coverage. In the next and final piece, we put all these issues together to give you a sense of what a holistic organizational resilience program can look like and what its outcomes should be.

 |  |  | 
George Platsis
Senior Director, Educator and Author

More from Risk Management
January 28, 2025

4 trends in software supply chain security

4 min read - Some of the biggest and most infamous cyberattacks of the past decade were caused by a security breakdown in the software supply chain. SolarWinds was probably the most well-known, but it was not alone. Incidents against companies like Equifax and tools like MOVEit also wreaked havoc for organizations and customers whose sensitive information was compromised.Expect to see more software supply chain attacks moving forward. According to ReversingLabs' The State of Software Supply Chain Security 2024 study, attacks against the software…

January 24, 2025

How cyberattacks on grocery stores could threaten food security

4 min read - Grocery store shoppers at many chains recently ran into an unwelcome surprise: empty shelves and delayed prescriptions. In early November, Ahold Delhaize USA was the victim of a cyberattack that significantly disrupted operations at more than 2,000 stores, including Hannaford, Food Lion and Stop and Shop. Specific details of the nature of the attack have not yet been publicly released.Because the attack affected many digital systems, some stores were not able to accept credit/debit cards, while others had to shut…

January 23, 2025

Taking the fight to the enemy: Cyber persistence strategy gains momentum

4 min read - The nature of cyber warfare has evolved rapidly over the last decade, forcing the world’s governments and industries to reimagine their cybersecurity strategies. While deterrence and reactive defenses once dominated the conversation, the emergence of cyber persistence — actively hunting down threats before they materialize — has become the new frontier. This shift, spearheaded by the United States and rapidly adopted by its allies, highlights the realization that defense alone is no longer enough to secure cyberspace.The momentum behind this…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature