Why Care about Technology Risks and Building Resilience?

This is the first post in a two-part series exploring the benefits of technology resilience. It defines technology resilience and describes its value to organizations. A subsequent post describes aspects of technology resilience and outline steps to implement a technology resilience program.

Technology resilience remains a new idea for some organizations. Even those who are familiar with its principles may have trouble articulating the benefit of strengthening their technology resilience, which can become a problem when it impedes leaders from making the case for core funding and executive sponsorship.

Technology resilience: what it is; what it isn’t

Technology resilience is one component of a strong business continuity and resilience program, including crisis management, disaster recovery and business resumption. It encompasses the practices, tools and processes that will ensure minimum acceptable levels of service — even in the presence of a disruptive event. Technology resilience seeks to reduce manual efforts associated with effecting a return to business as usual.

The concept of technology resilience is tangential to the notion of recovery, but recovery is different. Recovery is concerned with ensuring systems can be rapidly restored after disruption.

The difference between technology resilience and technology recovery is further highlighted by the architectural features that underlie each practice. Technology resilience is supported via architectural features like real-time or near-real-time replication of data, load balancing and distribution of workloads across fault domains, among others. Resilient architecture includes automation to scale up or avoid issues within any fault domain.

Without resiliency in mind — where technology architecture focuses on recovery goals only — system instances may not be entirely isolated. They may depend on a particular site. Data might be replicated, but with recovery time objectives measured in hours — not minutes. With only recovery in mind, application architectures feature numerous stateful components; automations are designed for migrating resources that survive an attack, or for recovering resources from backups, a time-consuming process.

Smart reasons to sponsor and fund technology resilience programs

When businesses successfully implement technology resilience, they achieve a wide range of benefits. Leaders who would build technology resilience, either with external help or by drawing on the skills of their own people, may want to take note of these benefits as they make the case for the funding and sponsorship that technology resilience programs will require.


  • Preventing disruptions, data breaches and operational losses results in cost savings that quickly balance the technology resilience programs’ initial costs.
  • By minimizing disruption, technology resilience practices circumvent the reputational damage and erosion of stakeholder trust that technology failures incur.
  • Customers, partners, investors and other stakeholders are more likely to trust and engage with businesses that prioritize reliable and resilient systems, giving those with robust technology resilience a clear competitive advantage.
  • Stakeholders — whether investors, customers, partners or employees — favor organizations that are resilient. This stakeholder confidence leads to stronger relationships and opens the organization to increased opportunity.
  • Technology resilience facilitates innovation: when a business is confident in its resilience, it can explore opportunities for innovation and growth from a position of strength.
  • Organizations that are technology-resilient are also better at strategic planning, as the program encourages a more proactive approach to risk management. These organizations are planning for disruption and have established guidelines to mitigate its effects.


  • Mature technology resilience programs ensure business operations continue even during disruption. As such, these programs support operational resilience, avoiding downtime that interrupts revenue generation.
  • Technology resilience practices help businesses manage risk by anticipating and planning for cyber threats and system failures that lead to potential data breaches, financial loss, reputational damage and more.
  • A well-developed technology resilience program ensures compliance with regulatory requirements and guidelines in various jurisdictions which mandate data protection, data privacy and other business continuity capabilities.
  • A technology resilience program enables rapid adaptation and response to constantly evolving technologies and threats — while maintaining stable operations.
  • Through early identification of risks to critical systems, technology resilience focuses on securing and maintaining those systems, resulting in more effective management of resources.
  • Employee productivity and management’s ability to make decisions must be supported by robust technology resilience, since staff will be less likely to be affected by unplanned downtime and other disruptions.
  • Technology resilience programs foster a culture of preparedness, so businesses are better positioned to avoid risks with far-reaching consequences for their operations, finances, customer satisfaction and brand reputation. These programs protect organizational interests and help build competitive advantage over time.

While technology resilience is still a new idea for some organizations, the benefits described here make the case for building a program whose benefits quickly outpace the costs. In our next post in this series, we describe the aspects underlying successful technology resilience programs, and outline an approach to successful program development and operation.

To learn more about our technology resilience solutions, contact us or download our Guide to Business Continuity and Resilience and refer to Achieving Resilience Starts at the Top.

Damon Owen

Managing Director
Technology Risk and Resilience

Dave Cozzens

Associate Director
Technology Risk and Resilience

Subscribe to Topics

In the latest episode, Protiviti’s @KonstantHacker and guest @JulienCamirand from Nord Quantique discuss a new approach to qubit error correction. Listen now! https://ow.ly/h4Oc50SqWh5 #ProtivitiTech #Quantum #Podcast

#Protiviti is a 2024 Compliance #Microsoft Partner of the Year Finalist. Congrats to this year’s award recipients who were selected based on their commitment to customers, the impact of their solutions, and their exemplary use of Microsoft tech. https://ow.ly/69mt50SqWbB #MSPartner

How can you tell if a #fintech firm is competent with #GenAI? Certification can certainly distinguish a firm from its competitors, says Protiviti’s Christine Livingston, but is also doesn’t tell the full story about how well they leverage the tech overall. https://ow.ly/vy1r50SkquW

Generative #AI is set to revolutionize the field of enterprise architecture. Get a comprehensive overview of the impact of #GenAI on EA activities, plus challenges, risks and limitations in the latest Technology Insights blog post. https://ow.ly/foPJ50SkUW6 #ProtivitiTech

Protiviti’s @KonstantHacker will join a panel to speak on “Quantum Leap: Securing Manufacturing's Next Frontier with Post Quantum Cryptography” on July 18 in Chicago, IL. Register today for this in-person event. https://ow.ly/s02X50SkfcI #ProtivitiTech #Quantum

Load More