Digital Resilience: Is Your Company Ready for the Next Cyber Threat?
Ray A. Rothrock
AMACOM (April 2018)

“The illiterate of the 21st century will not be those who cannot read and write, but those who cannot learn, unlearn, and relearn.” Alvin Toffler

As I began to work my way through Ray Rothrock’s book the first time, I was again reminded of the Toffler observation in his classic work, Future Shock (1984). Business leaders who are illiterate insofar as cyber crime is concerned are placing their organizations at great risk. The perimeter defenses now in place will be no more effective than the Maginot Line was almost 80 years ago.

I agree with Frank Wolf: “There are two kinds of people in America today: those who have experienced a foreign cyber attack and know it, and those who have experienced a foreign cyber attack and don’t know it.” The same can be said of organizations. Each day, it seems, there is another example of an otherwise technologically sophisticated company whose financial data have been breached. In Chapter 1, Rothrock provides a mini-case study of what happened to Target in 2013.

Countless other large companies have also experienced comparable cyber attacks: They include (in alpha order) Adobe, Adult Friend Finder, Anthem, Apple, eBay, Community Health Systems, Equifax, Heartland Payment Systems, The Home Depot, Neiman Marcus, JPMorgan Chase, Michaels Stores, Primara Blue Cross, RSA Security, Stuxnet, SONY Pictures, Staples, TJX Companies, Uber, U.S. Office of Personnel Management (OPM), VeriSign, Walmart, and Yahoo.

Rothrock provides a wealth of information, insights, and counsel that create a framework within which to address business issues such as these:

o Why resilience is the only rational cybersecurity choice
o What digital resilience is…and isn’t
o How a company can develop and execute a winning strategy in a war most companies are losing
o How and why obtaining the right knowledge “is the first step toward digital resilience”
o How to get senior-level executives up to speed on digital resilience
o How to achieve and sustain resilience in a fragile digital environment
o How to assess, modify, and improve your company’s digital resilience
o How and why digital resilience can — and should — be the foundation of your enterprise architecture
o How to make resilience “a whole-business, whole-nation, whole-world” vision

I agree with Rothrock: Digital resilience “is not a product that one can simply purchase and deploy. It is a state of mind and operational philosophy that, in due course, is destined to be embedded in all future management training, schooling. and corporations.”

In weeks and months to come, business leaders would be well-advised to think in terms of responding to challenges with a mindset committed to enterprise architecture as their strategy. The winners during the so-called “Digital Revolution” will be those who achieve and then constantly strengthen digital resilience at all levels and in all areas of the given enterprise. For senior-level executives especially, Ray Rothrock provides just about everything they need to know about digital resilience in this book. It really is a “must read.” Bravo!