At 2:00 am, a hospital I advised once went dark. Hackers had slipped ransomware into their system through a junior doctor’s personal email. Monitors froze. ICU machines stalled.
The ransom note blinked: “Pay in Bitcoin.” They had invested in firewalls, yes, but no resilience plan. It was like locking the front gate while leaving the windows wide open. Patients almost paid the price.
This is the tragedy of many leaders. They think cybersecurity is a one-off project. Buy software, tick the compliance box, and move on; that is not resilience, that is hope, and hope is not a strategy.
Cyber resilience is not about avoiding attacks; it is about absorbing them and still standing. The question is not if but when.
When I deep dive into firms, I ask three brutal questions.
a) If your systems went down tonight, how many hours before you are back online?
b) Who makes the call to shut down, communicate, and recover?
c) What crown jewels must never, ever be compromised?
One bank I worked with built resilience by separating critical payment systems from general IT, training staff to spot phishing, and rehearsing cyber drills like fire drills. When they were attacked, they switched to backups within 20 minutes. Customers never noticed.
The leadership challenge is denial. Many executives treat cyber as a back-office issue. Until the breach makes headlines, it’s too late.
Too many firms invest in cyber tools they never test. It is like buying fire extinguishers and never training staff to use them. When the fire comes, panic sets in. Cyber is no different. You do not rise to the occasion; you fall to the level of your drills.
Here is a drill that separates the resilient from the reckless.
Step 1: Pull the plug
Simulate a live system outage. Switch off access to one core system, finance, payroll, or email, for exactly two hours. Do it without prior notice, just like real hackers would.
Step 2: Survive manually
Force your team to operate without digital crutches. Can finance process payments manually? Can customer care still handle queries with no CRM? Can leaders still communicate if email is down? This exposes dependency and blind spots.
Step 3: War room debrief
Gather all teams after the drill. Document what worked, what collapsed, and what nearly caused disaster. Rank failures by severity. Assign owners to fix gaps within 30 days.
Step 4: Repeat until muscle memory forms
Resilience is not a PowerPoint. It is repetition. A bank I worked with ran this quarterly. By the third round, staff no longer froze in fear.
They responded with discipline, like trained soldiers. As CEO, sit in the drill. Do not delegate it. Watch your managers under pressure. It reveals competence faster than performance appraisals.
Tool application table
Table 1: The drill guide
| Drill element | What to test | Expected insight | Leadership action |
| System outage | Shut down one core system for 2 hours | How fast teams adapt without automation | Approve backup protocols |
| Manual survival | Process critical tasks manually | Which processes collapse without tech | Invest in redundancy and training |
| Debrief | Review outcomes in war room | Exposes hidden gaps and champions | Assign fixes and celebrate resilience |
Cyber resilience is not about having perfect systems. It is about testing your weakest link until it bends but does not break.
Cyber resilience is like the immune system. You do not build it during the infection; you build it through regular exposure and recovery.
A leader who ignores cyber is like a captain who never checks the lifeboats, until the iceberg hits.
