Foca It is an abbreviation for Volatility, Uncertainty, Complexity and Ambiguity, which means volatility. Uncertainty, complexity and ambiguity
BANI means fragility, anxiety, non-linear and incomprehensible, which means weakness and anxiety. Nonlinearity The ambiguity is difficult to understand, as many say the world has moved from the VUCA to BANI era.
Examples of major phenomena affecting the entire world include the outbreak of the Coronavirus (COVID-19), and natural disasters such as floods, droughts, and forest fires as a result of global warming. As well as geopolitical influences large-scale wars, etc., all put the world into VUCA/BANI characteristics.
Many organizations have adapted to deal with this modern world by doing Digital Transformation, DX Apply digital technology to increase operational efficiency and effectiveness. Make the organization flexible and able to adapt quickly to deal with
But this is only one side of the coin. The other side of the coin is if it is caused by a glitch in the digital system this may lead to business interruption as well.
In the last period we will hear the word Cyber resilience Often there are quite a few definitions and explanations given for Office of the Securities and Exchange Commission (SEC) As specified on the website.
In this regard, the Securities and Exchange Commission is promotingPublic companyAssess the level of ability to copeCyber threatsthemselves and encourage reinforcement (maturity level) to be higher
The Securities and Exchange Commission defines it as “Cyber resilience means the ability to prepare for and respond to cyber threats including restoring the system to return to normal operation. It is a measure of how well an organization can handle an attack or data breach.
One important part of restoring the system to return to normal operation is In addition, the system may crash due toCyber threatsLike Ransomware, the system itself may crash due to corruption of infrastructure or applications (system failure).
This makes having a business continuity plan (BCP) that we have been working on for a long time absolutely essential now. Because of DX, the usage area has expanded.Digital technologyTo cover more business processes (larger digital footprints)
Artificial intelligence systems are applied to create automation and the ability to respond to needs in real time. As well as analyzing data to make decisions in various fields, it is necessary to respond to applications that support a large number of workloads during peak periods
In addition, some organizations have their own systems development teams that use modern application development systems, all of which makes modern business systems and modern infrastructure systems extremely complex.
For example, multi-cloud infrastructure is used. Hybrid cloud features a microservices-based working system. There is a Dev (Sec) Ops development process, etc.
Expanding the reach of digital systems opens up attack surfaces for hackers.
With the complexity of the system, if there are problems in both hardware and software, it is difficult to fix them by hacking to find the root cause.
In short, what the organization is facing is
1) Increased risks resulting from cyber threats Greater opportunity to be targeted While the system is complex there are more vulnerabilities to attack, such as the number of digital assets such as customer data Trade secrets, production formulas, etc. are more common with DX.
2) The working system crashes. This may be caused by software bugs, damaged infrastructure (server, storage, network failure).
3) Laws, regulations and practices of more stringent supervision.
Solutions to mitigate such challenges So that the organization has the ability to adapt and can return the system to its normal operations as quickly as possible.
1) There is a system to protect against cyber threats. In addition to appropriate detection and response systems for digital asset risks (protection, detection and response).
2) There is a monitoring system.To know the capabilities in various parts of the organization’s digital system. Potential issues can be identified early, with supporting data ready for the team.
Or even automation to quickly find the root cause and solve system problems is called system Observability The goal is to make our digital system work continuously 24/7 (modern institutions that have grown up digitally do not have the opportunity to operate manually anymore if the system is damaged, such as unbranched banks).
And most importantly 3) The organization itself must have flexible management. (Agile Organization) Create self-reliant teams that can make decisions. (self-sufficient and empowered teams) have leaders who can adapt quickly (adaptable leaders) and have competent people and a supportive organizational culture (talent and culture)
Therefore, in the world of VUCA, the era of BANI where the environment is complex and difficult to deal with. But we should not allow the organization to be disrupted and forced to leave the market without doing anything. I sincerely hope that the above brief information is enough to serve as a starting point for all of you to think further. You can study the details from these two reference documents.
Resilience and Leadership in Uncertain Times: Interview with Splunk CEO. (February 2023). McKinsey Digital.
Maor, D., Park, M., Wedel, B. (2022). Increase your organization’s flexibility [White paper]. McKinsey & Company.
“Reader. Infuriatingly humble coffee enthusiast. Future teen idol. Tv nerd. Explorer. Organizer. Twitter aficionado. Evil music fanatic.”