4 days ago
Three Digital-First Steps To Strengthen Business Resilience
Rob Lydic is president of Wavelynx, a provider of interoperable and secure access control solutions.
The global workplace appears to be at a critical turning point, as seen by the staggering decline in employee engagement since the pandemic. As Gallup experts highlight in the latest State of the Global Workplace report (download), employee engagement fell from 23% to 21% between 2023 and 2024, matching the two-point drop companies observed during the Covid-19 lockdowns.
This has led business leaders in all industries to rethink their workforce strategies, with some urging employees to return to the office to help remedy the issue. But there's a downside to return-to-office (RTO) mandates: Forcing employees to return full time may reduce their remote readiness during unexpected events. Some may lose the confidence and best practices gained over the past few years that once made remote work successful.
This tension between engagement and preparedness points to a deeper issue: business resilience. As RTO mandates, remote work and hybrid working models collide, companies must focus on their ability to adapt, continue operations and stay secure in the face of constant change.
One way businesses can strengthen resilience is with digital-first security strategies and technology. If that's your focus, consider the following three building blocks:
Protecting data and assets is a core part of any organization's physical security strategy, and it's just as essential to long-term business resilience. As companies adjust to changing attendance patterns brought on by hybrid work, modern access control systems can provide one line of defense.
Traditional physical key fobs or cards can be easily cloned, lost or stolen. I've also heard from clients that older systems are costly to repair, upgrade and maintain.
For leaders focused on making hybrid work sustainable, investing in smarter access control technologies can lower costs and bolster security and control. Here are a few worth considering:
• Smart cards with RFID or NFC technology have "an embedded integrated chip that acts as a security token." These physical cards can store encryption keys and digital certificates and exchange data with card readers and other systems. They can also help managers track time and attendance, but most importantly, they're designed to be tamper-resistant. Compared to traditional key cards, smart cards provide secure and auditable security and can help leaders better understand the daily running of the business.
• Biometric authentication is a security method that relies on the unique biological characteristics of employees to verify their identity. This security process is usually more secure than traditional forms of multifactor authentication because the markers used are difficult to replicate.
• Mobile wallet credentials let employees, tenants and guests use their smartphone, smartwatch or other digital device to unlock doors, operate elevators, access parking garages, open lockers and even print documents. Mobile access mitigates risk through built-in multifactor authentication with digital IDs that can be instantly deployed, issued, managed and revoked. This security method is effective because people generally know when their phone is missing. When a phone acts as the badge, it can instantly be disabled if it's lost or misplaced.
With more people working remotely and businesses relying heavily on cloud tools to support hybrid work models, traditional perimeter-based security models are no longer enough. At the same time, cyberattacks and data breaches are on the rise.
As a result, many companies are adopting a zero-trust approach to their security strategy, which is "a proactive IT security framework that emphasizes strict identity verification for any person or device attempting to access resources on a private network—regardless of whether they are inside or outside the network perimeter."
The urgency to adopt this is real. According to IBM and Ponemon Institute, the average cost of a data breach rose by 10% to $4.9 million from 2023 to 2024. These events are now as regular as rush hour traffic; they're disruptive, inevitable and hard to ignore.
By operating under the principle that no user, device or system should be automatically trusted, and emphasizing constant authentication, companies can better safeguard assets, manage risks and protect sensitive data.
The hard truth many companies realize at one point or another is that without employee buy-in and consistent follow-through on new security practices or technologies, even the best resilience strategies can fall apart. In my own experience helping clients upgrade their security strategies, I've seen how change management creates smoother transitions. Whether teams are rolling out new tools, updating processes or adapting to shifting business risks, success is achieved by how well employees are guided through the process.
One approach I follow is the Prosci awareness, desire, knowledge, ability and reinforcement model (ADKAR), which provides a step-by-step process for managing the people side of change. The ADKAR model has been a go-to of mine when looking at navigating changes, and I've used it both personally and professionally to gain buy-in and guide teams through transformations.
This model focuses on fostering awareness, building desire for change, providing knowledge, developing new skills to support change and reinforcing behaviors for lasting success. The individual five pieces of ADKAR can even be tailored to guide employees through new security practices or technological upgrades, drawing on the proven model.
Strengthening resilience isn't only about closing security holes—it's about helping your workforce stay flexible and responsive when the unexpected hits. When leaders build modern security tools and strategies into their resilience plans, they're giving their people a real advantage by preparing them to handle disruptions of any kind, from natural disasters to cyberattacks.
As companies refresh their infrastructure, updating security frameworks can lead to smoother operations and cost savings. Organizations that fail to adapt risk falling behind in both resilience and efficiency, exposing themselves to unnecessary vulnerabilities and administrative burdens.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
