When our digital products and services don’t work or aren’t available to those who need them, unintended consequences occur. In this post, we explore what digital resilience is, why you should care, and how to incorporate it into your own organization. 

At Mightybytes, our clients’ most common challenges typically relate to three things:

1. Resources: They don’t have the technology, infrastructure, budgets, or other resources necessary to sustainably transform their organization in the digital age.
2. Capacity: Overworked teams don’t have the people power to implement good processes that will support this transformation over time. 
3. Knowledge: Teams struggle to keep up with always-changing “best practices” in an ever-evolving technological landscape.

These challenges take many forms within their organizations. On a day to day basis, perhaps they can’t effectively manage their marketing, communications, or website. Longer term, however, bigger problems arise:

• Security Risks: Neglected digital products and services become outdated, leading to potential security breaches—like a website hack—that put important stakeholder data at risk. 
• Access to Information: Teams that can’t effectively manage their digital products or services are unlikely to prioritize accessibility, uptime, user experience, or other strategies that provide instant access to key information. 
• Technical Debt: Over time, technical debt slows down products, making them unresponsive or unpredictable, undermining users’ ability to accomplish tasks. 

Left unchecked, these issues cost organizations time, money, and resources. In extreme cases, exorbitant fines or lawsuits happen. 

Does this sound familiar? Let’s explore how impactful digital resilience strategies can help you address these issues. 

What is Digital Resilience?

As the pace and frequency of disruption continues to increase, digital technologies will constitute a critical element of business continuity and organizational resilience to sudden external shocks. Digital transformation is only as good as the ideas that drive it.

— Tomoko Yokoi, Focused on Digital Resilience in 2021, Forbes

Put simply, digital resilience requires that digital products and services function in the times and places where people need them most. It is one of six core digital sustainability principles outlined in the Sustainable Web Manifesto. Digital resilience also aligns with Corporate Digital Responsibility (CDR) principles and is a key component to an effective long-term climate strategy. 

While the idea of maintaining long-term viability is pretty straightforward, in practice, digital resilience is more complex. Resilient physical systems can adapt and evolve to any number of changing circumstances. For example, according to the Stockholm Resilience Center, resilient social and ecological systems are based on seven principles:

1. Maintaining diversity and redundancy
2. Managing connectivity
3. Managing slow variables and feedback
4. Fostering complex, adaptive systems thinking
5. Encouraging learning
6. Expanding participation
7. Promoting polycentric governance

Similarly, resilient digital infrastructure requires policies and procedures that address VUCA—volatility, uncertainty, complexity, ambiguity—as an organization grows and evolves.

Nurturing Resilient Digital Systems

Key components of resilient digital systems include:

• Cybersecurity
• Data privacy
• Accessibility
• Governance
• Performance and efficiency
• Communications and capacity building
• And so on…

Digital resilience has also become increasingly important as organizations started conducting the majority of their business online during the COVID-19 pandemic.

To ensure business continuity, resilient organizations prioritize the availability of not only the digital products and services they create, but also those in their digital supply chains—hardware, software, third-party software-as-a-service (SaaS) products, agency partnerships, vendors, suppliers, and so on. 

Most importantly, good governance practices drive resilient organizations. Given the level of risk and far-reaching potential consequences, this is not surprising. 

Assessing Risk

Global leaders identified cyber risk as a major digital challenge, with 64% of respondents expecting they will experience a disruptive event within the next year. Nearly one in five (19.5%) respondents believe cybersecurity failures will be a critical threat to the world in just the next two years, and 14.6% project a critical threat within two to five years.

— World Economic Forum, Digital Resilience: Building the Economies of Tomorrow on a Foundation of Cybersecurity

As big businesses and government agencies increase security measures to address a rapidly rising number of cybersecurity threats, smaller organizations become new targets. Many are unprepared for these attacks or the problems that arise from them. 

For instance, nobody wants a hacked website. Yet, according to the HTTP Archive—which monitors and measures how the web is built—nearly 60% of web pages contain at least one JavaScript library with known security vulnerabilities. That’s significant. 

While cybersecurity typically falls under the purview of IT teams, marketing teams often make website-related decisions. This can potentially leave an organization vulnerable. Because digital is so ubiquitous across any given organization, we recommend auditing the entire spectrum of digital tools you use, from marketing and communications to finance and operations. More on that below.

Access to Information

Whether they’re trying to find time-sensitive information for emergency services or simply just researching your organization, people need fast and easy access to information. This is core to successful digital resilience. 

Consider the following when prioritizing information access:

• People with Disabilities: Assistive technologies require specific considerations within your digital products and services. Use these to create more meaningful experiences for people with disabilities.
• Low Bandwidth: Create a speedy, optimized experience for users on older devices or in rural areas. Not everyone has the latest smartphone or access to broadband connectivity. 
• Mobile First: Prioritize a meaningful mobile experience in your design process. Remember, the majority of web traffic comes from mobile devices.
• Web Hosting: Finally, product downtime can occasionally be attributed to hosting issues. When choosing a hosting provider, be sure to review things like security policies, uptime, customer service availability, and so on.

Prioritizing access to information throughout a digital product’s life cycle—as opposed to exclusively during project planning for a redesign—will improve digital resilience.  

Addressing Technical Debt

Over time, digital products can accrue technical debt. This causes slow load times, site crashes, and poor or unexpected performance. For instance, perhaps a product team tries features, plugins, frameworks, page builders, or other tools on the company website, only to abandon them for various reasons later on. Residual code may still exist on pages even though it’s not readily apparent to users. 

Worse, perhaps a team adopts agile processes in the name of moving quickly but neglects to refactor code as a product moves from sprint to sprint. Over time, the product becomes slow and difficult to use. 

Technical debt has significant usability implications. Poor-performing products frustrate users and increase churn. Plus, slow, bloated products are energy hogs, which impacts sustainability as well. All of this affects digital resilience. 

Seven Strategies to Improve Your Organization’s Digital Resilience

These seven tactics can help you reduce risk, improve capacity, and make your organization more resilient overall.

1. Run a Risk Assessment

As the world works to reduce the consumption of fossil-based materials, companies that are less dependent on fossil-based resources are shielded from risks posed by regulatory and inflationary challenges.

— Marcial Vargas-Gonzalez, Embracing Planetary Boundaries is the Secret to Business Success, Triple Pundit

First, audit the digital components of your organization to learn which are most at risk. Identify those most vulnerable to misuse or neglect. Collaborate with internal and, if applicable, external stakeholders to perform this assessment. 

Include the following in any risk assessment or audit you undertake:

• Maintenance: Scheduled maintenance and security updates to products and services
• Uptime: Hosting and third-party service uptime or known data breaches
• Security: SSL certificates, Content Security Policies (CSP), Privacy Shield, and related security measures
• Policy Reviews: Annual security and data privacy policy reviews
• Password Management: Scheduled password resets and user review
• Third Party Services: Third-party Terms of Service and data collection reviews

To ensure that your risk analysis doesn’t end up on a shelf, make it actionable. Collaborate on solutions, assign tasks to team members, and schedule regular check-ins to monitor progress.

2. Create a Code of Ethics 

Next, center your digital resilience strategy in a clear set of responsible guidelines that internal and external stakeholders can get behind. The risk analysis process will probably reveal organizational weaknesses and a chance to improve your policies and practices. Use this opportunity to create (or update) your Code of Ethics. Be sure to include digital-specific elements in the document. 

Publish the code on your website or in another publicly available location. Onboard your team and other stakeholders to improve adoption. Better yet, collaborate with them to co-create the guidelines.

Coming up short? Feel free to copy our Code of Ethics or craft your own based on the seven core CDR principles.

3. Shift from Project to Product Models 

Digital products are never “done”. Organizations that don’t appropriately resource their digital products and services over time often pay a steep price. Here are some practices to consider:

• Product Maintenance: Set up a regular maintenance program to reduce security risks and keep software, plug-ins, and other product elements up-to-date. 
• Product Management: Good product management practices can keep you from contributing to software bloat and building features that no one will use. 
• Ditch the RFPs: Product mindsets require organizations to think differently about how they resource and fund digital product development. To this end, RFPs are problematic for so many reasons. For better business continuity (and cost savings), build long-term partnerships instead.
• Prioritize (and Re-prioritize): With that being said, digital products still need to adhere to an organization’s budget. Good feature prioritization practices can help you keep digital product budgets on track while also helping you plan for the long-term.

Finally, good sustainable web design practices can go a long way to improve product performance. However, all the best practices in the world won’t fix a product that’s neglected over time. Prioritize the strategies above to improve digital resilience. 

4. Build a Knowledge Base

Technology is complicated. It changes regularly. So do team members. Organizations waste huge amounts of time and resources training (and retraining) teams on common digital practices. This undermines digital resilience.

Address team transitions and evolving processes by investing in online training and documentation for key digital practices and processes. This will help you improve employee onboarding. It will also give your team quick access to information that helps them more effectively do their jobs. In turn, this will help your team maintain and manage more resilient practices. 

To prioritize resilience, make sure any solution includes:  

• Accessibility: Key stakeholders should have instant access to the information they need to be successful. 
• Transparency: Communicate openly and honestly about the resilience challenges your organization faces and how training and skills-building contributes to long-term success.
• Accountability: Provide benchmarking and topic reviews for users so they can track progress over time.
• Findability: Include robust search features and taxonomy to intuitively categorize information in the database.

Appoint someone as Keeper of the Knowledge Base. Make sure they have the tools, time, and resources necessary to effectively manage and maintain the solution you devise. 

5. Prioritize Security, Accessibility, and Data Privacy

Improved resilience is a natural side effect of placing a high priority on data privacy, secure technology, and open access to information. Not only will you boost digital product and service availability, you’ll also comply with current and emerging digital accessibility and data privacy legislation. 

New data privacy legislation is being introduced in countries around the world. Several U.S. states have already passed data privacy and protection laws with more to follow. Why not stay ahead of the curve? Given the widespread proliferation of cybersecurity risks, there is no downside to prioritizing these things within your organization.

Be sure to include the following in your organization’s data privacy and security efforts: 

• SSL: Get a security certificate to verify server and website identity and ensure all product data is securely encrypted.
• CSP: Add a Content Security Policy (CSP) to your site to protect from vulnerabilities inherent to cross-site scripting (XSS).
• WCAG: Use the Web Content Accessibility Guidelines (WCAG) to improve access to information across your pages.
• Data Disposal: Devise a clear data disposal strategy to ensure that your database remains lean and clean and you’re not holding onto data that users have asked you to delete (which could be illegal under the privacy laws mentioned herein). This is a key part of designing a more sustainable data strategy overall.
• Opt-In: Always let users opt-in, not out. This is less about resilience and more about respecting people’s right to privacy. However, it’s a related topic, so we’re including it here.   

6. Create Strategic Partnerships

We have learned much more from Mightybytes than we would expect from a conventional vendor. The company challenges us to think differently about what actions we want our supporters to take, how we raise money, and what our relationships with the for-profit sector could and should become.

— Joel Brammeier, President and CEO, Alliance for the Great Lakes

Next, most organizations are consistently pressed for time. They must do a lot with a little. Strategic partnerships can help you fill gaps in capacity, knowledge, and resources. Align yourself with reliable partners who share your values. Build relationships with ethical, like-minded organizations that complement your strengths (and weaknesses). 

Plus, good partnerships grounded in trust and mutual respect can help you more easily create shared value and help each other make a measurable difference.

7. Develop an Innovation Practice

Finally, innovation breeds resilience. Organizations that consistently nurture human-centered design and innovation practices within their various departments and teams tend to be measurably more effective in managing digital disruption. 

Do these things to foster innovation within your organization: 

• Problem-Framing: Run regular problem-framing workshops to help your teams fully understand problems the organization faces. Run your own with this free problem-framing template. 
• Design Sprints: This intense multi-day deep-dive grounded in design thinking helps teams prototype and test potential solutions to a specific problem. For more information, read about how a design sprint helped the Alliance for the Great Lakes improve one of their digital products.
• Customer Journey Mapping: Finally, use customer journey mapping to help you better understand how customers feel when they interact with your team, your products, and your services and programs. To better understand your business ecosystem, try this stakeholder mapping workshop.

These are just a few examples of things you can do to foster better innovation within your organization. Building an innovation practice is challenging. It means accepting failure, embracing the unknown, asking people to get out of their comfort zones, and playing the long game—all things that organizations in today’s business world are historically not very good at. 

However, if you can maintain the commitment over time, your rewards will be happier stakeholders, better products and services, and a more resilient organization overall. 

Building Digital Resilience: Next Steps

While governments and international institutions are looking for solutions to support companies, workers and communities, firms need to identify new business models, rethinking their human resources policies and even repositioning themselves in the new digital ecosystem. On the other hand, current global developments have shown, once more, that sustainability must remain the key driver of development in the transition towards sustainable consumption and production (SCP) based on all stakeholders engagement including governments, educators, the private sector and each and every consumer.

— Digital Resilience and Economic Intelligence in the Post-Pandemic Era, Journal of Theoretical and Applied Electronic Commerce Research

Hopefully, the information in this post will help you identify potential areas for improvement in your organization’s own digital ecosystem. As technology evolves (quickly!) and wicked problems like the climate crisis and widespread social injustice become more disruptive to people and the planet, issues like those described above will only get more complicated and challenging. 

Incorporating sustainable development principles into the DNA of your organization—including its digital products and services—will help you better support stakeholders and improve resilience.

Every long-term commitment starts with a single step toward change. Which one might you take today? Of course, if you have additional questions or want to discuss any of the points outlined above, you are always welcome to contact us directly. Thanks for reading.