Organizations in the US, UK, and Germany are unprepared for large-scale digital disruption, and it’s not technology gaps that are causing the problems.
A new Economist Impact study supported by Telstra International has found that only one-in-four organisations respond effectively to real disruption events, with the main reasons being weak governance, limited coordination, and poor visibility beyond organizational boundaries.
“What stands out in this research is not a lack of intent, but a gap between ambition and execution,” said Roary Stasko, CEO of Telstra International.
“Many organizations believe they are prepared, yet disruption continues to expose weaknesses in governance, coordination, and decision‑making, particularly beyond their own walls.”
Just 25% of organizations said their responses to digital disruption largely go to plan, while only 21% have a dedicated team responsible for delivering digital resilience initiatives.
And while they said they’re making progress in modernizing systems and strengthening cybersecurity policy, the research shows digital resilience breaking down once disruption spreads beyond enterprise suppliers, partners, and critical infrastructure.
Most organizations have formal risk management frameworks, but these are focused mainly on cyber and IT risks, with only limited attention to regulatory, supplier, geopolitical, and climate risks, and only sporadic monitoring.
Only around one-in-five executives in the US and the UK were confident about cross-sector collaboration with suppliers and partners during disruption events.
“In a highly connected digital economy, digital resilience can’t be built in silos,” said Stasko. “It has to be owned at the top, tested across ecosystems, and treated as a core business capability.”
Organizations are a bit more positive when it comes to internal foundations such as cybersecurity planning and regulatory frameworks: Germany leads on policy confidence (70%), while the US (54%) and UK (51%) show solid but lower levels.
But while they may be hot on planning, execution often falls short. Just 27% said that their digital resilience plans and strategies are reviewed regularly by boards. And only 38% said those discussions led to follow-up action. Monitoring is also shaky, with more than half of organizations tracking digital risks infrequently or on an ad hoc basis. Just 8% track more frequently than once a quarter.
Meanwhile, legacy technology’s also a problem: around 60% of US and UK organizations, and 54% in Germany, say it still forms a significant part of their operations, making it harder to design digital resilience into systems from the outset.
But there are differences across sectors, with 36% of both financial services and IT & technology organizations saying they’ve modernized most or all of their core systems. The figure’s just 12% in the public sector and 19% among industrial organizations, where deeper legacy dependence and rigid investment models continue to slow progress.
The researchers also point to a growing blind spot around physical infrastructure and environmental risk, with recent large-scale outages caused by extreme weather events demonstrating the vulnerability of communications networks and digital services. However, just 14% of organisations integrate climate-related risks into digital resilience planning.
“One of the strongest signals from the research is that failed responses to disruption are most often driven by poor scenario planning. That insight highlights the need for ongoing planning, testing, and adaptation across connected ecosystems,” said Stasko.
“When scenario planning is shared across the organization, it benefits from diverse expertise and informed human judgement, not just technical strength. While robust technology is critical, the report shows it delivers real value only when matched by cultural readiness – an area where many organizations still have work to do.”
TOPICS
