By Tejas Katwala, CEO of CLDigital
In today’s era of exponential risk, one thing has become abundantly clear: crisis management is no longer a single-team, single-scenario response function. At CLDigital, we’ve had a front-row seat to how our clients—particularly those in manufacturing, logistics, and global operations—have been forced to rethink how they manage and govern crises in an increasingly complex, always-on world.
Crisis management has changed. And it’s time your program changed with it.
More Than Just Cyber: Understanding the Full Crisis Spectrum
Cybersecurity gets a lot of attention in boardrooms—and rightly so. But according to Gartner and Info-Tech research, cyberattacks account for just 28% of the crises that hit organizations. The other 72%? They include natural disasters, third-party failures, health emergencies, operational disruptions, and reputational incidents.
Yet many crisis management teams remain narrowly focused on technology or cyber-specific events. That siloed approach often leaves organizations flat-footed when the next crisis isn’t a ransomware attack, but a logistics shutdown or factory line failure.
The Common Thread: Business Impact
What binds all crisis types together is their impact on the business. Whether it’s a ransomware attack, a supply chain disruption, or a labor-related issue, the ultimate effect is the same: operational breakdown, reputational damage, and lost revenue.
For example, the July 2024 CrowdStrike update gone awry, which inadvertently disabled countless Windows systems globally—including those in healthcare and manufacturing—wasn’t a breach, but it had the same disruptive consequences as a major cyberattack. Airlines grounded flights, hospital systems lost access to patient records, and production lines were forced offline. The downtime lasted anywhere from several hours to multiple days depending on the organization, and early industry estimates suggested the event caused upwards of $8 billion in direct and indirect financial losses. The reputational impact was equally sharp, as trust in software updates and supply chain resilience was shaken across sectors.
Similarly, the Colonial Pipeline ransomware event shut down fuel distribution across the Eastern U.S. for six days, leading to widespread panic buying, operational shutdowns at gas stations, and massive logistical delays. The company paid a $4.4 million ransom, but the broader economic impact was estimated to exceed $15 billion. Regulatory scrutiny and reputational damage followed, triggering changes in how critical infrastructure approaches cyber and crisis planning. Beyond the millions paid in ransom, the reputational and regulatory consequences served as a wake-up call for infrastructure-dependent industries. In both cases, organizations were reminded that the financial and reputational impact of crisis events often outweighs the technical root cause.
These examples underscore the need to think beyond the cause and focus on the consequence. Crisis events—regardless of origin—are enterprise events. That’s why we advocate for a transformation in how crisis management is structured and practiced: not as isolated playbooks for different domains, but as an integrated response capability tied directly to business services and continuity.
It’s no longer sufficient to prepare for isolated incidents. Organizations must be ready to respond to multi-dimensional, concurrent threats—ones that span departments, geographies, and digital-physical boundaries.
Why Traditional Organizational Models Are Breaking
To support a modern, intelligence-driven approach to crisis response, the question of where crisis management reports within the corporate structure becomes increasingly critical. Historically, crisis management has often lived in one of two places:
- Security or Cyber Teams – Especially where cyber risk is high, the crisis team reports into the CISO or corporate security.
- IT or Infrastructure – Originating from disaster recovery or continuity planning, especially where tech disruptions are common.
Both have merit. But both are limited.
Forward-thinking organizations are now repositioning crisis management under a cross-functional governance structure—often led by a Chief Operating Officer, Chief Risk Officer, or a dedicated Head of Resilience.
The goal is to give the crisis function both strategic reach and operational teeth. The most effective and resilient companies we work with today are moving toward a hybrid, cross-functional model—one that brings together leaders from cybersecurity, IT, business continuity, legal, risk, and communications under a unified Crisis Management Office or Center of Excellence.
Placing it under the COO or as a standalone function reporting into the CEO or a Crisis/Resilience Steering Committee ensures it has enterprise visibility, executive sponsorship, and the authority to coordinate across silos. This shift supports faster escalation, unified communication, and alignment to board-level priorities.
This model aligns with international standards such as ISO 22361 (crisis management), ISO 22301 (business continuity), and NIST frameworks for incident response, alongside the best practices we implement via CLDigital 360. It ensures role clarity, tiered response coordination (strategic, tactical, operational), and integrated workflows across BC/DR, incident response, and stakeholder communications.
Crisis Management in the Context of Technology Disruption
When we talk about crisis management at CLDigital, we’re often specifically focused on events with a technology disruption at their core—cyberattacks, third-party SaaS failure, infrastructure outages, or a loss of operational data.
We’ve worked closely with Gartner and Info-Tech to align our platform to what the C-suite needs most: visibility into dependencies between technology, people, and business services; integrated communication flows; and AI-powered situational awareness. This empowers executives to make faster, better-informed decisions in moments of disruption—understanding not just what’s failing, but how that failure cascades across business services, compliance obligations, and customer experience. By providing this level of clarity and insight, our platform enables leadership teams to shift from reactive firefighting to proactive command, reinforcing trust with boards, regulators, and the public.
The workflows we embed in CLDigital 360 mirror globally recognized best practices and standards—such as ISO 22361 for crisis management, ISO 27035 for incident response, and NIST’s Computer Security Incident Handling Guide. These standards guide everything from early detection and situational assessment to crisis communications, command center activation, coordinated recovery, and lessons learned. By aligning our platform with these frameworks, we ensure organizations can operationalize structured, tested, and scalable approaches to managing technology-driven crises.
An Integrated Crisis Intelligence Approach
Rather than remain solely a method for organizing rapid response to interruptions, we believe crisis management must evolve into an intelligence-driven, integrated ecosystem. We ought to focus on five core principles as part of our programs:
- Understand the signals of disruption—whether from internal systems, suppliers, or external threat vectors.
- Diagnose with real-time insights and granular situational awareness.
- Learn from past events to create a culture of resilience.
- Innovate by connecting the dots across risk, operations, and technology.
- Optimize crisis response through smarter workflows and readiness planning.
This is not just about technology—it’s about enabling better decisions and enduring success. Our goal is to help organizations connect crisis insights to business performance outcomes, creating a feedback loop of continuous improvement.
A Question to Consider
During your own internal conversations about crisis management, how often do you frame the discussion around cyber versus broader technology resilience? And if a factory went down tomorrow—not from malware, but from a third-party systems failure—would your current model respond with the same speed and coordination?
We believe modern crisis management must bridge cyber, IT, business continuity, and operational resilience.
The Time to Transform Is Now
At CLDigital, we’ve helped leading manufacturers, financial institutions, and healthcare systems rewire their crisis models—not just to defend against the next cyber threat, but to prepare for the next anything.
And if you’re ready to lead the way in building a future-ready crisis response capability, we’re here to help.
Tejas Katwala is the CEO of CLDigital, a no-code enterprise platform for risk, resilience, and operational performance. CLDigital partners with Gartner, Info-Tech, and global clients to deliver smarter, faster, more integrated crisis management solutions.
