What DRJ Fall 2025 Revealed

Held at the Gaylord Texan Resort from September 7–10, DRJ Fall 2025 once again proved why it remains the premier gathering for resilience, continuity, and risk professionals. With more than 75 sessions across tracks like crisis response, operational resilience, IT/DR, cyber risk, and third-party governance, the message was clear: resilience is no longer an annual checkbox or one-time framework, it’s a continuous capability.

For CLDigital, it was a privilege to connect with attendees at our booth, share live platform demos, and participate in the larger dialogue around what’s working, and what’s still evolving, in resilience programs today. From our conversations and observations, several key themes stood out that we believe will shape how organizations think about resilience in the months and years ahead.

Below, we unpack the top takeaways from DRJ Fall 2025, along with practical insights you can apply across your program today.

  1. Real Resilience Means Operational Integration

A consistent theme across sessions was the need to embed resilience into daily operations. Organizations can no longer rely on static plans that live in a binder. Speakers emphasized the shift from project-based continuity programs to platform-based, operationalized approaches that integrate with day-to-day workflows, technology, and cross-functional teams.

What You Can Do:
Start mapping where your continuity and resilience strategies intersect with real-time operations from supply chain workflows to IT incident response. Identify where manual handoffs slow down recovery and look for opportunities to unify your data, teams, and triggers.

  1. Third-Party Risk Is Still the Achilles’ Heel

While many organizations have matured their internal continuity and DR planning, the conversation around third-party risk was noticeably more urgent at DRJ Fall 2025. Session after session reinforced the reality that most disruptions now come from beyond the organization’s four walls, be it from cloud providers, payment processors, or critical infrastructure vendors.

Several speakers cited recent examples of major service outages and supply chain breakdowns that exposed gaps in resilience strategies not because companies lacked plans, but because those plans didn’t account for dependency failures outside their control.

What You Can Do:
Reevaluate your supplier ecosystem, not just who your vendors are, but what critical services depend on them. Establish thresholds for tiering third-party risk, and begin simulating what happens if they fail. If you don’t yet have visibility into your vendors’ business continuity plans, it’s time to start the conversation.

  1. Testing and Exercising Are Getting Smarter

One of the most well-attended tracks at DRJ Fall focused on testing and exercising, not just doing it, but doing it meaningfully. Many resilience leaders shared their experiences with moving beyond checkbox tests toward more intelligent, scenario-based simulations that surface hidden dependencies and organizational blind spots.

What You Can Do:
If your organization is still running ad hoc tabletop exercises or using static spreadsheets to manage testing programs, it may be time to modernize. Consider tools that allow you to centralize test planning, track evidence for audit purposes, and drive continuous learning. Bonus points if the system can help simulate third-party failure scenarios.

  1. Executive Buy-In Remains a Bottleneck

A recurring challenge raised across sessions: even mature continuity and risk teams still struggle to maintain executive engagement. Several speakers emphasized that leadership attention tends to spike after a disruption or during regulatory deadlines, only to fade once the pressure lifts.

Resilience leaders are now reframing their messaging to position resilience as a business enabler, not just a risk mitigator. This includes tying continuity efforts to performance, uptime, customer satisfaction, and strategic outcomes.

What You Can Do:
Revisit how you report on resilience at the board level. Focus on metrics that connect to business performance: service availability, time-to-recovery, impact avoidance, and compliance status. CLDigital 360 customers, for example, are using dynamic dashboards to visualize resilience across the enterprise in real time, bridging the gap between risk and leadership.

  1. Regulatory Pressure Is Shifting From Planning to Proof

DORA, NIST CSF 2.0, and sector-specific guidance were top of mind at DRJ Fall. But what’s changing in 2025 is the nature of compliance. It’s no longer enough to have a framework on paper. Regulators are looking for evidence: real-time capabilities, test results, interdependency mapping, and scenario-based risk impact.

What You Can Do:
Conduct a self-assessment against your sector’s latest regulatory guidance. Document where you’re automating versus relying on static processes. Tools like CLDigital 360 can help maintain a live Register of Information, automate submission-ready reports, and provide defensible evidence of operational resilience.

  1. Cross-Functional Collaboration Is the Path Forward

Perhaps the most energizing theme of DRJ Fall 2025: resilience is becoming a shared responsibility. From IT to procurement, HR to legal, every function has a role in sustaining operations. The most resilient organizations are the ones that break down silos, centralize visibility, and empower teams with connected systems and shared language.

What You Can Do:
Audit how many systems your teams use to manage resilience today. If crisis response lives in one tool, third-party risk in another, and testing in a spreadsheet, you’ve got an opportunity to consolidate. A unified platform can turn isolated actions into coordinated resilience.

From Insight to Action

DRJ Fall 2025 reinforced what we at CLDigital already believe: resilience isn’t just about having a plan, t’s about having a platform. One that connects your teams, automates the hard stuff, and evolves with your business.

Whether you stopped by our booth, joined a session, or followed along virtually, we’re grateful to be part of this growing and essential community. And if you didn’t make it this time, it’s not too late to catch up.

Let’s Continue the Conversation

Book a one-on-one session to see how CLDigital 360 supports your resilience journey today, and into whatever comes next.

By David Mack, SVP of Business Development, Americas