Disaster Recovery Journal Spring 2026

Is Cyber Resilience Integrated into Organizational Resilience?

By JASON BUFFINGTON

E DITOR’S NOTE: 502 resilience leaders and professionals were surveyed during the summer of 2025 on a variety of topics related to organizational resilience. Each of the survey respondents had primary responsibility in either business continuity (BC), disaster recovery (DR), crisis man agement (CM) or information security (IS). www

This is second of three articles from this year’s organizational resilience research and covers the knowledge and collabora tion gaps between those responsible for BC, CM, DR and those responsible for information security – and the impacts that has on an organization’s cyber resilience. One of the most insightful ways to understand how functional leaders across four different disciplines might affect their organization’s comprehensive organiza

tional strategy of resilience is by leverag ing the “RACI” model: n Responsible (R): Those who do the work (can be multiple Rs) n Accountable (A): The person ultimately answerable for the outcome or sign-off n Consulted (C): Those engaged for their expertise or as stakeholders n Informed (I): Those who don’t provide input but should remain aware of status

20 DISASTER RECOVERY JOURNAL | SPRING 2026