By Chris Inglis,Senior Contributor,Tony Bradley

Copyright forbes

True cyber resilience means operating through disruption—blending strategy, psychology and AI-ready defenses to withstand any crisis.

Resilience gets a lot of airtime, but when you peel back the layers, most organizations still prepare for recovery, not continuity.

That difference is subtle until disaster strikes. If your Active Directory or Single Sign-On is encrypted, a “recovery-first” plan leaves teams unable to access even their own crisis playbooks. Real resilience starts from the premise that operations must continue while systems are being restored.

The first place to test this shift is communications. Too many organizations rely exclusively on identity-dependent platforms like Teams, Slack, or email for crisis coordination. Those will be the first to fall if identity is compromised. Out-of-band communication systems—whether a secure, pre-staged chat outside SSO, a hardened bridge line, or even an old-fashioned phone tree—are the backbone of resilience. Teams should practice switching to them under pressure.

Tabletop exercises also need a reality check. Many are polished, safe and overly linear—good for box-checking but bad for preparing leaders for chaos. True resilience exercises must introduce friction. “A tabletop should have consideration to what might go wrong,” noted Mickey Bresman, CEO of Semperis. “If I’m just doing a PowerPoint presentation without really asking and question of what can go wrong, then we will go smoothly through the tabletop, but it will not drive the actual result of what we want: to be prepared for things that are not going in a smooth way.”

Identity and AI as the New Front Line

Identity has become the most critical attack surface. While human accounts are often fortified with multifactor authentication and training, the invisible scaffolding of nonhuman identities—service accounts, workloads, bots and increasingly AI agents—remains vulnerable. These accounts frequently have higher privileges, don’t expire and in many cases have no clear owner.

Bresman emphasized that this is not a new problem, but one we’ve ignored for too long. “The service accounts issue that most companies have is something that has been around since probably the day that AD was introduced,” he explained. He emphasized that the issue has grown, and that it is getting significantly more attention now because agentic AI is amplifying what happens when you have those machine identities.

MORE FOR YOU

Resilience here requires more than cleanup—it demands a living inventory of nonhuman identities, ownership assignments, safe credential rotation and monitoring of behavioral anomalies. A service account performing an interactive login should trigger alarms instantly.

AI makes the challenge sharper. Agentic AI, capable of reasoning, decision-making and taking action, can accelerate productivity but also collapses old assumptions about who touched what and when. Guardrails need to run at machine speed: machine-readable policies, real-time enforcement and explainable logging. Bots must be equipped to watch, judge and even block other bots.

The HIP 2025 Lens

HIP 2025 brings these challenges into sharp relief. The Semperis Hybrid Identity Conference takes place in Charleston, South Carolina, October 7-9. Operation Blindspot, one of the headline activities, is an immersive cyber crisis simulation designed to test response under live-fire conditions. Blue Teams must detect and contain attacks in real time while Red Teams exploit weaknesses and sow chaos. Unlike a slide-deck exercise, Operation Blindspot delivers the kind of high-pressure environment where seconds matter and decisions have lasting impact.

Another major session, “The Evolving Battlefield: Cyber Resilience in the Age of Innovation,” will be delivered by Chris Inglis, the country’s first national cyber director and former deputy director of the NSA. Inglis brings decades of experience at the highest levels of defense and intelligence, including his leadership in developing President Biden’s National Cybersecurity Strategy. His keynote will broaden the focus to systemic risks: fragile supply chains, fragmented regulation and the cascading disruptions created by technological change, nationalism and climate instability. Inglis argues that resilience can no longer be treated as a purely defensive posture—it must be integrated into innovation itself.

The conference also features thought leadership that reframes resilience as both a technical and human challenge. Dr. Mary Aiken’s keynote, “Mind Over Machine,” examines the psychology of hybrid identity environments. Her research shows how attackers exploit human bias, decision fatigue and fragile trust in authentication workflows. In an era of AI-powered phishing and hyper-personalized social engineering, understanding these dynamics is critical. Resilient systems must be designed not just for technical robustness but for psychological resilience as well.

Jen Easterly’s fireside chat offers a complementary perspective. Drawing on her experience as director of CISA, Easterly will reflect on the toughest challenges of her career, the importance of conveying resilience to non-technical leaders, and how to sustain motivation in what often feels like an endless fight. She will also explore the role of AI in both offense and defense, reinforcing the idea that resilience requires anticipation of threats before they materialize.

Together, these sessions underline why resilience is no longer just an IT problem—it’s an enterprise-wide mandate, shaped by psychology, leadership, innovation and systems-level strategy.

Operating Through Impact

So where should organizations begin? The playbook is straightforward but rarely followed: test out-of-band communications, run live-fire tabletops with injected failures, build a nonhuman identity register and gate AI agent activity behind policy-aware controls. None of this is glamorous, but it is the scaffolding that allows the business to keep breathing while engineers rebuild.

HIP 2025 offers a timely reminder that resilience is no longer theoretical—it is practical, human and urgent. The difference between recovery and resilience is the difference between silence and continuity in the middle of a breach.

Editorial StandardsReprints & Permissions