One question often comes up whenever resilience is discussed in boardrooms. This all sounds important — but where do companies actually start?
The good news is that building resilience does not always begin with billion-peso investments or complicated frameworks. In many cases, it starts with asking better questions. For example, which parts of our business are most vulnerable to disruption? Which facilities flood repeatedly? Which suppliers are concentrated in high-risk areas? Which operations are heavily dependent on water, power stability, or logistics access? Which business interruptions could materially affect revenues or customer trust?
Many organizations still do not have a complete picture of their own exposure. And that is usually the first step: visibility. Companies should begin mapping their critical assets and operations against major risks such as flooding, extreme heat, water stress, typhoons, cyber threats, and supply chain disruption. Not as a compliance exercise. But as a management tool.
The second step is governance. Resilience cannot remain confined to sustainability teams alone. Boards and senior leadership teams are increasingly discussing resilience alongside strategy, risk, capital allocation, and long-term growth. Best practice shows some companies require resilience assessments before approving major projects or investments. That may sound ambitious, but the principle is simple: if an asset is expected to operate for 20 or 30 years, future disruption risks should already be part of today’s investment decisions.
Third, companies should look closely at supply chains. Events such as the pandemic and war taught businesses an important lesson, that efficiency without redundancy can create fragility. Many firms optimized aggressively for cost and speed, only to discover that a single disruption could halt operations entirely. Resilient organizations often build alternatives such as multiple suppliers, backup systems, redundant power, alternative logistics routes, and stronger digital capabilities. Not because these are always cheaper —but because they make business more durable.
Fourth, resilience should be measurable. What gets measured gets managed. Companies can track practical indicators such as:
weather-related downtime,
recovery time after disruptions,
supplier concentration risks,
water security,
operational interruptions,
insurance claims,
and resilience-related investments.
Over time, these metrics become just as important as traditional operational KPIs.
And finally, companies should recognize that resilience is not only defensive. There are opportunities emerging as well. Businesses that can help others adapt — through resilient infrastructure, energy reliability, water solutions, digital intelligence, financial solutions, or smarter logistics — may find entirely new growth areas opening up. In many ways, resilience is becoming both a protection strategy and a business strategy.
And perhaps the most important thing companies can do today is simply to begin. Not perfectly. Not all at once. But deliberately. Because resilience is no longer only about preparing for emergencies. It is about building organizations capable of continuing to grow, serve, and create value in a world where disruption is increasingly becoming part of normal business life.