Survival of the most (cyber) resilient

By 2045, more than 70% of the world’s population will live in urban areas, giving cities a level of power and importance unrivaled in all of human history. But its leaders must also face new challenges that once were just the domain of the nation state, including unemployment and gentrification, climate change, terrorism, and the impact of rapid digitization.

Because cities wish to thrive, rather than merely survive, many are turning to technology for help. “Smart cities” which make use of Internet of Things, big data and cloud computing, are an increasing reality. This can pave the way for more prosperous, sustainable and competitive urban communities, but it also brings its challenges. The more data available to help cities, the higher their potential exposure. The digital systems which underpin a city’s inner workings and service provision can be vulnerable. And the digitization of systems such as energy and transport networks increases potential risks to the most critical infrastructure.

In order to make the most out of the transformative potential of technology without comprising security, cities are becoming increasingly innovative in how they manage such risks. A new discipline, known as “cyber resilience”, is emerging, with organizations shifting from a prevention-first mentality, to focus instead on capabilities for readiness, response and reinvention.

©Marc van der Stelt, MS Fotografie

Rotterdam, the Netherlands’ second-largest city, is a case in point for what successful reinvention looks like. “Rotterdammers”, as the city’s 630,000 residents are known, have faced more than a few challenges in their time: from the near-constant threat of flooding (now kept at bay by a complex system of dykes and levees), to the total destruction of the city center during World War II. But resilience is in Rotterdam’s blood – the municipal motto is “stronger through struggle” after all – and it has grown into a thriving economic and industrial hub.

In 2013, the city’s determination to prepare for the future, led it to be chosen as one of the Rockefeller Foundation’s inaugural 100 Resilient Cities. This initiative aims to help cities across the globe “become more resilient to the physical, social and economic challenges that are a growing part of the 21st century.” In practice, this means giving cities the tools, resources and networks they need to adequately prepare for, and reduce the impact of, one-off shocks such as natural disasters, or daily stresses which make the city a less pleasant place to live.

The ability to bounce back from failure is as critical in cyberspace as in any other domain – if not more. That is why Rotterdam earlier this month launched a resilience strategy which includes a specific focus on cyber – making it the first European city to ever do so.

As a key economic engine of the Netherlands and Europe, Rotterdam is a large industrial complex in a relatively small area, with large scale infrastructure and thousands of companies which are all increasingly more dependent on properly functioning ICT to sustain jobs and maintain growth.

As a formal partner of 100 Resilient Cities for 18 months, Microsoft has worked closely with Rotterdam on the creation of this strategy which is to create a thriving, prosperous and cyber-resilient port city where the opportunities of digitization can be leveraged with minimal risk, and where businesses can innovate and grow for generations to come.

The world will continue to urbanize and digitize at a dramatic pace. Cities that adapt and innovate in the face of these constant changes will reap significant benefits for their citizens, economies, and security. But such success will not be easy. It requires commitment from both the public and private sector to develop and implement long-term cyber resilience strategies. These plans must be living documents with broad support from residents. The Rotterdam strategy helps to show that difference between surviving and thriving in the face of 21st century challenges is cyber resilience.

This article first appeared on