Government’s resilience imperative

Convergence: The key to 10x resilience in government

Boosting resilience—much less realizing 10x improvements—demands a multifaceted approach. In response, governments are leveraging their regulatory authority and financial resources to upgrade critical infrastructure. They are also harnessing emerging technologies such as AI and digital twins to better understand challenges and implement effective, preemptive countermeasures. Moreover, there is a concerted effort to align corporate and government interests and promote collaborative public-private partnerships. The confluence of such initiatives bolsters the capacity and capability of both government and society to operate effectively across a broader range of conditions while lowering the costs associated with disruptive events.

Consider how amalgamating different tools could substantially impact the resilience of both the public sector and civil society.

• Data analytics + digital infrastructure + ecosystem mapping + evidence-based policymaking + public-private partnerships = Increased climate disaster preparedness
• Data analytics + ecosystem mapping + public-private partnerships + regulatory adjustments + incentives = Strengthened critical supply lines
• Digital infrastructure + data-sharing + regulatory adjustments + public-private partnerships = Enhanced cybersecurity ecosystem

Trend in action

World leaders are currently grappling with a “polycrisis,” where multiple critical systems supporting human society and the economy are under severe stress.⁴ To effectively navigate and thrive in this challenging environment, governments must prioritize building resilience against a wide range of threats at both the public sector and community levels.

Governments are employing a range of tools to achieve 10x resilience improvements in:

• Building capacity to be climate resilient
• Securing critical supply chains
• Nurturing an ecosystem for collaborative action against cybercrime

Building capacity to be climate resilient

Governments need to confront the challenge of climate change on two fronts: fortifying their capacity to fulfill their missions amid climate-related disruptions and safeguarding individuals and communities from the detrimental impacts of climate change—both increasingly common weather events and gradually rising temperatures and waterlines.

To safeguard their missions, government entities have intensified their efforts to understand and embrace how climate change affects their missions—and act in a way that both aligns with and advances their objectives.

Countries are channeling substantial investments into climate resilience. In the United States, the passage of three pieces of legislation—the Infrastructure Investment and Jobs Act, the CHIPS and Science Act, and the Inflation Reduction Act—is set to collectively direct more than US$500 billion toward climate resilience and the transition to a low-carbon future over the next decade.⁵ Meanwhile, India spent approximately US$160 billion in the fiscal year 2021–22, equivalent to just over 5.5% of its GDP, on climate adaptation. Anticipating ongoing needs, India expects to spend an additional US$680 billion through 2030 on climate adaptation.⁶

Significant government investment is being directed toward enhancing agencies’ capacity to ensure uninterrupted provision of critical services such as water or power during and after extreme weather events. Consider the mobility sector: Disruptions to transportation networks during climate events not only affect the movement of goods and people but can also block access to critical services such as health care. In response to projections indicating increased rain and flooding over time, Great Britain’s national railway manager, Network Rail Limited, is making substantial investments to improve drainage systems and fortify earthworks such as embankments. Network Rail has allocated £1 billion for weather resilience activities during the five-year period from 2024 to 2029, doubling the £500 million designated for similar purposes in the five years leading up to March 2024.⁷

While extreme weather events continue to cause substantial damage, sustained investments in enhancing climate resilience at the community level have allowed many governments to diminish both the human and economic costs associated with such incidents. These initiatives are strengthening society’s ability to function effectively in the midst of climate disasters. 

Many agencies are now appointing chief sustainability officers or equivalent officials to lead resilience efforts and coordinate intra- and intergovernmental action. In 2021, Phoenix, one of America’s hottest large cities,⁸ established the nation’s first publicly funded Heat Response and Mitigation office and appointed a chief heat officer. The agency has two interconnected missions: providing relief to citizens affected by extreme temperatures and implementing long-term heat mitigation strategies to cool the city. The heat office has prioritized initiatives such as tree planting, retrofitting house roofs and pavement with cooling materials, building affordable housing to provide shelter from extreme heat to vulnerable populations, and creating public cooling and hydration centers for residents seeking relief. A portion of the city’s nearly US$400 million from the federal government’s COVID-19 rescue package supports the initiatives.⁹

Most places on earth are exposed to the threat of climate events, prompting local governments worldwide to introduce measures to help ameliorate extreme weather events. Seoul has implemented a comprehensive set of initiatives to bolster community resilience, beginning by collecting and analyzing data from Internet of Things sensors deployed across the city. Leaders expanded Seoul’s urban green space, planting 12.45 million trees between 2016 and 2020, and enhanced stormwater management by installing 120 rainwater pumps. The city also modernized aging infrastructure, upgraded 900,000 boilers and heaters, achieved an earthquake-resistance rate of 76.7% for public facilities, and appointed public safety “watchdogs” and honorary “safety sheriffs” trained in cardiopulmonary resuscitation and emergency evacuations. Recognizing these efforts, the UN Office for Disaster Risk Reduction designated Seoul as a model city for disaster risk reduction and resilience.¹⁰

Securing critical supply chains

Each significant disruption in recent times, from the COVID-19 pandemic to the Russia-Ukraine war, has triggered severe shortages, compelling governments to strengthen supply chains through a mix of policies, incentives, and orders.¹¹

In 2021, the US federal government directed agencies to evaluate potential supply chain risks and develop strategies to alleviate those risks.¹² Subsequently, a series of measures were enacted to bolster America’s supply chain resilience. One of these measures was the creation of the Council on Supply Chain Resilience, which brought together leaders from various cabinet departments and economic, national intelligence, and environmental councils to coordinate a whole-of-government response to supply chain vulnerabilities.¹³ Additionally, collaboration with the European Union has resulted in the establishment of an early warning system for semiconductor supply chain disruptions.¹⁴ Furthermore, in partnership with a dozen other countries and the European Union, the United States established the Minerals Security Partnership, aimed at diversifying the supply chains of critical minerals.¹⁵

In the wake of pandemic-related disruptions, governments worldwide have looked to reshore critical supply chains to reduce dependence on foreign suppliers. Since few governments have the power to dictate where private companies should source or make products, policymakers are increasingly providing incentives—including subsidies, tax breaks, and loan guarantee programs—to encourage companies to bolster domestic production capabilities. Moreover, government support for innovation, research and development, and knowledge-sharing can enhance domestic manufacturers’ technical capabilities.¹⁶

When the pandemic cut off routine supplies of new semiconductors, it quickly became clear how vital the components have become to electronic devices, from cars to fighter jets. National governments first sought to understand their exposure to foreign nations by mapping their multitier supply networks. They then used a targeted data- and insight-driven approach to determine focused areas for action at tier 1, 2, and 3 suppliers. Governments have subsequently aimed to stand up domestic semiconductor manufacturing industries, offering incentives to establish commercial viability for private sector involvement in domestic production.¹⁷ The US CHIPS and Science Act of 2022 earmarks nearly US$280 billion in new funding to advance domestic semiconductor research and manufacturing.¹⁸ The bulk of the funding is designated for research and development and commercialization, with US$39 billion in subsidies for domestic chip manufacturing and a 25% investment tax credit for manufacturing equipment expenses.¹⁹ Several global corporations have announced their plans to take advantage of these incentives by making multibillion-dollar investments in US semiconductor manufacturing plants.²⁰

Similarly, the European Commission enacted the European Chips Act in 2023, consolidating €43 billion in public and private funding for the sector with the aim to double the EU’s share of global chip production from 9% to 20% by 2030.²¹ Since announcing the plan in 2022, EU policymakers have attracted around €100 billion in commitments from public and private entities for industrial deployment.²² Other countries, including the United Kingdom, China, Japan, and South Korea, have also announced plans to establish favorable conditions for domestic semiconductor manufacturing.²³

Nurturing an ecosystem for collaborative action against cybercrime

The high frequency and intensity of cyberattacks, coupled with an expanding attack surface and cross-border networks of threat actors, make it necessary for governments to partner more extensively with other nations to consolidate knowledge, resources, and capabilities to collectively combat cybercrime.

Public sector–led cyber alliances have sprung up rapidly all over the world, with many focused on combatting specific types of cybercrime. Established in 2022, the International Counter Ransomware Initiative is a US-led coalition of 50 countries that aims to enhance international cooperation to combat the growth of ransomware.²⁴ Also, in 2022, the United States, Japan, Australia, and India forged the Quad Cybersecurity Partnership to safeguard critical infrastructure from cyberattacks.²⁵

One area in which cyber coalitions have seen tremendous success is taking down malign botnets. In 2023, a collaborative effort led by the US Federal Bureau of Investigation (FBI) successfully dismantled the Qakbot botnet that had infected more than 700,000 systems, using them for activities such as spam distribution, ransomware deployment, and attacks on financial institutions.²⁶ Officials estimate that in the 18 months preceding its takedown, the botnet helped facilitate more than 40 ransomware attacks, generating US$58 million in ransom payments.²⁷ Dubbed “Operation Duck Hunt,” the takedown saw the FBI work with law enforcement agencies from France, Germany, Romania, Latvia, the Netherlands, and the United Kingdom to gain access to Qakbot’s infrastructure located in the United States and across Europe. The FBI assumed command over the botnet and redirected Qakbot traffic to servers under US government control. Leveraging this newfound access, the FBI directed Qakbot-infected machines worldwide to download an uninstaller that untethered victims’ computers from the botnet, preventing any further installation of Qakbot malware.²⁸

While law enforcement agencies have traditionally taken the lead on botnet investigations and takedowns, major tech companies—which see a huge volume of global internet traffic pass through their systems daily—are increasingly incentivized to neutralize wrongdoers. In these cases, governments often assume a supportive role. Private sector–led efforts have successfully taken down the Necurs botnet, which had infected more than nine million systems globally,²⁹ and the Glupteba botnet, which had compromised one million devices.³⁰

What the 10x future holds

Climate resilience

• Proactive climate resilience: Utilizing advanced data analysis and predictive modeling tools, governments will be able to identify a region’s vulnerability to a spectrum of climate disasters over an extended time horizon, allowing for the preemptive development of essential infrastructure and resilience strategies.
• Enhanced emergency preparedness: Digital twins will significantly advance scenario planning by enabling governments to test multiple possible responses to a wide range of climate disasters. Singapore is already using its digital twin, Virtual Singapore, to simulate emergencies and optimize evacuation plans.³²

Supply chain resilience

• Predictive and proactive supply chain management: Advanced AI models will analyze diverse data sets, including mapping of supply networks, market trends, government policies, economic conditions, seasonality, and international relations. This analysis can then identify patterns and predict future shortages of essential commodities, enabling governments to intervene proactively.
• Local, on-demand production: Advancements in additive manufacturing will transform supply chains by allowing on-demand, local production, reducing the need for raw material sourcing, manufacturing, transportation, warehousing, and distribution with their associated complexities and long lead times.³³

Cyber resilience

• Predictive cybersecurity: Generative AI models, trained on vast amounts of historical cybersecurity data, will identify patterns and trends early and accurately predict future outcomes, allowing organizations to implement security measures proactively.
• Augmented cyber hygiene: Widespread implementation of the zero-trust cybersecurity approach in both public and private sectors will significantly improve cyber hygiene across networks. In 2022, the US federal government passed an executive order requiring federal agencies and contractors to adopt a zero-trust approach to cybersecurity.³⁴

Steps governments can take now

To achieve 10x increases in resilience, governments should consider the following steps.

Climate resilience

• Link climate action to economic growth: Climate action presents a major economic opportunity. Agencies should use their regulatory, standard-setting, and funding levers to incentivize private sector involvement. Aligning climate action with economic development can make companies more willing participants in the low-carbon future. Research indicates that climate action could boost the global economy by US$43 trillion by 2070.³⁵
• Empower climate leadership: As public sector agencies worldwide take the initiative to combat climate change, they are establishing roles such as chief sustainability officer or chief climate officer. Empowering these newly appointed leaders is crucial. Giving them a seat at the table when making strategic and resource allocation decisions can ensure that their decisions receive backing from leadership, secure necessary funding, and receive adequate staffing.

Supply chain resilience

• Assist industries to understand multitier supply risk and support orchestration: Governments exert direct control over a tiny portion of critical supply chains, but they can be disproportionately impacted if supply chains are disrupted. Therefore, governments must assist industries in mapping multitier supply networks and comprehend targeted areas of risk. Subsequently, they should facilitate commercial entities in making informed choices and establishing a diverse set of trusted suppliers to strengthen supply chains. Such efforts include establishing new trade treaties or creating “trusted supplier marketplaces.”
• Pair reshoring with friendshoring: Although governments are widely embracing reshoring, it comes with challenges, such as the availability of raw materials, logistical hurdles, and economic considerations. Collaborating with like-minded partners and allies can provide governments with a reliable network of suppliers from friendly nations, presenting numerous alternative and independent supply routes.³⁶

Cyber resilience

• Enable proactive threat intelligence-sharing: Information gathering alone can’t prevent attacks. National agencies need to share what they know promptly with those at risk. Intelligence is vital for making more informed decisions regarding threat detection and prevention.
• Reshape incentives to protect critical infrastructure: Securing critical infrastructure from cyberattacks requires understanding the incentives of all the stakeholders in the cyber ecosystem. Mapping ecosystem interactions helps agencies trace influence lines to determine which actions and behaviors to incentivize or disincentivize.