Latest news with #BainCompany
Forbes
6 days ago
- Business
- Forbes
Cybersecurity Testing Can Ensure Cyber Resilience—Here's How to Do It
By Zach Amos Too many businesses are dangerously overestimating their cyber resilience. Any business that has an online presence is vulnerable to a cyberattack. Most vulnerabilities are due to legacy or unpatched systems that still power core operations, exposing critical entry points. However, the biggest weakness isn't always technical, but in a company's perception. Too many businesses are dangerously overestimating their cyber resilience because they see investments in digital tools and services as an all-in-one solution. This false sense of protection can create a blind spot, leading to significant financial losses and reputational harm if left unresolved. Here is why this happens and how businesses can accurately test and strengthen their security posture. Disconnect Between Confidence and Actual Cybersecurity Readiness Cyberattacks have become more prevalent in recent years, with healthcare, finance, and manufacturing the most targeted industries due to their valuable data and the ways this information can be exploited. In fact, nearly six in 10 companies had to protect themselves from ransomware incidents. Despite these sobering numbers, Bain & Company revealed that 43% of industry leaders believe they're following the best cybersecurity practices, yet only 24% of those actually met the standards. This complacency creates a gap between perceived and actual readiness, leaving firms vulnerable to ransomware, data loss, and extended business downtime. What causes this disconnect between confidence and actual cybersecurity readiness? It can stem from various factors, which may be technical, organizational, or psychological. Here are some of the most common reasons: 5 Warning Signs a Company Is Overestimating Its Cybersecurity Posture Knowing the red flags can help businesses identify whether they're among the overconfident majority. Here are five common indicators: If an organization has never performed a breach and attack simulation (BAS) or red team exercise, it's likely operating in the dark. These simulations expose real-world weaknesses that standard security reviews often miss. Security posture assessments should occur regularly, especially as business environments, tools, and threats evolve. Relying on annual reviews or outdated risk models is a strong sign of overconfidence. It is generally recommended to evaluate risk annually, but some companies benefit from quarterly or even monthly reviews. Mistaking regulatory compliance for comprehensive protection is common, but it's a misleading reality. Compliance provides a baseline, not a guarantee that a business will likely survive an attack. Assessing a company's resilience must include evaluating its risk exposure. Micro, small, and medium Enterprises (MSMEs) can take a critical hit from a cyberattack. If a recovery plan hasn't been tested under stress, it's unlikely to hold up in a real-world scenario with much higher stakes. True cyber resilience is cross-functional, not only the responsibility of the IT team. If executive leaders, finance, operations, and legal teams aren't involved in incident response planning, the organization may not be as prepared as it thinks. With 95% of data breaches tied to human error, any employee can jeopardize the company. More from AllBusiness: How to Perform Cybersecurity Testing to Evaluate Cyber Resilience Organizations must conduct realistic and data-driven inspections of their current readiness to bridge the gap between confidence and actual capability. A good starting point is a comprehensive security posture assessment (SPA). It probes into the technical controls a business has set up, including firewalls, EDR configurations, and access management policies. It also considers employees' user behavior, such as their susceptibility to phishing or unsafe browsing habits on company computers. SPAs help identify gaps in policy enforcement and recovery preparedness. Running BAS tools helps businesses examine how well their systems can survive the latest adversarial tactics by emulating them. These technologies run thousands of real-world tactics, techniques, and procedures mapped to MITRE ATT&CK frameworks to highlight where current defenses fail before a threat actor exploits them. Organizations must also track and benchmark key performance indicators, such as the mean time to detect (MTTD) and the mean time to respond (MTTR). If it takes a team days to detect an intrusion versus the industry standard of hours for well-prepared corporations, they may not know how to react in real-time. Simulate attack scenarios involving all departments, from the C-suite to front-line responders, to ensure everyone understands their role in a crisis. These exercises reveal critical coordination gaps that technical testing alone cannot. For example, who notifies law enforcement if a ransomware attack encrypts customer data and demands payment within 24 hours? Who speaks to the media? Does the legal team know if ransom payment is allowed under local laws? These exercises expose coordination gaps and practice decision-making under pressure. Validating backup and recovery systems under real conditions is nonnegotiable. Many firms skip stress testing continuity plans, assuming backup systems will work. In reality, backups can be encrypted by the same ransomware if not properly segmented. Routinely run live restoration drills from cold storage, cloud snapshots, and isolated backup networks. Check if the customer database can be fully restored within a 24-hour recovery time after simulated data corruption. If it takes longer or fails outright, the business continuity plan needs revision now, not after a breach. Strengthen Cyber Resilience Before It's Too Late Once the gaps are identified, businesses must act quickly and decisively to reinforce their defenses. Here's how: Company Confidence Is Not Risk Resilience The harsh truth is that if organizations haven't rigorously tested their defenses in the past six months, their cyber resilience is likely far below what company leaders assume. Overconfidence can be more damaging than being underprepared, because it prevents businesses from taking action to protect themselves. Business leaders should not wait for a breach to be a wake-up call. By honestly assessing security posture, testing rigorously and acting proactively, companies can replace misplaced confidence with genuine resilience by assessing security posture, testing rigorously, and acting proactively.
Forbes
09-07-2025
- Business
- Forbes
Organizations Need To Shift From Change Management To Change Fitness
Your Organization's Next Change Is Coming. Will You Manage It or Get Fit for It? What if your organization's next major transformation is almost certain to fail, not because the strategy is wrong, but because your people are too burned out to execute it? For the last decade or so, if you asked a researcher or consultant the likelihood of a big-ticket change program succeeding, they would have given you a bleak answer: a 70% failure rate. Last year, Bain & Company upped that failure rate to 88% and gave the burnout of "oversubscribed star players" as a contributing factor. But despite the odds of failure, organizations continue to plan for change projects, expecting different results from teams that are increasingly depleted by today's uncertain operating environment. We need a different way of thinking about and leading change. We need to switch from change management to change fitness. The Exhaustion Epidemic Hiding in Plain Sight Walk into any organization today and you'll hear a familiar refrain: "Once we get through this reorganization..." or "After this system implementation..." or "When things settle down..." The uncomfortable truth is that things aren't going to settle down and we can't always predict the next big change around the corner. This truth is so palpable that many feel the VUCA framework — Volatile, Uncertain, Complex and Ambiguous — is no longer sufficient to describe the times we live in, opting instead for futurist Jamai Cascio's concept of BANI – Brittle, Anxious, Non-linear, Incomprehensible. Today's perpetual state of flux creates not just physical tiredness from working long hours, it's a deeper, more insidious form of depletion. Teams are experiencing what Harvard psychologist Robert Kegan might term "cognitive overload," where the complexity of their environment consistently exceeds their current capacity to make sense of it. The result? A workforce that's not just tired, but fundamentally unable to engage with change in productive ways. The traditional change management model—with its neat phases of "prepare, change, sustain"—assumes periods of stability between disruptions. But as leadership researcher Nick Petrie observes, "When leaders treat change as an event, they miss the reality: it's now a permanent feature of work." We've entered what he calls an era of "perpetual whitewater," where the rapids never end and the calm water we're paddling toward is a mirage. Why Traditional Change Management Is Becoming Obsolete So the change management playbook most organizations follow was designed for a different era: one where disruptions were episodic, boundaries were clear, and problems had known solutions. Harvard professor Ronald Heifetz's distinction between technical and adaptive challenges illuminates why traditional approaches fall short. Heifetz says that technical problems, however complex, can be solved with existing expertise and established procedures. Need to implement a new software system? There's a methodology for that. Adaptive challenges, by contrast, require people to examine and often abandon deeply held assumptions about how work gets done. Think about the scope and scale of challenges organizations face today: Leaders should not think of these as a tick-list of problems to be solved, rather as ongoing workplace realities to be navigated. When organizations apply technical solutions to adaptive challenges, they create what we might call "change theater'—lots of activity and apparent progress, but little fundamental transformation. The Science Behind Change Fitness The answer is "change fitness" and the organizational capability to continuously adapt without depleting human resources. Kegan's research on adult development shows that we can develop greater capacity for complexity under the right conditions. His work reveals that many of us are operating at a level "in over their heads," performing roles that exceed our current developmental capacity. Rather than seek to reduce complexity (that's impossible in today's world) the solution is to increase capacity. Change fitness emerges when organizations create conditions for what Kegan calls "transformational learning." That means more than acquiring new skills, but fundamentally expanding how people make sense of their world. Building Change Fitness: Three Core Practices Organizations that successfully build change fitness share common practices that can be implemented without massive budgets or complex programs. These practices transform how teams engage with ongoing change: Instead of waiting for clarity that never comes, change-fit organizations engage in ongoing sensemaking. They regularly ask: This involves incorporating five minutes of sensemaking into existing routines. A team check-in might start with: "What's one thing that's different this week from last week?" Over time, this practice builds what researchers call "complexity capacity" and the ability to hold onto multiple, sometimes contradictory realities without becoming paralyzed. Change fitness requires treating human energy as a finite resource that must be deliberately managed. This means: One practical approach: Before taking on any new initiative, teams must identify what they'll stop doing or do less of. This forced trade-off prevents the accumulation of change debt that leads to burnout. Traditional organizations celebrate successful change implementations. Change-fit organizations celebrate successful navigation of uncertainty. They regularly ask: This shift from outcome-focus to process-focus builds what Heifetz calls "adaptive capacity" and the ability to thrive in situations where the path forward is unclear. The New Resilience is Expecting Change, Not Stability Traditional resilience was about bouncing back to a previous state, like a rubber band returning to its original shape. But what happens when there's no original shape to return to? When change is constant, resilience isn't about bouncing back. It's about becoming so adaptive that you no longer expect the world to stay the same. This represents a shift in organizational psychology. Instead of seeing change as disruption to be managed, change-fit organizations see it as the medium in which they operate. The exhaustion comes not from the change itself, but from the futile effort to resist it. As Petrie notes in his research, organizations must develop leaders and cultures that don't just cope with complexity but thrive in it. This isn't about working harder or being more resilient in the traditional sense. It's about developing what he calls "bigger minds" and the capacity to hold complexity without being overwhelmed by it. Your Organization's Next Change Is Coming. Will You Manage It or Get Fit for It? The 88% failure rate for transformation isn't inevitable. It's the predictable result of using yesterday's change management tools on today's adaptive challenges. Organizations that cling to episodic change management will continue to exhaust their people while achieving diminishing returns. The alternative is building change fitness—developing the organizational capacity to navigate continuous adaptation without depleting human resources. This isn't about adding more to leaders' plates or creating new programs. It's about fundamentally shifting how we think about and engage with change. Your organization's next change is already on the horizon. You can approach it with another change management plan, complete with phases and committees and communications strategies. Or you can use it as an opportunity to build change fitness—to develop the muscles of adaptation that will serve you through all the changes to come.
Zawya
08-07-2025
- Business
- Zawya
Bain & Company explores how sustainable packaging is becoming a new driver of luxury brand value
DUBAI – Bain & Company has released a new report titled Luxury Packaging: Resolving the Tension Between Creativity and Impact, which explores how luxury brands are embracing sustainable packaging not only to reduce environmental harm, but also to unlock new forms of consumer engagement and brand value. The report finds that as consumer expectations shift and regulatory pressure mounts, packaging is evolving from a cost center to a brand touchpoint—serving as both a symbol of sustainability and a vehicle for digital innovation. Based on a global survey of over 500 luxury packaging experts, Bain identifies clear momentum toward materials and designs that minimize impact while reinforcing exclusivity and differentiation. Bain's analysis highlights the growing adoption of the 'four Rs' in packaging strategies—reduce, reuse, recycle, and recover—alongside a strong focus on optimizing volume and logistics to reduce emissions across the value chain. Industry leaders also expect sustainable products to represent more than 30% of luxury packaging sales within three years. Importantly, brands are no longer viewing sustainability as a trade-off with design. Instead, innovations in material science and digital integration are enabling an aesthetic shift. From advanced paper and biodegradable polymers to mycelium-based structures and natural textures, sustainable materials are creating new design possibilities. Nearly half of respondents highlighted advanced paper as a critical innovation area. The report also explores how interactive packaging is opening new digital frontiers. Digital product passports (DPPs), augmented reality interfaces, and integrated QR experiences are transforming the unboxing moment into a gateway for brand storytelling, transparency, and resale value. Nearly 50% of respondents believe packaging can strengthen brand equity by enabling digitally enhanced experiences. The report concludes that luxury brands are increasingly treating packaging as a key area for innovation—balancing creative expression with environmental considerations and digital functionality. As sustainability expectations evolve, leading brands are exploring new materials, design approaches, and partnerships across the value chain to meet emerging requirements while maintaining product quality and brand distinctiveness. Media contacts: To arrange an interview or for any questions, please contact: Christine Abi Assi – christine@ About Bain & Company Bain & Company is a global consultancy that helps the world's most ambitious change makers define the future. Across 65 cities in 40 countries, we work alongside our clients as one team with a shared ambition to achieve extraordinary results, outperform the competition, and redefine industries. We complement our tailored, integrated expertise with a vibrant ecosystem of digital innovators to deliver better, faster, and more enduring outcomes. Our 10-year commitment to invest more than $1 billion in pro bono services brings our talent, expertise, and insight to organizations tackling today's urgent challenges in education, racial equity, social justice, economic development, and the environment. We earned a platinum rating from EcoVadis, the leading platform for environmental, social, and ethical performance ratings for global supply chains, putting us in the top 1% of all companies. Since our founding in 1973, we have measured our success by the success of our clients, and we proudly maintain the highest level of client advocacy in the industry.
Yahoo
07-07-2025
- Business
- Yahoo
EU Digital Product Passports unlock textile commercial opportunity by 2026
The report emphasises that DPPs, mandated under the EU's Ecodesign Regulation, present a significant commercial opportunity beyond mere compliance that can foster ongoing revenue streams, promote sustainability, and fortify consumer relationships. The impending EU regulation is poised to alter the economic landscape of fashion resale, potentially doubling the lifetime value of products. The research indicates that up to 65% of these benefits could accrue to consumers. It claims that the new regulation could yield an additional £500 on an item priced at £500 currently, through resale and related services once enhanced by a DPP. This is due to increased trust, traceability, and ease of resale. Despite the potential advantages, approximately 90% of brands surveyed by Bain perceive DPPs mainly as a regulatory imposition. Bain & Company retail and customer strategy & marketing practices Aaron Cheris said: 'DPPs are more than just checking a compliance box. They are a foundational shift in how value is created, captured, and sustained over a product's lifetime. Brands that act early can build a more direct, data-rich relationship with consumers, tapping into resale trends and personalising services in powerful new ways.' Understanding DPPs DPPs, which is part of the Ecodesign for Sustainable Products Regulation (ESPR), serve as standardised digital records that may include QR codes, NFC tags, blockchain technology or similar methods. They hold comprehensive data on a product's materials, origins, environmental impact, and lifecycle. These records empower brands to initiate confident resale programmes and offer customised warranties and aftercare services while monitoring usage to prolong product lifespans and reporting on ESG goals with improved transparency. The ESPR stipulates that by 2030 almost every physical product sold within the EU must have a DPP. According to the Bain/eBay study, consumers will be the primary beneficiaries of the value unlocked by DPPs. By simplifying processes – eliminating lost receipts or cumbersome listings – DPPs facilitate effortless resale transactions and enhance buyer confidence. As second-hand markets grow, DPPs could catalyse further growth by reinforcing trust and normalising circular shopping habits. eBay global fashion VP Alexis Hoopes said: 'Digital Product Passports are critical to powering the future of circularity in fashion. As a global marketplace at the forefront of resale, we're exploring how better product data can enable smarter buying, responsible selling, and a more trusted platform. Unlocking value for consumers is a critical part of the connected product evolution.' "EU Digital Product Passports unlock textile commercial opportunity by 2026" was originally created and published by Just Style, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
02-07-2025
- Business
- Yahoo
Bain & Company appoints Shintaro Okuno as new Regional Managing Partner for Asia-Pacific
SINGAPORE, July 2, 2025 /PRNewswire/ -- Bain & Company has appointed Shintaro Okuno as Regional Managing Partner for Asia-Pacific (APAC), effective July 1st. Shintaro brings over 20 years of experience at Bain, where he led major transformation efforts for clients across a wide range of industries including industrial goods, automobile, logistics, technologies, consumer products, and retail. He holds deep expertise in M&A and private equity investment-related projects and has built some of Bain's most enduring relationships in both corporate and investor-led settings. Prior to his appointment, Shintaro was Chairman of Bain's Japan business and a member of Bain's Board of Directors. He held the role of Japan's Managing Partner between 2014 and 2021. Shintaro succeeds Satish Shankar who has helmed the APAC head role since April 2019. This transition reflects Bain's commitment to rotational servant leadership, an approach that has long shaped Bain's talent and succession planning. "I'm excited for Shintaro to step into this role and continue building on what the Asia-Pacific team has achieved. Shintaro is known for his inclusive style, calm presence, and sharp client instincts. He brings a deep connection to this region and a clear sense of purpose to the role. I have full confidence in the leadership he will bring to Asia-Pacific's next chapter of growth, said Christophe De Vusser, Bain's Worldwide Managing Partner. "I am also thankful to Satish for steering our APAC business through unprecedented macro conditions, including the pandemic years. Under Satish's leadership, the region has delivered amazing client and people success stories with consistency, ambition, and impact. Teams have led some of the firm's most critical client relationships, expanded into new markets, innovated with our clients, and brought together strategy, technology, and teaming in ways that reflect the full intent of our ambition to supercharge every client, every day. The region has delivered strong growth and gained share versus our competitors." "I am deeply honored by the trust and confidence the firm's leaders have placed on me," said Shintaro. "I look forward to partnering with our APAC teams to deliver exceptional results in meaningful ways." Satish will return to serving clients following a short break. He had previously worked across projects in Energy and Natural Resources, Transportation, and Consumer Products on Strategy, Transformation, Performance Improvement and M&A. "It's been an immensely fulfilling journey to lead Bain APAC through a period of profound change and opportunity. I've been inspired by the resilience and innovation of our teams and the transformative impact we've made with our clients. I now look forward to re-engaging with clients to tackle their most pressing challenges and unlock bold growth," said Satish. Shintaro and Satish are working closely together on the leadership transition. Shintaro is expected to split his time between Tokyo and Singapore following his appointment. Media contacts:Ann Lee (Singapore) — Duncan (London) — Pinkney (Boston) — About Bain & Company Bain & Company is a global consultancy that helps the world's most ambitious change makers define the future. Across 65 cities in 40 countries, we work alongside our clients as one team with a shared ambition to achieve extraordinary results, outperform the competition, and redefine industries. We complement our tailored, integrated expertise with a vibrant ecosystem of digital innovators to deliver better, faster, and more enduring outcomes. Our 10-year commitment to invest more than $1 billion in pro bono services brings our talent, expertise, and insight to organizations tackling today's urgent challenges in education, racial equity, social justice, economic development, and the environment. We earned a platinum rating from EcoVadis, the leading platform for environmental, social, and ethical performance ratings for global supply chains, putting us in the top 1% of all companies. Since our founding in 1973, we have measured our success by the success of our clients, and we proudly maintain the highest level of client advocacy in the industry. View original content: SOURCE Bain & Company Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
