“Always-on” customer experience has become shorthand for availability: 24/7 support, globally distributed channels, elastic cloud infrastructure, and aggressive service-level agreements (SLAs).
But the last few years have exposed that when customers can’t get through, access accounts, or trust what they’re seeing, it’s more often a security issue than a data center failure.
Major outages make headlines, but many of the longest and most damaging CX disruptions are security-driven. Credential stuffing that triggers emergency lockouts, fraud spikes that swamp contact centers, or breach containment actions that force companies to temporarily shut down self-service portals bring home the reality.
More than keeping systems up and running, resilience involves keeping customer journeys safe and usable under attack at a time when customer expectations are higher than ever.
According to data compiled by Zendesk, 56 percent of CX leaders confirm that their organization experienced a data breach or cyber attack targeting customer data in the past year. And 70 percent of consumers will avoid purchasing from a company they view as having inadequate security.
Designing Always-on CX With Attack Scenarios in Mind
Resilient CX leaders are reframing “always on” around the idea of assuming that a security breach will happen, and then designing experiences that degrade safely instead of collapsing.
As Johan Edholm, Security Engineer and Co-Founder at Detectify, told CX Today:
“If you want customers to always be able to reach you, you have to assume there will be moments when attackers try to exploit that access.”
“Threats like stolen credentials, account takeovers, and fraud spikes should be built into resilience planning from the start. The aim is not just continuous service, but a customer experience that remains safe and dependable during an incident.”
Edholm added that the most fragile points in the customer journey are when a business has to make a quick trust decision, such as around customer login and password reset, account recovery, checkout, or any action involving money or sensitive account changes.
“These are the flows attackers target first, because speed and confusion work in their favor. If the organization has not decided in advance how those flows should behave when something looks wrong, teams end up improvising. That is when both security and customer experience start to degrade.”
Resilient CX Assumes Failure
Most resilience programs were built on infrastructure logic around redundancy, failover, and recovery time objectives. That is important, but it can overlook how modern attacks take customer interactions offline even when systems are technically “up.”
The organizations that recover fastest plan for impact and keep customers moving through safe alternatives when something breaks.
In a containment scenario, a company may be able to keep web and mobile experiences running, but if the integrity of customer accounts is in question, the responsible move might be to limit their access while investigating their legitimacy.
“Controlled degradation means you do not keep everything working normally just for the sake of convenience when something suspicious is happening,” Edholm said. “If the signals you rely on to judge whether a user is legitimate start to look unreliable, the system should limit what people can do rather than continue on as if everything is fine.”
That could involve temporarily restricting password resets and other sensitive actions, adding extra identity checks before users can make account changes, slowing down higher-risk activity, or sending some cases for human review. As Edholm explained:
“For CRM and customer data systems, the priority must be to ensure you have confidence that the person on the other end is really who they say they are.”
“Once that confidence starts to weaken, every action tied to that identity becomes harder to trust.”
Designing for safe degradation means asking what happens next when a control fails, and whether a customer can still complete a meaningful journey without exposure to unacceptable risk.
For example, if password resets are frozen while the company investigates a security incident, can customers still access read-only account views with step-up verification? If confidence in a digital identity drops, is there a low-friction way to confirm identity without sending customers to overwhelmed contact centers? And if a channel is under attack, can customers be dynamically routed to verified alternatives such as authenticated in-app messaging rather than email?
This kind of resilience requires tight coordination between security, IT, and CX. It also demands that frontline tools and policies are designed for variability.
A resilient system allows an enterprise to continue operating while limiting access to the most sensitive actions, until trust can be restored.
Securing Omnichannel CX Across Customer Touchpoints
Consumer journeys now tend to span multiple touchpoints, often starting in a mobile app, continuing via chat, and ending on a phone call. And any break in context during the shift in channels tends to frustrate them, Avaya noted in its recent Connected Consumer Research report. The survey found that “a striking 96% of consumers say it is at least somewhat important to switch channels without repeating themselves—with 71% saying it’s very or extremely important.”
That demand for always-on continuity means that organizations need to measure more than uptime. A channel can be online and still failing if fraud gets through, or trust in user identity breaks down.
There’s also “soft downtime,” in which channels remain available but become unusable. A chatbot that can’t authenticate users, an IVR that loops because of failed identity checks, or an agent desktop that can’t safely retrieve account details might not trigger an uptime alert, but they still break the journey for the customer.
During a security disruption, contact centers often become the pressure valve.
“Because of this, they need to be treated as a crucial part of the incident response plan, not as an afterthought,” Edholm advised.
“The worst outcome is flooding agents with panicked customers while also expecting them to make high-stakes identity decisions without the right tools or guidance. That can easily turn a problem into a catastrophe.”
In the always-on era, resilience can’t just mean “keep the lights on.” It has to mean keeping the experience coherent under pressure.
To do this, contact centers need to be prepared in advance with clear escalation paths, strong identity-verification procedures, fast access to incident-specific scripts, and the ability to separate low-risk support from high-risk account actions.
“Some requests should be deflected, some delayed, and some routed to more trusted channels,” Edholm said. “There’s no need to keep every workflow alive at all costs. Instead, keep the safest ones moving while preventing attackers from using human support as the easiest way around tightened controls.”
When a Cyberattack Breaks the “Always-On” Promise
As part of a wave of targeted cyber attacks on U.K. retailers in 2025, Marks & Spencer (M&S) faced a security breach of customer data that quickly moved from an internal IT issue to a visible customer experience failure.
Systems had to be taken offline while the company worked to contain the breach and stabilize operations. The disruption hit multiple channels simultaneously and had a cascading effect across the retail ecosystem. Online orders were suspended, parts of the M&S mobile app became unstable and in-store contactless payments and click-and-collect services were disrupted.
Customers experienced stalled transactions and empty shelves, while the company incurred waste and logistics costs because stores had to revert to manual processes while IT systems remained down. The impact extended from the initial breach in April until July, and cost an estimated £300MN, the company reported.
The failure occurred at moments where continuity is assumed, such as browsing, checkout and fulfilment, turning routine interactions into friction points. In an “always-on” model, when those moments falter, the brand experience fractures in real time.
How CRM and CDP Platforms Support Continuity
If always-on CX is the goal, customer relationship management (CRM) and customer data platforms (CDPs) and the identity layer around them can become continuity engines if organizations use them to manage confidence and context during security incidents. Three capabilities are especially important.
During attacks, resilient organizations treat identity confidence as a dynamic score informed by:
- Device and network signals
- Behavioral patterns (velocity, geolocation anomalies)
- Authentication method strength (passkeys vs passwords)
- Historical account recovery events
- Known breach exposure indicators
That score should guide what happens next automatically. If confidence is high, let customers move through self-service. A measure of confidence may require an extra verification step. If confidence is low, achieving a balance that contains without trapping genuine customers in dead ends is key.
A “last-known-good” state is about keeping things usable even when live systems are restricted. In practice, that could look like displaying balances or order status updates with a clear “as of” timestamp, limiting certain actions while still giving people visibility, and explaining the incident in a calm, straightforward way that explains limitations without creating panic.
Handled well, this cuts down on inbound volume and prevents customers from retrying actions that won’t work, which helps keep support channels open.
Always-on experiences rely heavily on automation from bots, routing and personalization. But during an incident, that automation can become dangerous if it acts on compromised signals.
Resilient CX teams plan ahead for scenarios when automation can’t be relied on, implementing fallback modes that keep things running without adding risk. That typically involves switching to more conservative routing that favors verified channels, narrowing bot capabilities to safer tasks like status updates, FAQs and clear escalation paths, and putting guardrails around what agents can do. That is especially the case for sensitive actions like refunds and account changes.
The aim is to move into a safer operating mode while still keeping service available.
Security Is the Foundation of Always-On CX
There’s a clear warning in Zendesk’s survey data, which shows that 60 percent of consumers think businesses are falling short in data security.
True “always-on” customer experiences can’t bolt security on after the fact. The most resilient CX organizations assume that breach or fraud is bound to occur, and design journeys that degrade safely.
They treat identity confidence as a living signal, use CRM and CDP data to maintain continuity through last-known-good states and prebuild fallback decisioning so that automation doesn’t amplify risk. Because the next CX outage may not start in the data center; it may start with a login.
