21.city

Cyber-Physical
Resilience for
the 21st Century
Built Environment

A platform convening the leaders who design, build, and operate cities and critical infrastructure.

As digital and physical systems converge, resilience must be embedded across the full lifecycle of the built environment. Only then can systems anticipate disruption, withstand failure, adapt under pressure, and recover when it matters most.

Complexity
Requires
Clarity

Cities, buildings, and critical infrastructure are becoming increasingly connected, automated, and software-driven. Digital technologies now govern physical processes that directly affect safety, continuity, and public trust.

As a consequence, cyber incidents no longer remain confined to IT environments. When digital components fail or are compromised, the impact propagates into physical disruption, operational breakdowns, and, increasingly, societal consequences.

Yet the way resilience is addressed has not kept pace with this reality. Cybersecurity is still treated primarily as a technical discipline, while urban development remains project-centric and operational responsibility is separated from early design and integration decisions.

What emerges is a fundamental mismatch. Responsibility for cyber-physical resilience is fragmented across disciplines and lifecycle phases, while accountability remains systemic and unavoidable.

This structural blind spot is what 21.city exists to address.

Our Purpose

21.city exists to make cyber-physical resilience a foundational principle of the built environment, across its full lifecycle from design and construction to operation and crisis response.

To do so, 21.city brings together public and private leaders responsible for cities, buildings, and critical infrastructure, creating a shared space for alignment across disciplines and lifecycle phases.

21.city stands for resilience in the 21st century, where cities, buildings, and infrastructure must be designed and governed as cyber-physical systems.

The Lifecycle
of Risk

In the built environment, risk is rarely created where it is ultimately felt. Instead, it accumulates across decisions made at different stages, by different actors, and under different incentives.

Cyber-physical resilience is shaped long before systems go live and tested long after projects are handed over.

Design → Build → Operate → Respond and Recover

Decisions made at each stage of the lifecycle shape risks that subsequent actors must manage, often without the authority to change the conditions they inherit.

The Ecosystem
Shaping Resilience

The core challenge is not a lack of expertise. It is the absence of a shared framework for ownership, coordination, and accountability across the lifecycle.

Cyber-physical resilience is not created by a single organization or discipline. It emerges, or fails, across the full lifecycle of the built environment.

21.city convenes leaders who shape this system at different stages and who rarely have the opportunity to align perspectives, responsibilities, and decisions across organizational boundaries.

This stage includes urban planners and architects, engineers and system designers, leaders in digital twins, simulation, and AI, as well as public sector planning authorities.

Design choices determine how resilient systems can be for decades. Yet cyber-physical risk is still rarely treated as a core design parameter alongside cost, sustainability, and performance.

21.city focuses on embedding resilience and security by design, anticipating long-term cyber-physical failure modes, and translating cyber risk into planning and design decisions.

This stage includes construction firms and EPCs, real estate developers and asset owners, system integrators and OT vendors, as well as project delivery and transformation leaders.

During construction, digital and physical systems are integrated under real-world constraints. This is where complexity increases and where vulnerabilities are often introduced that operators later inherit.

21.city focuses on managing OT and IT convergence in real environments, addressing supply chain and component risk, and clarifying accountability at the transition from build to operate.

This stage includes critical infrastructure operators, facility and asset managers, municipal CIOs, CISOs, and resilience leaders.

Operators are responsible for safety, continuity, and public trust. They manage cyber-physical risks daily, often without meaningful influence over earlier design and build decisions.

21.city focuses on operational resilience beyond uptime, understanding cascading effects across interconnected systems, and supporting decision-making under cyber-physical stress.

This stage includes crisis and incident response leaders, cybersecurity leadership, and stakeholders in risk, insurance, and policy.

Incidents expose more than technical weaknesses. They reveal organizational, governance, and coordination gaps that determine whether systems recover effectively or fail under pressure.

21.city focuses on preparedness and anticipation, not only response, strengthening organizational resilience and leadership under stress, and ensuring that lessons learned flow back into design and operations.

Bridging
Disciplines

The disciplines shaping the built environment operate with different priorities, languages, and mental models. Cyber experts focus on threats, designers focus on structure, operators focus on continuity, and executives focus on accountability.

When these perspectives remain disconnected, resilience breaks down at the system level.

21.city acts as a translation layer between disciplines, enabling shared understanding, coordinated decision-making, and resilience as a system property rather than a departmental task.

TRANSLATION LAYER

Latest Updates

Insights and developments from 21.city on cyber-physical resilience, critical infrastructure, and the built environment.

Feb 5, 2026

Launching at Hacking Smart Cities

21.city makes its public debut in Munich, bringing together leaders in critical infrastructure, construction, and cybersecurity.

Jan 28, 2026

The Lifecycle of Cyber-Physical Risk

How decisions made at design shape risks that operators must manage, often without authority to change inherited conditions.

Jan 15, 2026

Why Resilience Requires Translation

Bridging the gap between cyber expertise, architectural systems, and operational accountability in the built environment.

WHO THIS IS FOR

21.city is for decision-makers with authority over critical systems and responsibility when those systems fail.

The platform is intentionally focused. It is designed for leaders who operate in real-world complexity, manage long investment horizons, and carry accountability for long-term outcomes.

21.city is not a general community. It is an initiative for those shaping decisions with lasting consequences.

Initiated by
COMCODE

21.city is initiated by COMCODE to address a challenge that traditional approaches are not equipped to solve.

As cyber risk becomes physical, resilience can no longer be treated as a purely technical issue. It requires strategic judgment, cross-disciplinary coordination, and leadership under real-world pressure.

COMCODE contributes practitioner expertise in strategic digital architecture and transformation, lifecycle-oriented strategy and governance, cyber-physical risk and threat insight, technology guidance, urban resilience and ecosystem strategy, and cyber-physical defense integration.

This experience positions COMCODE to initiate and anchor 21.city not as a vendor, but as a strategic convener and trusted advisor grounded in real-world incidents and accountable outcomes.

Join the
Ecosystem

Resilience is a shared responsibility. The systems we build today define the risks we manage tomorrow.

21.city is building a focused ecosystem of strategic partners across the full lifecycle of the built environment.

We are actively engaging organizations and leaders who shape critical systems and carry accountability when they fail.

Get in Touch Follow 21.city