Cyber-attack seen as top business threat

17 February 2015

Report shows drop in business preparedness

Failure to analyze trends creates dangerous blind spot for organizations

Cyber-attack is the top threat perceived by businesses, according to the fourth annual Horizon Scan report published today by the Business Continuity Institute (BCI), in association with BSI. Supply chain disruption is reported as the fastest rising threat, up 11 places since last year.

The annual BCI Horizon Scan assessed the business preparedness of 760 organizations worldwide and shows that over three quarters (82%) of Business Continuity Managers fear the possibility of a cyber-attack, with 81% worried about the possibility of unplanned IT outages and 75% concerned about data breaches similar to those suffered by Sony in 2014. A recent industry report1 highlights the annualized cost of cyber-crime, per global company, now stands at $7.6 million, a 10.4 per cent year-over-year increase.

Concerns over supply chain disruption were the fastest rising threat, climbing to fifth place in this year’s report, up from 16th in 2014. Almost half of those polled (49%) identified increasing supply chain complexity as a trend, leaving their organization vulnerable to disruption from conflict or natural disasters.

This year’s global top ten threats to business continuity are:

  1. Cyber-attack - up 1
  2. Unplanned IT and telecoms outages – down 1
  3. Data breach – static
  4. Interruption to utility supply - up 1
  5. Supply chain disruption - up 11
  6. Security incidents – up 1
  7. Adverse weather – down 3
  8. Human illness – up 3
  9. Fire – down 3
  10. Acts of terrorism – down 1

Howard Kerr, Chief Executive at BSI, commented:

“Globalization has brought the world’s conflicts, epidemics, natural disasters and crime closer to home. It is of real concern that this year’s report shows that businesses are not fully utilizing information to identify and remedy blind spots in their organizational resilience strategies. Tracking near and long-term threats provides organizations of all sizes with an objective assessment of risks and how to mitigate them. Failing to apply best practice leaves organizations and their employees, business partners and customers at risk.”

Despite growing fears over the resilience of their firms, the report records a fall in the use of trend analysis by business continuity practitioners, with a fifth of firms (21%) failing to invest in protective discipline. A similar proportion (22%) report not employing trend analysis at all, making it a blind spot for organizations. Globally business preparedness shows variations with 8 out of 10 (82%) organizations in the Netherlands utilizing trend analysis, while just 6 in 10 firms in the Middle East and Africa do so (63%).  Small businesses, evaluated for the first time in this year’s report, are seen to lag behind industry best practice with just half currently applying international standards for business continuity management. 

Todd VanderVen, President of BSI Americas added, “Cybersecurity and supply chain management concerns are on the rise. BSI is well positioned with our business solutions to ensure our clients have the ability to recover readily from adversity or incidents that threaten their business.” 

The report provides the strong recommendation that the rising costs of business continuity demand greater attention from top management. Encouragingly, adoption of ISO 22301, the business continuity standard, appears to have reached a tipping point with more than half (53%) of organizations now relying upon this, up from 43% last year. Almost three quarters of firms (71%) intend to better align their activities with ISO 22301 over the next 24 months.

Lyndon Bird FBCI, Technical Director at the BCI, commented:

“The world faces diverse problems from cybercrime and political unrest to supply chain vulnerabilities and health hazards. This report shows the vital importance of business continuity professionals understanding such trends. No longer can those working in the field believe they can resolve all their problems themselves. As an industry we must work together with our fellow practitioners to deal with the complexity of these threats.” 

Notes:

  • 12014 Ponemon ‘Cost of Cybercrime’ report
  • Note to the online survey: respondents were from 72 countries. The total number of respondents was 760.

Find out more about business continuity during Business Continuity Awareness Week, the global free education event that runs from 16th to 20th March 2015.  

 

About the Business Continuity Institute

Based in Caversham, United Kingdom, the Business Continuity Institute (BCI) was established in 1994 to promote a more resilient world and to assist organizations in preparing for and surviving minor and large-scale man-made and natural disasters.  The Institute enables members to obtain guidance and support from their fellow practitioners and offers professional training and certification programmes to disseminate and validate the highest standards of competence and ethics.  It has over 8,000 members in more than 100 countries in an estimated 3,000 organizations in private, public and third sectors.  For more information go to: www.thebci.org

 

About BSI

One Company, One Solution. By packaging assessment, training and a management system toolset, BSI delivers a business improvement solution that combines it all in a comprehensive service offering and allows us to provide an integrated approach to meet the needs of the organization and embed excellence across the business. BSI presents a one-stop value proposition from the decision to improve systems through to registration and continual improvement. From start to finish, BSI helps turn complexity into simplicity. To learn more, please visit www.bsigroup.com.