March 11, 2014
A new report published by the Business Continuity Institute (BCI), in association with BSI, has revealed that IT-related threats are continuing to provide the greatest concern for organizations, ranking above other threats such as natural disasters, security incidents and industrial disputes.
The annual BCI Horizon Scan shows that three quarters (77%) of Business Continuity Managers fear the possibility of an unplanned IT and telecoms outage and 73% worry about the possibility of a cyber-attack or data breach.
The report also identifies long-term trends, with 73% seeing the use of the internet for malicious attacks as a major threat that needs to be closely monitored, with 63% feeling the same way about the influence of social media.
This year’s top ten threats to business continuity are:
- Unplanned IT and telecom outages
- Cyber attack
- Data breach
- Adverse weather
- Interruption to utility supply
- Security incident
- Health & Safety incident
- Act of terrorism
- New laws or regulations
Howard Kerr, Chief Executive at BSI, commented:
“At a time when changing climatic, social, political and economic situations are forcing organizations to be nimble in adapting to novel threats, it is essential to learn from others experience and best practice. Developing the resilience of networks, services and business critical information must be an integral part of an organization’s wider business resilience strategy. By putting in place a framework based on risk standards, you will be able to identify, prioritize and manage the range of threats to your business more effectively and keep your stakeholders reassured.”
Todd VanderVen, President of BSI Americas, stated:
“Uncertainty in today’s market makes management of business risks an operational imperative. Businesses of all types and sizes need to fortify their systems and build in the necessary redundancies to minimize disruption. End-to-end risk assessment and business continuity planning reduce the impact of disruptive incidents and ensure businesses recover quickly.”
The report, designed to offer a better understanding of threats to business continuity and helping practitioners learn how to protect their organizations, also revealed surprising trends in other areas of business continuity. Supply chain disruption, last year within the top ten concerns, moved down the list to 16th place. This is despite increasing supply chain complexity featuring within the top five emerging trends, in addition to the recent BCI Supply Chain Resilience Survey, which revealed that 75% of respondents experienced at least one supply chain disruption during the previous year.
Also highlighted was that, despite these growing levels of concern, only 18% of organizations are increasing their level of investment in business continuity programs while 11% are actively reducing theirs. The report further revealed that 22% of organizations conducted no trend analysis as part of their business continuity process so are potentially failing to assess these threats altogether.
The report concludes that with the variation in concerns across geographical locations and industry sectors, not all threats are generic. Organizations need to invest wisely in the development of technologies that can help counter the threats relevant to them, and the impact these threats would have should they materialize. With so many threats clear and present, the onus is on the industry to emphasize the immediate and very real return on investment a business continuity program has to offer.
Further findings from the report include:
- Adverse weather moved up the list of threats with 57% of respondents expressing concern or extreme concern. This was before the storms that have swept the UK and those on the eastern seaboard of the United States and Canada.
- Geography and industry play an important role in determining threat levels with respondents from Japan and New Zealand showing greater levels of concern for earthquakes, while those in the manufacturing industry rate supply chain disruption and product quality control as greater threats.
- Of the 71% of respondents who stated that they did conduct a trend analysis, a fifth of them claimed they had no access to the final output.
- Less than half of the respondents (44%) use the international standard ISO22301 as the framework for their business continuity management programme.
Lyndon Bird FBCI, Technical Director at the BCI, commented:
“This survey shows that there are some threats that are more common among most organizations, while others present themselves to varying degrees between different geographic locations or industry sectors. Organizations are different so the horizon scanning process is essential in order to assess these threats and ensure that the right business continuity plan is in place to deal with the impact of them.
This piece of research has greater significance this year for the BCI as the theme in what is our 20th year is all about looking to the future and facing the new challenges this future will bring.”
- Note to the online survey: respondents were from 82 countries. The total number of respondents was 690.
- A copy of the report is available on request to firstname.lastname@example.org or can be downloaded from the BCI website, www.thebci.org (registration required).
- Find out more about Business Continuity during Business Continuity Awareness Week, the global free education event that runs from 17th to 21st March 2014. Access experts, free resources and activities through the portal www.bcaw2014.com
About the Business Continuity Institute
Based in Caversham, United Kingdom, the Business Continuity Institute (BCI) was established in 1994 to promote the art and science of business continuity management and to assist organizations in preparing for and surviving minor and large-scale man-made and natural disasters. The Institute enables members to obtain guidance and support from their fellow practitioners and offers professional training and certification programmes to disseminate and validate the highest standards of competence and ethics. It has over 8,000 members in more than 100 countries in an estimated 3,000 organizations in private, public and third sectors.
For more information go to: www.thebci.org
BSI (British Standards Institution) is the business standards company that equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. Formed in 1901, BSI was the world’s first National Standards Body and a founding member of the International Organization for Standardization (ISO). Over a century later it continues to facilitate business improvement across the globe by helping its clients drive performance, manage risk and grow sustainably through the adoption of international management systems standards, many of which BSI originated. Renowned for its marks of excellence including the consumer recognized BSI Kitemark™, BSI’s influence spans multiple sectors including aerospace, construction, energy, engineering, finance, healthcare, IT and retail. With over 70,000 clients in 150 countries, BSI is an organization whose standards inspire excellence across the globe. To learn more, please visit www.bsigroup.com