The top three threats perceived by businesses globally are cyber-attack, data breach and unplanned IT and telecom outages, finds a new BSI sponsored report.
Cyber-attack is the threat most feared by businesses around the world, including small and medium-sized enterprises (SMEs), according to the seventh edition of the BCI Horizon Scan 2018, released in association with BSI.
The report suggests that large-scale cyber-attacks that took place in 2017 appear to have reaffirmed the need to build cyber-resilient organizations, with growing uptake of, and investment in, business continuity management (BCM) programmes by businesses of all sizes.
The annual BCI Horizon Scan assessed the preparedness of 657 organizations worldwide, a quarter of them employing fewer than 500 employees. For the third year running, the study shows that the possibility of a cyber-attack most worries business continuity and resilience professionals, with 53% ‘extremely concerned’ about it. Meanwhile, 42% are worried about the possibility of a data breach, and 36% about unplanned IT or telecom outages.
The report’s author, Gianluca Riglietti, BCI Research & Insight Manager, observes, “While cyber-attacks and data breaches are still the main worries for professionals, especially with the increasing adoption of internet-connected devices, there is a wide range of threats that concern organizations.”
Physical security challenges, for instance, remain a major concern for organizations, with 18% of businesses identifying interruption to utility supply and adverse weather as severe threats. “Physical security incidents seem to be a growing concern, and businesses should also remain vigilant about natural catastrophes and pandemics, which can have a highly disruptive impact,” says Riglietti.
Globally, the top 10 threats to businesses are:
- Data breach
- Unplanned IT & telecom outage
- Interruption to utility supply
- Adverse weather
- Act of terrorism
- Security Incident
- Supply chain disruption
- Transport network disruption
Such fears are reinforced by some sobering statistics for actual business disruptions. Among SMEs, for example, the BCI Horizon Scan finds that, in practice, 57% suffered unplanned IT and telecom outages at some point in the past 12 months, while 41% fell victim to interrupted utility supply. A large majority of SMEs (71%) also identified the emergence of the use of the internet for malicious attacks as a major trend.
The report reinforces the importance of workplace recovery plans to help organizations become better prepared for crises, ensuring the safety of their staff and the stability of their operations. It suggests that professionals are becoming increasingly aware of the benefits that business continuity brings to their organizations, with a growing uptake of the international management system standard for business continuity (ISO 22301), along with growth in the investment made into BCM programmes. SMEs are as intent as larger companies on investing in business continuity, with 78% of both groups maintaining or increasing their budget for it.
Howard Kerr, Chief Executive of BSI, says that, as the development of more sophisticated smart technologies gathers pace, organizations can’t afford to be complacent. “They may be cognizant of the importance of business continuity, but it’s not just this that will build their organizational resilience,” he says. “A much more holistic approach is required, focused on understanding all strengths and vulnerabilities.”
He continues, “It’s worrying to see that 29% of our respondents still don’t have access to the important information that helps them conduct longer term analysis for horizon scanning, and 23% do not conduct any kind of trend analysis at all.” The figures present an even starker picture among SMEs, with almost half failing to conduct trend analysis.
Kerr concludes, “Ultimately, organizations must recognize that, while there is risk, and plenty of it, there is also opportunity. Organizational resilience allows leaders to take advantage of this, enabling their businesses to not merely survive, but thrive.”
Attend a free BSI seminar for advice on how to improve your business, including:
- Information and cyber security tips
- Business improvement and quality management advice
- Practical exercises around quality and risk
- GDPR information and update
- Networking with peers
You’ll also meet BSI experts and have the opportunity to ask any questions you may have.
Date: Thursday 24 May 2018
Timings: Breakfast refreshments from 09:30, presentations at 10:00. 12:00 finish.
Location: The Village Hotel, 140 Crewe Rd S, Edinburgh EH4 2NY