Spectrum of digital risks top business continuity concerns

Cyber attack is once again the top threat perceived by businesses, according to research published this week by the Business Continuity Institute (BCI) in association with BSI (British Standards Institution). Eighty eight per cent of organisations are concerned about the possibility of a cyber attack. The threat of a data breach follows (81%), while unplanned IT and telecom outage remains third greatest concern (80%).

For the first time in the study’s six-year history, the threat of uncertainty around the introduction of new laws and regulations has entered the list of top ten business continuity concerns in the Horizon Scan Report.

These external events underscore the interconnected nature of risks and demonstrate the need for businesses to take them into account and plan accordingly.

For the first time, the survey also asked which disruptions respondents had experienced during the previous year in order to understand what lies behind the worry. The results showed that nine of the top ten concerns also appeared in the top ten list of disruptions, with transport network disruption appearing at the expense of act of terrorism. Unplanned IT and telecom outages came in at number one, followed by interruption to utility supply and then cyber attack. Data breach came in at eighth place.

With the top four threats all showing an increasing in level of concern, it is worrying that 14% of respondents will experience business continuity budget cuts over the next year, making them less likely to be able to respond effectively to these threats.

Despite growing fears over the resilience of their organisations, the report records another fall in the use of long-term trend analysis to assess and understand threats, down one per cent to 69% this year. Of those carrying out trend analysis, around a third of organisations (32%) do not use the results to inform their business continuity management programmes.


Top ten threats to business continuity (Source: BCI)

1. Cyber attack – static
2. Data breach – static
3. Unplanned IT and telecom outages – static
4. Security incident – up 1
5. Adverse weather – up 3
6. Interruption to utility supply – static
7. Act of terrorism – down 3
8. Supply chain disruption – down 1
9. Availability of key skills – static
10. New laws or regulations – new entry

Related Articles