Cyber attacks top list of key business threats for third year running in BCI’s Horizon Scan

The large-scale cyber attacks that took place last year have reaffirmed the need to build cyber resilient organisations. That’s according to the seventh edition of the Business Continuity Institute’s (BCI) Horizon Scan 2018, released in association with the BSI. For the second year in succession, the threat of data breach was ranked second.

The annual BCI Horizon Scan assesses the business preparedness of 657 organisations worldwide and shows that 53% of business continuity and resilience professionals are ‘Extremely concerned’ about the possibility of a cyber attack. Meanwhile, 42% are worried about the possibility of a data breach, with 36% concerned about unplanned IT or telecoms outages.

Physical security challenges also remain a major concern for organisations, with 18% of businesses identifying any interruption to utility supplies and adverse weather as severe threats. There’s an intrinsic connection between these two concerns, as severe weather events – such as Hurricane Irma and Hurricane Harvey – often damage infrastructure and utility services. This unavoidable chain reaction reinforces the importance of workplace recovery plans designed to help organisations become better prepared for crises, ensuring the safety of their staff and the stability of their operations.

The report suggests that professionals are becoming increasingly aware of the benefits that business continuity brings to their organisations. The uptake of ISO 22301 for business continuity is growing, as is the investment made into business continuity management programmes.

Moreover, the results of the report suggest that there’s a positive correlation between the amount of time spent by organisations in adopting and embedding business continuity management arrangements and the likelihood of businesses to keep investing in them. 86% of organisations who have had business continuity plans in place for five years or more stated that they will either increase or maintain their investment in business continuity. The BCI’s report proposes that this could be due to the fact that professionals are beginning to see a return on investment from their business continuity plans.

Maintaining investment in business continuity

Both SMEs and large enterprises are more inclined to maintain their investment in business continuity at the appropriate levels, with only 6% (SMEs) and 12% (large enterprises) planning budget cuts. This represents a reduction of 1% and 4% respectively from last year’s findings.

Howard Kerr: CEO at the BSI

Howard Kerr: CEO at the BSI

Howard Kerr, CEO at the BSI, stated: “With the stakes continuing to rise as the development of more sophisticated smart technologies gathers pace, organisations cannot afford to be complacent. They may be cognisant of the importance of business continuity, but it’s not just this that will build their organisational resilience. A much more holistic approach is required. One that’s focused on understanding all strengths and vulnerabilities. It’s worrying to note that 29% of our respondents still don’t have access to the important information that helps them to conduct longer term analysis for horizon scanning, while 23% don’t conduct any kind of trend analysis at all. Ultimately, organisations must recognise that, while there’s risk and plenty of it, there’s also opportunity. Taking advantage of this means that business leaders can steer their organisations to not just survive, but thrive and, ultimately, be more resilient.”

Gianluca Riglietti CBCI, author of the report, said: “The Horizon Scan Report 2018 reveals how a wide range of threats concern organisations moving forward. Cyber attacks and data breaches are still one of the main worries for professionals, and especially so with the increasing adoption of Internet-connected devices. However, physical security incidents, such as terrorism or gun violence, seem to be a growing concern. Practitioners should also remain vigilant about natural catastrophes and pandemics that could occur in the short term and have a highly disruptive impact. On the other hand, organisations seem to be heading in the right direction in terms of preparedness, as the uptake of business continuity arrangements shows consistent growth.”

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014.

Related Posts