Many organisations don’t devote enough attention to mission-critical applications when creating disaster recovery plans. One of the biggest reasons is the ‘resiliency perception gap’, or the gap between executives’ perceptions of the effectiveness of their resiliency strategies and how successful these plans actually are at protecting against application outages or downtime. This gap can result in lost revenue and damaged brand reputations.
A new Forbes Insights Executive Brief, sponsored by IBM, shows that 80% of respondents fully expect their disaster recovery plans can run their business in the aftermath of a disruption, yet this confidence is questionable. Less than a quarter of those same executives say they include all critical applications in their disaster recovery strategies, which means that 78% of enterprises face unplanned and unnecessary risks for these essential resources.
‘Business Resiliency: Now’s The Time to Transform Continuity Strategies’ also notes that gaps exist in management and governance activities, with 61% of executives observing that business continuity, disaster recovery and crisis management are ‘siloed’ rather than administered as they should be as an interrelated whole.
Many organisations don’t have the means – or the desire – to fully protect critical assets as nearly three-quarters (73%) of surveyed executives pointed to shortfalls in funding and other resources as impediments to covering all critical applications within disaster recovery programmes. In addition, another 25% of executives don’t even consider it essential to cover 100% of their critical applications.
Outdated runbooks are common as more than half of enterprises (58%) go almost a year, and sometimes longer, between tests of their business continuity and disaster recovery plans. Only 28% of companies run assessments on a monthly basis. As a result, nearly half of the executives (47%) say that disaster recovery drills or actual events showed the runbook was ‘out of sync’. Almost half (46%) of the executives questioned believe that testing disrupts their organisations, while the cost of running tests keeps another 25% from testing more frequently.
There’s often an over-reliance on manual processes as disaster recovery strategies are not becoming automated as quickly as production processes, leaving nearly a third (31%) of enterprises struggling with manual disaster recovery resources. Even many of the more mature organisations have only pockets of automation.
“Clearly, many executives don’t realise the full extent of risks they’re running,” said Bruce Rogers, chief insights officer at Forbes Media. “On top of that, tight budgets force many to make trade-offs.”
Chandra Sekhar Pulamarasetti, co-founder and CEO of Sanovi Technologies and vice-president of cloud resiliency orchestration software and services at IBM, added: “Today’s clients demand IT recovery solutions that are designed for complex hybrid cloud environments to restore their confidence and meet their business needs. Cyber attacks and other threats require innovative business resiliency plans that are orchestrated to anticipate problems and reduce risk, cost and downtime in the process.”