The BCI released its fifth Horizon Scan report today – the association’s annual analysis of the top threats as perceived by business continuity managers. Conducted with the British Standards Institution, this year’s findings reveal the business preparedness of about 600 organisations globally, and shows cyber attack as the greatest concern for the majority (85%) of business continuity managers. Shifting up the list from third last year, data breach was next, worrying about 80% of respondents. These are not surprising conclusions, given the amount of damage a cyber attack or data breach can do. Neither is it a shock to see that supply chain disruption remains in the top ten (even if it fell two places from fifth last year to seventh this year).

What is disappointing, though, is the apparent lack of joined up thinking among business continuity practitioners/teams and the rest of the risk function/organisation, as, despite growing fears over the resilience of their firms, the report records another fall in the use of long-term trend analysis to assess and understand threats, down 3% to 70% this year. Of those carrying out trend analysis, a good third are not using the results to inform their business continuity management programmes.

Of course the data varies wildly depending on geography. According to the BCI’s sample, 94% of organisations in Canada are using trend analysis, while 29% in the Caribbean and Latin America say they are doing so. And, predictably, small businesses, evaluated for the second time in this year’s report, continue to lag behind.

Commenting on the data, chairman of the Business Continuity Institute, David James-Brown, says it is crucial for practitioners to advise organisations on what to prepare for and adjust their recovery plans accordingly. “The industry landscape is rapidly changing, and so should our discipline in order to keep up with both traditional and modern challenges. At the top of the list this year we continue to see threats such as cyber attack, data breach and unplanned IT outages,” he explains. “More traditional threats such as terrorism continue to be front-of-mind for organisations. Given the rise of new challenges and the fact that old ones remain, horizon scanning techniques are even more valuable in assisting organisations to be prepared to the best of their potential.”

Chief executive at BSI, Howard Kerr said while it’s reassuring to see that so many are aware of the threat posed by cyber attacks, he is concerned to see that businesses are still not fully using the information available to them to identify and remedy weaknesses in their organisational resilience.

“It is difficult to conceive that either investors or employees will be reassured that the leaders of the organisations they trust are making strategic decisions without an effective evaluation of risk,” Kerr said. “Ultimately, organisations must recognize that, while there is risk, and plenty of it, there is also opportunity. Taking advantage of this means that leaders can steer their businesses to succeed by not just surviving, but thriving.”

This year’s global top ten threats to business continuity, according to the BCI’s Horizon Scan 2016.

1. Cyber attack – static
2. Data breach – up 1
3. Unplanned IT & telecom outages – down 1
4. Act of terrorism – up 5
5. Security Incident – up 1
6. Interruption to utility supply – down 2
7. Supply chain disruption – down 2
8. Adverse weather – down 1
9. Availability of key skills – new entry
10. Health and Safety incident – new entry

Share Story: