Cyber-attack seen as top business threat

Report shows fall in business preparedness, while failure to analyze trends creates dangerous blindspot for organizations

March 16, 2015
by PurchasingB2B Staff

document securityCyber-attack is the top threat perceived by businesses, according to the fourth annual Horizon Scan report published by the Business Continuity Institute (BCI), in association with BSI. Supply chain disruption is reported as the fastest rising threat, up 11 places since last year.

The annual BCI Horizon Scan assessed the business preparedness of 760 organizations worldwide and shows that three quarters (82 percent) of Business Continuity Managers fear the possibility of a cyber-attack, with 81 percent worried about the possibility of unplanned IT outages and 75 percent data breaches similar to that suffered by Sony in 2014. A recent industry report highlights the annualized cost of cyber-crime per global company now stands at $7.6 million, a 10.4 percent year-over-year increase.

Concerns over supply chain disruption were the fastest rising threat, climbing to fifth place in this year’s report, up from 16th in 2014. Almost half of those polled (49 percent) identified increasing supply chain complexity as a trend, leaving their organization vulnerable to disruption from conflict or natural disasters.

This year’s global top ten threats to business continuity are:

  • Cyber-attack
  • unplanned IT and telecoms outages
  • data breach
  • interruption to utility supply
  • supply chain disruption
  • security incidents
  • adverse weather
  • human illness
  • fire
  • acts of terrorism

“Globalization has brought the world’s conflicts, epidemics, natural disasters and crime closer to home,” said said  Gary Robinson, Commercial Director at BSI Group Canada. “It’s of real concern that this year’s report shows that businesses are not fully utilizing information to identify and remedy blind spots in their organizational resilience strategies. Tracking near and long-term threats provides organizations of all sizes with an objective assessment of risks and how to mitigate them. Failing to apply best practice leaves organizations and their employees, business partners and customers at risk.”

Despite growing fears over the resilience of their firms, the report records a shock fall in the use of trend analysis by business continuity practitioners, with a fifth of firms (21 percent) failing to invest in protective discipline. A similar proportion (22 percent) report not employing trend analysis at all, making it a blind spot for organizations. Small businesses, evaluated for the first time in this year’s report, are seen to lag behind industry best practice with just half currently applying international standards for business continuity management.

The report provides the recommendation that the rising costs of business continuity demand greater attention from top management. According to the report, adoption of ISO 22301, the business continuity standard, appears to have reached a tipping point with more than half (53 percent) of organizations now relying upon this, up from 43 percent last year. Almost three quarters of firms (71 percent) intend to better align their activities with ISO 22301 over the next 24 months.