Information security issues have topped the list of threats that business continuity professionals are concerned about for the third year running, according to the BCI Horizon Scan Report for 2017.
The threat of cyber attacks heads the list for the third year in a row, with 88% of respondents to the BCI survey concerned about being hit by a cyber attack. Information security concerns also fill the second place on the list, with 81% of respondents concerned about the threat of a data breach striking their organisation. Unplanned IT and telecommunications outages remains in third place among the threats that practitioners are most concerned about.
In association with BSI, the BCI Horizon Scan Report is based on an annual study which tracks near-term threats to organisations across industry sectors globally. In its sixth edition, this study measures concern over specific threats as reported by business continuity and resilience professionals. For the first time this year, the report also captures disruption caused by these threats, offering a basis of comparison between the level of concern and actual incidents.
This new metric produces a somewhat different result from the concerns expressed by practitioners. The top three causes of actual business disruptions during the year were unplanned IT and telecommunications outages (72%), adverse weather (43%) and interruption to utility supply (40%). Only in fourth place came cyber attacks (35%) and in ninth place data breach (15%).
This difference between expectation and reality does highlight that good BC planning covers a wide range of eventualities, and not just those that are at the top of your risk matrix. You really do need to be response ready for a variety of possible scenarios, high medium and low risk. It is often those unexpected risks, no matter how small, that can cause the biggest disruption to your business operations.
This response readiness is the philosophy behind Crises Control, and is why we provide you with an incident library of over 200 possible business disruption events to begin to build your incident specific response plans. These include all of the top incidents in the BCI Horizon Scan list, power outage, adverse weather, IT outage and cyber attack.
It is also the thinking behind the forthcoming release of our new iSOP Wizard, which will allow you to create your own bespoke incident standard operating procedures, drawing on best practice and high value content from existing source material contained within our platform.
We are very excited about this release, which is now entering the beta testing phase and will be launched in the next few weeks. Contact us now if you want to know more about this exciting new feature or even join the beta testing programme.