Physical security is seen as growing concern for business continuity professionals, according to the fifth annual Horizon Scan Report published by the Business Continuity Institute, in association with BSI. Among the ranks of potential threats that organizations face, acts of terrorism gained six places from 10th in 2015 to 4th this year, while security incidents moved from 6th place to 5th place.
55% of respondents to the global survey expressed concern about the possibility of both an act of terrorism or a security incident such as vandalism, theft or fraud disrupting their organization, compared to 42% and 48% respectively the previous year. Whether these concerns are justified is another matter, but the incidents in Paris are still fresh in the mind, not to mention the many other events from across the world that constantly fill our news channels.
While security incidents of a physical nature make up the 4th and 5th greatest threats, it is incidents belonging to the virtual world that once again make up the top three. For the second year running, cyber attack comes in at number one with 85% of respondents expressing concern (2015: 82%). The attack on BBC over the new year period is a reminder of the danger this kind of threat poses when it suffered what was reputed to be the largest DDoS attack in history at 600 GBps, enough to bring down its website and most of its online services for some considerable time.
Data breach has climbed from 3rd place in 2015 to 2nd place this year with 80% of respondents expressing concern about the prospect of this type of threat materializing (2015: 74%). Not only are data breaches damaging reputationally, they can be expensive in terms of any fines imposed as result.
Unplanned telecoms and IT outage may have dropped from 1st place in 2014 to 2nd place in 2015 and now 3rd place in 2016, but it is still a very real threat with 77% of respondents expressing concern (2015:81%). Offices, shops, factories and warehouses are all heavily reliant on IT infrastructures and when those infrastructures fail it can cause severe disruption.
This year’s global top ten threats to organizations are:
- Cyber-attack – static
- Data breach – up 1
- Unplanned IT and telecoms outages – down 1
- Acts of terrorism – up 6
- Security incidents – up 1
- Interruption to utility supply – down 2
- Supply chain disruption – down 2
- Adverse weather – up1
- Availability of talents/key skills – up 5
- Health and safety incident – up 1
David James-Brown FBCI, Chairman of the Business Continuity Institute, commented: “The need perceived by organizations to identify and build resilience to this range of threats reveals the importance of this survey for business continuity professionals, the Horizon Scan’s reputation and reliability make it one of the most popular reports in the industry on a global scale. It is indeed crucial for practitioners to advise organizations on what to prepare for and adjust their recovery plans accordingly.
“The industry landscape is rapidly changing, and so should our discipline in order to keep up with both traditional and modern challenges. At the top of the list this year we continue to see threats such as cyber-attack, data breach and unplanned IT outages. More traditional threats such as terrorism continue to be ’front-of-mind’ for organizations. Given the rise of new challenges and the fact that old ones remain, horizon scanning techniques are even more valuable in assisting organizations to be prepared to the best of their potential.”
Howard Kerr, Chief Executive at BSI, commented: “2015 saw a number of high profile businesses across the world hit by cyber attacks, so it’s reassuring to see that so many are aware of the threat it poses. Our research finds it to be the top concern in six out of the eight regions surveyed.
“However, we remain concerned to see that businesses are still not fully utilizing the information available to them to identify and remedy weaknesses in their organizational resilience.
The report concludes that horizon scanning impacts on overall resilience as it provides an objective basis for assessing near-term threats that lead to disruption. The Horizon Scan Report, as a global study aggregating practitioner input across industry sectors and regions, complements in-house analysis and provides useful input for strategic decisions.
Download your free copy of the Horizon Scan Report Horizon Scan Report (registration required). If you have any questions, or would like to find out more, join the webinar on the 25th February when we will be discussing some of the findings and answering any of your questions.