Image Image Image Image Image Image Image Image Image Image

Outsource magazine: thought-leadership and outsourcing strategy | September 20, 2017

Scroll to top

Top

No Comments

Scanning the Horizon: Business Continuity Challenges

Scanning the Horizon: Business Continuity Challenges
Outsource Magazine

Machines and technology are usually at the centre of all that we do. In the office the work we perform is largely done using a computer – and if you’re out of the office, then it is either on a smartphone or a tablet computer. In factories and shops the processes are largely automated, or at least semi-automated. Even at home internet use is starting to become more prevalent as basic household appliances become more connected.  All this technology is designed to make our lives easier and our work more efficient, and it does, but this does come at cost?

A new report published by the Business Continuity Institute (BCI), in association with BSI (British Standards Institution), has revealed that it is IT-related threats that are continuing to cause the greatest concern for organisations, ranking above other threats such as natural disasters, security incidents and industrial disputes.

The annual Horizon Scan report shows that three quarters (77%) of Business Continuity Managers fear the possibility of an unplanned IT and telecoms outage and 73% worry about the possibility of a cyber-attack or data breach. Conduct a simple Google search of any of these terms and it’s not too difficult to see why these fears exist.

In late 2013, an IT failure at RBS meant that many of the bank’s customers could not access their money on one of the busiest shopping days of the year, an event that some have said could cost the bank £1 billion in order to upgrade their computer system. In 2010, both Mastercard and Visa had to take their websites offline due to cyber attacks and there have been many other high-profile cases of organisations – public and private,  large and small – having to do the same. In 2011 a data breach at Sony resulted in the theft of personal details of up to 77 million customers which cost Sony an estimated $171 million, not to mention the reputational damage.

These are not exactly small organisations; these are large multinationals, supposedly with the resource and the infrastructure to prevent these kind of incidents. This shows that no organisation should consider itself exempt from these threats – so whatever the size, whatever the location, processes must be in place to be able to deal with them.

So why does all this matter? Surely as long my organisation has an effective business continuity plan then I’ll be fine?

Globalisation has happened and it is here to stay as organisations continue to expand their own networks. Very few, if any, organisations are self-sufficient and increasingly we find that work is being outsourced and then further outsourced down the line, resulting in a complex supply chain. It can only take one incident occurring at any organisation within the supply chain for the repercussions to be felt right across it.

In the UK it is highly unlikely that earthquakes will be on anyone’s radar as a potential threat, but many UK-based organisations whose supply chain extends to Japan were affected by the earthquake and subsequent tsunami in 2011. As businesses that operate in these countries fail to function effectively then the knock-on effect hits every other business along the supply chain.

One of the more surprising results that emerged from the Horizon Scan survey was the extent to which supply chain disruption had slipped down the list of concerns for BC professionals, moving from 8th place in 2013 to 16th place in 2014. Could this reflect that supply chains are now sufficiently under control to not worry organisations? No. It may have slipped down the rankings but the percentage of respondents that expressed concern or extreme concern did in fact increase from 40% to 42% over the course of the year, demonstrating that the supply chain disruption is still a major worry.

This worry is perhaps justified as highlighted in the latest Supply Chain Resilience report published by the BCI in 2013. Some of the findings here were that:

  • 75% of respondents recorded at least one supply chain disruption during the past year with 42% of this disruption originating below the immediate supplier
  • 15% experienced an annual loss in excess of €1M while 9% experienced a single event that resulted in a loss in excess of €1M
  • 75% of respondents reported that they did not have full visibility of their supply chain
  • 49% of respondents state that half or less of their key suppliers have BC arrangements in place for their own needs

This report identifies clearly the frequency of disruption, the cost as a result of these disruptions, and that disruption does not have to occur in your own organisation for it to have an effect.

So what does the Horizon Scan report tell us? It tells us that business continuity professionals are worried. They are worried that the challenges organisations face are on the increase and that greater work needs to be done to deal with any perceived threats. It is essential that organisations conduct some sort of horizon scan in order to identify the threats that are specific to them so they can ensure that resources are targeted towards dealing with the impact of those threats materialising. As Lyndon Bird, Technical Director at the Business Continuity Institute notes: “Organisations are different so the horizon scanning process is essential in order to assess these threats and ensure that the right business continuity plan is in place to deal with the impact of them.”

Horizon scanning does not just mean assessing the threats that your own organisation faces however, but also the threats that any organisation you deal with could face. Any threats coming to fruition need not affect you directly to have a major impact, even something that impacts your organisation indirectly could have significant consequences and must be dealt with. Therefore organisations need to ensure that organisations throughout the supply chain (customers and suppliers) have an effective business continuity plan in place. As Howard Kerr, Chief Executive at BSI, stated: “Developing the resilience of networks, services and business critical information must be an integral part of an organisation’s wider business resilience strategy.”

For further information on the BCI Horizon Scan survey report, please visit www.thebci.org or the BSI website media centre.

This article originally appeared in Outsource magazine Issue #35 Spring 2014.


About the Author

Andrew Scott BCI 150Andrew Scott is the Senior Communications Manager at the Business Continuity Institute (BCI), the global professional body and certifying organisation for business continuity practitioners.

Submit a Comment