Organizations focused on high impact risks such as cyber attack and IT outages under-estimate the impact of more frequent events finds the 2019 BCI Horizon Scan report.
Health and safety incidents have become the leading financial loss drivers for businesses around the globe, with cumulative losses now outstripping the costs of more high-profile disruptions such as cyber attacks or IT outages.
Meanwhile, political change has entered the top ten list of future threats for the first time since 2015, while blockchain and artificial intelligence are new risks which rank amongst the top sources of potential disruption in the year ahead.
These figures are some of the highlights from the 2019 edition of the annual Business Continuity Institute Horizon Scan report, which was published recently in association with BSI (the British Standards Institution). The report analyses the risks and threats recognized by 569 organizations worldwide, comparing these against the impact of actual disruptions over the past year.
Now in its eighth edition, the 2019 Horizon Scan reveals a significant gap between perceived risks and actual issues from the past 12 months. For the year ahead, organizations are most concerned about high-impact events, including cyber attacks, IT outages and extreme weather events, despite the fact that other incidents recurred more often and have a cumulatively higher impact. Some of the threats perceived to be low risk are being underrated when looking towards future resilience.
The clearest example of this is health and safety risks. The 2019 Horizon Scan totalled up the costs for surveyed organizations which suffered losses of more than 7 percent of annual turnover, and found that health and safety incidents cost over $1.186 billion in 2018. Despite the frequency and cumulative cost of these incidents, organizations continue to perceive their impact as relatively low, ranking them twelfth on the list of top risks for 2019.
Howard Kerr, Chief Executive at BSI, commented: “It is easy for leaders to be kept awake at night by high-profile risks such as cyber attacks, technology disruptions and IT outages. But they must not ignore the smaller, more frequent risks that steadily erode the bottom line. Organizations that do not take all threats they face seriously, or develop plans to manage them, are exposing themselves to not only reputational loss but what can become quite severe financial costs. Achieving true organizational resilience means identifying not only the big risks but also the under-rated issues that may just seem ‘business as usual’ and can easily be missed.”
Other key findings of the 2019 Horizon Scan report include:
- Political change is predicted to be one of the top ten disruptions in the next 12 months but the financial aspect of political change seems to be neglected, as threats related to exchange rate volatility and higher cost of borrowing do not appear in the top ten.
- Organizations with business continuity plans in place for more than a year suffer fewer disruptions than their peers; they report lower losses (6 percent) than the average (7 percent) from disruptions in the last twelve months.
- Organizations direct a lot of time and attention towards risks that were previously considered ‘Black Swans’ – events that struck as a surprise, with a high impact on those affected. These events then become a key focus of attention. Risks such as critical infrastructure failure and natural disasters are among the most anticipated disruptions with high risk scores (5.47 and 5.43 respectively).
This PDF provides a summary of the key findings from the 2019 Horizon Scan report.
To read the full report click here.