The Business Continuity Institute (BCI) have published their list of top 10 risks for organisations in 2024:
- Cyber attacks
- Extreme weather events such as floods, storms, or freeze
- IT and telecommunications outage
- Increased cost of living
- Interruption to energy supply
- Supply chain disruption
- Natural disasters such as earthquakes or tsunamis
- Data breaches
- Critical Infrastructure failure
- Introduction of new technology, such as Internet of Things (IoT), or Artificial Intelligence (AI)
You might look at this list and think that these risks won’t affect you (earthquakes? Critical infrastructure failure?). But here’s the thing: any of them could affect you, directly or indirectly. For example, looking at the top three:
- Cyber attacks – just because your business isn’t a household name, you can’t assume you won’t be attacked. Some attacks are targeted, but others are random. Assume you will be attacked at some point—and if not you, then your suppliers might be.
- Extreme weather events – we love to talk about the weather here in the UK, just because it is so changeable. But the weather is becoming more extreme, and even if your business isn’t immediately affected by an extreme event, your suppliers’ businesses may be. Extreme weather may flood or damage buildings (and stock or equipment inside), or it might make transport difficult for goods or for staff.
- IT/telecommunications outage – we are all increasingly dependent on technology, so when it goes down, even for a little while, we can experience some difficulty (did you watch Leave the World Behind recently?)
Any event that causes a disruption to business operations, whether directly to your business, to your suppliers’ business—and even to your staff, who may not be able to get to work, or to work remotely—will be problematic.
Preparing for disruption
Think about what might happen. First, come up with a list of risks that are relevant to your business. You might as well start with the BCI top 10. How likely are they to affect your business, and in what ways? Are there any risks to your business that aren’t in the BCI top 10?
Once you have your list, think about what you can do about them. Is there anything you can do to reduce the risk of them happening to you? And what could you do to prepare for the disruption if they did?
And then decide which of those potential actions it makes sense to implement. There’s no point in putting in place expensive measures that cost more than the potential loss to your business. But think through what you could reasonably do to reduce the risk, and to prepare for disruption if the risk comes to pass.
Now you have a plan. The next step will be to act on your plan and implement those measures you have decided on.
It’s worth practicing how you and your team would react to such disruption, too.
If you’d like help with any of these steps, contact the Click and Protect team on 0113 733 6230 to talk about our risk management and business continuity services.