Is your business or organisation resilient? Every year thousands of businesses fail because they have neglected to maximise their resilience to various threats to their business.
In 2017, there were 5.7 million businesses in the UK. Over 99% of businesses are small or medium-sized businesses, employing 0-249 people. Sadly, however, 328,000 businesses failed in 2016 – that’s a 12% ‘death rate’. ( House of Commons Briefing Paper, Dec 2107 ).
Yet it’s been discovered that 43% of small businesses don’t have a business continuity, disaster recovery or crisis management plan in place. That means that a major loss or disaster could put them out of business. SMEs need to make sure it doesn’t happen to them – one way to do this is to undertake a resilience check of your information and communication technology (ICT).
What is business resilience?
When applied to individuals resilience is commonly used to mean determination or the ability to bounce back. The same applies to business resilience – it’s the ability of an organisation to adapt to any disruptions or threats while maintaining their business operation. Resilience is a part of risk management and is closely linked to business continuity planning. It’s about businesses avoiding downtime and addressing vulnerabilities, both of which can prove costly and time-consuming. Having the right technology and cyber security helps to build a safety net beneath your business.
Why is business resilience important?
Being a small business-owner is a tough job. After the hard work to finally establish your cherished idea as a business, you are then faced with keeping the show on the road. Sales, procurement, staffing, paperwork and balancing the books all demand your attention at the same time. It’s no easier for managers in organisations where reduced budgets, staff turnover and increased compliance demands can all add up to things going wrong.
The success of businesses, and even their survival, can be at risk due to threats such as:
● National economic performance e.g. recession, low pay
● Political and legislation changes e.g. Brexit
● Civil unrest/disruptions e.g. major protests, riots etc.
● Natural disasters – e.g. floods and other extreme weather
● Security breaches – under the new GDPR laws businesses themselves can be penalised if outsiders or even their own employees trigger a security breach
● Cyber-attacks – i.e. criminals attacking your business via hacking, phishing emails and computer viruses etc.
Building business resilience can help reduce some of these risks. Sometimes it’s a matter of taking some quick and simple actions.
How technology helps business resilience
There are a number of measures which SMEs can put in place to protect their business. While there are some things new technology may not directly help with – e.g. rising business rates, national economy, political changes, effective ICT can help to:
√ maximise the way you run your business
√ make it more resilient in the case of adverse events
Small businesses are already rapidly becoming aware of the benefits of adapting IT to improve their business performance and increase their productivity. However IT is also a vital tool in combatting business threats.
Cyber security and resilience
A government survey found that the average cost to all business of IT breaches in a year was £1,570, though this rises to £19,600 for larger businesses (Cyber Security Breaches Survey 2017).
No wonder then that this spring the National Cyber Security Centre (NSSC), a part of GCHQ, supported the ‘ Would You Be Ready ’ campaign. As part of this, UK SMEs were urged to check their readiness for cyber-attacks by taking a new resilience test which was launched by the Business in the Community.
Businesses owners were asked to take the ‘Would You Be Ready?’ online test which focused on what they regarded as the biggest issues facing businesses – cyber-attacks, civil unrest and flooding.
The NCSC’s Director for Engagement, Alison Whitney, advised SMEs to raise their level of cyber protection with some “simple, quick and low cost steps”, for example:
– having strong passwords
– backing up data
– taking steps to avoid phishing attacks.
Elsewhere, the Home Office last month published its findings on crimes against business. Its look at online crime covered various types of common cybercrime including:
● Hacking – where a computer, network or server is accessed without permission
● Online theft of money – money stolen electronically
● Phishing – when money is stolen by being redirected to fake websites or after responding to fraudulent messages or being
● Website vandalism – when a website is defaced, damaged or taken down
● Viruses – when computers are infected with files or programmes intended to cause harm.
The government survey found that ‘Administration and support premises’ experienced the highest rate of online crime across all the sectors surveyed in 2012 to 2016. It also found that “businesses with 50 or more employees had a higher rate of computer viruses (379 incidents per 1,000 premises) than the other two business sizes. However, in contrast, the rate of website vandalism against premises was highest amongst those businesses with 1-9 employees (53 incidents per 1,000 premises).”
All the evidence supports the fact that it’s a good idea to build resilience in your information and communication technology to boost cyber-security and ward off cyber-crime.
Resilience and natural disasters & civil unrest
At the height of summer weather, or enjoying the feeling-good factor of national events such as the London Olympics or recent Royal Wedding it’s easy to get lulled into a false senses of security. However, many businesses have suffered financial loss and business disruption in the past due to:
● Flooding – many parts of the UK are susceptible to flooding, even in the middle of summer. It’s estimated that over 300,000 commercial properties are at risk across the UK (‘ Know your flood risk ’). For example, the Chamber of Commerce estimated that flooding in Somerset was said to have cost local businesses an average of £17,352 in 2014; a ‘snapshot survey reckoned that a total of £1.2m was lost in financial terms and lost productivity ( BBC 18.2.14).
● Other extreme weather, such as snow – The Federation of Small Businesses has said that the “financial cost of severe weather events on small firms averages at around £7,000 for each affected business.” For example, the snow brought by March’s ‘Beast from the East’ was said to have hit firms of all sizes but that the impact on sectors such as retailing and construction was so severe that it was expected to halve the national GDP forecast in the first quarter of 2018.
● Civil unrest – In 2011 many small business faced bankruptcy as a result of looting and the general national disorder during that summer’s riots. Various business organisations claimed huge costs to the retail and other sectors as regular business was disrupted and damage to premises and stock was incurred.
While it’s not always possible to mitigate against all disasters (we would need a crystal ball for that!), it’s always advisable for businesses to think ahead and prepare for the worst as far as reasonably possible. There are steps you can take to minimise the impact of negative events and get back to business.
Some of the key technology solutions include:
• ensuring your data is protected
• backing up your data
• being able to access your data away from your main location
• keeping your data secure
Migrating to using cloud computing is an obvious solution to protecting your business from adverse events which threaten your premises. However, a good professional IT firm can advise on the many other measures which SMEs can take too.
At 360ict Ltd we take pride in keeping our clients’ businesses safe online. We can help you protect your business and increase your resilience against online threats.
To arrange your on-site review or talk to our IT support team about your options, call 0204 538 4774 today.