What lies ahead for the resilience industry in 2025 and beyond?
The BCI is pleased to launch the BCI Horizon Scan Report 2024 sponsored by Noggin. This popular report aims to provide the sector with the most relevant industry data by analysing last year’s incidents and identifying practitioners’ key concerns for 2025.
IT and telecoms outage remain the biggest single cause of disruption
The biggest single cause of disruption in 2024 for respondents was telecoms and IT outage, once again taking top spot and not doubt boosted by the CrowdStrike outage that affected organizations on a global scale. The CrowdStrike incident highlighted the weaknesses of relying on one main provider, so it’s no surprise to see critical national infrastructure failure take second place as the biggest single cause of disruption over the past 12 months
2024s most disruptive events – a surprising newcomer
Despite IT and telecoms creating the biggest single cause of disruption in 2024, the most frequent and impactful event experienced by organizations this year is fraud or attempted fraud. This does not comes as a surprise given the proliferation of increasingly sophisticated cyber-attacks usually used as common vectors to commit fraud.
Cyber-attacks and IT/telecom outages take second and third place. These more traditionally disruptive events highlight the ongoing need for improved preparedness and proactive business continuity strategies, despite their consistently high ranking over the past years.
The top consequence of disruptions for practitioners in 2024 were loss of productivity, followed by customer complaints, and negative impacts on staff morale.
What’s in store for 2025 – practitioners’ main concerns
Cyber-attacks and severe weather events dominate 2025’s risk landscape. Cyber-attacks remain practitioners’ top concern for the next twelve months. Nearly half of respondents report thwarting cyber-attacks, growing commitment from top leadership, and faster response times to attacks in 2024, indicating the industry is taking strong steps to mitigate growing cyber risks. However, even though extreme weather events are the second placed concern for next twelve months, only a few organizations report regularly practicing for climate-related disruptions, demonstrating that despite the known risks, there is still a need for mitigation strategies (and budgets) to address threats posed by extreme weather.
Longer term concerns – scanning the medium-term horizon
In the medium term (5-10 years) cyber-attacks remain the topmost threat to organizations, with climate risks in second position.
This reveals the substantial and long-lasting concerns that cyber-attacks and climate change have created for BC and resilience professionals, with no indication that the situations will improve. Both cyber-attacks and climate events create significant financial losses, reputational damage, and supply chain/infrastructure impacts that halt business operations and erode customer trust. Addressing these risks is crucial to ensure resilience as organisations mature in the long term.
The growing use of risk analysis and standard alignment
Encouragingly, the use of long-term trend analysis has increased to a new high this year with organizations drawing on trend analysis output to mitigate relevant threats. Responses indicate a centralised function is the most popular way to carry out risk analysis, which contributes to eliminating the siloes that continue to plague the resilience industry, and strengthens an organization from its foundations, however, there is still work to be done because nearly a quarter of respondents do not use this model, potentially opening their organization up to inconsistencies, knowledge gaps, and impactful adverse effects.
Another reassuring trend uncovered this year is that only 10% of practitioners said they do not align to ISO 22301. This is an historic all time low that indicates the resilience practitioners still view this guidance as valuable, not only in boosting their own resilience, but increasing their customer and partner confidence too.
This report points to a more resilient 2025, however some issues remain, such as an increase in the impact of adverse effects on organizations, the pressing need for climate-related resilience budgets, and the need to boost preparation measures required to prepare for the rising impacts of fraud and cyber attacks.
Rachael Elliott, BCI Knowledge Strategist said: “The BCI Horizon Scan Report 2025 shows a hugely positive shift in how professionals are both reviewing and analysing their risk landscapes, seeking maturity in their processes and procedures, and seeking to align their programmes to known industry standards and metrics. Many organizations are now facing risk landscapes at a level of complexity they have not seen before, from sophisticated cyber attacks using deepfakes and targeted spearphishing campaigns, to severe weather incidents that are occurring in regions which have, until now, remained untouched by climate disruption. However, with better technologies, more internal and external collaboration, and stricter adherence to known industry standards, this year’s data shows that organizations are becoming better prepared for both the known – and unknown – threats.”
“Noggin is pleased to once again sponsor BCI’s Horizon Scan report, an invaluable resource for conducting trend analysis,” said James Boddam-Whetham, General Manager for Noggin. “This year’s report points up the importance of an integrated resilience strategy amid a fluid threat environment. Given our own heritage in specialized software solutions for resilience management, we at Noggin hope to continue to champion resilience-enabling resources that seek to close the gap between perceived risk and the reality of disruption on the ground.”
More on
About the author
Rebecca Mathews
The BCI
