By Philip Songhurst, Director, Control Risks

In the recently unveiled Control Risks Global Resilience Report for 2023, the spotlight is on the evolving landscape of organizational resilience. Drawing insights from 640 global business leaders, the report scrutinizes shifts in horizon scanning, the spectrum of threats confronting organizations, and the areas they're fortifying to boost their resilience. It sheds light on the burgeoning importance of cyber and tech-related risks, the strategies companies are employing to strengthen their resilience, and the pivotal role of boards in prioritizing investments to tackle these threats.

The research encompassed Control Risks clients and a survey panel spanning 32 countries worldwide. Among the respondents, 55% hailed from organizations with revenues exceeding $1 billion, while 41% represented companies with revenues ranging from $100 million to $1 billion.

Here are the key takeaways from the report:

  1. Resilience Takes Centre Stage in Leadership: The involvement of leadership in resilience initiatives has surged, with the C-suite and boards increasingly engaged in these programs. The report underscores the growing engagement of senior management, including the C-suite, with one in five respondents emphasizing the ultimate responsibility for resilience resting with the C-suite. This engagement is crucial for effective governance, overseeing resilience programs, and ensuring consistent training and preparedness across the organization.
  2. Confidence in Preparedness: Many organizations, despite weathering recent crises with robust resilience planning, might not necessarily boast comprehensive resilience programs. Managing concurrent disruptions remains a significant challenge for resilience planning. While 58% of respondents feel their resilience programs position them well to address risks and opportunities, fewer are confident about withstanding the next unforeseen "black swan" event.
  3. Persistent Concerns: Cyber Threats and Technology Disruptions: Cyber threats and technological disruptions continue to rank among the top concerns for organizations. Surveyed respondents identified cyber threats as the second most disruptive external threat (39%), trailing closely behind economic changes (44%). Moreover, technology disruptions emerge as the primary internal threat for 31% of respondents. This shift underscores the evolving risk landscape as organizations increasingly embrace digital transformation for operational flexibility. Consequently, investments in cyber security (57%) and technology (49%) are on the rise to bolster operational resilience.
  4. Unchanging Threats: The Evolving Concerns of Organizations: Over the past decade, the primary external and internal threats confronting organizations have shown remarkable stability. In 2016, cyber threats loomed largest, worrying 47% of survey respondents. This concern continues today, accompanied by the persisting apprehensions about economic fluctuations and market disruptions affecting the labour landscape.

Be it external threat actors, internal personnel, or government regulators, digital risks to operational functionality and compliance have notably surged since 2020. The respondents rated cyber threats as the second most disruptive external threat (39%), trailing only economic changes (44%). Additionally, technology surged to claim the top position (31%) as the most disruptive internal threat, as perceived by respondents. This was closely followed by concerns about skill shortages, escalating costs, and the challenges in supporting new work methodologies.

It's essential to note the absence of a unanimous viewpoint within organizations regarding the top internal threats. While respondents from risk and crisis management, business continuity, and corporate security identified cyber threats as the most disruptive external threat, elsewhere, concerns revolved more around economic volatility and market dynamics.

  1. Empowering Resilience Through Technology and Data: In the realm of resilience, technology and data stand tall as foundational pillars. Organizations are acutely aware of the pivotal role that intelligence and tools play in fortifying their resilience. Among surveyed respondents, technology emerges as a primary target for future investment, underscoring the significance of precisely selecting tools, providing training, and ensuring adoption for maximum efficacy. The copious amount of data churned out by organizations now serves as a linchpin for shaping risk priorities.

Nevertheless, it's critical to recognize a potential downside: technology might not always be accessible during a crisis. This highlights the absolute necessity for comprehensive preparedness, ongoing training, and regular exercises to ensure readiness when it's needed most.