UK enterprises face IT resilience crisis

Recent research highlights a significant issue plaguing UK enterprises: the persistence of IT resilience vulnerabilities, despite efforts in digital transformation. A study, commissioned by Asanti, one of the leading UK colocation data centre providers, indicates that 72% of senior IT decision makers experienced major disruptions due to resilience failures in the past year. Yet, only 31% expressed extreme confidence in their disaster recovery and business continuity plans.

The survey, conducted by Vanson Bourne, involved 100 senior IT leaders across various public and private organisations. The results unveiled a clear disparity between perceived and actual performance in resilience measures.

Study Highlights:

• Recovery Preparedness: Only 56% of organisations surveyed have fully defined and regularly tested their Recovery Time Objectives (RTOs), and merely 36% do the same for Recovery Point Objectives (RPOs).
• Operational Fallout: A notable 60% of businesses reported difficulties returning to normal operations post a resilience disruption, with 58% enduring substantial financial losses.
• Confidence Crisis: More than half the respondents expressed only low to medium confidence in addressing major risks, including cybersecurity breaches (54%), data centre outages (61%), and unauthorised physical access (62%).

The assessment brought attention to a "resilience competency gap", where planning, testing, and investments lag modern IT threats' complexity and frequency. Despite cloud adoption, 51% identified cloud service outages as a top operational risk, even more so than traditional IT failures (49%).

The research also highlighted human oversight as a critical vulnerability, with 89% of respondents acknowledging this, and 91% agreed operational failures due to human error could threaten backup power capabilities. Despite 59% claiming to test their recovery plans every six months, these exercises often lacked depth, leaving gaps in resilience. Only 31% showed extreme confidence in their organisation's current plans, raising alarms over the widespread fragility within the industry.

Though many firms monitor downtime (77%) and financial impact (73%), less quantifiable indicators such as reputational damage (54%) and effects on digital transformation goals (57%) are not as frequently tracked. Stewart Laing, CEO of Asanti, emphasises the importance of embedded resilience, stating, “Resilience must be strategic, tested, and integrated across infrastructure, operations, and leadership.”