OnSolve, the leading critical event management provider for enterprises, SMB organizations and government entities today announced the results of an OnSolve-commissioned study by Forrester Consulting, part of independent research firm Forrester Research, which found that only 30% of business and government entities are very confident they can handle the increasing complexity of risk management in the future. The survey, which polled nearly 470 risk, security and business continuity executives across mid-size to large enterprises, government and education entities, also cites misaligned priorities, technology missteps and lack of proactivity as key reasons why organizations are unprepared.
The study, Failing to Plan is Planning to Fail, found that while 99% of organizations experienced a critical event (i.e., catastrophic weather, active assailant, cyber-attack, etc.) in the last 18 months, only 30% of organizations are very confident they can handle increasing risk complexity and just 38% of respondents cite “becoming more proactive” in their critical event management goals. The study also reveals that too many organizations are unaware and much less prepared to tackle the new face of risk today. Key findings include:
- Organizations are overconfident in their ability to respond to incidents: Less than half of respondents believe risk management complexity will increase in the next two years – despite the rise in critical events.
- Risk monitoring is inconsistent and insufficient today: More than 50% of respondents believe their organizations are ineffective at responding across critical risk categories.
- Organizations lack the tools to be proactive: Current security stacks make it harder to monitor and effectively respond to incidents – 44% lack risk intelligence, more than half lack security analytics, and 63% don’t have governance, risk and compliance (GRC).
- Critical event management is siloed: Organizations are still very likely to silo critical event management today – as only 17% have tapped an enterprise risk management (ERM) team to lead CEM and just 1% distribute responsibility across their organizations today.
- Strong, proactive CEM strategies improve operations: Without an effective strategy to proactively respond to crises, organizations experience negative impacts to their operations and reputation. Organizations with a strong CEM strategy are 5 times as likely to have an effective or optimized response to all manner of business risk, including information security, travel, employee risk, data privacy, and risk that impacts customer experiences.
“Risk and organizational resilience are now board-level conversations,” said Mark Herrington, CEO, OnSolve. “As organizational risk becomes increasingly complex, businesses need to prepare to handle the inherent ripple effect it has on their people, places and property. Today’s news underscores the importance of having an effective resilience strategy fortified by advanced technology in place to proactively respond to crises and disasters before they impact a company’s bottom line.”
Research for Failing To Plan Is Planning To Fail was conducted in April 2021, surveying 469 North American and UK mid-size to large enterprises across many industries including education and government with risk, security, and business continuity decision-makers. The research was done by Forrester Consulting, commissioned by OnSolve. For more actionable insights, access the full study here.