A more disruptive future awaits
Enterprises can expect more frequent and severe disruptive changes requiring new solutions that recognize the interconnection of its impacts across multiple touch points.
Recent disruptive events
Today, the topic of disruptive changes may be associated with the pandemic, military conflicts and war. Still, various other disruptive changes can affect enterprises and their employees, including cyber-attacks, energy crises, trade wars and natural disasters.
Pandemics are the only disruptive events that almost all decision-makers and employees have experienced in the past five years (figure 1). Many enterprises lost substantial business during the COVID-19 pandemic due to lower demand, supply chain disruptions and restrictions in general4. Employees more heavily associate it with decreased work hours, increased risk of illness and psycho-social impacts than during an average disruptive event*.
Smaller companies are more vulnerable than larger ones - 49% small businesses vs. 28% large businesses saw deteriorating financial performance due to the COVID-19 pandemic compared to 2019.
Percent of employees experiencing effects of disruptive events**
experienced increased workload
experienced difficulty in accessing work supplies
**Note: Each type of disruptive event has numerous and varying impacts on the employees.
The energy crisis ranks as the second most experienced disruptive event for decision-makers and employees alike as this study was conducted during the Russian invasion of Ukraine and the subsequent wide-ranging economic sanctions, including bans and limitations on Russian oil and gas. More employees mentioned having greater difficulty providing for their families during this event than an average event experience.
Cyberattacks are the third most experienced event by enterprises and are considered significant challenges by decision-makers. Ransomware, a particularly troublesome form cyberattack for enterprises that targets data, spiked by 148 percent during the COVID-19 pandemic5. Several interviewed decision-makers also mentioned how they became accustomed to receiving emails with malware that urge them to download a document. Typically, these emails claim to include essential information from government or health organizations, but when opened, keyloggers or password stealers are instead installed on the computer, causing a ransomware situation. From an employee perspective, cyberattacks have led to difficulty in accessing work supplies and increased working hours to a higher degree than the average event.
*Average disruptive event refers to the average answer across all events.
Cyberthreat surge from 2010 to 2020
Decision-maker and employee experience of supply chain disruptions is just as frequent as that of cyberattacks. Both the pandemic and the current war in Ukraine are mentioned as key drivers for these supply chain challenges. Increasing geopolitical tensions are becoming an integrated part of everyday business considerations as continued globalization is no longer as viable as it used to be. While the direct effects of these disruptions vary across industry sectors, many could still be impacted indirectly, as mentioned earlier concerning the energy crisis. Due to supply chain disruptions, employees frequently mention difficulty accessing work supplies and reaching customers.
Natural disasters seem to occur more frequently and with greater impacts in recent years7. Fires, hurricanes, or earthquakes that destroy landmarks, offices, data centers and businesses are increasingly common. Employees mention natural disaster challenges such as difficulty getting access to work supplies and increased risk of getting hurt more frequently than for the average event.
While the surveyed decision-makers and employees seldom experience corruption, it can decimate a company’s profitability, credibility and reputation for those affected. Corruption can also significantly impact the global economy and weaken business development overall8. Amongst employees, more mention psycho-social impacts and increased working hours as challenges caused by corruption than for average event.
Increasing inflation is another challenge that impacts both enterprises and employees. In this study, we have not included inflation as a singular disruptive event. Still, economists and business leaders see the connection between a rapidly growing inflation rate, the COVID-19 pandemic aftermath and the Russian invasion of Ukraine9.
Outlook on future disruptive events
Enterprises believe a more disruptive future awaits. A well-established measurement of an enterprise's vulnerability to a disruptive event is to view it as a combination of the likelihood of the disruptions (probability) and its potential severity (impact). A visible representation of risks can be created by plotting these two measures. The resulting matrix can be used as a tool for decision-making and mitigation work performed as part of a company’s business continuity planning (BCP).
As seen in the risk assessment matrix (figure 2), created using the responses from the surveyed decision-makers, the disruptive event type that decision-makers have assigned the highest impact and likelihood is pandemic.
Digitalization increases the availability of data. Yet, it also increases dependency on the connectivity and complexity of Information and Communication Technology (ICT) solutions, leading to new vulnerabilities for enterprises. This dependency is further accelerated by the increasing share of employees working remotely and using a wide range of devices. The risk of cascading larger-scale failures grows if digital system failures occur. Due to the interconnection of systems, the consequences can quickly spread internationally and impact a range of other infrastructures such as power grids and payment and security systems.
According to IPCC, climate change is affecting the occurrence of natural disasters. The increase in the earth’s surface temperature increases the likelihood of flooding, drought and intensive storms10.
Figure 2: Risk assessment matrix showing the average position for each disruptive event, based on the decision-maker’s estimated probability and likely impact for those events.
Managing risks of disruptive events
As disruptive events become more common, increased awareness of possible consequences could help strengthen the ability of a company to handle disruptions. It is, however, impossible for businesses to prepare for all potential disruptive events. – they can avoid some risks or reduce their likelihood through various measures. Certain risks will be hard to avoid, and when they occur, mitigation strategies can dampen potential damages. One such strategy could be to ensure the company has adequate insurance.
Traditionally, risk management in companies has been a static process where individual risks are identified and mitigated. As perceived by the interviewed decision-makers in this study, the reality is that risks by nature are not static and are frequently interlinked. In the future, enterprises will have to redefine how they view risks of disruptive events, both known and unknown.