Three years on from the 9/11 attacks many in the business world have woken up to the threat that terrorists pose, but despite recent warnings of complacency from the head of MI5, Eliza Manningham-Buller, more than half of all companies still do not have a viable disaster recovery plan in place should things go wrong.
But just as terrorists can strike at any time, so can other less obvious threats, such as the weather. Landslides in the Scottish Highlands, flash floods in Boscastle, Cornwall, and more recently, trains stranded in Devon, have highlighted the sheer scope of external threats that modern business needs to contemplate.
No one business is exempt from 'outside forces' and Mike Osborne, Operations Director for Recovery Services at ICM Computer Group, says the logistics industry is particularly vulnerable and perhaps more than most should not shy away from disaster recovery.
"The industry is entirely reliant on a combination of IT, communications and people. If a site goes off-line because of an interruption, it's not only an inconvenience for customers, but it will lead to serious questions being asked at all levels internally and externally, regarding the robustness of the business.
"Experience shows that existing customers may swap to another supplier, while potential clients could easily be put off by stories of disaster. If the interruption is on a large-scale, then skilled staff may also seek employment elsewhere."
He adds: "There are now a wide-range of cost effective solutions to allow companies to continue operating in the event of the unexpected, range from shipping in replacement IT, PABX and communications systems, providing secure, off-site data management centres right through to relocating personnel to a local alternative workplace centre complete with pre-configured ACD systems, all within a matter of hours."
The big question is where do you start to ensure that your company has a plan in place? As one of the country's leading experts in the field, Mike Osborne says there are certain steps that can be taken to kick start the process and ensure it becomes part of an organisation's culture.
He said: "Firstly you need to consider your organisation's motives for having a business continuity plan - is it because of insurance/audit pressure, industry regulation or direct pressure from customers? It is then essential to identify how long a business can survive before it must return to normal operations; this should be seen largely from a financial loss and customer retention perspective. Based on this, a realistic balance needs to be achieved between the risks of not having a plan and the cost of implementing one."
Once commenced, the business continuity process should not just be seen as an extension of the IT function, it is a management process across an entire business, of which IT and communications disaster recovery is part of that process. Mike adds: "You need to ensure all senior management are behind your business continuity planning, and that the most senior member of your company is supporting the initiative. This is a good way to avoid the business continuity management process stalling.
The business continuity process should not be about ticking boxes. It should be part of the whole culture of an organisation, and should continually progress and develop beyond the initial planning stage.
"It is imperative that organisations continually review, amend and challenge the plan and treat it as an ongoing process", says Mike. "At least once a year, plans should be tested and fully documented, because insurers and customers are increasingly requesting to see the results."
Finally, Mike says don't be put off talking about actually having a continuity plan, because many customers are demanding that suppliers have one; so as well as protecting the business you already have, it could increasingly make the difference in winning a large new deal - or losing it.