18 Business Continuity Statistics to Know

March 17, 2021

7 min read

Dale Shulmistra

Data Protection Specialist @ Invenio IT
business continuity statistics

18 Business Continuity Statistics to Know

by Mar 17, 2021Business Continuity

Today’s business continuity statistics reveal that small and mid-sized businesses (SMBs) have gotten better about embracing business continuity planning over the last few decades. Particularly following the attacks of September 11, 2001, and the ever-increasing reliance on business data, organizations have implemented stronger technologies and protocols to limit interruptions from unexpected disasters.

However, statistics suggest many organizations still face costly disruptions, due to a wide range of threats. And the year 2020 added an entirely new challenge as the COVID-19 pandemic threw many businesses into turmoil, forcing many to restructure their operations overnight, just to maintain continuity.

Here’s a breakdown of the most telling stats on business continuity and disaster recovery today.

The latest business continuity statistics

1) A break in continuity can cost $10,000/hour at minimum

Even the smallest businesses heavily rely on data and connectivity. As a result, IT disruptions have become more expensive than ever. According to figures from Datto, just one hour of downtime can cost $10,000 for small businesses. For larger companies, those hourly costs can balloon to more than $5 million.

A break in continuity for even just a few hours can prove to be disastrous for small businesses. When big disruptions occur, such as fires, natural disasters and major cybersecurity events, it can be devastating for a business, creating conditions that make survival even more challenging. (Source: Datto)

2) 1 in 2 business have experienced an extended break in continuity

Unexpected disruptions are extremely common – they happen every day, at businesses of all sizes. In a survey highlighted by DataCore, 54% of businesses said they had experienced a downtime incident in the past five years that lasted at least eight hours. (Source: DataCore)

3) 9 in 10 small companies permanently close if they are slow to reopen

A break in continuity isn’t costly. It can literally end a business if operations can’t be restarted quickly enough.

Data from FEMA shows that 90% of businesses fail within a year if they are unable to get back up and running within 5 days after a disaster. The longer recovery takes, the more likely a business will have to permanently shutter its doors. (Source: FEMA)

4) 28% of breaches affect small businesses

One of the most common causes of continuity interruptions is data breaches by outside attackers. And, it’s important to remember that these threat actors don’t just target the big guys. Many of them aim to intentionally disrupt SMBs, which tend to have weaker cybersecurity.

In 2020, 28% of breaches affected small businesses, according to data from Verizon’s Data Breach

Investigations Report. Most breaches were linked to attacks on web applications (roughly 43%). Also, not surprisingly, 83% of these attacks were financially motivated. (Source: Verizon)

5. 100,000 small businesses were forced to close permanently during COVID-19

The COVID-19 pandemic presented one of the most challenging continuity challenges in living memory. Among the most shocking business continuity statistics: 100,000 small businesses in the U.S. were forced to close due to the pandemic.

While the pandemic is a type of disruption that no one could have predicted, it does underscore a fundamental requirement of all disaster recovery planning: “expect the unexpected.” While some types of businesses did their best to adapt, many were not prepared or had no other viable options. It remains to be seen how many other businesses will close permanently because of the pandemic, so this is a statistic we’ll be watching closely over the next year. (Source: Washington Post)

6. 51% of companies don’t have a business continuity plan

A 2020 survey found that 51% of companies across the globe don’t have a business continuity plan. The COVID-19 pandemic demonstrated just how vulnerable a large percentage of businesses were, and a report by the Economic Times underscores the value of having a business continuity plan. This type of plan is a proven method for businesses to recover from disaster. (Source: Mercer via Economic Times)

7. External threat actors make up 70% of threats

Statistics for 2020 found that 70% of attacks on small businesses were perpetrated by external factors. That’s scary enough, but what’s perhaps more frightening is this means the other 30% are perpetrated by internal personnel or third parties that have authorized access to systems. All businesses should remember to factor in internal threats when creating their cybersecurity protocols. (Source: Verizon via Small Business Trends)

8. 75% of companies have suffered supply chain disruption

A survey conducted in March 2020 found that 75% of companies suffered a supply disruption in the early days of the pandemic. Furthermore, an October survey found 90% of businesses, across all industries, believe the disruption of global supply chains will have long-lasting impacts on their businesses.

Today’s businesses are highly connected and interdependent on one another. Whether it’s a pandemic, a ransomware attack or an electrical grid failure (e.g. Texas’s February 2021 disruption due to lack of planning for cold weather events), businesses need to be prepared for continuity when reliant upon other businesses for transportation, supplies or technologies they need. (Sources: Supply and Demand Chain Executive and Interos)

9. 33% of network folders are not protected at all

Sometimes, all it takes is one compromised folder—or even a single folder—to cause a break in continuity. And the latest business continuity statistics suggests businesses are not being careful enough with their file restrictions.

A recent survey found that approximately 33% of all folders used by a company are open to everyone. Worse yet, the survey found that Nearly two-thirds of companies have more than 1,000 sensitive files open to every user on the network. This lack of security is a disaster waiting to happening. Folder access should be configured on an “as needed” basis (i.e. the principle of “least privilege”). Not everyone in an organization needs the same access and permissions. Being too liberal with access control significantly increases the risk that a user will accidentally (or maliciously) create, edit, update or delete business-critical data. (Source: Varonis).

10. 45% of data breaches involve hacking

Data breaches are a problem that nearly all organizations face, and 45% of them suffer a breach due to successfully being hacked. Businesses that don’t plan or put due diligence into protecting sensitive data could suffer massive losses. In industries such as healthcare and financial services, which face stringent data regulations like HIPAA, organizations can also face steep fines and penalties. (Source: Verizon via Comparitech)

11. Majority of small businesses use or will use a cloud storage solution

SMBs continue to adopt cloud technology in various ways to support their business continuity objectives. According to the latest business continuity statistics, 84% of businesses currently store data and backups in the cloud, and additional 8% plan to do so within the next year. (Source: Comparitech)

12. 0.93% of hard drives failed in 2020

Hard drives can and do fail. And when they do, they can cause a massive operational disruption. In 2020, the average rate of hard drive failure was 0.93% (pretty consistent with 2019 failure rates which were 0.92%). This might not sound like a lot, but to a small business that relies heavily on its hard drives, just one crash could be disastrous. SMBs need to include data backup planning in their business continuity plans, as well as hardware replacement schedules, which prevent the risk of sudden drive failure and data loss. (Source: BackBlaze)

13. 45% experience downtime from hardware failure

This statistic underscores just how disruptive hardware failure can be for a business. And it’s not limited to just hard drives. Servers, network devices and other components are all at risk of failing unexpectedly. When this happens, it can bring your most critical operations to a screeching halt. (Source: Veritis)

14. Ransomware attacks cause 16.2 days of downtime

Ransomware has become one of the leading causes of operational downtime, affecting 1 in 5 small businesses, according to Datto. Companies that faced attacks suffered, on average, 16.2 days of downtime, according to ZD Net, and the costs associated with this downtime are increasing at an alarming rate. Also worrisome is the fact that cyber criminals essentially doubled the amount of ransom they asked for last year over the previous year.

As with most disaster scenarios, data backup remains the single greatest protection against ransomware, as it allows businesses to quickly recover lost data and restore systems back to their pre-infected state. (Source: ZDNet)

15. 1 in 3 organizations have been infected by malware

Malware in general is a persistent and ongoing problem that causes significant disruption for businesses. And it only continues to get worse as threat actors find new ways to exploit businesses for profit. Roughly a third of businesses have been infected with malware, corrupting data, crashing applications, bricking servers or causing other disruptions. (Source: DataCore)

16. 37% of SMBs have lost data in the cloud

Earlier in this post, we noted that the majority of SMBs are utilizing the cloud and, overall, this is a good thing. However, it doesn’t mean it completely solves business continuity issues associated with cloud use. Thirty-seven percent of SMBs have reported losing data in the cloud, a statistic that highlights the need for cloud backup solutions like Backupify, in conjunction with traditional BC/DR systems. (Source: Backupify)

17. 1 in 6 SMB executives don’t know their own recovery objectives

A survey by Infrascale conducted in 2020 found that one-sixth of SMB executives don’t know their own recovery time objectives (RTOs). Furthermore, 24% of those surveyed expect their data to be recovered in under 10 minutes after a disaster. One-third (29%) said they expect recovery within an hour, and 17% said one day.

Not surprisingly, these estimates often do not align with the actual recovery timelines that are possible with their implemented IT systems. Typically, the less insight that executives have about those systems, the greater the gap between their recovery estimates and the realistic outcomes. (Source: Infrascale via Small Business Trends)

18. One in 5 SMB executives don’t have a recovery plan

In the same study that reported statistics for #17, findings also indicated 1 in 5 of the SMB executives surveyed doesn’t have a recovery plan in place. Of those surveyed, 31% said they don’t have the right resources or budget. (Source: Infrascale)

Don’t let your business become another statistic

To learn more about deploying robust data backup and other business continuity technologies, contact our experts at Invenio IT. Request a free demo, call (646) 395-1170 or email us at success@invenioIT.com.

New call-to-action