The Business Resilience Index, commissioned by Six Degrees and supported by Microsoft, reveals a changing landscape in UK organisational resilience. Although maturities are low, the study indicates a shift from mere defence to leveraging resilience as an advantage.
Surveying 600 senior IT and security leaders, the research outlines a five-tier maturity model, ranging from At Risk to Strategically Resilient. It measures performance across five pillars: Continuity, Security, Scalability, Efficiency, and Innovation, illustrating both enablers and blockers of maturity.
71% associated business resilience with security, underscoring a prevailing protection-focused mindset. Yet, 91% claimed they gained fresh insights from the study, indicating a readiness to expand beyond cyber-centric views.
Automation and AI are now primary drivers of resilience, taking precedence over incident response and recovery planning. This shift reflects a transition from minimising losses to maximising decision speed and competitive edge. Successful organisations view resilience not just as risk mitigation but as a springboard for future opportunities.
Continuity remains the most vulnerable pillar, with 28% of businesses deemed At Risk and critical service uptime averaging just 73%. In specific sectors, the tech sector exhibits operational challenges, with a 9.7-hour average mean time to recover – notably slower than retail.
In terms of security, despite prevalent penetration tests, only 5% of businesses achieve full proactive governance, highlighting third-party resilience as undervalued despite recent supply chain disruptions.
Innovation-focused businesses employ resilience as a vehicle for agility, emphasising speed, market response, and innovation over reactive measures. They harness AI and automation to reinforce strategic priorities, signalling that resilience should extend beyond current threats.
Sector-specific barriers emerge: manufacturers cite budget constraints; retail highlights cultural hurdles; the public sector points to skills gaps. IT departments struggle with scenario planning, and security highlights siloed operations and inadequate investment. Leadership alignment remains key, as under-investment is highlighted as a persistent obstacle.
The Business Resilience Index serves as a comprehensive tool for self-assessment. Though traditional metrics still dominate, there’s a pivot towards using resilience as a platform for growth and innovation.
