For the past decade warnings about the consequences of not preparing IT systems for disruption due to floods, fires, terrorists and pandemics have had little impact on customers.
That is the key implication of the Decade of Living Dangerously report that has been issued by the Chartered Management Institute and the Cabinet Office.
The report found that only 38% of companies had plans to deal with disruption and 33% admitting not testing continuity plans, numbers that revealed stagnation year on year in changing attitudes to risk management.
In terms of highlighting the threats IT managers listed electronic attack first, followed by a disease knocking out the workforce then severe weather and destruction of mission critical infrastructure.
Petra Wilton, director of policy and research at the Chartered Management Institute said that there had been numerous warnings but companies still had to make more effort to make IT systems resilient.
"Particularly now, with revenue and cash-flow under pressure, the last thing any business needs is disruption to their services. In short, the UK will continue to suffer lost revenue unless business continuity management is taken seriously from the top, and throughout organisations," she said.
Bruce Mann, director of the civil contingencies secretariat in the Cabinet Office, said that it was easy to put off dealing with risks but "this short sightedness can be extremely costly".
A version of this story originally appeared on MicroSope.co.uk