For the past decade warnings about the consequences of not preparing IT systems for disruption due to floods, fires, terrorists and pandemics have had little impact on customers.
That is the key implication of the Decade of Living Dangerously report that has been issued by the Chartered Management Institute and the Cabinet Office.
The report found that only 38% of companies had plans to deal with disruption and 33% admitting not testing continuity plans, numbers that revealed stagnation year on year in changing attitudes to risk management.
In terms of highlighting the threats IT managers listed electronic attack first, followed by a disease knocking out the workforce then severe weather and destruction of mission critical infrastructure.
Petra Wilton, director of policy and research at the Chartered Management Institute said that there had been numerous warnings but companies still had to make more effort to make IT systems resilient.
"Particularly now, with revenue and cash-flow under pressure, the last thing any business needs is disruption to their services. In short, the UK will continue to suffer lost revenue unless business continuity management is taken seriously from the top, and throughout organisations," she said.
Bruce Mann, director of the civil contingencies secretariat in the Cabinet Office, said that it was easy to put off dealing with risks but "this short sightedness can be extremely costly".
A version of this story originally appeared on MicroSope.co.uk
Read more on IT risk management
Labour reshuffle expands shadow ministerial team on digital, technology and innovation policy
Poor home connectivity risks jeopardising switch to hybrid working
Financial Stability Board says it’s time to talk about IT outsourcing risks
BCS calls for computer coding in scientific research to be more professional