The impact of the unexpected global pandemic took the business world by surprise, with organisations across the country scrambling to adapt.
But as we begin to tiptoe down along the roadmap to normality, what valuable lessons do businesses need to take on board in order to ensure their survival in the event of a future pandemic?
To help businesses prepare and ensure their agility in the future, here are five key learnings that need to be considered.
1. Invest in digital transformation
The pandemic has undeniably acted as a catalyst for rapid digital transformation, bringing forward business’ digital planning by several years in the rush to adapt to the situation with new equipment, video conferencing software and VPNs.
And it is telling that those businesses that had already integrated digital solutions into their operations were much better placed than those who had not yet made the step.
In our Back to Work report, which surveyed SMEs after the first national lockdown in 2020, our respondents revealed that their digital savviness made the switch to remote working much smoother. Thanks to their digital preparedness, one participant reported: “On the day of lockdown, all of my team were working from home using our telephone system and all computers were connected to our cloud-based IT system.” Another noted that they were ahead of the curve because they were already using cloud storage and remote communication tools.
In order to meet the next pandemic head-on, businesses therefore need to ensure that they continue to invest in their digital tools to give them the agility they need to adapt.
Cloud platforms are one key area of investment that businesses need to consider as they enable businesses to function anywhere, at any time, giving them greater organisational flexibility. A report from the Cloud Industry Forum revealed that 91% of senior IT and business decision-makers surveyed believed that cloud platforms were a key part of pandemic survival.
However, current uptake still leaves a lot to be desired. In our 2021 cyber security survey of SMEs, we found that only 35.7% are now storing all of their data on clouds, which means that many businesses will find themselves tied to a physical workplace and the risks this entails.
2. Invest in cyber security
A cyber-attack can be disruptive to any business at any time, potentially resulting in financial loss, damage to a business’ reputation and suspension of normal operations. But the COVID-19 crisis has shown us that these risks are increased in times of great upheaval and uncertainty, with cyber criminals being more than ready to take advantage of any weakness displayed by businesses struggling to adapt to a new situation.
The pandemic also showed that a significant number of businesses were not prepared for this and did not introduce new lines of defence to account for the increased risk. For instance, our cyber security survey revealed that just 1% of respondents brought in new malware protection to protect their business from cyber-attack. Another 42.9% of respondents admitted that their cyber security had not been given a higher priority.
As investment in digital transformation progresses, a concurrent investment in cyber security must therefore also be made to keep businesses safe during future disruption. Policies and training for information security should also be developed and communicated so that everyone in the business is aware, which will help to develop a culture of security.
To find out more, take a look at our article on what businesses should to do to improve their cyber security after COVID-19.
3. Assess for risk
Another key learning to take away from this pandemic is the importance of assessing risk.
To survive the next crisis, businesses need to be clued up on developing risks and threats to their businesses by conducting regular risk assessments, particularly if something changes. By understanding the risks, businesses can make plans for mitigating or removing them, minimising downtime and improving adaptability.
During the COVID-19 upheaval it appears that not all businesses were using risk assessments to guide them. In our Back to Work report, just 28.1% reported that they had carried out new risk assessments before they returned to work following the first national lockdown.
Risk assessments should also be carried out for purposes other than health & safety. Risk extends to all areas of the business and must therefore be considered. This includes data security. However, our cyber security survey highlighted that this was another neglected area in the pandemic world, with just over half (52.9%) of respondents carrying out a data risk assessment.
4. Continuity planning
Comprehensive business continuity planning can make all the difference during a disruption, keeping businesses on the front foot and ahead of the competition.
Business continuity plans are processes and contingency plans that can be followed during a disruptive event, such as a pandemic, to help businesses maintain critical business activities. These plans are based on extensive business impact assessments and risk assessments, which again highlights the importance of being aware of all current and potential threats. By following these plans, businesses can respond quickly and confidently to a crisis, and help to reduce the amount of time needed to recover.
During the first COVID-19 lockdown, many businesses in our Back to Work report highlighted the important role their business continuity plan played: “We were lucky enough to have an in-depth business continuity plan, which came in useful as we all knew what was needed to ensure the business continued. I would recommend any company to spend the time to create one,” said one respondent.
But the pandemic also brought to light the importance of having a truly comprehensive plan, as some respondents also admitted that their plan did not cover an eventuality such as a pandemic. Going forward, businesses should ensure that their continuity plans always account for such a situation to support them in the event of a similar future situation.
5. Remote working policies
If businesses still haven’t developed a solid remote working policy, now is the time to do so. This way, you can be sure you have the processes and equipment you need should another pandemic come along.
If you would like to learn more about how other businesses adapted during and after the first national lockdown, take a look at our Back to Work report.
And for more information on SME attitudes towards cyber security and what they are doing to protect themselves, you can download your own copy of our cyber security survey.