IT Brief UK - Technology news for CIOs & IT decision-makers
United Kingdom

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Photorealistic modern uk office data center servers networking it disruptions resilience
#
Data Protection
#
DR
#
Digital Transformation

UK businesses face major IT resilience gaps despite investment

Wed, 13th Aug 2025
Author image
By Jed Nykolle Harme, Editor

New research has found that 72% of UK organisations experienced significant IT disruption in the last 12 months, raising questions about business resilience and disaster recovery planning.

Survey findings

The study, commissioned by Asanti and carried out by Vanson Bourne, surveyed 100 senior IT leaders from both public and private sector organisations. The findings point to a persistent gap between IT leaders' perceptions and the actual preparedness of their organisations for IT disruptions.

According to the research, only 31% of IT leaders felt they had a strong degree of confidence in their current continuity strategies. Despite widespread investment in digital transformation, the data reveals that IT resilience remains a persistent challenge for UK enterprises.

Revealing the scale of the problem, the survey highlights that 72% of senior IT decision makers reported experiencing significant disruption or downtime within the past year due to IT resilience issues. This is contrasted with the low proportion of leaders who felt exceptionally confident in their disaster recovery and business continuity plans.

Disaster recovery shortcomings

The research sheds light on several specific gaps in recovery preparedness. Only 56% of organisations confirmed they have fully defined and regularly tested Recovery Time Objectives (RTOs), which outline acceptable windows for restoring IT systems following a disruption. Similarly, just 36% reported the same level of preparedness for Recovery Point Objectives (RPOs), which define acceptable levels of data loss.

Operationally, 60% of businesses found it challenging to return to standard operations following a major resilience issue, and 58% acknowledged that such events led to considerable financial losses.

There is also a notable lack of confidence in the ability to address major risks: 54% of respondents reported only low or medium confidence in handling significant cybersecurity breaches, 61% raised concerns about their ability to respond to data centre outages, and 62% expressed limited trust in their capability to deal with unauthorised physical access incidents.

Cloud risks and competency gap

The study also points to an emerging "resilience competency gap", whereby the pace of planning and testing has not kept up with the increased complexity and frequency of modern IT threats. Cloud adoption, while widespread, has not eliminated concerns: 51% of respondents still regard cloud service outages as one of the biggest operational risks, which is slightly above those viewing traditional IT system failures (49%) as their top threat.

"Too many organisations assume they're more resilient than they actually are," commented Stewart Laing, CEO of Asanti. "This research makes clear that real resilience isn't about where your systems live – it's about how well you've prepared to keep them running. Without clearly defined recovery objectives, rigorous testing and a culture of proactive risk management, even the most advanced infrastructure can fail. Business leaders must move beyond surface-level confidence and embed resilience into every layer of operations."

Human oversight and testing

The findings also highlight the human factor as an area of vulnerability. 89% of respondents consider human oversight to be a critical weak point in their resilience strategy, while 91% agree that operational failures due to human error could undermine backup power systems.

Despite a majority (59%) of organisations engaging in business continuity and disaster recovery testing at least every six months, the survey notes these exercises often lack sufficient depth. As a result, systemic weaknesses can remain unaddressed. Only 31% of respondents said they felt extremely confident in their plans to manage business continuity and disaster recovery.

Measuring impact

While many organisations do monitor the downtime (77%) and financial impact (73%) of resilience incidents, other important effects - such as reputational risk (54%) and the impact on digital transformation objectives (57%) - are less frequently measured.

"Measurement is the foundation of resilience," added Laing. "If you're only tracking outages and costs, you're missing the true business impact. Resilience must be strategic, tested and integrated across infrastructure, operations and leadership thinking."

The research covered a range of sectors in the UK, including public service, private financial organisations, IT, technology, and telecoms. Respondents represented organisations with over 250 employees and more than GBP £5.1 million in annual revenue.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Regulatory delays hinder UK tech & AI project delivery
Westcon lists Weblib Smart Wifi on AWS Marketplace
Dun & Bradstreet outlines seven key compliance trends
Cyb3r Operations raises $5.4m to tackle cyber risk
Infobip refreshes leadership team with four promotions

Top stories

Cloudflare buys Human Native to reshape AI data deals
BT to power easyJet crew devices with eSIM network
Shared Care Record Summit joins Digital Health Rewired
Canon names Peter Saak to lead new EMEA print group
UK unveils Software Security Ambassadors to push new code