Understanding the Threat Landscape - The Human in the Loop
The latest BCI Horizon Scan Report 2025 shows the evolution of trend analysis, including the increasing role of technology alongside the continuing need to have a hands-on approach in understanding the threat landscape.
Rather than focusing on specific scenarios when planning for future issues, organizations aim to understand the broader threat landscape as a tool for awareness. This approach helps them direct attention to their internal resources and identify where vulnerabilities may exist.
There are a number of approaches to understanding risk: statistical tools such as Monte Carlo simulations, predictive analytics and machine learning that use algorithms to analyse historical data to identify risks patterns, Bayesian networks that model probabilistic relationships between variables to assess how risks interact and cascade through complex systems, and more.
There are also specialized software platforms. Some enterprise risk management (ERM) systems - provide centralized risk registers[1], automated workflows, and real-time dashboards for tracking risks across organizations. Financial institutions use things like advanced scoring models and portfolio risk tools[2].
Cybersecurity, too, uses risk tools and threat intelligence platforms – which now use AI to detect anomalies and predict attacks[3]. Indeed, the Horizon Scan report has cyber-attacks ranked second in the top disruptions in 2025. The related issues of IT and telecoms outages rank at number five.
When considering main disruption drivers, the report notes: ‘cyberattacks (9.9%) and IT and telecom outages (9.9%) are equally pressing and possibly interconnected. Practitioners from multinational organizations emphasized that even well-protected systems require continuous monitoring, rapid incident response, and contingency planning to maintain continuity. A successful cyberattack or prolonged outage can halt operations, compromise sensitive data, and trigger regulatory scrutiny or reputational damage.’
The general trend is toward integration—combining multiple data sources, automating risk detection, and using AI to process information at scales impossible for human analysts alone[4]. The most sophisticated organizations now use integrated risk management platforms that connect financial, operational, strategic, and compliance risks in a unified framework.
The story is bigger than tech
While the report notes that over half (55%) of the organizations in the sample have strengthened their use of technology to varying degrees over the past two years, and while advanced tools for risk analysis become increasingly popular, there is still a fundamental need for the human component when performing horizon scanning.
In AI this is called the human in the loop. That human needs to be there in risk analysis too, especially as AI starts moving into the continuity space.
BCI has recently covered some of these issues in ‘Solving the Top 5 ISO 22301 Challenges with AI’[5], and the transformative potential of generative AI in the resilience space[6]. In these and other discussions the human role is vital.
What should you do?
The ‘Top Five Tools for Conducting Trend Analysis’ gives us a good overview of where the human sits, the importance of their role, and the non-technology resources that are important. Our responders use:
- Internal risk and threat assessments: 87.2%
- External reports/industry insight (e.g., Horizon Scan): 75.2%
- Participation in industry events and conferences: 55.6%
- Collaboration with peers: 52.1%
- Research reports: 50.4%
That list goes beyond hoping a large-language model will pick up threats on the horizon. Interacting with people is still very much part of the effective continuity practitioners’ toolset.
Read the full report
More on
About the author
Brian Runciman
Content Manager, The BCI
