This report provides a summary of key developments and trends in the fields of Environmental, Social, and Governance (ESG) and business continuity during the last week of December 2024 and the first week of January 2025. It draws upon a variety of sources, including industry publications, news articles, and expert commentary.
The ESG landscape saw significant activity in the final week of 2024, with several notable developments across regulatory updates, corporate sustainability, and global initiatives.
The ESG enforcement and litigation landscape saw increased activity in 2024, with numerous lawsuits and enforcement actions across several key areas, including environmental disclosures, climate change, greenwashing, and diversity, equity and inclusion1. This highlights the growing legal risks associated with ESG and the need for companies to ensure compliance with evolving regulations and standards.
The first week of 2025 continued the trend of significant ESG developments, with a focus on shifting priorities and ongoing challenges.
Companies are predicted to adapt their approach to ESG initiatives, with a greater emphasis on material risks and opportunities5. This includes narrowing the scope of ESG and prioritizing corporate governance5. This shift reflects a growing understanding of the need to focus on ESG factors that have the most significant impact on a company's business and long-term value creation.
Despite the growing focus on materiality, the ESG backlash is expected to persist6. This underscores the importance of companies effectively demonstrating the value and impact of their sustainability efforts6. Companies need to clearly articulate the business case for ESG and demonstrate how their initiatives contribute to financial performance, risk mitigation, and long-term value creation.
The fate of the SEC's climate regulation remains uncertain, with expectations that it may be dropped under the new administration7. However, many companies are expected to continue incorporating climate-related impacts in their financial reporting7. This suggests that while regulatory uncertainty may persist, many businesses recognize the importance of climate-related disclosures and are integrating them into their reporting practices.
Key developments in business continuity during the last week of December 2024 highlighted the importance of cybersecurity, planning, and preparedness in an increasingly complex risk landscape.
Data breaches, data privacy, and protection were major concerns in 2024, highlighting the need for robust cybersecurity measures8. Ransomware attacks and nation-backed intrusions posed significant threats to organizations8. A concerning finding was that 20% of UK SMEs lacked any sort of cybersecurity policies in 20249. This emphasizes the need for better cybersecurity practices, particularly among smaller businesses that may be more vulnerable to cyberattacks.
The importance of business continuity planning and disaster preparedness was emphasized, with a focus on creating resilient organizations10. This includes having a business continuity plan, practicing it, and ensuring that it is integrated into the organization's culture and operations.
FEMA and HUD partnered to boost state housing recovery and resilience11. This collaboration aims to improve disaster preparedness and response, particularly in the housing sector, by leveraging the expertise and resources of both agencies.
|
Aspect |
Description |
|---|---|
|
Proactive preparedness |
Moving beyond reactive measures and embracing a proactive approach to business continuity. |
|
Resilience & innovation |
Organizations need to be agile in responding to changing circumstances and fostering a culture of innovation to adapt to disruptions. |
|
Organizational culture |
Building a resilient culture within organizations that values preparedness, adaptability, and collaboration. |
|
Supply chain resilience |
Ensuring the resilience of supply chains to minimize disruptions and maintain business operations. |
|
Cyber resilience |
Strengthening cybersecurity measures to protect against cyberattacks and data breaches. |
|
Horizon scanning |
Continuously monitoring emerging threats and trends to anticipate potential disruptions and adapt business continuity plans accordingly. |
The first week of 2025 saw a continued focus on strengthening organizational resilience, with an emphasis on cyber resilience, infrastructure, and training.
Business continuity professionals were encouraged to revisit their business continuity plans, conduct regular risk assessments, and prioritize employee training12. These resolutions highlight the importance of continuous improvement in business continuity planning and ensuring that plans are up-to-date and relevant to the organization's evolving risk landscape.
Enhancing cybersecurity measures was highlighted as a key priority, with a focus on services like penetration testing, ransomware impact analysis, and dark web monitoring12. A ransomware attack in early 2025 exposed the data of 5.6 million Ascension patients9 underscoring the real-world consequences of cyber threats and the need for robust cybersecurity defenses.
Investing in resilient infrastructure was emphasized, including backup power systems, robust IT infrastructure, and secure data centers12. This reflects the growing recognition that physical infrastructure plays a critical role in ensuring business continuity and minimizing the impact of disruptions.
The importance of aligning business continuity with the ISO 27001 standard for information security management was highlighted13. This includes planning for information security continuity, implementing necessary controls, and regularly verifying and evaluating their effectiveness13. Integrating business continuity with information security management ensures a holistic approach to risk management and strengthens an organization's overall resilience.
DRI International hosted a webinar on nurturing a culture of resilience within organizations14. This highlights the importance of training and awareness-building in promoting a resilient mindset and ensuring that employees are prepared to respond effectively to disruptions.
There are significant connections and overlaps between ESG and business continuity, with both disciplines contributing to an organization's overall resilience and sustainability.
Both ESG and business continuity address risks associated with reputational impairment and sustainable product and service delivery15. They share common objectives in ensuring the long-term viability of an organization and its ability to create value for stakeholders while minimizing negative impacts on the environment and society.
ESG and business continuity can benefit from shared data, risk/threat intelligence, and risk sensing16. Integrating data and analysis from both disciplines provides a more holistic view of an organization's risk landscape and enables more effective risk management strategies. This requires collaboration between ESG and business continuity teams, breaking down silos and fostering a shared understanding of risks and opportunities.
ESG factors, such as supply chain governance and environmental regulations, can significantly impact business continuity17. For example, disruptions in a supply chain due to environmental issues or social unrest can have significant consequences for business operations. Integrating ESG considerations into supply chain management and business continuity planning enhances resilience and ensures the long-term sustainability of operations.
Integrating ESG considerations into business continuity planning allows for a more comprehensive understanding of potential disruptions17. This includes considering a wider range of risks, such as climate change impacts, social unrest, and regulatory changes, and developing strategies to mitigate these risks and ensure business continuity.
ESG insights can inform business continuity strategies, while business continuity plans can enhance ESG efforts18. For example, understanding environmental regulations can help develop plans for sustainable waste disposal during disruptions, while business continuity plans can be leveraged to ensure the continued implementation of ESG initiatives during emergencies.
Organizations are increasingly coupling ESG efforts with business continuity planning, recognizing the shared goals of risk management and resilience19. This integrated approach is driven by a growing understanding that ESG and business continuity are interconnected and mutually reinforcing. By aligning these disciplines, organizations can create a more holistic and effective risk management framework that supports both short-term resilience and long-term sustainability.
The development of a global standard for ESG reporting was started in October 2021 with ISSB at the United Nations Climate Change Conference (COP26)16. This initiative aims to create a common framework for ESG reporting, enhancing transparency and comparability of ESG information globally.
This trend towards integrating ESG and business continuity is likely to continue and gain further momentum in the coming years. As organizations face increasingly complex and interconnected risks, a holistic approach to risk management that incorporates both ESG and business continuity considerations will be essential for achieving long-term resilience and sustainability.
The last week of 2024 and the first week of 2025 witnessed significant developments in both ESG and business continuity. In the ESG landscape, regulatory changes, political influences, and a growing focus on materiality shaped the agenda. In business continuity, cybersecurity concerns, the importance of planning and preparedness, and the need for resilient infrastructure were key themes.
A notable trend is the increasing recognition of the interconnectedness of ESG and business continuity. Organizations are beginning to understand that a holistic approach to risk management, incorporating both ESG and business continuity considerations, is essential for long-term resilience and sustainability. This integrated approach is likely to gain further momentum in the coming years.
The evolving ESG landscape presents both challenges and opportunities for businesses. While regulatory uncertainty and political pushback may create obstacles, many companies are demonstrating a commitment to ESG principles and integrating them into their core business strategies. This is driven by a growing recognition that ESG factors can have a significant impact on financial performance, risk mitigation, and long-term value creation.
To effectively navigate this evolving landscape, businesses need to:
By taking these steps, businesses can enhance their resilience, achieve long-term sustainability, and create value for all stakeholders.
Looking ahead, key trends and challenges that are likely to shape ESG and business continuity in the near future include:
By proactively addressing these trends and challenges, businesses can position themselves for success in an increasingly complex and interconnected world.