The ongoing digital business revolution is unlocking exciting new opportunities across sectors, but as our report notes, it is important that organizations and boards continue to acknowledge and address any associated new risks, including the following:
- New cybersecurity threats continue to emerge in part due to the increasing proliferation of connected devices and digital entry-points to business ecosystems.
- Markets are becoming more volatile and unpredictable whilst customers are becoming more empowered, leading to greater complexity and market scrutiny.
- Business are adapting and changing operating models whilst continuing to embrace convergence across sectors.
As such and underpinning these digital transformations is a growing need for improved trust between business partners in order to protect their assets and keep the expanded digital ecosystem safe.
Mass connectivity is a revolutionary force, leading to inter-dependencies at a scale we have never seen. Every participant in a business ecosystem or supply chain faces the same challenges and risks as everyone they are connected to. The ability to effectively manage these risks, through data privacy and cybersecurity, has therefore become an increasing challenge for board oversight.
In that context, boards should continue to consider their role in the following:
- The promotion of “trust” and the associated roles and relationships between companies, customers, suppliers, and other stakeholders whether real or perceived. Customers, suppliers and competitors are continuously challenging how safe their data is, how responsive you are to breaches and if in turn you pose a threat. Trust in this context can become a strong market differentiator if your organization can deliver.
- The expansion of the organization’s enterprise risk management function in line with new market forces. This area must now transcend its traditional risk avoidance roots to address positive risk leveraging. Cybersecurity requires company-wide coordination from the board-level down. Building a solid cyber resilience strategy is now a necessity for any business and is a critical component to maintaining stakeholder confidence.
Questions for boards to consider:
- How do you identify digital disruption that could affect the organization?
- How is investment, risk and reward evaluated when selecting digital projects?
- Does the organization have the agility, skills and tools to manage digital risks effectively?
- Are security and compliance considerations sufficiently embedded in digital projects?
- Is the risk function evolving to keep pace with change, enable innovation and build trust?
Compliments of Ernst & Young , a member of the EACCNY