By Dan Zitting, Chief Product & Strategy Officer at Diligent
As we pass the second anniversary of the onset of the COVID-19 pandemic, it feels as if we’ve arrived at our “new normal.” And with that, business leaders have taken stock of some of the biggest upheavals their organizations have faced and how they factor into their long-term plans.
In 2021, our new reality set in for many of us. Organizations shifted from crisis mode to enact long-term transformational strategies. It became clear that we had reached an inflection point — one that would require an evolution of supply chains, human capital and data strategies — and any organization that missed the opportunity to act would be left behind.
With the goal of enabling business leaders to do just that — pinpoint the most significant changes and most important risk factors in the new normal and identify strategies to mitigate them — we recently surveyed 450 risk professionals from listed U.S. businesses about the top risks they have identified for 2022.
While the survey identifies areas of risk, an important silver lining is that we’ve seen elevated
levels of urgency around topics like diversity, cyber risk and climate change, which have finally reached critical mass in boardrooms and C-suites. At the same time, organizations are experiencing great pressure to innovate, driven by investors, regulators and competitors.
With every risk comes to an opportunity for decision-makers to build resiliency into their organizations, enact stronger governance practices and facilitate more purpose-driven leadership.
Cybersecurity in a hybrid working world among 2022’s top risk factors
Among the top five risk trends identified in the survey, technology and cyber risk related to remote work ranked second, and it seems that many businesses could attest to this personally.
Over 70% of the businesses we surveyed who reported a cyber breach also reported financial losses due to those breaches; many of which were cybersecurity risks that arose from a work-from-home model. Looking just at just these 450 U.S. businesses over the last 18 months, our survey unveiled that $396 million has been lost due to cybersecurity breaches.
But if this surge in cyber breaches has a silver lining, it is that an intense spotlight has been shone on IT risk over the past two years, and CIOs and CISOs are now being given the opportunity to build a stronger mandate for IT risk management with executive leadership and the board.
In the wake of this, we expect to see elevated IT risk management programs that leverage cloud technology to identify critical threats and mitigate them before they materialize, prevent control coverage gaps in IT infrastructures and allow IT, teams, to demonstrate a robust compliance posture against global security standards.
Other top risk factors in 2022 and how to meet the challenge
While cybersecurity and remote working have dominated headlines over the past years, they’re certainly not the only risks businesses face right now.
Based on our survey data, the other risk factors listed among the top 5 include:
- Human capital issues like talent management, recruitment, and retention
- Regulatory and compliance changes with a focus on ESG
- Ongoing supply chain issues
- Lack of diversity within the board and management team and the threat of groupthink
With organizations facing pressures from all directions, it can be easy to get tangled in a web of siloed risk management strategies. As the scope of risk and compliance continues to grow, traditional approaches to risk must also evolve.
By taking an integrated approach to risk management where IT is connected to other areas of the business-like audit, business continuity or corporate compliance, risk data across the organization is brought under one roof to strategically manage risk across the entire business. This provides leadership with an overall view of risk across the company and positions IT teams and other internal stakeholders to harness strategic opportunities to come out ahead.
About the Author
Dan Zitting is the chief product and strategy officer at Diligent Corporation, the leader in modern governance providing SaaS solutions across governance, risk, compliance, and ESG, with more than $500 million in revenue and a $7 billion company valuation. In his role, Dan is responsible for all aspects of product strategy including product management, market strategy and user experience.
With more than 18 years of experience in the technology industry, Dan has garnered extensive knowledge in enterprise software, entrepreneurship and growth, and corporate risk management and compliance.
Dan joined Diligent in 2021 following the acquisition of Galvanize where he was the CEO. Before Galvanize, Dan founded SaaS platform and New York City tech start-up Workpapers.com, the first enterprise cloud software for audit and compliance management.
Diligent’s website: https://www.diligent.com/