Securing the Digital World

8 Digital Risks Your Board Will Ask About This Year

Mar 01, 2020 | by Heidi Bleau |

Whether you consider it a revolution of your business model or an evolution of your operations, digital transformation initiatives are prevalent across organizations of all sizes and industries. According to the recently published RSA Digital Risk Report, six in ten respondents stated their organization is "extensively" engaged in digital transformation.

While the prospects of digital transformation are boundless, the opportunities also come with baggage in the form of new digital risks. A recent Gartner report, Five Board Questions That Security and Risk Leaders Must Be Prepared to Answer, provides explicit guidance on how to answer pointed questions about the state of cybersecurity. Cyber attack risk is the top risk management priority in the next two years – and it is only one of several digital risks that organizations must contend with as they invest in new technologies to transform their business.

Digital transformation touches every aspect of an organization, yet it remains an ongoing challenge to enlist the business in addressing digital risk. According to the RSA Digital Risk Report, the burden of an organization's digital risk management strategy still falls on the IT and security teams to figure out. Sixty-five percent of organizations reported that their security team was involved in digital risk management compared to only seven percent of line of business leaders driving the digital transformation. As the conversation around digital risk is changing at the board level and moving well beyond a conversation focused solely on cybersecurity, so too must it be happening at the line of business level.

Here are the top eight critical risks being brought on by digital transformation that security, risk and business leaders will need to be prepared to address with executive leadership.

  • Cyber attack risk: A cyber attack can be disastrous for an organization that's unprepared to handle it. Know where your organization stands in terms of the cybersecurity capabilities needed to mitigate the risk.
  • Dynamic workforce risk: A dynamic workforce of employees, contractors and gig workers can propel your organization forward and put it at risk. Be sure you're doing enough to secure the business while still empowering the workforce.
  • Cloud transformation risk: You can offload work to the cloud, but you can't offload the risk. Move forward confidently with a thorough understanding of how your organization manages the risk cloud service providers may bring.
  • Third-party risk: The more work you do with third parties, the greater the risk. Ensure that all the right measures are in place to manage the risk that your third parties – and their third parties – introduce to your organization.
  • Compliance risk: The business cost of noncompliance can be steep – whether it's a monetary fine or a less quantifiable blow to the organization's reputation. Be prepared to demonstrate a strong compliance posture.
  • Data governance and privacy risk: Privacy risk is evolving, with new rules and regulations being introduced all the time. Get familiar with how your organization's risk management program is evolving to keep pace.
  • Process automation risk: AI, IoT and other technologies to automate processes make organizations more productive and efficient. Be sure there is a carefully considered, well-developed process automation risk strategy in place to manage them.
  • Business resiliency risk: Sometimes business disruption is inevitable, but the impact doesn't have to be devastating. Know what your organization is doing to maintain business resiliency in the event of disruption.

The better prepared your organization is to manage digital risk, the greater the business benefit of digital initiatives. And the better prepared you are to answer questions about digital risk management from your board and executive teams, the more actionable information they'll have to keep the business moving forward with confidence.

# # #

Join the #TalkingDigitalRisk conversation on Twitter and social media by following @RSAsecurity

Learn more about the 8 Questions Your Board Will Ask About Digital Risk, and check out the most recent edition of the RSA Digital Risk Report for insights to help you prepare to answer questions about digital risk within your organization, explore digital initiatives other companies are investing in and learn how digital transformation is affecting risk management priorities globally.