How Organizations Are Overlooking Disruptive Technology Risks
Risk managers can play a leading role in helping their companies adapt to technology innovation, but could be left behind if they fail to do so, according to panelists on Marsh’s The New Reality of Risk® webcast.
Most of the participants listening in agreed; 91% said that they will fall behind in their industry if their organization does not understand and take advantage of new technologies, according to a live poll during the webcast.
But when it comes to changes stemming from disruptive technology, risk executives may be slow to adapt. For example, 52% of risk professionals say their organizations don’t use or plan to use the Internet of Things, according to Marsh’s 2017 Excellence in Risk Management report, published in partnership with the Risk & Insurance Management Society (RIMS). Yet an estimated 90% of companies will be using Internet of Things technologies within two or more years.
Why the disconnect? It stems in part from confusion about what some disruptive technologies actually are or will mean for organizations, said Tom Quigley, Marsh’s Communications, Media & Technology Practice leader. “There isn’t a consistent approach to understanding what disruptive technologies mean or how they should be treated,” Quigley said.
A critical challenge for companies — especially for those in industries that have just begun pushing technological change among their operations — is the ability to adapt quickly amid rapidly evolving innovation, said Melissa Gale, senior manager, risk solutions, at Lyft. “There are many barriers and processes that hinder innovation and thought leadership. The mindset often is, ‘Why change it if it is working?’”
Among the disruptive technology risks that businesses expect to most significantly affect them is data and privacy risk. But as organizations increasingly rely on technology, business interruption and other technology disruptions are emerging as a more significant cyber risk, said Tom Fuhrman, cybersecurity risk consulting practice leader at Marsh Risk Consulting. While data breaches can be addressed, “managing the risks of more open-ended disruptive cyber events calls for different approaches” Fuhrman said.
To more effectively manage the risks of disruptive technology, businesses—and risk professionals—must adapt. “Education, open mindedness, and forward thinking can help companies better understand the risks,” Gale said. Data and analytics can also help organizations quantify the risks of disruption. “Limited historical data may block certain approaches, but everything can be modeled,” Fuhrman said. “I advocate using more than one approach to quantifying risk.”
Because new technologies and disruption occur at a blistering pace, the risk discussions should be happening across the organization, Quigley said. “It’s not about discussing risks to slow things down. Rather, it is real-time risk identification and treatment to enable growth.”