Are Cybersecurity Risks Too Big to Handle in Digital Transformation Journeys?
Are you planning to initiate a post-pandemic digital transformation for your organization to meet new norms of doing business? If your answer is yes, you are among the majority group of global businesses that have agreed to shift to digital platforms during the pandemic. According to Gartner, cybersecurity risks, in addition to compliance with regulations, are the top concerns for corporate boards. COVID-19 shook not only our healthcare infrastructure but also tested resilience against security risks. Sadly, we witnessed some of the worst cyber attacks and ransomware events during the pandemic. Reason: Poor Risk Management and Security Planning.
In their latest survey MetricStream has found that while cybersecurity emerged as an even greater risk concern during the pandemic, organizations with agile integrated risk management (IRM) solutions responded better to pandemic-driven challenges.
Gaurav Kapoor, Chief Operating Officer and Co-Founder, MetricStream said, “The pandemic has been a major catalyst for companies to reevaluate their risk management programs and adopt a future-ready risk program that is agile, integrated, and technology-driven. It is no longer a matter of choice but the only option for organizations to thrive in these uncertain times.”
The MetricStream State of Risk Management Survey asked Chief Risk Officers and risk professionals across various organization sizes and industries for feedback on how the risk management industry has changed and adapted during the COVID-19 pandemic and what their key priorities are to combat the crisis. Respondents encompassed representatives from multiple industries, including financial services, telecom, technology, manufacturing, government, education, healthcare, and transportation.
Cybersecurity Risks like a Tsunami
The shift to digital during COVID-19 put cybersecurity risk at the forefront of organizations’ concerns. Nearly half of survey respondents (48.91%) listed cybersecurity as their top business risk, and this was even more prevalent among respondents in the Banking and Financial Services Industry (52.94%).
IRM Programs Shield Against Cybersecurity Risks
Organizations that had IRM programs were much more prepared for the swift changes in risk threats caused by the pandemic. More than half of the organizations (52.63%) that had deployed an integrated risk solution did not make any changes to risk programs and strategies due to the pandemic. The IRM approach ensured agility and operational resilience, enabling them to quickly respond to the sudden disruptions brought about by the pandemic.
On the other hand, companies with traditional and siloed approaches had to make significant changes to their risk management approach to contend with the new normal.
Increased Pressure to Show the Effectiveness of Risk Management and Resilience Programs
After the pandemic, risk professionals feel increased pressure to show the effectiveness of risk management and resilience programs. 61.96% of survey respondents said that determining the effectiveness of cybersecurity risk management is a top priority, while 45.65% said evaluating the strength of their operational resilience program and framework was most important.
Impact on The Banking and Financial Services Industry
The Banking and Financial Services industry is primed for a major overhaul of their risk management approach in the next several years. 58.33% of the total respondents from the Banking and Financial Services industry use risk management software but not integrated with other areas while only 26.32% said that they are using an integrated platform to manage risks.
Customers Seek One Integrated Tech Solution for Managing Risk, Cybersecurity, Third-Party Management, and Compliance
IRM technology adoption still has a long way to go, despite the advantages it offers. Only 21% of survey respondents reported using one integrated tech solution for managing risk, cybersecurity, third-party management, and compliance. The remaining 79% use either office productivity software or risk management solutions that are not integrated with other functions.
This survey comes on the heels of MetricStream’s Arno software release, a major capabilities expansion to MetricStream’s Enterprise and Operational Risk Management, IT and Cyber Risk Management, Internal Audit Management, Policy and Compliance Management, and Third-Party Risk Management products.
In 2021, we need ‘cyber savvy’ boards that understand the complex ecosystem of digital platforms and how their adoption is hugely impacted by cybersecurity risks and regulatory compliance. Until this happens, cybersecurity risks would continue to dent digital transformation goals.
[To share your insights, please write to us at email@example.com]