Integrated risk management is transforming the way in which risk managers approach and manage technology-related risks and the interconnected nature of 21st century threats, writes Quin Rodriguez, vice-president, strategy & innovation at Riskonnect.
The fourth industrial revolution – underpinned by a proliferation of super advanced and smart technologies in the internet of things (IoT), artificial intelligence (AI) and many others – has created a new generation of complex risks, risks which do not exist in isolation but which are interconnected to a web of other risks, intensifying the risk exposures for many companies. And, combined with today’s globalised business environment, the risk challenges are evolving at a greater velocity than many organisations can keep pace with.
Think about how the IoT and AI are used in industries to optimise operations, build efficiencies, drive down costs and create business intelligence – and the complex digitally-connected ecosystems built to elicit these outcomes.
This is certainly the case in the manufacturing sector, for example, where production is complex (involving several components and equipment) and supply chains and distribution lines are spread across multiple locations across the world. Here, IoT and AI have been used to connect one machine to another to ensure seamless automation of production and efficient distribution of products and services to consumers.
The advantages expand beyond commerce to critical infrastructure. Take the healthcare sector as another example. Indeed, the health and safety of patients is paramount. And hospitals are held accountable for high hygiene standards – hands and medical appliances must always remain clean and sterile. But soon, AI devices and scanners could help staff detect any speck of contamination or germs on their hands.
But for all the efficiencies that these technologies offer, there are a range of new risks that, to bring it back to my earlier point, are interwoven with a host of other complex risks.
Think about the numerous assets connected through AI and IoT. These connections will increase and exacerbate vulnerabilities to cyber-related risks, which can often spiral out of control and cause other risks – loss of brand equity and reputation damage, for example, and liability challenges (if an AI device malfunctions, who is liable: the owner of the device or the manufacturer of the device?).
A European aluminium manufacturer recently suffered a cyber attack, which caused global impact. The attack brought the manufacturer’s operations to a standstill, affected its global supply chains and distribution lines, and caused a knock-on effect to businesses located in US.
While the manufacturer had some insurance for such a cyber risk event, the financial impact for a week of lost production in the range of $40m, will quickly expire any insurance available. Also raises an interesting question that may be posed by the insurer. Would payment of a ransom mitigate the loss and thus be considered an obligation of the policyholder under the policy terms and conditions. I can predict that insurers may raise that if they have not already.
Such attacks are typically defined as a cyber risk, but they could lead to a web of others – business interruption (as aluminium manufacturer experienced); loss in consumer trust which could affect stock value and revenue; and reputation damage.
These examples represent today’s interconnected risk landscape.
Managing today’s brave new world of interconnected risks requires a robust holistic and integrated risk management approach. One that enables risk managers to have a full global view of their risk landscape and vulnerabilities. One that can track risks from one location to another. One that identifies all sources of disruption; provides intelligence of the multiple impacts of one risk, and tracks progress of risk management and mitigation plans.
A true integrated risk management system is driven by a dynamic repository of quality data, which brings together siloed information from several disparate sources across the organisation. Then aligning this information to core corporate objectives, so that all key stakeholders are aiming in the same direction. By doing so, risk managers will have clear data at their fingertips to help them apply more effective assessments and controls; to monitor, mitigate and make better decisions around the management of their interconnected risks – universally.
And this is where Riskonnect can best help. Through our approach to integrated risk management, we have helped businesses become more efficient by unlocking insights through more accurate data and increasing the speed with which our clients identify and resolve their risks.
Technological advances and a global business environment are indeed transforming the risk landscape, making it ever more challenging to manage. But we believe that an integrated risk management approach is equally as transformative – it is changing risk management and the way in which organisations look at and manage their risks. Through an integrated approach we are helping businesses to embrace technology and adopt new approaches for a more resilient future.
Originally published in https://www.strategic-risk-europe.com/