Overcoming digital difficult #9: Unfamiliar risks
Blog: The Digital Enterprise
“The biggest risk is not taking any risk. In a world that is changing really quickly, the only strategy that is guaranteed to fail is not taking risk” (Mark Zuckerberg). New risks (e.g., cyber) are implicit in digital business. Digital transformations commonly get bogged down whilst executives fret about the risks. This is the 9th post in a series building on 10 reasons why digital transformations are difficult. Here are some approaches that others have taken to manage new risks:
- Understand the full picture. The digital world introduces many risks that previously didn’t exist or were vanishingly small. These include data loss, IT outage and employee activity on social media. But there are other more subtle risks e.g., the risk that a technology giant decides to enter your sector with a loss-making proposition or the risk that new intermediaries arise and halve margins in the sector (see UK motor insurance for an example).
- Make it everyone’s problem. Historically, many firms centralised accountability for risk management. But in a digital world, the actions of a single employee can threaten the company. So every colleague needs to be made accountable for managing risk (e.g., password choices) and in turn needs to be incentivised and trained accordingly.
- Strengthen governance. Board risk committees have had a quiet time in some sectors, and not all are at the top of their game. Few are well positioned to measure and manage today’s digital risks. New non-execs may be needed to add critical skills.
- Be realistic on funding. As these risks are new, firms are still getting to grips on the scale of capability required to manage them. The cyber-risk budgets of similarly sized financial institutions vary by a factor of 10 for example. Given the scale of the downside (potentially billions for many companies) increased funding is often justified.
- Digitise risk management. Using analogue approaches to manage digital risks is inefficient and ineffective. The latest automated tools (e.g. neural networks that monitor email content) can help to get ahead of risks.
- Collaborate. Typically all the firms in a sector are experiencing similar challenges. Collaborating with competitors to find common solutions helps to protect the whole sector and allows insights to be shared.
In summary, digital brings many new risks that require a range of new capabilities, approaches and tools to address