VIEW: Principles of resilience in a digital world

As reported by CIR, Airmic recently published the main findings of an in-depth report by Cass Business School into the implications of the fourth industrial revolution for business models and risk management. ‘Roads to Revolution’ found that existing principles of resilience need to be extended for opportunities to be realised and resulting risks managed. One important aspect is that of governance. In most large organisations, cyber governance has failed to reflect technology-driven changes in the way that companies are run.

Airmic recently hosted a discussion on the topic, bringing together some 20 experts from the worlds of risk management, digital risk, information security, governance, business, insurance, law and HR. All agreed that the consequences for boards of the pace of change in the networked world on which business models are now based means we must continuously revisit our cyber risk governance procedures, especially in the face of increasing regulatory and shareholder focus.

The lack of a common language was considered the main barrier to good cyber risk governance. It holds the board back in building knowledge and oversight of the risks and opportunities and in sharing its vision and risk appetite.

Cyber risk is an enterprise-wide, business-driven subject. It belongs within an ERM framework, with a line of communication to the board – probably through a risk committee or audit committee. Although technology information and security expertise are an essential part of the mix, cyber governance goes well beyond the IT department.

Before we can develop robust cyber governance, we also need to address a lack of education about the risks and opportunities of the digital world. We have to become digitally fit and comfortable with the subject. Just as people need financial literacy, the new literacy for the future is digital. There is a critical role for the risk manager here in developing a common language for cyber risks and insurance, facilitating communication and increasing awareness – maximising the chances of conveying their message by placing the discussion
in a business model and value-creation context.

    Share Story:

YOU MIGHT ALSO LIKE


The Future of Risk & Resilience with AI & Data
CLDigital's Co-Founder, Tejas Katwala, joins CIR Magazine to discuss how CLDigital is transforming enterprise risk and resilience. By integrating business processes, AI and data-centric strategies, organisations can move beyond compliance to proactive risk management – simplifying operations, strengthening resilience, and driving business performance. Listen now to explore the future of intelligent risk management.

Investec is disrupting premium finance – Podcast
Investec made waves in entering the premium finance market, where listening and evolving in response to brokers made a real difference.

Advertisement