John A. Wheeler, Global Research Leader - Risk Management Technology at Gartner, gave the Day Two keynote address to the 2021 FAIR Conference with a look at how the pandemic era has changed the expectations of boards and business leaders for risk management.
Wheeler discussed four emerging trends he’s watching:
1. After the multiple disruptions of the COVID era, business leaders want integrated risk management (IRM) that ties together cyber, operational, and other forms of risk into one continuum.
2. Resilience of business operations is also front of mind.
3. Leaders want a multidimensional view of risk – the old compliance-centric, GRC approach is inadequate.
4. Digital transformation is a must-have (recognizing that it will expand the attack surface).
Wheeler showed results from a Gartner survey of board directors that found them increasingly risk aware. Note that 88% viewed cyber risk as business risk.
Boards look to CISOs and other leaders on risk to “better articulate the risk in terms they can really understand and not only understand but make actual decisions.”
Wheeler concluded that “as they make those decisions, they need better risk quantification and that’s where we see the greatest opportunity for risk management and compliance professionals to up their game through the use of methodologies like FAIR and technology to enable scenario analysis and other key decision-making factors that will support the business cases for new digital products and services in the realm of true digital risk management.”