Sword GRC, the supplier of specialist risk management software and services, has published the latest findings from its Annual Survey of Global Risk Managers. Almost 150 risk managers from highly risk-aware organisations worldwide were canvassed for their opinions. Overall, cyber security was seen as the biggest risk to business by a quarter of organisations.
In the UK, Brexit and the resulting potential economic fall-out was cited as the biggest risk to business by 14% of risk managers. The most notable regional variation was in the US where 40% of organisations see cyber security as the most threatening risk.
The most lucrative opportunities for business were the benefits and efficiencies achieved by harnessing technology followed by expansion into new markets or sectors.
The risk managers involved were also asked about their acknowledgement and preparations for ‘Black Swan’* (an event that’s highly unlikely to materialise but, if it did, would have a substantial impact). In both the US and the UK, a major terrorist attack on the business is seen as the most likely ‘Black Swan’ (UK 29%, US 35%). However, in Australia/New Zealand, only 13% of risk managers thought that one was likely.
The next most likely ‘Black Swan’ in the US is a natural disaster, with 48% of risk managers thinking it was likely or highly likely. This figure was 33% in Australia and New Zealand, and in the UK, where there are fewer adverse weather events and no major fault lines in the earth’s crust, this figure was just 27%.
In the UK, risk managers were far more wary of Artificial Intelligence (AI), with 23% thinking it likely or highly likely that AI could go out of control. In the US, this figure was 15%, while in Australia/New Zealand risk professionals clearly take a far more sanguine view with no-one surveyed thinking AI was a risk.
Record number of responses
Keith Ricketts, vice-president of marketing at Sword GRC, commented: “We’re delighted to see the Active Risk Annual Survey of Global Risk Managers going from strength to strength with a record number of responses in 2018. As risk continues to grow in terms of its importance and influence in the Boardroom, we have this year focused on the biggest threats and most lucrative opportunities facing business. That cyber security is now recognised as the single biggest risk for many organisations is no surprise to us, as it supports the anecdotal evidence we’ve seen from working with our clients in some of the most risk-aware industries globally.”
Ricketts added: “Technology is a great enabler and that has never been more true. The feedback we’ve received from risk managers is that IT is the key to almost every opportunity for business going forward, whether that’s supporting expansion into new markets and geographies, streamlining processes to gain efficiency or harnessing Big Data and AI to power product development and business performance.”
*Black Swan: In traditional enterprise risk methodologies, the assessment of this type of risk using a ‘likelihood x impact’ rating would potentially exclude it from the category of risk in risk appetite terms that ‘must be mitigated’. This could mean that organisations fail to plan for a scenario whereby the absolute worst were to happen