Webinar Recap: 2019 Risk Trends and Predictions
Lockpath recently brought together three experts on risk management to share their views on what they see as the major risk trends of 2018 and what risks they envision taking center stage in 2019. You can view the webinar recording here.
The three risk management experts included Jake Olcott with BitSight Technologies, Jannie Wentzel from Focal Point Data Risk and Digital Shadows’ Michael Marriott. Lockpath’s Sam Abadir served as moderator.
The webinar format featured five questions, and then each panelist was invited to share their opinions. The following is a summary of the questions and answers.
What is your top trend from 2018?
Olcott: “Ecosystem risk kept popping into my mind.” All the different regulations, supply chains, third parties, incidents, they’re all part of the same thing—what Olcott calls ecosystem risk.
Marriott: “2018 was about understanding risk better.” This more informed picture came into focus with richer risk details, new frameworks and greater insights on threats and exposure.
Wentzel: Everyone should think about how we manage these challenges together. “It’s not in the silo. Vendor, third party, all work together.”
What is your top prediction for 2019?
Olcott: 2019 is the year that cyber and financial start to merge. How does cyber risk tie into financial performance? Look for credit ratings to take a more active role.
Marriott: We’ll better understand threat and vulnerability in the year ahead. We’ll quantify digital risk.
Wentzel: In 2019, we’ll see cyber risk management as a top 5 discussion at the board level.
How will risk management and GRC support business in 2019?
Wentzel: With innovations like Blockchain and AI, you need a systematic approach to managing third-party risk.
Olcott: Business units want to move faster than we do. We need to get in on the process earlier at the initial assessment and procurement process and use more quantitative data.
Mariott: One challenge Marriott sees that’s been overlooked is digital risk. A lot of data is in the public sphere. Perhaps it should be: how will security teams support the business?
How will data privacy evolve in the next year?
Mariott: Although he expects more fines, Marriott is a GDPR optimist. He sees organizations getting their processes and contingency plans in place, and that these steps benefit all of us.
Wentzel: Countries and companies will continue to struggle with data privacy. Other states are pushing regulation, and privacy is entering the political arena. We need to be agile and adapt.
Olcott: We rate security performance of organizations. Security performance has fallen all over the world, except Europe where it’s improving. Is GDPR the reason? We can’t be sure.
How can companies better manage cyber risk in the supply chain?
Olcott: We need to see cyber risk as a cross-cutting issue across the organization, involving business units, legal, procurement and more. It’s not just IT security. We have to collaborate with our vendors to improve cybersecurity.
Mariott: We need to look outside the organization, not just inside. What data do they have and where is it online? The challenge is protecting the data you care about.
Wentzel: We need to move from point to a full view of risk. Where is my data? Who owns it? Companies in 2019 will have a significant challenge managing cyber risk in the supply chain.
Our thanks to Jake Olcott, Jannie Wentzel and Michael Marriott for sharing their views on risk management. For more insights from our risk management panel, watch the webinar recording today.
With Constitution Day tomorrow, September 17, let’s learn what the Constitution can teach your organization about corporate governance.
Learn how Lance completed his 50 mile race and how it relates to building a risk management program.
This month’s Risk Roundup is about data privacy, the biggest California earthquake in 20 years, and the business impact of the US-China trade war.