Risk management for the connected world

By Sarah Draper, General Counsel and Chief Risk Officer, Telehouse

The pitfalls of siloed risk management

As the world becomes increasingly connected, traditional approaches to risk management are coming under scrutiny. Current methods, which exist to mitigate a number of physical and technological risks, are often siloed. But is this the right approach? The isolation of risk managers can lead to misunderstandings and confusion about the true scope of threats in a complex landscape. Risk management as a concept therefore needs to evolve with the times.

What is connected risk management?

Connected risk management involves a proactive, integrated approach to identifying, assessing and managing risks across an organisation.  It integrates all aspects of risk across an organisation, bringing together stakeholders from all aspects of the business, building a strong risk-aware culture. By working collaboratively, teams can identify overlapping risks, share insights, and build a more dynamic strategy that protects against emerging challenges.

For example, technology risks are no longer just the responsibility of IT or the CISO. With hybrid work models and IoT devices increasing data exposure, every department must play a role in maintaining security within the organisation. A connected approach ensures risks are addressed holistically rather than in isolation.

Risk management and the customer experience

Where more collaborative risk management approaches are being adopted, organisations need to consider all aspects of its impact.  So this includes for example how these changes can impact customer expectations and experience. Achieving the right balance between risk management decision-making and meeting customer demands is really important. For instance, for some customers tangible security layers are important, but for others, they come second to speed, convenience, and usability. Differences often come from the service or product being used. Most customers want layers of security to access banking applications, but perhaps not so many to access their favourite streaming platforms. Getting the balance wrong can create an unnecessary burden and therefore risk and potentially damage reputation and relationships with customers. This can have an impact on your margin. Physical security also has a similar divergence of approach. An example is when enterprises looking for colocation services for their IT equipment are keen to check that access controls, perimeter fencing, and CCTV are present. But if individuals needed to go through similar access controls to enter a supermarket, this would likely lead to frustrations and potentially a move away from the supermarket that is perceived to be difficult to use, to an easier one. It’s a reflection of the fact that there is no one-size-fits-all approach to risk management.

Unlocking new business opportunities

Risk management has often been a stress-inducing subject for decision-makers. To tackle this, organisations need to build strong risk aware cultures and give clear communication. The culture of being open, passionate, curious, and actively listen to employees’ views and opinions to pre-empt and mitigate risks is vital. Modern risk management teams can help to enable these discussions.

As an example, working with employees to identify ESG risks and action plans can help organisations gain a competitive advantage. They hold great significance for customers by directly impacting environmental management practices, working conditions, and of course compliance with relevant laws and regulations. Business leaders often view ESG and sustainability risks as needing strict controls to avoid damage to reputation, but there are also opportunities to improve reputation, working practices and efficiencies. There is also an opportunity for organisations to differentiate themselves from the competition and align ESG strategies and corporate strategies.

Pushing regulations forward

Instead of fearing risk management discussions and the actions of regulators, businesses need to be proactive and collaborative in our hyper-connected world. Inclusivity and openness will help to ensure that all physical and technology risks are understood (including cyber), identified, mitigated, and managed in the most effective way, without the responsibility falling on a single department or individual. With siloed risk management eradicated, businesses can seize new opportunities, meet new customer expectations, and also meet their regulatory obligations.

Key takeaways for businesses

• Siloed risk management strategies are no longer effective in today’s connected world.
• A connected approach integrates risk management across departments, ensuring a holistic response to emerging threats.
• Balancing security with customer experience is essential to meeting expectations and maintaining trust.
• Proactive risk management creates opportunities for growth, particularly in areas like ESG
• Staying ahead of regulations allows businesses to lead the way in innovation and compliance.

Hear more about the role of risk management in our podcast episode, Risk management challenges: A rapidly evolving landscape.