The New Riskonomy

Executive summary

C-suite and GCs know that today’s technology landscape poses significant risks to their organisations. But they’re underestimating just how vulnerable their business is, misjudging where they are most exposed, and failing to consistently embed protective measures.

Riskonomy radar reading

Our proprietary benchmarking methodology, the Riskonomy Radar, uses a number of scored data points to categorise organisational technology risk.

The radar indicates that the vast majority of organisations need to revisit and improve – if not urgently prioritise and invest in – their tech-risk management practices.

Our proprietary benchmarking methodology, the Riskonomy Radar, uses a number of scored data points to categorise organisational technology risk.

Business leaders are alert to macro risk factors (e.g. cyber-attacks, economic disruption), but rank network influences as a higher concern than internal risks (e.g. skills shortages, misuse of technology). Our Riskonomy Radar suggests that these internal processes are actually creating greater risk exposure, and business leaders are inadvertently leaving their organisations vulnerable.

0

%

of organisations are exposed to moderate or high levels of technology-related risk

Navigating the new risk economy

Only

4

%

of business leaders do not believe that the changing technology landscape does not pose a challenge or threat to their organisation.

C-suite and GCs identify the top technology-associated risks to their business over the next three years as data management, cyber security, a digital skills gap and misuse of generative AI within their organisation. But three in five (60%) admit their business is not taking a positive, proactive approach to technology-associated risks and doesn’t have the appropriate strategies and policies in place.

Organisational
vulnerabilities

Business leaders are overlooking how much their data management processes, digital skills gaps and lack of generative AI policies are leaving their organisation exposed to risk. Three in four organisations fall into the moderate or high-risk range on our Riskonomy Radar, with signs that risk management is insufficient and inconsistent.

Three in four organisations

fall into the moderate or high-risk range on our Riskonomy Radar, with signs that risk management is insufficient and inconsistent.

Technology risk beyond the business:
network and macro risk

Just

12

%

of business leaders work in organisations with…

of business leaders work in organisations with a mature and sophisticated cybersecurity strategy and are proactive in safeguarding against cybersecurity threats

A third of C-suite and compliance leaders...

A third of C-suite and GCs are uncertain whether their suppliers can identify and mitigate potential cyber security and data management vulnerabilities

C-suite and GCs are alert to external risks, but are under-prepared for geopolitical instability, underestimating the risk of inconsistent technology regulation, and failing to prioritise cybersecurity.

Conclusion and recommendations

Risk mitigation strategies will vary according to an individual organisation’s degree of exposure. As the Riskonomy continues to evolve, business leaders will need to embrace transformative tech while relying on legal counsel to help them stay several moves ahead of emerging risk. Our Riskonomy Radar is the counterpart tool; enabling business leaders to understand where they could be overlooking tech threats to their business, and to be strategically inspired from successful sectors.

Methodology

This global study explores the complex relationship between technology-related risks and corporate performance.

Opinion research was conducted in early 2024 among 1000 general counsel, chief compliance officers (CCOs), heads of legal or equivalent job titles (referred to collectively as “GCs”), and 500 C-suite executives (referred to collectively as “C-suite” or “C-suite leaders”). In this report, ‘business leaders’ is also used interchangeably to refer to the entire cohort of C-suite and GCs.

Respondents were based in the UK, USA, France, Germany, Italy, Asia (China, Hong Kong, Singapore and Japan) and Brazil.

A wide range of sectors were represented in the research including tech and telecoms, lifestyle and consumer, manufacturing, energy, automotive, transport, financial services and life sciences.

What is the New Riskonomy?

Technological advancement is a key driver of both corporate growth and competitive advantage in today’s business landscape. Organisations continue to face challenges from escalating geopolitical tensions, economic slowdown, trade fragmentation and rising financial stress – but they are now doing so in a world increasingly enmeshed with connectivity, AI, big data and automation.

This new frontier of technology brings an evolving set of risks and threats that connects each of these economic factors – creating a Riskonomy unlike we’ve previously weathered. But with great risks comes great opportunity; generative AI’s acceleration of the tech landscape has created a turning point for organisations that can’t be ignored.