In the wake of rapid digitisation, prevailing chaos and inability to assess the emerging challenges – be it the geopolitical crisis, cybersecurity vulnerabilities, supply chain disruptions – risk management has taken the center stage and is now a key constituent of any board conversation. Post Covid-19, it has gained even more prominence. Conventional ways of mitigating risks is paying no dividends. It is rather counter productive and riskier. Conventional enterprise risk management techniques are outdated and need a serious relook.
Every new emerging risk is posing a unique threat to the businesses, governments, and societies alike. It is, therefore, important for CISOs, Chief Risk Officers and other C-suite functionaries to look at the wider and deeper dimensions of digital, cyber, operational and business risks. It is imminent that the security leaders work on improving their existing strategies to not only protect their expanding digital infrastructure but also a clear roadmap to understand the emerging threats.
Applying technology to mitigate various kinds of risks is just one aspect. However, that’s incomplete, insufficient and, in many cases, insignificant too.
Rahul Neel Mani of DynamicCISO – an ISMG Initiative – spoke to Brian Barnier, Director of Analytics at ValueBridge Advisors on a whole range of issues facing the risk and security leaders.
According to Brian unless a systems and root cause analysis approach is used, any risk stats will be defective because they simply don’t reflect reality of the systems. “In cybersecurity, one doesn’t have to be on the wrong side of asymmetric warfare. Instead, one needs to outthink adversaries with the design thinking,” he says.
In this video interview Brian talks about:
- Rising complexities in the prevailing risk scenarios
- Flaws in the risk mitigation strategies
- Importance of systems and design thinking
- Analysis of scenarios and preventive measures in risk management
- Keeping people in the center of any Risk Management strategy