How prepared are large companies for crisis? New research from risk management-focused AI firm Dataminr reveals major systemic barriers many enterprise organizations face that obstruct their ability to avoid crisis situations. The research found that nearly 70 percent of respondents said their organizations experienced at least two separate critical risk events in the past year, while over 40 percent experienced at least three, and nearly 20 percent suffered six or more incidents.
What are these firms missing in their crisis strategy that leaves them so vulnerable? According to the findings, 70 percent of respondents believe that optimized, real-time alerting would have helped them significantly or totally reduced the harm of the most serious or disruptive events their organization faced last year.
The firm’s new commissioned study, Constant Disruption is the New Status Quo, conducted by Forrester Consulting, evaluates the state of enterprise risk management (ERM) at midsize to large enterprises across industries in the North America, Europe, and APAC regions.
Forrester surveyed 500 risk leaders to inform the commissioned study, and found that organizations encounter significant organizational, strategic, and technological barriers on their way to implementing an effective ERM strategy.
“Following the unprecedented events of the past three years, this research illustrates that now, more than ever, it is crucial for businesses to have a system in place to discover and manage major physical and cyber risk events,” said Jason Edelboim, president and COO of Dataminr. “These findings have been incredibly valuable to help demonstrate the utility of Dataminr’s real-time alerts—ultimately giving clients an earlier line of sight into high-impact events and emerging risks that could impact their organizations.”
At this time, 56 percent of respondents indicated they don’t have real-time alerting solutions in place today, but 62 percent plan to implement or expand their use of such tools, and 54 percent plan to increase investment over the next 12 months.
The researchers identified four key findings:
Many risk leaders are taking too narrow a view of the systemic risks their organizations face
Business risk will become more, not less, complicated to manage in the future, and fewer than a third of risk leaders completely agree that risks to their business can come from anywhere.
Risk strategies have significantly advanced over the past few years, but still have a long way to go
Just 36 percent of respondents have a C-suite champion leading risk management today.
Cybersecurity and real-time alerting capabilities will be a major area of focus going forward
Respondents were most likely to cite cyber risk tools and real-time alerting capabilities as the most critical features their next risk management platform must include.
Successful ERM implementations are driven by aligned leadership, vision and technology
Organizations with highly effective ERM strategies were 27 percent more likely to have a C-suite leader for ERM, compared to those from lower-maturity organizations. C-suite champions are empowered to work across organizational silos and to coordinate with other business leaders within the organization.
In addition to the above key takeaways, the survey also found that only 18 percent of respondents reported that their current ERM strategies are effective or very effective across all five capabilities surveyed, including identifying, evaluating, monitoring, responding to, and communicating about risk.
Forrester completed the study in Q3 2022. Participants were decision makers in physical security and security operations, cyber/information security, business continuity, human resources and employee experience, corporate communications, and supply chain roles. Questions focused on how organizations navigate risk strategies, technologies and workflows.