Font Size: A A A

Home > Security Products > IT Security > Risk survey

IT Security

Risk survey

A survey of more than 200 GRC (governance, risk, and compliance) professionals on the trends and challenges facing the business world, such as geo-political risks and cybersecurity, has been released by MetricStream, a governance, risk, and compliance (GRC) apps firm. Findings on the drivers influencing investment in GRC are:

A need to improve overall risk oversight (76.2 percent)
New business initiatives introducing new risk and regulatory concerns (54 percent) – such a high figure suggests that the role of risk management professional has evolved beyond compliance, and is now much more business-focused; the chief risk officer is becoming the chief performance officer
Data privacy and protection issues (39.5 percent) – this reflects a business climate in which data privacy/protection and cybersecurity are much more important than ever before
Political stability (8.4 percent) and geo-political risks (11.1 percent) are seen as being the least important influencers of GRC investment
Organisations have indicated that they will prioritise GRC technology spending vs GRC services eg. for third party risk management – 28.5 percent will increase tech spend, only 21 percent will increase services spend
Less than 5 percent of organisations predict that they will decrease GRC spend in 2016

French Caldwell, chief evangelist at MetricStream, says: “2016 will provide the perfect storm of GRC challenges. Technology continues to become synonymous with business, introducing new ways of working which also create new security challenges and vulnerabilities. Geopolitically, we’re seeing politicians and regulators lose control of the political agenda to technology companies which are setting the rules with innovation – and survey respondents highlighted the impact this digital business transformation is having on new business initiatives. While survey respondents ranked political stability and geo-political risks low, keep in mind that, just three years ago cybersecurity was underrated as a major business risk. The United States presidential election raises some degree of political uncertainty every four years and 2016 promises to be no exception. We’re also seeing huge populist surges across many regions, Europe especially, and the rise of deadly terrorist groups such as ISIS in others. Economically, the slowdown in China is creating major ripple effects worldwide as companies struggle to find similar opportunities in growing economies. All of these factors plus many more are combining, and businesses can strengthen their risk management programmes to weather the storm.

“The survey results highlight how the role of the risk manager is evolving. Very few GRC pros a decade ago would have been concerned with new business initiatives in the slightest, instead focusing their efforts on protecting their company from a compliance point of view. Now they have to be more proactive and have a far broader business view. The findings also show that technology is becoming the prominent method of managing risk. The continued outpacing of GRC technology investment over GRC services is a testament to the capabilities of modern technology. Companies and governments are increasingly looking to tech solutions that empower them to collect and analyse information more efficiently, simply and accurately.”


Related News