What You Need to Know About Digital Risk Officers
More than half of CEOs will have a senior digital leader on their staff by the end of 2015, according to Gartner’s 2014 CEO survey.
Just expanding your portfolio of IT security to include technology risk for all Internet-aware technology is not enough. Skills and tools beyond the competence of the IT security team will be managed outside the IT department.
By 2020, 60% of digital businesses will suffer a major service failure due to the inability of the IT security team to manage digital risk when it comes to new technologies.
The DRO will start to emerge in the enterprise in 2015. DROs will need skills in the IoT, operational technology, physical security, privacy and digital marketing spaces.
By 2017, one-third of large enterprises engaged in digital businesses will have a DRO or the equivalent officer.
New skills, beyond those of today’s Chief Security Officers, will be in demand. In security, for example, DROs will need to know about: Network and endpoint security, Security concerns in the integration of IT and operational technology, Embedded software and system security, Machine-to-machine security, Identity and access management across the business where digital identities are related to civil and social identities, Physical security management
A unified and consistent approach to digital risk could deliver cost-efficiencies and improved risk insurance for businesses better than the fragmented approaches currently used by most enterprises.
The Gartner report suggests the deconstruction and re-engineering of current organizational structures, the allocation of responsibility, and the development of new capabilities in security and risk assessment, monitoring, analysis, and control.
In-demand risk management skills will include risk management processes, risk assessments that span digital business models end-to-end, and risk management that supports decision-making at the senior executive level.
DROs should investigate how digital innovation will change key business leaders’ tolerance of risk in the enterprise.