Leadership and Governance

Digital business challenges the basic principles of information risk and security management. Risk and security leaders must understand the hazards associated with business unit innovation, and balance the imperative to protect the enterprise with the need to adopt innovative technology approaches.

Risk and security leaders' ability to steer their organizations through the intersection of digital business and increasing IT risk and cybersecurity threats will create resilience, differentiate their organizations, define their legacies and shape the ways that future enterprises apply technology.

Organizations will have to create the new role of digital risk officer to address the changing nature of risks and threats across IT, OT and IoT, as well as safety concerns in the era of digital business. Risk and security professionals should prepare now for the additional responsibilities they will be asked to assume.

Identity and access management (IAM) leaders spend most of their time and effort servicing the IT legacy debt — nurturing and developing legacy assets and capabilities. CIOs remain key IAM stakeholders; however, CIOs are starting to focus on a cultural shift toward digital business and innovation. True innovation requires vision and new approaches, involves different stakeholder representatives, and happens on different fronts. In IAM, the most potential for innovation is on the edge (e.g., the cloud, mobile and consumers), sometimes driven by other IT teams, or sometimes even by other lines of the business (such as marketing).

Common risk management practices are often a barrier to achieving strategic business outcomes. By proactively assessing risk appetite and the value of the desired business outcome, CIOs and chief information security officers (CISOs) can transform digital risk management into a competitive advantage.

CISOs and CIOs looking to communicate risk management needs to decision makers should use the ancient techniques of storytelling, which can have contemporary relevance.

With a more-complex and intertwined global technology environment, the number of digital risks facing companies continues to multiply. As a result, the demand for risk management leaders is increasing. CIOs must develop digital risk leaders to ensure successful digital business innovation.