How to prevail when technology fails - Flipbook - Page 6
6 | How to prevail when technology fails
1
2
Tech risk should be a
boardroom issue
Legal teams should
collaborate closely with the
wider business
Senior management and the board must devote time
to understanding and overseeing technology risk.
Not only is this mandated by regulators in some
circumstances, it also makes good business sense
– because technology risk and business strategy
are linked.
Close collaboration between legal teams and the rest
of the business is essential to mitigate the risks of
technology failure. For example, if there is a major
data breach incident, key regulators will need to
be informed and there may need to be a privileged
investigation. But this could be hampered if legal
teams are not involved in preparing how their
business should respond. But just 31% of businesses
in our survey involve their legal teams in creating
their cybersecurity incident response plans.
In order to manage technology risk effectively, boards
and senior management need to truly understand
the nature of the threat. However, just 37% of our
surveyed businesses are more than “somewhat
confident” that their senior executives understand
the risks associated with the technologies they are
developing and implementing.
This lack of understanding could stem from the fact
that boards are neglecting the problem. Just 9% look
at technology risk “to a significant extent,” which
means they oversee management of a broad range of
technology risks and deem them to be as important
as traditional risks such as financial risk.
Without enough attention from the top, you will not
carry out the crucial initiatives that could mitigate
technology risk. Illustrating this, 35% of surveyed
businesses have not identified all business-critical
technology, which is necessary to design any
mitigation strategy.
Privacy experts should also work closely with
product teams to ensure that they do not
accidentally break data privacy regulations when
they develop or update products. Yet just 28% of
surveyed businesses say that privacy specialists are
involved from the outset in the development and
implementation of new technology that gathers and/
or processes personal data.