Reporting should be incidental to any risk management process. As the last several months have been quite the rollercoaster ride, it’s time to review your risk reports to ensure that your Board is seeing its latest state of risk, including ‘emerging risks’ and gaps in control measures, in order to be more effective in the upcoming year.
In today’s highly digital and global world, the potential for information security incidents has become more and more likely. Information security incidents are situations or issues where a threat has affected the security of your business network and the ability of your employees to do their work. Think hacking, malware, authentication issues and IT system failures.
It's not being dramatic to say that COVID-19 has consumed both our personal and professional lives. We've been thrust into a world of disruption without any real sense of how long it will take for things to get back to normal and furthermore, what normal will look like. Even for companies that had their business continuity plans developed, a pandemic like COVID-19 was not something many saw coming let alone prioritised protecting themselves from.
Organisations often think that managing crisis is just a matter of being prepared for the worst. While your preparations may cover known potential disruptions, in unprecedented times, it becomes clear that 'emergent' risks, or risks that are newly developing and therefore not understood, may not be accounted for in your plan. When these ambiguous 'emergent' risks surface, the organisations that can adapt and respond continually are more likely to win.
If recent major events have shown us anything, it is how vulnerable organisations can be without the right planning in place to support their responsiveness, their resilience and the decisions they make during a time of crisis.
Whether it is a natural disaster like the recent bushfires, or the unknown like we face today with the COVID-19 pandemic, there are things businesses can do to ensure they are best positioned to continue operations into the future.