Boards Must Address Technology Risks and Opportunities

Boards Must Address Technology Risks and Opportunities

In the tsunami of digital transformation, it has dawned on boards that disruptive technologies pose not only a great opportunity, but also bring inherent risks. New technologies bring great promise to help businesses grow, improve efficiencies, and seize new markets. On the other hand, when an organization decides to embrace new technologies, they will come face-to-face with new business models and regulations that are unlike what they have ever seen before. 

Boards may not be fully equipped to face the onslaught and speed at which new technologies are infiltrating the business sector. In fact, according to the 2018–2019 NACD Private Company Governance Survey, 80% of directors say that boards need to expand their knowledge of the challenges and risks of emerging technologies. 

Beyond risk assessment, there is a need for boards to also increase their technical fluency so they can fully appreciate and leverage technology in their organizations. It is common for private company boards to not prioritize strategic planning around disruptive technologies. Instead, the bulk of their discussions focus on recurring issues and the day-in-day-out short-term goals. There is often a lack of quality attention on long-term technology opportunities, and boards must reinvent how they function and look to digitally transformative planning to ensure the livelihood of their organizations for the long haul. 

Management and directors need to work together to strategically roadmap technology adoption and cyber risk planning for optimal success. Although technologies like artificial intelligence (AI), automation, and IoT have been widely integrated into many businesses, these applications are still foreign to many organizations.

As fast as disruptive technologies advance, cybercrime keeps up at a relentless pace. In the past two years directors report that they believe cyber risk management is improving, but that as board members, they are not fully trained on the risks and oversight needed. Even though many businesses are satiated with multiple technology applications and tools, many aren’t certain if they are secure in an event of a cybercrime attempt.

Even the biggest companies are not void of data breach. In 2013 almost 41 million Target customer’s data was compromised. In 2017, credit reporting company, Equifax had a cybersecurity nightmare when a data breach affected 145.5 million US consumers. Marriott quickly followed in 2018 when personal information was stolen on up to 500 million people. The fact is, most every company is now becoming a technology company and boards need to take seriously the role technology plays in an organization and the importance of security and how data is utilized.

Some board members are hesitant about technology and have misconceptions about the pros and cons. An interim executive, Interim CIO or interim CTO, can open conversation about technology and help support board members with technology oversight, while creating a roadmap for future advancement. A CIO or CTO will help organizations assess where they stand, and simplify how technology should fundamentally be handled, creating an IT governance plan and workflow design. In the event of mergers and acquisitions, a CIO will also assess technology and put together an action plan for smooth integration. From management of the team, to process improvement, managing security risks, and ensuring ongoing innovation, the technology executive can be an essential resource to the organization and board. Technology can be powerful in helping improve communications, both internally and externally while increasing operational efficiencies, reducing costs, and making a company more competitive in the marketplace.

An interim Chief Security Officer with a strong background in data security, disaster recovery planning, and cyber risk management can ease the rampant fears of organizations. The CISO brings board members up to speed on the risks associated with their industry and how to put preventative measures in place. This includes identifying risks, setting up protocols to reduce the likelihood of a cyber attack or breach of data, and creating a detailed plan that outlines exactly what steps to take if a technological crisis occurs.

Disruptive technologies have the canny ability to both excite and terrify organizations. Boards that don’t prioritize technology in strategic planning are subjecting their companies to cyber risk and stagnation in a competitive market. With the right expertise and guidance of a technology and cyber risk interim executive, organizations have more control of the big opportunities that technology offers.