Public boards seek balance between innovation and risk

by admin
Public boards seek balance between innovation and risk

Public boards are optimistic about artificial intelligence and generative AI as key new levers of growth and are taking steps to seize opportunities while mitigating growing risks, according to a new survey.

Administrators realize that “the full potential of technology deployment requires improved risk management, securityand compliance measures to protect their organizations and stakeholders,” according to the 2024 BDO Board Survey of nearly 250 public company directors.

Risk and innovation: a symbiotic relationship

At the same time, they exercise caution, noting that innovation presents both a significant opportunity and risk.

According to the report, approximately 17% of directors indicated that “advancing the use of emerging technologies is a top strategic priority, while delaying the implementation of emerging technologies (72%) is one of the highest risks.” most cited”. “Risk and innovation have a symbiotic relationship for directors, for whom the need to act quickly to keep pace with customer demand, competition and stakeholder expectations must be carefully balanced with management and robust risk monitoring.

The report notes that failure to invest adequately in any one of these areas can potentially harm the other. This may explain why emerging technologies (51%) and cybersecurity (41%) are among the top areas that directors believe will see an increase in investment in the coming year, the BDO report said.

SEE: Will energy availability derail the AI ​​revolution? (Prime TechRepublic)

Progress in implementing emerging technologies

As boards and management teams explore opportunities to integrate generative AI into their companies, the workforce may be ahead of them, the report notes, citing a global Microsoft study, which reveals that 75% of knowledge workers are already using AI at work.

The BDO survey reveals that:

  • 23% of respondents are exploring what emerging technologies can do and learning more about their risks and limitations.
  • 16% said they actively train their employees on emerging technologies as part of their daily work.
  • 6% said they are not currently exploring emerging technologies and have no immediate plans to do so.

Directors appear to be split on which business function might present the greatest opportunity for GenAI use cases. However, 31% of directors cited customer experience (16%) and product/service development (15%), indicating that technology is seen as a high-end, value-added tool that organizations can use to capture growth and retain their customers. according to the report.

“Research indicates that early adopters have seen the benefits of faster and deeper data analysis, which can support personalization and personalized content in driving market awareness and contributing to product improvement,” the report says. “Boards also see the potential to leverage generative AI to drive efficiencies in back-office processes and key operations. »

Attention has also been focused on GenAI risks

Boards are also approaching GenAI with eyes wide open, noting that they “have seen ample evidence that generative AI brings new risks.” Among them are widely reported incidents of hallucinations, in which an AI output is incorrect or “entirely fictitious.” While some are relatively harmless, the report observes, others are potentially serious and can expose companies to fines, litigation and reputational damage.

Some of the biggest GenAI risks cited by respondents include:

  • Generation and/or action following incorrect information (19%).
  • Inaccurate/biased inputs and/or outputs (16%).
  • Data privacy violations (16%).
  • Fear of losing your job and harming employee morale/loyalty (15%).

The BDO report supports the approach taken by public boards, emphasizing that they “are right to invest simultaneously in developing emerging technologies and improving risk management practices.” Both of these must be consistent with the organization’s strategy and support executable goals and objectives.

The ability to successfully implement technology is the most in-demand skill or experience (31%) for directors to prioritize in 2025, as boards seek members whose expertise reflects their organizational goals , the report says.

Additional investments made in cybersecurity, data privacy and governance

More than a third (37%) of directors surveyed indicated that they were changing the treatment and approach to cyber risk, moving from a “IT responsibility» to “company-wide responsibility,” according to the investigation.

“To stay agile, businesses need robust monitoring, real-time understanding and mechanisms to identify and protect against emerging threats, as well as continuous monitoring programs to reduce cyber risk. crisis and mitigate damage and disruption in the event of a breach,” the report said. recommended report.

Respondents indicated they are investing in additional protections and valuable expertise to protect their organization, with 25% of executives citing cyber threats and incidents as the biggest risk to their business over the next year.

Additionally, 27% said cybersecurity is one of the most in-demand skills on boards, and 41% of directors plan to increase investments in cybersecurity, data privacy and governance at the board level. course next year.

The regulatory environment is also a priority, with 45% of administrators saying they conduct an external assessment, such as a Systems and Organizational Control (SOC) report for cybersecurity or a maturity/security assessment. gaps to further contribute to organizational readiness and program maturity. . Additionally, 41% cited creating internal processes and improving communication channels to report on cyber risk and incident management as a goal.

Boards must remain proactive

In addition to the survey results, BDO said its ongoing discussions with directors show that boards continue to invest in education and training on the evolving threat landscape, both at the management and at the company level. Specifically, they plan for business-specific scenarios and perform comprehensive vulnerability testing to maintain high risk awareness.

The good news is that boards are “paying attention to the type and frequency of cyber information they receive from executives, particularly the chief information security officer,” BDO said. “They want to know how to improve practices to monitor the effectiveness of prevention and detection efforts, as well as respond to and mitigate suspected or confirmed violations. »

However, BDO recommends that companies continue to refine their management and monitoring information activities, document actions taken and further improve communication with stakeholders. The firm advised its members to seek out resources such as CISA “Shields Up” Tips for Organizations.

Source Link

You may also like

Leave a Comment