Editor’s note: Ben de Bont is the chief information security officer for ServiceNow. He served as guest editor of the Summer 2023 edition of Workflow Quarterly.
Today’s businesses face a swarm of challenges and uncertainties exacerbated by rapid digitization, economic volatility, geopolitical strife, regulatory requirements, climate change, and more.
Historically, business leaders have tended to view security and risk management as cost center. In recent years it’s become increasingly clear that building resilience against risk is a strategic investment that can help companies outperform.
As ServiceNow’s chief information security officer, I know digital technologies are the key to both managing risk and seizing market opportunities. I'm optimistic about what new technologies, such as generative AI, offer for the future.
For this issue of Workflow Quarterly, we focused on the topic of risk and resilience. We define resilience in two ways. First, it’s the ability of organizations to quickly detect and respond to risks. As important, it’s about building the skills needed to innovate rapidly and securely.
To understand the most effective strategies for building resilience, ServiceNow and our research partner, ThoughtLab, surveyed 1,000 global C-level executives about how they use technology to manage risks, build resilience, and realize performance gains. Respondents came from 13 countries across three geographic areas and five industries.
As you might expect, our research found that the most resilient organizations suffer fewer cyber breaches. They also detect and mitigate breaches faster than their peers.
Investment in resilience is not just a good defensive move. It pays off in quantifiable benefits to the bottom line. Leaders saw upticks in revenue, profitability, customer retention, and employee engagement, all while lowering costs.
There’s also a strong correlation between risk readiness and digital maturity. Nine out of 10 top risk-ready organizations also ranked as digital leaders, while most moderately risk-prepared companies were in the intermediate stage of digital maturity. Nearly all of the least prepared organizations ranked as digital beginners. The takeaway? Done right, digital transformation can help firms lower their risk profile.
We identified six best practices of risk-ready companies. Leaders have risk-aware corporate cultures. They spread responsibility for risk across the entire organization. They leverage risk and resilience processes. They digitize and automate risk-related workflows, tools, and platforms. Finally, they develop resilience in their workforce and harness the latest tech to power risk and resilience initiatives.
In this issue, Howard Rabinowitz reports on how companies are deploying generative AI solutions to keep their systems, networks, customers, and employees safe. Evan Ramzipoor explores how companies monitor their sprawling ecosystems of suppliers, partners, and vendors to reduce cyber and other risk. Finally, Melanie Warner explains how building resilience can catalyze and secure growth. Readers will also find The Data, a new section that explores best practices of risk management leaders, and old standby Jargon Jeopardy, which decodes the arcane lingo of the cybersecurity world.
Our research and analysis offer a resilience roadmap for challenging times. Companies of all sizes need a way to define, measure, and mitigate the risks they face. The challenges have never been greater—but neither have the opportunities.
As always, thanks for reading.
