IntroductionAlthough technology is shifting the way organizations interacting, communicating and sharing information by enabling them to access, use and manage information anywhere at any time, emerging technologies such as smart devices, IoT, social media, cloud computing, big data and cyber security are driving change and innovation across all markets and industries.
In this rapid changing business landscape, organizations are engaging in a widespread adoption and integration of these technologies into their business as they offer the advantages of increasing productivity, operating more efficiently, enhancing communications, increasing mobility, better information handling and sharing, ensuring safer and healthier working environment…etc. thus generating economic benefits such as penetrating new markets and making more revenues in shorter period of times.
Since these technologies are breaking down the barriers of the traditional offices and defeating the old IT risk model, IT risk programs must expand and adapt to meet these challenges.
New technology risksIn recent years, organizations are often blindly embracing new technologies and creating new underlining risks by heavily investing massive resources in adopting new IT infrastructures with the associated cost in upgrading old systems following venders’ advertised or promised features of their products/services and the organizations’ own overstated assumptions regarding presumed performance and efficiency of these products/services without prior and detailed study and analysis.
Moreover, security related requirements are frequently overlooked in pursuit of willingness to deploy unconfirmed technologies which ultimately exposes the organizations to great and unknown risks while in reality bringing low added value that fails to meet their strategic objectives and stockholders’ expectations.
Organizations data is becoming available online, universally shared via social media, through variety of cloud platforms and devices such as smartphones, laptops and tablets. Thus enables data to be stored in low secured devices and exposed to a huge risk universe.
Organizations failed to oversight and support changing business landscape may endure severe market share losses. As emerging technologies are generating more market competitions with small entities whom are easily emerging and offering similar or better products/services in lower costs, organizations incapable of watching, adapting and constantly renewing their products/services to new market and technology trends find their business portfolio obsolete as their products/services are quickly becoming outdated.
Organizations are also challenged in either investing and offering training to current staff or hiring high payed talents as well as funding research and development initiatives to keep pace with these technologies.
Managing emerging risksOrganizations should be primarily concerned by addressing current technology issues and cautioned about adopting emerging technologies. Unless they have a clearer understanding of the associated opportunities and risks, by then they can devote the attention and resources toward adopting these technologies.
Organizations need to build a foresight capacity that allow them to quickly respond to future challenges and uncertainties by adopting appropriate approaches such as Delphi Method, Horizon Scanning and Trend Impact Analysis that help them adopt emerging technologies, assess their trends in the long-term, comprehend related knowledge, develop corresponding risk indicators to watch the outcomes, and understand the potential benefits behind these technologies.
Organizations’ appetite in embracing changing and evolving technologies should be clearly defined by justifying the purposes to acquiring them, considering the expected added value, and understanding the potential risks they came up with. This in turn, enhance their ability to develop suitable controls such as plans, policies and procedures to manage the associated risks and train staff for adequate use of these technologies.
While organizations should limit the attitude and desire of acquiring new technologies just of the sake of getting them without actual need or clear return on investment. In the other hand, organizations should be keen to evaluate and review emerging technologies in order to implement suitable security controls as soon as they are appointed and validated via a proper change control process before putting them into production which reducing the misuse of unapproved but desired technologies.
ConclusionThe growing use of emerging technologies has introduced a higher threat of IT security breaches, misuse of customer data, and reputational damage. Understanding the threats that can emerge from these technologies is critical to avoid potentially catastrophic consequences.
As these technologies are disruption and threatening business models, organizations needs to keep pace with technology advances and scientific innovations, while they should always focus to stay ahead of the evolving industry, market and technology trends, their strategic vision should be aligned toward a thoughtfulness embracing of these trends, they should consider investing in related research and development efforts, they should also prevent in the same time the misuse of these new technologies by improving communication channels and cultivating awareness among staff.