Report: Today’s risk managers exhibit overconfidence
Many feel prepared for the unknown without taking steps to implement novel mitigation plans, Origami Risk reports.
Many of today’s risk management professionals feel optimistic about their organizations’ ability to respond to “novel” loss events, but some may be fooling themselves about their actual readiness, according to The 2024 State of Risk Report released this month by Origami Risk.
What are “novel” risks? They are loss events unlike what today’s companies have experienced in the past — such as stronger and more unpredictable weather events, global supply-chain disruption, and the liabilities linked to artificial intelligence. These exposures call for unprecedented mitigation tactics.
“In a highly dynamic risk environment, standing still means getting run over or passed by,” the report says. “Even the most novel emerging risks have familiar elements — leverage what already works to help manage those components.”
Researchers surveyed risk professionals from 240 organizations in 20 different industries to compile the report. Respondents were composed of risk managers (37.1%), safety managers (24.2%), enterprise risk professionals (17.9%), insurance professionals (12.9%) and compliance officers (5%).
A quarter of survey respondents said they feel “highly prepared” for an unexpected crisis. However roughly seven out of 10 of them reported that their organizations fail to prioritize risk management, and 46% said their organizations fail to use of risk technology as part of their mitigation strategy. “The data on actions taken doesn’t support the optimistic assessments given by most respondents,” the report says.
AI poses a conundrum as today’s risk professionals worry about the liabilities associated with the technology and also recognize its power to thwart exposures. Thirty percent (30%) of respondents said their organizations are actively seeking to implement AI tools, 31% said they’re interested in it but not shopping, and 38% said implementing AI is not a priority. Researchers also acknowledged a lack of cybersecurity awareness around AI, or more specifically, the “rogue” implementation of the tech.
“There is a lack of internal agreement about what technology is actually in use,” the report says, “and the degree to which it has been pushed out to contractors and other partners.”
See also: