Without question, 2020 has been a year like no other.
On January 3, 2020 an article appeared in the BBC News documenting a “mystery virus” outbreak in China. At that time the BBC reported, “A total of 44 cases have been confirmed so far, 11 of which are considered “severe”.” Nearly a year later, the BBC today reports that total confirmed cases are 75 million, with 1.7 million total deaths. Tragically, these figures fail to capture the heartbreaking and irreparable damage caused by Covid-19.
The silver lining to this tragedy is that mass vaccine distribution is on the horizon, and within months we will hopefully see the end of what has been the largest societal disruption in nearly 100 years. In less than one year, nearly every aspect of our life has changed – where we work, how we educate our kids, and of course, business.
Back in January of 2020, no one could have foreseen a news cycle dominated by face coverings, personal protective equipment shortages and an unparalleled politicization of science and health. Businesses have been hit in ways that many of us simply cannot appreciated nor contemplate, and much like the long-haulers who suffer months on end post infection, we see economic sectors and societal strata that will struggle indefinitely.
Prior to the pandemic, business aspirations were reminiscent of the dot-com era . Terms like “agility,” and “digital transformation,” were exciting and fostered new visions for business; “risk” was afterthought, a siloed collection of disparate compliance requirements, policies, and arcane governance practices.
Today, we see risk in a new light. Because of Covid-19, our eyes have been opened to view enterprise risk in an aggregate, holistic perspective. Environmental risk, societal risk, employee risk, legal and compliance, privacy, and of course cybersecurity, all comprise enterprise risk.
As well, we have seen newfound demand for resilience and business continuity. The pandemic showed us that resilience is more than a buzz word. Organizations need to dedicate resources to business resilience in order to manage through disruptions. Resilience is more than having back-up and recovery. Resilience requires anticipation and prediction; it forces businesses to question the status quo, and in turn ask, “what else?”
Business continuity planning has also changed. When faced with unprecedented challenges like Covid-19, creative thinking, innovation and raw determination have prevailed. The experience of massive business disruption has taught everyone, from the C-Suite down, that new tools, policies, and plans need to be readied and implemented in order to maintain uninterrupted business operations.
Even our work culture has changed. A year later, organizations still struggle with how to maintain a corporate culture with employees working from home. Policy management across a distributed workforce is a challenge many were not prepared to address. And, as businesses prepare for a back-to-the-office future, which will become another disruption on its own, organizations must plan for how to rebuild their cultural identity.
Finally, businesses must contend with the unknown aspects of regulatory change. Without question, new privacy protections, financial regulations, data security requirements will flood the business landscape in 2021. For risk managers, having real time regulatory and compliance intelligence will be just as important as having real time threat intelligence for those in cybersecurity.
Much has changed over these last 12 months, and much remains to be seen for the next year. We mark these moments in time to reflect and look back so that we can look forward to what is to come. And if anything has taught us, 2021, like its predecessor, will be like a year like no other.