With the constantly growing volume, pace, and complexity of risks, strengthening business continuity and organizational resilience continues to be a top concern for businesses, industry bodies, and regulators.
Speaking at the Central Bank of Nigeria’s Second National Risk Management Conference, Joshua Rosenberg, Executive Vice President and Chief Risk Officer, Federal Reserve Bank of New York, said:
“Of course, risk management should help us reduce the frequency and size of negative events and then recover more quickly and effectively when negative events occur. But, risk management, in my view, should also help the right things happen by giving us tools to work more effectively.”
October is observed as Cybersecurity Awareness Month in the U.S. This year, we saw a surge in state leaders' desire to combat cybercrime not just in the U.S., but globally. As remote work and bring-your-own-device (BYOD) becomes the norm, there is a rising awareness of unseen dangers that lie behind cloud solutions, remote work, and increasing phishing and ransomware attacks.
At the same time, regulators continue to issue ESG guidance and recommendations to help organizations drive growth with purpose. The U.S. Federal Reserve is emerging as a pioneer with its pilot program that will see six global systemically important banks running climate change scenarios, wherein they will incorporate climate change risks into their risk management frameworks.
At MetricStream, we are celebrating an important update for our growing ecosystem of customers and partners. In October, we launched Euphrates, our latest release, which includes multiple pathbreaking product and platform innovations and enhancements that help customers accelerate their GRC program performance. To learn more about Euphrates, click here.
We cover all of this and more in our monthly roundup of the latest updates and insights viewed through the GRC lens.
Risks today are interconnected, requiring comprehensive solutions and a holistic approach to governance, risk, and compliance (GRC). As the risk landscape expands, developing organizational resilience through enterprise and operational risk management and keeping a close eye on critical third parties are emerging as top priorities.
The European Systemic Risk Board (ESRB) has warned about vulnerabilities in the Union Financial System, which will require private sector institutions, market participants, and relevant authorities to prepare for the materialization of tail-risk scenarios. It has identified three severe systemic risks to financial stability:
Here is the top news in the areas of enterprise risk, resilience, and regulations:
Heads of state are urging cybercrime prevention. The White House observed Cybersecurity Awareness Month with President Biden urging people, businesses, and institutions to recognize the importance of cybersecurity and take proactive steps to protect themselves from cyber threats to support national security and resilience.
The European Commission also plans to impose strict new security rules on IT businesses that will hold them liable for the security of their goods. The Cyber Resilience Act, the first EU-wide cybersecurity regulation, will require cybersecurity safeguards for products with digital elements.
Cloud security incidents are a recurring source of concern, according to recent data from Venafi. 51 percent of the study's security decision-makers (SDMs) think that cloud-based security threats are greater than those associated with on-premise security. Ransomware attacks on SaaS data are also becoming more widespread. Gartner reported that with the increase in remote and hybrid work, the transition from virtual private networks (VPNs) to Zero Trust Network Access (ZTNA), and the shift to cloud-based delivery models, worldwide spending on security & risk management will grow 11.3% in 2023.
Here’s a quick look at the major headlines from cyberspace:
Regulators are prioritizing environmental, social, and governance (ESG) issues. The importance of addressing climate risks, social equity, and environmental threats is gaining traction. As the board and executives across levels pay attention to ESG, corporate investors rely on ESG pledges and ratings to decide where to invest. Standardizing and implementing ESG reporting and ratings have become more crucial.
The Task Force on Climate-related Financial Disclosures (TCFD) reported a five-year increase in climate change awareness. Since 2017, climate change and climate-related reporting requirements have become more common in financial markets, and more companies are publicly committing to net-zero emission transition plans.
Here’s a quick recap of ESG-related news from around the world:
Last but not least, we are gearing up to celebrate the 10th anniversary of our premier event, GRC Summit, in London on November 8-9. The two days are packed with insightful and engaging sessions on risk, resilience, compliance, cyber, and ESG, and will provide you with opportunities to network and connect with the best in the industry. Register today to become a part of the thriving GRC community. Click here.