Business risks in 2013

March 2013 Security Services & Risk Management

The mere fact that you are reading this article implies that the last days predicted by modern-day Mayans and other apocalyptical prophesies have not arrived on schedule. “In fact, the risks we all face as we go into 2013 are much more complex, and thus much more difficult to counter,” says Michael Davies, CEO of ContinuitySA, Africa’s leading provider of business continuity services.

Michael Davies
Michael Davies

In what has become an annual exercise, Davies and members of his executive team met late in 2012 to review their predictions for the year and ponder what the coming year might hold for risk managers.

“What became very clear is it has become almost impossible to consider individual risks without taking the overall risk into consideration,” Davies observes. “Globalisation and the profound connectedness between individuals, companies and countries promoted by technology means that risk, too, must be seen broadly.”

Bearing this observation in mind, Davies and the ContinuitySA team have identified the following set of six interrelated risks for 2014.

1. Social malfunction grows

Across the world, it is increasingly clear that established certainties and beliefs about how the world is structured are becoming fluid. From the Arab Spring to Occupy Wall Street and protests against austerity in Greece and elsewhere, there is an overall loss of faith in society’s institutions and their ability to deliver a just world order.

In South Africa, persistent dissatisfaction with service delivery has exploded into widespread and violent protests against the very nature of the system. In that respect, the miners’ revolt in Marikana has been a watershed event, as it bypassed both the settlements negotiated by the miners’ own representatives and the normal processes of democracy. Democratic process, it seems, is either profoundly misunderstood or mistrusted.

This impatience with society’s existing institutions and processes appears to be spreading and there are worrying signs that even the middle class, on whose shoulders society’s prosperity and stability ultimately depend, are also losing faith in basic concepts. The extreme passions roused by the ongoing e-toll saga in Gauteng is an obvious example of this trend. For the middle classes, this type of feeling generally translates into a reluctance to pay tax, an action that can fatally undermine the state itself.

2. Global economic and financial volatility

It appears that the 2008 financial crisis is both more far-reaching and profound than first expected. Markets and economies seem unable to regain an even keel, and many commentators are seeing this volatility as “the new normal'. The flipside is an increasing regulatory burden as governments and other institutions attempt to rein in uncontrolled capitalism and protect investors.

For South African businesses, important associated risks are the volatility of commodity prices, greater competition internally and in export markets, and an unstable currency.

3. Environmental risk

If volatility is the new economic normal, then there is every indication that climatic volatility is also becoming a feature of life. For South Africa, climate fluctuations may be expected to increase the risk of water and even food shortages. Thus far, global and national environmental initiatives are gaining traction too slowly, and seem likely to add to the cost of doing business in the short term – giving rise to a classic case of how to balance short- and long-term risk.

4. Infrastructural risk

A common African business risk is inadequate and poorly maintained infrastructure. Water and power are the two obvious risks that threaten business, but the road and rail networks also present challenges. Government efforts to address these problems are affected by the principle of interconnectedness: opposition to e-tolling, one feels, is more influenced by wider dissatisfactions rather than the principle of 'user pays'.

Many South African businesses are taking extraordinary measures to mitigate infrastructural risks by assuming responsibility for all or some of the infrastructure needed for their projects. Property developers, for example, are often providing roads and sewerage, and factories some of their own energy – and think of corporate involvement in points people to ameliorate the effects of faulty traffic lights and schemes to fill in potholes.

5. Data risk

Data is becoming more important as a way for companies to assess risk and compete more effectively – this is the phenomenon of Big Data. It is probably true to say that most companies are still coming to terms with the concept and, more importantly, how to use data effectively. Nonetheless, data privacy regulations have already sprung up to protect personal data, creating a set of risks relating to data security. One is the growing menace of cybercrime. Another is the whole question of data sovereignty – as companies try to safeguard their data while reducing costs, they may opt for the security of cloud solutions. However, when those data centres are located and/or owned offshore, it becomes difficult to be sure of data security and accountability for lapses.

“Our approach is to use a hybrid public and private cloud model for our clients for just these reasons,” comments Davies. “This approach allows clients to retain tight control over sensitive data, as is increasingly mandated by law, and to take full advantage of the cost and flexibility of public services where appropriate.”

An associated risk is the peaking trend of IT consumerisation, so-called BYOD (bring your own device – the use of private mobile devices to access corporate data). BYOD offers both advantages and disadvantages: boards and their CIOs need to think carefully about how to protect their data against potential threats – and how to use the available technology wisely to obtain a competitive advantage.

6. Business continuity remains misunderstood

Risk management has definitely become integrated into the corporate agenda, and is maturing. This may be seen by the replacement of the existing BS25999 standard by ISO22301. The BS25999 standard set the standard for business continuity management, but the new ISO223301 standard is much more detailed in its requirements, and requires much more documentation of the processes followed. It also requires committed board-level leadership, thus effectively putting risk management into the spotlight.

However, in practical terms, the broader concept of business continuity management is becoming absorbed into the IT budget, with a concurrent diminishing of focus on operational matters. At the same time, budgets in general are under pressure.

“Ironically, then, the biggest overall risk has become corporate myopia about the true nature of risk – and this at a time when risk has become much more integrated into corporate strategy. Boards must resist seeing risk in terms of technology alone. Business continuity is a much more useful concept, one that takes into account the interconnectedness of risk today. When considering risk, business leaders need to take a broad view of organisational resilience before honing in on their particular company’s situation,” Davies concludes. “Risk is now systemic, and so the approach to risk must also be systemic and have operational relevance to the organisation.”

For more information contact ContinuitySA, +27 (0)11 554 8050, cindy.bodenstein@continuitysa.co.za, www.continuitysa.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

AI augmentation in security software and the resistance to IT
Security Services & Risk Management Information Security
The integration of AI technology into security software has been met with resistance. In this, the first in a series of two articles, Paul Meyer explores the challenges and obstacles that must be overcome to empower AI-enabled, human-centric decision-making.

Read more...
Understanding the power of digital identity
Access Control & Identity Management Security Services & Risk Management Financial (Industry)
The way we perceive business flourishing is undergoing a paradigm shift, as digital identity and consumer consent redefine the dynamics of transactions, says Shanaaz Trethewey.

Read more...
What you can expect from digital identity in 2024
Access Control & Identity Management Security Services & Risk Management
As biometric identity becomes a central tenet in secure access to finance, government, telecommunications, healthcare services and more, 2024 is expected to be a year where biometrics evolve and important regulatory conversations occur.

Read more...
More than just a criminal record check
iFacts Security Services & Risk Management
When it comes to human-related risks, organisations and their most senior leaders focus on a narrow set of workforce risks, the potential risks that human workers pose to the business.

Read more...
Tech developments lead hologram growth in 2024
News & Events Security Services & Risk Management
Micro-lenses, micro-mirrors and plasmonics are among the rapidly-emerging optical devices that have evolved on the back of holographic and diffractive technologies, and are seen as part of the natural evolution of optical science by R&D teams.

Read more...
Are you leaving money on the table?
Editor's Choice Security Services & Risk Management
How many customers have you helped since starting your business? Where does most of your new business come from? If the answer is not from your database’s existing customers, you might have a problem.

Read more...
The business value of ChatGPT
Security Services & Risk Management Risk Management & Resilience
Transparency, policy and integrity. It is critical for organisations to have a line of sight into processes and procedures that clearly define employee use cases when it comes to ChatGPT, says Lizaan Lewis, Head of the Legal Department at Altron Systems Integration.

Read more...
BMS for smaller businesses
Security Services & Risk Management Products & Solutions Risk Management & Resilience
Small businesses can also benefit from tailored energy management solutions just like large corporations. Effective energy management is essential for more sustainable and efficient operations.

Read more...
Kidnapping for ransom
News & Events Security Services & Risk Management Risk Management & Resilience
There has been an 8,6% increase in reported kidnapping cases in South Africa compared to last year, with 3 854 cases reported between April and June this year, leaving ordinary South Africans increasingly vulnerable.

Read more...
The difference between a SOP and a SOP
Residential Estate (Industry) Integrated Solutions Security Services & Risk Management Risk Management & Resilience
SOPs are a touchy issue that need careful attention and automation to ensure they deliver the desired security results. Beyond design and automation, implementation is the ultimate road to success.

Read more...