In today’s digital era, news travels quickly across social media and offers high and immediate visibility to headlines that may affect a brand’s reputation. Product recalls, data breaches, systems failures, poor customer support, compliance failures—it’s all out in the open. As such, reputational risk has become a distinct category within the framework of enterprise risk management. Meanwhile, information technology has a vital role to play in organizations around the world as the driver of the digital era. IT touches all aspects of business operations, communication, customer engagement, and commerce.
IBM’s 2012 Global Reputational Risk and IT Study, conducted in June 2012 by the Economist Intelligence Unit, garnered responses from 427 senior executives from around the world. The results show a strong connection between IT risk and reputational risk, centering on three key IT responsibilities: Security, business continuity, and technical support. Security-related issues, such as data breaches that threaten personal information or credit card data, was also named as the number one IT risk posing threats to reputation.
Looking Beyond the Rearview Mirror
One of the most profound findings of the IBM study is that many companies still take a reactive approach to IT risk management. These organizations are dedicating resources to managing risks such as data breaches, system failures, and data backup failure only after they experience a significant issue. Emerging risks that have yet to cause serious reputational damage have simply not been addressed properly.
Many others – 64% of respondents – say their organizations will focus more on managing reputational risk than they did five years ago. Still, the study finds that executives tend to make sweeping assumptions about their organizations’ security and resiliency related to IT risks—generally considering themselves better protected than they actually are.
The following infographic from IBM summarizes the results of its 2012 reputational risk and IT study.
The team of IT risk managers at Lowers Risk Group can help you build strong and secure IT department that protects against the risks of technology, compliance, and reputation.