MIT/Infosys Study: Gap Between Risk Awareness and Risk Readiness Widens
Corporate Strategies Not Keeping Pace with Rising Global Risk Profile
Preliminary results of the 2015 Global Risk Maturity Survey, led by MIT professor David Simchi-Levi and conducted by the Global Risk Advisory Group, were released last month and the survey findings can be best summed up by a statement from co-leader of the Global Risk Advisory Group and President of Infosys, Ravi Kumar: “We are currently at the intersection of the physical and digital world. In such an environment, cyber-physical products are going to get developed constantly, risk will be ever-changing and security will be of increasing concern.”
“We are currently at the intersection of the physical and digital world…risk will be ever-changing and security will be of increasing concern”
The Global Risk Advisory Group, a joint initiative of the MIT Forum for Supply Chain Innovation and Infosys, was launched in 2015 to help industry identify, quantify and mitigate operational, financial, supply chain and cyber risks using analytics and data science, according to MIT professor of civil and environmental engineering David Simchi-Levi, who is head of the MIT Forum for Supply Chain Innovation and co-leader of the Infosys Global Risk Advisory Group. “This survey will help us better understand how industry perceives risk and their biggest challenges so that we can apply this information in the MIT Forum and Infosys Global Risk Advisory Group and our research.”
The question of industry perceptions of risk was answered quite definitively by the survey respondents, with 92.5 percent saying they believe that the nature of risk is changing due to added complexity arising from the digital economy. In addition, 95 percent said they expect risk will increase over the next two years. While complexity, cybersecurity, business model disruption, globalization and data volume were the top five current risk concerns identified by those respondents who believe risk is changing; cybersecurity and supply chain were expected to be the highest risk concerns in the coming years.
Though 65 percent of respondents stated they have a good understanding of cybersecurity risk, only seven percent stated that their risk strategies were well integrated with their business processes
When asked to rank their key cyber-risk concerns, participants identified loss of customer data and reputational damage with customers as the greatest threats. Though 65 percent of respondents stated they have a good understanding of cybersecurity risk, only seven percent stated that their risk strategies were well integrated with their business processes and only 62 percent believe data science can significantly help in quantifying and controlling the risks. Furthermore, despite the fact that the overwhelming majority expect risk to increase over the next two years, only slightly more than half (58 percent) expect to see significant changes in their organization’s risk strategies in this same time period.
“The data from our risk survey supports anecdotal evidence from industry that risk is not well understood and data-driven and integrated processes to expose risk are not widely implemented,” said Simchi-Levi. “This is a huge concern in an economy that is increasingly complex and financially vulnerable to climate, supply chain, and cyber-risks. When companies experience a major disruption, they lose market share and, on average, take two years to recover fully from that disruption.”
“The data from our risk survey supports anecdotal evidence from industry that risk is not well understood and data-driven and integrated processes to expose risk are not widely implemented”
Simchi-Levi noted that rapid advances in computing, data science techniques and algorithms can help companies mitigate risks and achieve competitive advantage. Data science is a core element of Prof. Simchi-Levi’s research focus. In 2014, he introduced an advanced analytical method developed by his team called the Risk Exposure Index (REI). The methodology has been successfully employed by companies including Ford Motor Co. and by the UN Office for Disaster Risk Reduction.
The Risk Group holds its next meeting in September 2016. Individuals interested in joining the group can contact Leslie Sheppard, director, MIT Risk Group for information.
Related Resources:
- HBR Webinar: A New Approach to Manage Supply Chain Risk
- Article: One-on-One with David Simchi-Levi