Too often risk management takes a backseat to innovation. You cannot have one without the other. Become too risk-averse and you stagnate. Ignore risk and you’re putting all your assets at risk. There needs to be a balance. Here’s how you can strike one.
The common idea is that there are two core groups in the enterprise. On one side, there are the trailblazers. These individuals seek to push the envelope, to develop new and exciting innovations which will transform their industry.
On the other, there is the old guard, the risk-averse leadership. C-Suite executives and other leaders who are set on legacy architecture and business processes. Men and women who view the new and innovative with a combination of fear and suspicion.
Perhaps this dichotomy held true at some point in the past. Today, however, it is no longer relevant. Risk management and innovation in the modern era are ultimately two sides of the same coin.
You cannot have one without the other.
Picture a company that is agile, flexible, and entirely forward-thinking. It is constantly on the bleeding edge, adopting new ideas and technologies the moment they become available. Its staff operates with no oversight from executives, and everyone is perpetually free to pursue their own projects.
The environment described above may sound like a dream come true. Like the perfect workplace. Yet it will only be perfect until the organization stumbles its way into a data breach stemming from a lack of due diligence.
Efficiency and adaptability are still incredibly important. A company that is unable to quickly adapt to a changing market cannot survive. At the same time, boundless enthusiasm for new projects and products has the potential to be toxic unless tempered with a healthy degree of caution.
In many organizations, this is precisely what is happening.
“When properly fused, [risk management and innovation] can help organizations pursue opportunities that a risk-averse culture might leave on the cutting-room floor,” notes Forbes contributor Steve Culp. “Risk management can help foster a company’s innovation agenda by revealing blind spots and areas of underinvestment that threaten the upside of a company’s future.”
The first step to consolidating the two lies in communication and collaboration. When evaluating the implementation of new technology, for example, involve every department that initiative could potentially impact. Everyone should have the opportunity to make their voice heard, and everyone’s input should be respected.
Second, an established due diligence process can cut down considerably on the time it takes for innovation to be pushed forward. Establish frameworks for evaluating new vendors, software, and hardware. Said frameworks should be focused on how data is stored, used, and accessed and on how the vendor or technology might impact the organization’s security posture in the long run.
Finally, promote a culture of cybersecurity awareness at every level of the organization. Take measures to help staff be more conscientious about how they share their data and what they do with it. The more security-aware an innovator becomes, the greater the likelihood that they will start innovating in a way that does not put business data at risk.
Risk management and innovation are two sides of the same coin. Without one, a business stagnates. And without the other, it’s constantly at risk of being compromised.
About the author: Tim Mullahy is the Executive Vice President and Managing Director at Liberty Center One, a new breed of data center located in Royal Oak, MI. Tim has a demonstrated history of working in the information technology and services industry.