Aon’s 2021 Global Risk Management Survey asked over 2,300 organizational risk decision-makers about the top risks facing their businesses and nonprofit organizations, tracking the difference in risk levels between 16 different sectors. Surveying respondents from 60 countries, the report found the top 10 threats for risk management professionals to watch going forward.
 
1. Cyberattacks/Data Breaches
Ranking sixth in the 2019 biennial survey, the risk of cyberattacks landed first place in 2021 when it comes to organizational risk. The threat of a cyberattack or data breach ranked within the top 10 concerns of all industry sectors, marking its pervasiveness throughout the globe. With an increase in cyberattacks over the past year, risk decision-makers have identified data breaches as a growing threat to data privacy and organizational reputation.

2. Business Interruption
The risk of business interruption has ranked in the top 10 global risks since 2007, but the 2021 survey ranking is markedly higher than in past years. Risk management professionals in Europe and the Asia Pacific region were especially concerned with the risk of business interruption, reporting it as a more severe concern than leaders in other regions. According to the Aon survey, COVID-19 could be to blame for this regional discrepancy, as organizations in Europe and Asia have been affected by generally stricter COVID-19 lockdown restrictions.

3. Economic Slowdown/Slow Recovery
While respondents ranked economic slowdown third overall, those in the real estate, construction and transportation and logistics sectors named it the top risk facing their organizations. Security leaders in Latin America, the Middle East and Africa named economic slowdown as their top concern as well. The report noted the spread of COVID-19 and changing oil prices influence economies in these regions.

4. Commodity Price Risk/Scarcity of Materials
The COVID-19 pandemic shifted the price of various global commodities in rarely seen ways. According to the report, the price of a barrel of oil dropped below $20 in April 2020, far below the 2019 average of $61. In contrast, the price increased again to more than $70 in 2021. The unsteady nature of material costs ranked in the top 10 risks for organizations around the globe.

5. Damage to Reputation/Brand
Risk management professionals in North America ranked reputational damage higher than leaders in all other regions. Organizations incurred reputational damage in many ways throughout 2021, including via politically motivated boycotts, large-scale data breaches, COVID-19 outbreaks, false advertising and other scandals.

6. Regulatory/Legislative Changes
Changes in legislation in many industry sectors have caused risk management decision-makers to rank regulatory shifts as a top organizational risk in 2021. The report highlighted multiple global case studies focusing on this type of risk, including the increased regulations in China targeting technology firms, the reversal of many Trump-era deregulating tactics by the Biden administration in the United States, and the continued effects of Brexit in the United Kingdom.

7. Pandemic Risk/Health Crises
The risk of health crises consistently ranked below the 40th risk level in Aon’s biennial survey until 2019. That changed after the COVID-19 pandemic took hold; organizations now rank pandemic risk seventh among all organizational risks. The report noted the effects of the Delta variant on countries with previous controlled levels of COVID-19, such as Australia.

8. Supply Chain or Distribution Failure
Risk decision-makers in Europe and North America named supply chain/distribution failure a top concern more often than counterparts in other regions. The report pointed to incidents like the Suez Canal blockage and COVID-19-related manufacturing shortages as examples of this risk in 2021. An increase in losses, quantitative and qualitative issues, and non-physical damage to industries contributed to increased supply chain risk, according to the report.

9. Increasing Competition
Increasing competition has ranked in the top 10 organizational risks since Aon’s 2007 survey, but its ranking in 2021 represents the lowest perceived risk level to date. Online retailers and ecommerce hosts such as Etsy reported significant winnings in 2021, according to the report, but those in the technology industry view competition as a top risk to their organizations.

10. Failure to Innovate/Meet Customer Needs
The only region to rank innovation failure as a top 10 risk in 2021 was North America, with decision-makers throughout the continent ranking the risk as their fifth-highest concern. However, failure to meet user needs or innovate ranked 10th overall, potentially due to the added pressure of the COVID-19 pandemic. The study noted the innovation required of vaccine developers and manufacturers over the past year.

As risk management professionals adapt to the changing security threat landscape, they can assess the risk level of their organization based on these top trends. For more survey findings, click here.

The Top 10 Risks for Global Organizations

Business risk is constantly increasing, according to a Forrester report, “Failing to Plan is Planning to Fail,” commissioned by OnSolve. The report examined the state of risk management across mid-size to large enterprise organizations in North America and the United Kingdom, identifying the common challenges facing risk management professionals in many industries.

The report found that the level of emerging risk outpaces the evolution of risk management strategies across the U.K. and North American businesses. According to the report, the unsteady risk landscape with fluctuating health, environmental and political threat levels necessitates a proactive risk management strategy.

Another roadblock to mitigating enterprise risk is the presence of misaligned priorities and technology missteps in enterprise organizations. Within businesses, risk management often is delegated to various teams, opening up space for miscommunication and siloes. Interoperability is key to a successful risk management program, according to the report.

In order to remedy these risk management challenges, the report suggests a unified approach to critical event management (CEM). Prioritizing the convergence of all risk management solutions employed by an organization, such as risk intelligence and assessments, emergency communications and more, can enable risk decision-makers to better manage business risk. Combining internal data, external intelligence and predictive analytics can also help transform an organization’s risk management strategy from reactive to proactive.

To explore further risk management strategies and the four pillars of CEM, click here.

Challenges of Enterprise Risk Management — And How to Overcome Them