Senior executives from 25 companies recently gathered in Lausanne to attend an IMD Discovery Event on how the digital revolution is impacting their businesses and to discover the opportunities and threats of this digital tsunami.
The “digital tsunami,” with its virtualization of networks, IoT, big data and analytics, robotics and artificial intelligence (AI), is impacting all industries and companies. Old business models are challenged, communication technologies are promoting disintermediation, the job market is undergoing fundamental shifts, and companies face the urgency of reinventing their business models to become agile in a new digital reality. Experts from academia and industry came together to discuss the “lights and shadows” of the brave new digital world.
Professor Benoît Morel pointed out that although the digital revolution can be an irresistible force for good, the potential for collateral damage is deeply worrying. To sustain the disruption and not lose their competitive edge, businesses have to consider new functionalities and take advantage of existing as well as emerging technologies, such as CSS, HTML5, G5.
Nevertheless, new functionalities bring about new vulnerabilities. Professor Morel cited several recent cases of cybersecurity breaches, including Equifax and SEC, which were compromised in 2017. To cope with the growing risks related to digitization, businesses have to develop a cybersecurity mindset and foster a culture that goes beyond a piece of engineering to nurture real internal expertise instead of depending on external experts.
Professor Solange Ghernaouti stressed that digitization means datafication, and more data implies higher risks that can affect all levels, not only individual and institutional but also national and international. Cybercrime constitutes a lucrative economy, fostered by the Dark Web, the availability of cyberweapons, human vulnerability and opportunity. In some ways, the internet could be considered a crime enabler. Professor Ghernaouti outlined seven types of cyberthreats: cyberincivility, cybervandalism, cyberdeliquency, cybercriminality, cyberespionage, cyberterrorism and cyberconflict.1 However, she stressed that cyber risks are not limited to criminal behavior, they can also occur as a result of human error or even a natural disaster. These should all be critical components of a company’s overall risk management strategy, translating into operational security.
Both speakers concluded that it is not possible to ensure the complete protection of IT systems from cybersecurity threats; all companies can do is learn how to mitigate the risks while keeping their IT systems efficient and operational.